-
Cisco IOS High Availability Command Reference
-
Introduction
-
action cli through configure replace
-
control-plane through debug mpls ldp checkpoint
-
debug mpls ldp graceful-restart through event wdsysmon
-
frame-relay redundancy auto-sync lmi-sequence-numbers through issu set rollback-timer
-
match mpls-label through route-target
-
service call-home through show ip pim interface
-
show ip pim neighbor through show ppp subscriber statistics
-
show pppatm statistics through vrrp timers learn
-
Table Of Contents
timers graceful-restart purge-time
tunnel mpls traffic-eng backup-bw
show pppatm statistics
To display PPP over ATM (PPPoA) statistics, use the show pppatm statistics command in privileged EXEC mode.
show pppatm statistics
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Use the show pppatm statistics command to obtain statistics for PPPoA sessions. This command gives a total count of PPPoA events since the clear pppatm statistics command was last issued.
Examples
The following example displays PPPoA statistics:
Router# show pppatm statistics4000 : Context Allocated events3999 : SSS Request events7998 : SSS Msg events3999 : PPP Msg events3998 : Up Pending events3998 : Up Dequeued events3998 : Processing Up events3999 : Vaccess Up events3999 : AAA unique id allocated events3999 : No AAA method list set events3999 : AAA gets nas port details events3999 : AAA gets retrived attrs events68202 : AAA gets dynamic attrs events3999 : Access IE allocated eventsTable 137 describes the significant fields shown in the displays. Any data not described in Table 137 is used for internal debugging purposes.
Related Commands
show pppoe statistics
To display PPP over Ethernet (PPPoE) events and statistics, use the show pppoe statistics command in privileged EXEC mode.
show pppoe statistics
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
12.2(31)SB2
This command was introduced.
12.2(33)SRC
This command was integrated into Cisco IOS Release 12.2(33)SRC.
Usage Guidelines
This command is useful for obtaining statistics and events for PPPoE sessions. Use the show pppoe statistics command to display a cumulative count of PPPoE events and statistics, and to display an incremental count since the last time the clear pppoe statistics command was issued.
Examples
The following is sample output from the show pppoe statistics command:
Router# show pppoe statisticsPPPoE Events TOTAL SINCE CLEARED------------------------------ ------------- -------------INVALID 0 0PRE-SERVICE FOUND 0 0PRE-SERVICE NONE 0 0SSS CONNECT LOCAL 16002 16002SSS FORWARDING 0 0SSS FORWARDED 0 0SSS MORE KEYS 16002 16002SSS DISCONNECT 0 0CONFIG UPDATE 0 0STATIC BIND RESPONSE 16002 16002PPP FORWARDING 0 0PPP FORWARDED 0 0PPP DISCONNECT 0 0PPP RENEGOTIATION 0 0SSM PROVISIONED 16002 16002SSM UPDATED 16002 16002SSM DISCONNECT 0 0>PPPoE Statistics TOTAL SINCE CLEARED------------------------------ ------------- -------------SSS Request 16002 16002SSS Response Stale 0 0SSS Disconnect 0 0PPPoE Handles Allocated 16002 16002PPPoE Handles Freed 0 0Dynamic Bind Request 16002 16002Static Bind Request 16002 16002Table 138 describes the significant fields shown in the displays. Any data not described in Table 138 is used for internal debugging purposes.
Related Commands
show pppoe summary
To display a summary of the currently active PPP over Ethernet (PPPoE) sessions, use the show pppoe summary command in user EXEC or privileged EXEC mode.
show pppoe summary
Syntax Description
This command has no arguments or keywords.
Command Modes
User EXEC (>)
Privileged EXEC (#)Command History
Examples
The following is sample output from the show pppoe summary command:
Router# show pppoe summaryPTA : Locally terminated sessionsFWDED: Forwarded sessionsTRANS: All other sessions (in transient state)TOTAL PTA FWDED TRANSTOTAL 20434 20434 0 0GigabitEthernet2/0/0 4096 4096 0 0ATM3/0/0 16247 16247 0 0Table 139 describes the significant fields shown in the display.
Related Commands
show redundancy
To display current or historical status and related information on planned or logged handovers, use the show redundancy command in user EXEC or privileged EXEC mode.
Privileged EXEC Mode
show redundancy [clients | counters | debug-log | handover | history | switchover history | states | inter-device]
User EXEC Mode
show redundancy {clients | counters | history | states | switchover}
Syntax Description
Command Modes
User EXEC (>)
Privileged EXEC (#)Command History
Usage Guidelines
Cisco AS5800
Use this command from the router-shelf console to determine when failover is enabled. Use this command with the history keyword to log failover events.
Cisco AS5850
To use this command, the router must have two route-switch-controller (RSC) cards installed and must be connected to one of them.
Examples
The following example shows how to display information about the RF client:
Router# show redundancy clientsclientID = 0 clientSeq = 0 RF_INTERNAL_MSGclientID = 25 clientSeq = 130 CHKPT RFclientID = 5026 clientSeq = 130 CHKPT RFclientID = 5029 clientSeq = 135 Redundancy Mode RFclientID = 5006 clientSeq = 170 RFS clientclientID = 6 clientSeq = 180 Const OIR ClientclientID = 7 clientSeq = 190 PF ClientclientID = 5008 clientSeq = 190 PF ClientclientID = 28 clientSeq = 330 Const Startup ConfigclientID = 29 clientSeq = 340 Const IDPROM ClientclientID = 65000 clientSeq = 65000 RF_LAST_CLIENTThe output displays the following information:
•
clientID displays the client's ID number.
•
•
The following example shows how to display information about the RF counters:
Router# show redundancy countersRedundancy Facility OMscomm link up = 0comm link down down = 0invalid client tx = 0null tx by client = 0tx failures = 0tx msg length invalid = 0client not rxing msgs = 0rx peer msg routing errors = 0null peer msg rx = 0errored peer msg rx = 0buffers tx = 0tx buffers unavailable = 0buffers rx = 0buffer release errors = 0duplicate client registers = 0failed to register client = 0Invalid client syncs = 0The following example shows information about the RF history:
Router# show redundancy history00:00:00 client added: RF_INTERNAL_MSG(0) seq=000:00:00 client added: RF_LAST_CLIENT(65000) seq=6500000:00:02 client added: Const Startup Config Sync Clien(28) seq=33000:00:02 client added: CHKPT RF(25) seq=13000:00:02 client added: PF Client(7) seq=19000:00:02 client added: Const OIR Client(6) seq=18000:00:02 client added: Const IDPROM Client(29) seq=34000:00:02 *my state = INITIALIZATION(2) *peer state = DISABLED(1)00:00:02 RF_PROG_INITIALIZATION(100) RF_INTERNAL_MSG(0) op=0 rc=1100:00:02 RF_PROG_INITIALIZATION(100) CHKPT RF(25) op=0 rc=1100:00:02 RF_PROG_INITIALIZATION(100) Const OIR Client(6) op=0 rc=1100:00:02 RF_PROG_INITIALIZATION(100) PF Client(7) op=0 rc=11The following example shows information about the RF state:
Router# show redundancy statesmy state = 13 -ACTIVEpeer state = 1 -DISABLEDMode = SimplexUnit = PrimaryUnit ID = 1Redundancy Mode (Operational) = Route Processor RedundancyRedundancy Mode (Configured) = Route Processor RedundancySplit Mode = DisabledManual Swact = Disabled Reason: Simplex modeCommunications = Down Reason: Simplex modeclient count = 11client_notification_TMR = 30000 millisecondskeep_alive TMR = 4000 millisecondskeep_alive count = 0keep_alive threshold = 7RF debug mask = 0x0If you enter the show redundancy states command with stateful switchover (SSO) configured, the Redundancy Mode (Operational) and the Redundancy Mode (Configured) fields display stateful switchover.
The following example shows how to display the switchover counts, the uptime since active, and the total system uptime:
Router> show redundancy switchoverSwitchovers this system has experienced : 1Uptime since this supervisor switched to active : 1 minuteTotal system uptime from reload : 2 hours, 47 minutesCisco AS5850 Example
The following is sample output from the show redundancy handover and show redundancy states commands on a Cisco AS5850:
Router# show redundancy handoverNo busyout period specifiedHandover pending at 23:00:00 PDT Wed May 9 2001Router# show redundancy statesmy state = 14 -ACTIVE_EXTRALOADpeer state = 4 -STANDBY COLDMode = DuplexUnit = Preferred PrimaryUnit ID = 6Redundancy Mode = Handover-split: If one RSC fails, the peer RSC will take over the feature boardsMaintenance Mode = DisabledManual Swact = Disabled Reason: Progression in progressCommunications = Upclient count = 3client_notification_TMR = 30000 millisecondskeep_alive TMR = 4000 millisecondskeep_alive count = 1keep_alive threshold = 7RF debug mask = 0x0Cisco AS5800 Example
The following is sample output from the show redundancy command on a Cisco AS5800:
Router# show redundancyDSC in slot 12:Hub is in 'active' state.Clock is in 'active' state.DSC in slot 13:Hub is in 'backup' state.Clock is in 'backup' state.Cisco AS5800 with History Example
The following is sample output from the show redundancy history command on a Cisco AS5800:
Router# show redundancy historyDSC Redundancy Status Change History:981130 18:56 Slot 12 DSC: Hub, becoming active - RS instruction981130 19:03 Slot 12 DSC: Hub, becoming active - D13 orderCisco AS5800 Router Shelves as Failover Pair Example
The following is sample output from two Cisco AS5800 router shelves configured as a failover pair. The active router shelf is initially RouterA. The show redundancy history and show redundancy commands have been issued. The show redundancy command shows that failover is enabled, shows the configured group number, and shows that this router shelf is the active one of the pair. Compare this output with that from the backup router shelf (RouterB) that follows.
Note
show redundancy history command is issued after failover has occurred.Log from the First Router (RouterA)
RouterA# show redundancy historyDSC Redundancy Status Change History:010215 18:17 Slot -1 DSC:Failover configured -> ACTIVE role by default.010215 18:18 Slot -1 DSC:Failover -> BACKUP role.010215 18:18 Slot 12 DSC:Failover -> ACTIVE role.010215 18:18 Slot 12 DSC:Hub, becoming active - arb timeoutRouterA# show redundancyfailover mode enabled, failover group = 32Currently ACTIVE role.DSC in slot 12:Hub is in 'active' state.Clock is in 'active' state.No connection to slot 13RouterA# reloadProceed with reload? [confirm] y*Feb 15 20:19:11.059:%SYS-5-RELOAD:Reload requestedSystem Bootstrap, Version xxxCopyright xxx by cisco Systems, Inc.C7200 processor with 131072 Kbytes of main memoryLog from the Second Router (RouterB)
RouterB# show redundancyfailover mode enabled, failover group = 32Currently BACKUP role.No connection to slot 12DSC in slot 13:Hub is in 'backup' state.Clock is in 'backup' state.*Feb 16 03:24:53.931:%DSC_REDUNDANCY-3-BICLINK:Switching to DSC 13*Feb 16 03:24:53.931:%DSC_REDUNDANCY-3-BICLINK:Failover:changing to active mode*Feb 16 03:24:54.931:%DIAL13-3-MSG:02:32:06:%DSC_REDUNDANCY-3-EVENT:Redundancy event:LINK_FAIL from other DSC*Feb 16 03:24:55.491:%OIR-6-INSCARD:Card inserted in slot 12, interfaces administratively shut down*Feb 16 03:24:58.455:%DIAL13-3-MSG:02:32:09:%DSC_REDUNDANCY-3-EVENT:Redundancy event:LINK_FAIL from other DSC*Feb 16 03:25:04.939:%DIAL13-0-MSG:RouterB# show redundancyfailover mode enabled, failover group = 32Currently ACTIVE role.No connection to slot 12DSC in slot 13:Hub is in 'active' state.Clock is in 'backup' state.RouterB# show redundancy historyDSC Redundancy Status Change History:010216 03:09 Slot -1 DSC:Failover configured -> BACKUP role.010216 03:24 Slot 13 DSC:Failover -> ACTIVE role.010216 03:24 Slot 13 DSC:Hub, becoming active - D12 linkfail010216 03:24 Slot 13 DSC:Hub, becoming active - D12 linkfail*Feb 16 03:26:14.079:%DSIPPF-5-DS_HELLO:DSIP Hello from shelf 47 slot 1 Succeeded*Feb 16 03:26:14.255:%DSIPPF-5-DS_HELLO:DSIP Hello from shelf 47 slot 3 Succeeded*Feb 16 03:26:14.979:%DSIPPF-5-DS_HELLO:DSIP Hello from shelf 47 slot 10 SucceededPrivileged EXEC Mode Example
The following is sample output generated by this command in privileged EXEC mode on router platforms that support no keywords for the privileged EXEC mode form of the command:
RouterB# show redundancyMWR1900 is the Active RouterPrevious States with most recent at bottomINITL_INITL Dec 31 19:00:00.000LISTN_INITL Feb 28 19:00:15.568LISTN_LISTN Feb 28 19:00:15.568SPEAK_LISTN Feb 28 19:00:18.568SPEAK_SPEAK Feb 28 19:00:18.568STDBY_SPEAK Mar 19 08:54:26.191ACTIV_SPEAK Mar 19 08:54:26.191ACTIV_STDBY Mar 19 08:54:26.191ACTIV_ACTIV Mar 19 08:54:26.191INITL_ACTIV Mar 19 08:56:22.700INITL_INITL Mar 19 08:56:22.700INITL_LISTN Mar 19 08:56:28.544LISTN_LISTN Mar 19 08:56:28.652LISTN_SPEAK Mar 19 08:56:31.544SPEAK_SPEAK Mar 19 08:56:31.652SPEAK_STDBY Mar 19 08:56:34.544SPEAK_ACTIV Mar 19 08:56:34.544STDBY_ACTIV Mar 19 08:56:34.652ACTIV_ACTIV Mar 19 08:56:34.652INITL_ACTIV Mar 19 10:20:41.455INITL_INITL Mar 19 10:20:41.455INITL_LISTN Mar 19 10:20:49.243LISTN_LISTN Mar 19 10:20:49.299LISTN_SPEAK Mar 19 10:20:52.244SPEAK_SPEAK Mar 19 10:20:52.300SPEAK_STDBY Mar 19 10:20:55.244STDBY_STDBY Mar 19 10:20:55.300ACTIV_STDBY Mar 19 10:21:01.692ACTIV_ACTIV Mar 19 10:21:01.692Related Commands
show route-map
To display static and dynamic route maps, use the show route-map command in privileged EXEC mode.
show route-map [map-name | dynamic [dynamic-map-name | application [application-name]] | all] [detailed]
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
For Cisco IOS Release 12.3(14)T and later 12.4 and 12.4T releases, you can display the ACL-specific information that pertains to the route map in the same display without having to execute a show route-map command to display each ACL that is associated with the route map.
Examples
The show route-map command will display configured route-maps, match, set, and continue clauses. The output will vary depending on which keywords are included with the command, and which software image is running in your router, as shown in the following examples:
•
•
•
•
show route-map Command with No Keywords Specified: Example
The following is sample output from the show route-map command:
Router# show route-maproute-map ROUTE-MAP-NAME, permit, sequence 10Match clauses:ip address (access-lists): 1metric 10Continue: sequence 40Set clauses:as-path prepend 10Policy routing matches: 0 packets, 0 bytesroute-map ROUTE-MAP-NAME, permit, sequence 20Match clauses:ip address (access-lists): 2metric 20Set clauses:as-path prepend 10 10Policy routing matches: 0 packets, 0 bytesroute-map ROUTE-MAP-NAME, permit, sequence 30Match clauses:Continue: to next entry 40Set clauses:as-path prepend 10 10 10Policy routing matches: 0 packets, 0 bytesroute-map ROUTE-MAP-NAME, deny, sequence 40Match clauses:community (community-list filter): 20:2Set clauses:local-preference 100Policy routing matches: 0 packets, 0 bytesroute-map LOCAL-POLICY-MAP, permit, sequence 10Match clauses:Set clauses:community 655370Policy routing matches: 0 packets, 0 bytesThe following example shows Multiprotocol Label Switching (MPLS)-related route map information:
Router# show route-maproute-map OUT, permit, sequence 10Match clauses:ip address (access-lists): 1Set clauses:mpls labelPolicy routing matches: 0 packets, 0 bytesroute-map IN, permit, sequence 10Match clauses:ip address (access-lists): 2mpls labelSet clauses:Policy routing matches: 0 packets, 0 bytesTable 140 describes the significant fields shown in the display.
show route-map Command with Dynamic Route Map Specified: Example
The following is sample output from the show route-map command when entered with the dynamic keyword:
Router# show route-map dynamicroute-map AAA-02/06/04-14:01:26.619-1-AppSpec, permit, sequence 0, identifier 1137954548Match clauses:ip address (access-lists): PBR#1 PBR#2Set clauses:Policy routing matches: 0 packets, 0 bytesroute-map AAA-02/06/04-14:01:26.619-1-AppSpec, permit, sequence 1, identifier 1137956424Match clauses:ip address (access-lists): PBR#3 PBR#4Set clauses:Policy routing matches: 0 packets, 0 bytesroute-map AAA-02/06/04-14:01:26.619-1-AppSpec, permit, sequence 2, identifier 1124436704Match clauses:ip address (access-lists): PBR#5 PBR#6length 10 100Set clauses:ip next-hop 172.16.1.1ip gateway 172.16.1.1Policy routing matches: 0 packets, 0 bytesCurrent active dynamic routemaps = 1The following is sample output from the show route-map command when entered with the dynamic and application keywords:
Router# show route-map dynamic applicationApplication - AAANumber of active routemaps = 1When you specify an application name, only dynamic routes for that application are shown. The following is sample output from the show route-map command when entered with the dynamic and application keywords and the AAA application name:
Router# show route-map dynamic application AAAAAANumber of active rmaps = 2AAA-02/06/04-14:01:26.619-1-AppSpecAAA-02/06/04-14:34:09.735-2-AppSpecRouter# show route-map dynamic AAA-02/06/04-14:34:09.735-2-AppSpecroute-map AAA-02/06/04-14:34:09.735-2-AppSpec, permit, sequence 0, identifier 1128046100Match clauses:ip address (access-lists): PBR#7 PBR#8Set clauses:Policy routing matches: 0 packets, 0 bytesroute-map AAA-02/06/04-14:34:09.735-2-AppSpec, permit, sequence 1, identifier 1141277624Match clauses:ip address (access-lists): PBR#9 PBR#10Set clauses:Policy routing matches: 0 packets, 0 bytesroute-map AAA-02/06/04-14:34:09.735-2-AppSpec, permit, sequence 2, identifier 1141279420Match clauses:ip address (access-lists): PBR#11 PBR#12length 10 100Set clauses:ip next-hop 172.16.1.12ip gateway 172.16.1.12Policy routing matches: 0 packets, 0 bytesCurrent active dynamic routemaps = 2show route-map Command with Detailed ACL Information for Route Maps Specified: Example
The following is sample output from the show route-map command with the dynamic and detailed keywords entered:
Router# show route-map dynamic detailedroute-map AAA-01/20/04-22:03:10.799-1-AppSpec, permit, sequence 1, identifier 29675368Match clauses:ip address (access-lists):Extended IP access list PBR#31 permit icmp 0.0.16.12 1.204.167.240 10.1.1.0 0.0.0.255 syn dscp af12 log-input fragmentsExtended IP access list PBR#41 permit icmp 0.0.16.12 1.204.167.240 10.1.1.0 0.0.0.255 syn dscp af12 log-input fragmentsSet clauses:ip next-hop 172.16.1.14ip gateway 172.16.1.14Policy routing matches: 0 packets, 0 bytesshow route-map Command with VRF Autoclassification: Example
The following is sampe output from the show route-map command when a specified VRF is configured for VRF autoclassification:
Router# show route-map dynamicroute-map None-06/01/04-21:14:21.407-1-IP VRF, permit, sequence 0identifier 1675771000Match clauses:Set clauses: vrf redPolicy routing matches: 0 packets, 0 bytesCurrent active dynamic routemaps = 1Related Commands
show tcp
To display the status of Transmission Control Protocol (TCP) connections when Cisco IOS or Cisco IOS Software Modularity images re running, use the show tcp command in user EXEC or privileged EXEC mode.
show tcp [line-number] [tcb address]
Syntax Description
Command Modes
User EXEC (>)
Privileged EXEC (#)Command History
Examples
Example output varies between Cisco IOS software images and Cisco IOS Software Modularity software images. To view the appropriate output, choose one of the following sections:
•
Cisco IOS Software
The following is sample output that displays the status and option flags:
Router# show tcp...Status Flags: passive open, active open, retransmission timeout, app closedOption Flags: vrf id setIP Precedence value: 6...SRTT: 273 ms, RTTO: 490 ms, RTV: 217 ms, KRTT: 0 msminRTT: 0 ms, maxRTT: 300 ms, ACK hold: 200 msStatus Flags: active open, retransmission timeoutOption Flags: vrf id setIP Precedence value: 6Table 141 contains the types of flags, all possible command output enhancements, and descriptions. See Table 142 through Table 146 for descriptions of the other fields in the sample output.
The following is sample output from the show tcp command:
Router# show tcptty0, connection 1 to host ciderConnection state is ESTAB, I/O status: 1, unread input bytes: 0Local host: 172.31.232.17, Local port: 11184Foreign host: 172.31.1.137, Foreign port: 23Enqueued packets for retransmit: 0, input: 0, saved: 0Event Timers (current time is 67341276):Timer: Retrans TimeWait AckHold SendWnd KeepAliveStarts: 30 0 32 0 0Wakeups: 1 0 14 0 0Next: 0 0 0 0 0iss: 67317172 snduna: 67317228 sndnxt: 67317228 sndwnd: 4096irs: 1064896000 rcvnxt: 1064897597 rcvwnd: 2144 delrcvwnd: 0SRTT: 317 ms, RTTO: 900 ms, RTV: 133 ms, KRTT: 0 msminRTT: 4 ms, maxRTT: 300 ms, ACK hold: 300 msFlags: higher precedence, idle user, retransmission timeoutDatagrams (max data segment is 536 bytes):Rcvd: 41 (out of order: 0), with data: 34, total data bytes: 1596Sent: 57 (retransmit: 1), with data: 35, total data bytes: 55Table 142 describes the first five lines of output shown in the above display.
Note
The following line of output shows the current elapsed time according to the system clock of the local host. The time shown is the number of milliseconds since the system started.
Event Timers (current time is 67341276):The following lines of output display the number of times that various local TCP timeout values were reached during this connection. In this example, the local host re-sent data 30 times because it received no response from the remote host, and it sent an acknowledgment many more times because there was no data.
Timer: Retrans TimeWait AckHold SendWnd Keepalive GiveUp PmtuAgerStarts: 30 0 32 0 0 0 0Wakeups: 1 0 14 0 0 0 0Next: 0 0 0 0 0 0 0Table 143 describes the fields in the above lines of output.
The following lines of output display the sequence numbers that TCP uses to ensure sequenced, reliable transport of data. The local host and remote host each use these sequence numbers for flow control and to acknowledge receipt of datagrams.
iss: 67317172 snduna: 67317228 sndnxt: 67317228 sndwnd: 4096irs: 1064896000 rcvnxt: 1064897597 rcvwnd: 2144 delrcvwnd: 0Table 144 describes the fields shown in the display above.
The following lines of output display values that the local host uses to keep track of transmission times so that TCP can adjust to the network that it is using.
SRTT: 317 ms, RTTO: 900 ms, RTV: 133 ms, KRTT: 0 msminRTT: 4 ms, maxRTT: 300 ms, ACK hold: 300 msFlags: higher precedence, idle user, retransmission timeoutTable 145 describes the significant fields shown in the output above.
Note
The following lines of output display the number of datagrams that are transported with data.
Datagrams (max data segment is 536 bytes):Rcvd: 41 (out of order: 0), with data: 34, total data bytes: 1596Sent: 57 (retransmit: 1), with data: 35, total data bytes: 55Table 146 describes the significant fields shown in the last lines of the show tcp command output.
The following is sample output from the show tcp tcb command that displays detailed information by hexadecimal address about an ECN-enabled connection:
Router# show tcp tcb 0x62CD2BB8Connection state is LISTEN, I/O status: 1, unread input bytes: 0Connection is ECN enabledLocal host: 10.10.10.1, Local port: 179Foreign host: 10.10.10.2, Foreign port: 12000Enqueued packets for retransmit: 0, input: 0 mis-ordered: 0 (0 bytes)Event Timers (current time is 0x4F31940):Timer Starts Wakeups NextRetrans 0 0 0x0TimeWait 0 0 0x0AckHold 0 0 0x0SendWnd 0 0 0x0KeepAlive 0 0 0x0GiveUp 0 0 0x0PmtuAger 0 0 0x0DeadWait 0 0 0x0iss: 0 snduna: 0 sndnxt: 0 sndwnd: 0irs: 0 rcvnxt: 0 rcvwnd: 4128 delrcvwnd: 0SRTT: 0 ms, RTTO: 2000 ms, RTV: 2000 ms, KRTT: 0 msminRTT: 60000 ms, maxRTT: 0 ms, ACK hold: 200 msFlags: passive open, higher precedence, retransmission timeoutTCB is waiting for TCP Process (67)Datagrams (max data segment is 516 bytes):Rcvd: 6 (out of order: 0), with data: 0, total data bytes: 0Sent: 0 (retransmit: 0, fastretransmit: 0), with data: 0, total databytes: 0Cisco IOS Software Modularity
The following is sample output from the show tcp tcb command from a Software Modularity image:
Router# show tcp tcb 0x1059C10Connection state is ESTAB, I/O status: 0, unread input bytes: 0Local host: 10.4.2.32, Local port: 23Foreign host: 10.4.2.39, Foreign port: 11000VRF table id is: 0Current send queue size: 0 (max 65536)Current receive queue size: 0 (max 32768) mis-ordered: 0 bytesEvent Timers (current time is 0xB9ACB9):Timer Starts Wakeups Next(msec)Retrans 6 0 0SendWnd 0 0 0TimeWait 0 0 0AckHold 8 4 0KeepAlive 11 0 7199992PmtuAger 0 0 0GiveUp 0 0 0Throttle 0 0 0irs: 1633857851 rcvnxt: 1633857890 rcvadv: 1633890620 rcvwnd: 32730iss: 4231531315 snduna: 4231531392 sndnxt: 4231531392 sndwnd: 4052sndmax: 4231531392 sndcwnd: 10220SRTT: 84 ms, RTTO: 650 ms, RTV: 69 ms, KRTT: 0 msminRTT: 0 ms, maxRTT: 200 ms, ACK hold: 200 msKeepalive time: 7200 sec, SYN wait time: 75 secGiveup time: 0 ms, Retransmission retries: 0, Retransmit forever: FALSEState flags: noneFeature flags: NagleRequest flags: noneWindow scales: rcv 0, snd 0, request rcv 0, request snd 0Timestamp option: recent 0, recent age 0, last ACK sent 0Datagrams (in bytes): MSS 1460, peer MSS 1460, min MSS 1460, max MSS 1460Rcvd: 14 (out of order: 0), with data: 10, total data bytes: 38Sent: 10 (retransmit: 0, fastretransmit: 0), with data: 5, total data bytes: 76Header prediction hit rate: 72 %Socket states: SS_ISCONNECTED, SS_PRIVRead buffer flags: SB_WAIT, SB_SEL, SB_DEL_WAKEUPRead notifications: 4Write buffer flags: SB_DEL_WAKEUPWrite notifications: 0Socket status: 0Related Commands
show tcp ha connections
To display connection-ID-to-TCP mapping data, use the show tcp ha connections command in privileged EXEC mode.
show tcp ha connections
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
The show tcp ha connections command is used to display connection-ID-to-TCP mapping data.
Examples
The following is sample output from the show tcp ha connections command:
Router# show tcp ha connectionsSSO enabled for 40 connectionsTCB Local Address Foreign Address (state) Conn Id71EACE60 10.0.56.1.179 10.0.56.3.58671 ESTAB 3771EA9320 10.0.53.1.179 10.0.53.3.58659 ESTAB 3471EA35F8 10.0.41.1.179 10.0.41.3.58650 ESTAB 2271A21FE0 10.0.39.1.179 10.0.39.3.58641 ESTAB 2071EAA6E0 10.0.54.1.179 10.0.54.3.58663 ESTAB 3571EA2238 10.0.40.1.179 10.0.40.3.58646 ESTAB 2171EABAA0 10.0.55.1.179 10.0.55.3.58667 ESTAB 3671EAE710 10.0.28.1.179 10.0.28.3.58676 ESTAB 971EA2728 10.0.50.1.179 10.0.50.3.58647 ESTAB 31720541D8 10.0.49.1.179 10.0.49.3.58642 ESTAB 3071EAA1F0 10.0.44.1.179 10.0.44.3.58662 ESTAB 252180B3A8 10.0.33.1.179 10.0.33.3.58657 ESTAB 1471EAB5B0 10.0.45.1.179 10.0.45.3.58666 ESTAB 2621809FE8 10.0.32.1.179 10.0.32.3.58653 ESTAB 1371EA8E30 10.0.43.1.179 10.0.43.3.58658 ESTAB 2471EAD350 10.0.27.1.179 10.0.27.3.58672 ESTAB 82180A9C8 10.0.52.1.179 10.0.52.3.58655 ESTAB 332180A4D8 10.0.42.1.179 10.0.42.3.58654 ESTAB 2371EABF90 10.0.26.1.179 10.0.26.3.58668 ESTAB 771EA3AE8 10.0.51.1.179 10.0.51.3.58651 ESTAB 32720546C8 10.0.59.1.179 10.0.59.3.58643 ESTAB 40Table 147 describes the significant fields shown in the display.
show tech-support mpls
To generate a report of all Multiprotocol Label Switching (MPLS)-related information, use the show tech-support mpls command in privileged EXEC mode.
show tech-support mpls [vrf vrf-name]
Syntax Description
vrf vrf-name
(Optional) Displays MPLS information about the specified VPN routing and forwarding (VRF) instance.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
This command is useful when you contact technical support personnel with questions regarding MPLS. The show tech-support mpls command generates a series of reports. The show tech-support mpls command is equivalent to issuing the following commands:
MPLS Forwarding Information Commands
show adjacency detail
show cef drop show cef events
show cef not-cef-switched
show cef state
show interface accounting | exclude sab
show interfaces statistic | exclude sabl
show ip cef adjacency discard
show ip cef adjacency drop
show ip cef adjacency glean
show ip cef adjacency null
show ip cef adjacency punt
show ip cef detail internal
show ip cef inconsistency
show ip cef summary
show ip cef unresolved internal
show ip interfaces
show ip route
show ip traffic
show mpls forwarding-table detail
show mpls interfaces all
show mpls interfaces all internal
show mpls label range
show mpls static binding
MPLS Forwarding: Cell Mode (LC-ATM) Commands
Note
show atm vc
show controller vsi descriptor
show controller vsi session
show controller vsi status
show XTagATM cross-connect
show XTagATM cross-connect traffic
show XTagATM vc
MPLS Forwarding: Quality of Service (QoS) Commands
Note
show interfaces fair-queue
show interfaces mpls-exp
show interfaces precedence
MPLS Label Distribution Protocol (LDP) Commands
show mpls atm-ldp bindings
show mpls atm-ldp bindwait
show mpls atm-ldp capability
show mpls atm-ldp summary <===== Not supported on Cisco 10000 series routers
show mpls ip binding detail
show mpls ldp backoff
show mpls ldp discovery all detail
show mpls ldp neighbor all
show mpls ldp neighbor detail
show mpls ldp parameters
MPLS LDP: Stateful Switchover/Nonstop Forwarding (SSO/NSF) Support and Graceful Restart Commands
show mpls checkpoint label-binding
show mpls ldp checkpoint
show mpls ldp graceful-restart
show mpls ldp neighbor graceful-restart
MPLS Traffic Engineering Commands
show ip ospf database opaque-area
show ip ospf database opaque-link
show ip ospf mpls traffic-eng fragment
show ip ospf mpls traffic-eng link
show ip rsvp fast-reroute detail
show ip rsvp installed
show ip rsvp interface
show ip rsvp neighbor
show ip rsvp reservation
show ip rsvp sender
show isis mpls traffic-eng adjacency-log
show isis mpls traffic-eng advertisements
show isis mpls traffic-eng tunnel
show mpls traffic-end link-management interfaces
show mpls traffic-eng autoroute
show mpls traffic-eng fast-reroute database detail
show mpls traffic-eng fast-reroute log reroutes
show mpls traffic-eng forwarding adjacency
show mpls traffic-eng link-management admission-control
show mpls traffic-eng link-management advertisements
show mpls traffic-eng link-management bandwidth-allocation
show mpls traffic-eng link-management summary
show mpls traffic-eng topology
show mpls traffic-eng tunnels
show mpls traffic-eng tunnels brief
show mpls traffic-eng tunnels statics summary
MPLS VPN Commands
show ip bgp labels
show ip bgp neighbors
show ip bgp vpnv4 all
show ip bgp vpnv4 all labels
show ip bgp vpnv4 all summary
show ip vrf detail
show ip vrf interfaces
show ip vrf select
Any Transport over MPLS (AToM) Commands
show mpls l2transport binding
show mpls l2transport hw-capability
show mpls l2transport summary
show mpls l2transport vc detailMPLS VPN VRF-Specific Commands
show ip bgp vpnv4 vpn-name dampening flap-statistics
show ip bgp vpnv4 vpn-name labels
show ip bgp vpnv4 vpn-name peer-group
show ip bgp vpnv4 vpn-name summary
show ip bgp vpnv4 vrf vpn-name neighbors
show ip vrf detail vpn-name
show ip vrf interfaces vpn-name
show ip vrf select vpn-name
MPLS VPN VRF-Specific Forwarding Commands
show ip cef vrf vpn-name adjacency discard
show ip cef vrf vpn-name adjacency drop
show ip cef vrf vpn-name adjacency glean
show ip cef vrf vpn-name adjacency null
show ip cef vrf vpn-name adjacency punt
show ip cef vrf vpn-name inconsistency
show ip cef vrf vpn-name internal
show ip cef vrf vpn-name summary
show ip route vrf vpn-name
show ip vrf interfaces vpn-name
show mpls forwarding-table vrf vpn-name
show mpls interface vrfvpn-name detail
MPLS LDP VRF-Specific Commands
show mpls ip binding vrf vpn-name atm detail
show mpls ip binding vrf vpn-name detail
show mpls ip binding vrf vpn-name local
show mpls ip binding vrf vpn-name summary
show mpls ldp discovery vrf vpn-name detail
show mpls ldp neighbor vrf vpn-name detailMPLS LDP VRF Graceful Restart-Specific Commands
show mpls ldp neighbor vrf vpn-name graceful-restart
These commands are documented in individual feature modules or Cisco IOS Release 12.2 command references. Refer to the individual commands for information about the output these commands generate.
Examples
The following example displays an abbreviated version of the show tech-support mpls command output:
Router# show tech-support mpls------------------ show version ------------------Cisco IOS Software, 7300 Software (C7300-P-M), Version 12.2(27)SBC, RELEASE SOF)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2005 by Cisco Systems, Inc.Compiled Sat 10-Sep-05 17:44 by ssearch...------------------ show running-config ------------------Building configuration...Current configuration : 1827 bytes...------------------ show mpls ldp graceful-restart ------------------LDP Graceful Restart is disabledNeighbor Liveness Timer: 120 secondsMax Recovery Time: 120 secondsForwarding State Holding Time: 600 secondsRelated Commands
show vrrp
To display a brief or detailed status of one or all configured Virtual Router Redundancy Protocol (VRRP) groups on the router, use the show vrrp command in privileged EXEC mode.
show vrrp [all | brief]
Syntax Description
all
(Optional) Provides VRRP group information about all VRRP groups, including groups in a disabled state.
brief
(Optional) Provides a summary view of the group information.
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
If no group is specified, all groups are displayed.
Examples
The following is sample output from the show vrrp command:
Router# show vrrpEthernet1/0 - Group 1State is MasterVirtual IP address is 10.2.0.10Virtual MAC address is 0000.5e00.0101Advertisement interval is 3.000 secPreemption is enabledmin delay is 0.000 secPriority 100Track object 1 state down decrement 15Master Router is 10.2.0.1 (local), priority is 100Master Advertisement interval is 3.000 secMaster Down interval is 9.609 secEthernet1/0 - Group 2State is MasterVirtual IP address is 10.0.0.20Virtual MAC address is 0000.5e00.0102Advertisement interval is 1.000 secPreemption is enabledmin delay is 0.000 secPriority 95Master Router is 10.0.0.1 (local), priority is 95Master Advertisement interval is 1.000 secMaster Down interval is 3.628 secThe following sample output shows the MD5 authentication for a VRRP group using a key string:
Router# show vrrpEthernet0/1 - Group 1State is MasterVirtual IP address is 10.21.0.10Virtual MAC address is 0000.5e00.0101Advertisement interval is 1.000 secPreemption is enabledmin delay is 0.000 secPriority is 100Authentication MD5, key-stringMaster Router is 10.21.0.1 (local), priority is 100Master Advertisement interval is 1.000 secMaster Down interval is 3.609 secThe following is sample output from the show vrrp command in Cisco IOS Release 12.2(33)SRC or later releases, displaying peer RP state information:
Router# show vrrpEthernet0/0 - Group 1State is Init (standby RP, peer state is Master)Virtual IP address is 172.24.1.1Virtual MAC address is 0000.5e00.0101Advertisement interval is 1.000 secPreemption enabledPriority is 255Master Router is 172.24.1.1 (local), priority is 255Master Advertisement interval is 1.000 secMaster Down interval is 3.003 secTable 148 describes the significant fields shown in the displays.
The following is sample output from the show vrrp command with the brief keyword:
Router# show vrrp briefInterface Grp Prio Time Own Pre State Master addr Group addrEthernet1/0 1 100 3609 P Master 10.0.0.4 10.0.0.10Ethernet1/0 2 105 3589 P Master 10.0.0.4 10.0.0.20Table 149 describes the fields shown in the display.
Related Commands
vrrp ip
Enables VRRP on an interface and identifies the IP address of the virtual router.
show vrrp interface
To display the Virtual Router Redundancy Protocol (VRRP) groups and their status on a specified interface, use the show vrrp interface command in user EXEC or privileged EXEC mode.
show vrrp interface type number [brief]
Syntax Description
type
Interface type.
number
Interface number.
brief
(Optional) Provides a summary view of the group information.
Command Modes
User EXEC (>)
Privileged EXEC (#)Command History
Examples
The following is sample output from the show vrrp interface command:
Router# show vrrp interface ethernet 1/0Ethernet1/0 - Group 1State is MasterVirtual IP address is 10.2.0.10Virtual MAC address is 0000.5e00.0101Advertisement interval is 3.000 secPreemption enabled, delay min 4 secsPriority is 100Master Router is 10.2.0.1 (local), priority is 100Master Advertisement interval is 3.000 secMaster Down interval is 9.609 secEthernet1/0 - Group 2State is MasterVirtual IP address is 10.0.0.20Virtual MAC address is 0000.5e00.0102Advertisement interval is 1.000 secPreemption enabled, delay min 2 secPriority is 95Authentication MD5, key-stringMaster Router is 10.0.0.1 (local), priority is 95Master Advertisement interval is 1.000 secMaster Down interval is 3.628 secTable 150 describes the significant fields shown in the display.
Related Commands
Related Commands
snmp-server enable traps
To enable all Simple Network Management Protocol (SNMP) notification types that are available on your system, use the snmp-server enable traps command in global configuration mode. To disable all available SNMP notifications, use the no form of this command.
snmp-server enable traps [notification-type] [vrrp]
no snmp-server enable traps [notification-type] [vrrp]
Syntax Description
notification-type
(Optional) Type of notification (trap or inform) to enable or disable. If no type is specified, all notifications available on your device are enabled or disabled (if the no form is used). The notification type can be one of the following keywords:
alarms—Enables alarm filtering to limit the number of syslog messages generated. Alarms are generated for the severity configured as well as for the higher severity values.
•
–
–
–
–
•
•
•
Catalyst 6500 Series Switches
The following keywords are available under the dot1x keyword:
–
–
–
–
•
•
•
•
•
•
•
–
–
–
–
•
•
•
–
–
–
–
•
•
•
•
•
•
Note
vrrp
(Optional) Specifies the Virtual Router Redundancy Protocol (VRRP).
1 Supported on the Catalyst 6500 series switches.
Command Default
No notifications controlled by this command are sent.
Command Modes
Global configuration (config)
Command History
Usage Guidelines
For additional notification types, see the Related Commands table for this command.
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests for the specified notification types. To specify whether the notifications should be sent as traps or informs, use the snmp-server host [traps | informs] command.
To configure the router to send these SNMP notifications, you must enter at least one snmp-server enable traps command. If you enter the command with no keywords, all notification types are enabled. If you enter the command with a keyword, only the notification type related to that keyword is enabled. To enable multiple types of notifications, you must issue a separate snmp-server enable traps command for each notification type and notification option.
Most notification types are disabled by default but some cannot be controlled with the snmp-server enable traps command.
The snmp-server enable traps command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. To send notifications, you must configure at least one snmp-server host command.
Catalyst 6500 Series Switches
The following MIBs were enhanced or supported in Cisco IOS Release 12.2(33)SXI and later releases on the Catalyst 6500 series switch:
•
•
•
•
•
Examples
The following example shows how to enable the router to send all traps to the host specified by the name myhost.cisco.com, using the community string defined as public:
Router(config)# snmp-server enable trapsRouter(config)# snmp-server host myhost.cisco.com publicThe following example shows how to configure an alarm severity threshold of 3:
Router# snmp-server enable traps alarms 3The following example shows how to enable the generation of a DSP operational state notification from from the command-line interface (CLI):
Router(config)# snmp-server enable traps dsp oper-stateThe following example shows how to enable the generation of a DSP operational state notification from a network management device:
setany -v2c 1.4.198.75 test cdspEnableOperStateNotification.0 -i 1cdspEnableOperStateNotification.0=true(1)The following example shows how to send no traps to any host. The Border Gateway Protocol (BGP) traps are enabled for all hosts, but the only traps enabled to be sent to a host are ISDN traps (which are not enabled in this example).
Router(config)# snmp-server enable traps bgpRouter(config)# snmp-server host user1 public isdnThe following example shows how to enable the router to send all inform requests to the host at the address myhost.cisco.com, using the community string defined as public:
Router(config)# snmp-server enable trapsRouter(config)# snmp-server host myhost.cisco.com informs version 2c publicThe following example shows how to send HSRP MIB traps to the host myhost.cisco.com using the community string public:
Router(config)# snmp-server enable traps hsrpRouter(config)# snmp-server host myhost.cisco.com traps version 2c public hsrpThe following example shows that VRRP will be used as the protocol to enable the traps:
Router(config)# snmp-server enable traps vrrpRouter(config)# snmp-server host myhost.cisco.com traps version 2c vrrpThe following example shows how to send IEEE 802.1X MIB traps to the host "myhost.example.com" using the community string defined as public:
Router(config)# snmp-server enable traps dot1xRouter(config)# snmp-server host myhost.example.com traps publicRelated Commands
snmp-server host
To specify the recipient of a Simple Network Management Protocol (SNMP) notification operation, use the snmp-server host command in global configuration mode. To remove the specified host from the configuration, use the no form of this command.
snmp-server host {hostname | ip-address} [vrf vrf-name] [traps | informs] [version {1 | 2c | 3 [auth | noauth | priv]} [community-string [udp-port port] [notification-type]]
no snmp-server host {hostname | ip-address} [vrf vrf-name] [traps | informs] [version {1 | 2c | 3 [auth | noauth | priv]} [community-string [udp-port port] [notification-type]]
Syntax Description
Command Default
This command is disabled by default. A recipient is not specified to receive notifications.
Command Modes
Global configuration (config)
Command History
Usage Guidelines
If you enter this command with no optional keywords, the default is to send all notification-type traps to the host. No informs will be sent to the host.
The no snmp-server host command with no keywords disables traps, but not informs, to the host. To disable informs, use the no snmp-server host informs command.
Note
SNMP notifications can be sent as traps or inform requests. Traps are unreliable because the receiver does not send acknowledgments when it receives traps. The sender cannot determine if the traps were received. However, an SNMP entity that receives an inform request acknowledges the message with a SNMP response protocol data unit (PDU). If the sender never receives the response, the inform request can be sent again. Thus, informs are more likely than traps to reach their intended destination.
Compared to traps, informs consume more resources in the agent and in the network. Unlike a trap, which is discarded as soon as it is sent, an inform request must be held in memory until a response is received or the request times out. Also, traps are sent only once; an inform may be tried several times. The retries increase traffic and contribute to a higher overhead on the network.
If you do not enter a snmp-server host command, no notifications are sent. To configure the router to send SNMP notifications, you must enter at least one snmp-server host command. If you enter the command with no optional keywords, all trap types are enabled for the host.
To enable multiple hosts, you must issue a separate snmp-server host command for each host. You can specify multiple notification types in the command for each host.
When multiple snmp-server host commands are given for the same host and kind of notification (trap or inform), each succeeding command overwrites the previous command. Only the last snmp-server host command will be in effect. For example, if you enter an snmp-server host inform command for a host and then enter another snmp-server host inform command for the same host, the second command will replace the first.
The snmp-server host command is used in conjunction with the snmp-server enable command. Use the snmp-server enable command to specify which SNMP notifications are sent globally. For a host to receive most notifications, at least one snmp-server enable command and the snmp-server host command for that host must be enabled.
Some notification types cannot be controlled with the snmp-server enable command. Some notification types are always enabled, and others are enabled by a different command. For example, the linkUpDown notifications are controlled by the snmp trap link-status command. These notification types do not require an snmp-server enable command.
The availability of a notification-type options depends on the router type and the Cisco IOS software features supported on the router. For example, the envmon notification type is available only if the environmental monitor is part of the system. To see what notification types are available on your system, use the command help ? at the end of the snmp-server host command.
The vrf keyword allows you to specify the notifications being sent to a specified IP address over a specific VRF. The VRF defines a VPN membership of a user so data is stored using the VPN.
Notification-Type Keywords
The notification-type keywords used in the snmp-server host command do not always match the keywords used in the corresponding snmp-server enable traps command. For example, the notification keyword applicable to Multiprotocol Label Switching Protocol (MPLS) traffic engineering tunnels is specified as mpls-traffic-eng (containing two hyphens and no embedded spaces). The corresponding parameter in the snmp-server enable traps command is specified as mpls traffic-eng (containing an embedded space and a hyphen).
This syntax difference is necessary to ensure that the command-line interface (CLI) interprets the notification-type keyword of the snmp-server host command as a unified, single-word construct, which preserves the capability of the snmp-server host command to accept multiple notification-type keywords in the command line. The snmp-server enable traps commands, however, often use two-word constructs to provide hierarchical configuration options and to maintain consistency with the command syntax of related commands. Table 151 maps some examples of snmp-server enable traps commands to the keywords used in the snmp-server host command.
Table 151 SNMP-server enable traps Commands and Corresponding Notification Keywords
snmp-server enable traps l2tun session
l2tun-session
snmp-server enable traps mpls ldp
mpls-ldp
snmp-server enable traps mpls traffic-eng1
mpls-traffic-eng
snmp-server enable traps mpls vpn
mpls-vpn
1 See the Cisco IOS Multiprotocol Label Switching Command Reference for documentation of this command.
Examples
If you want to configure a unique SNMP community string for traps but prevent SNMP polling access with this string, the configuration should include an access list. The following example shows how to name a community string comaccess and number an access list 10:
Router(config)# snmp-server community comaccess ro 10Router(config)# snmp-server host 192.20.2.160 comaccessRouter(config)# access-list 10 deny any
Note
The following example shows how to send RFC 1157 SNMP traps to a specified host named myhost.cisco.com. Other traps are enabled, but only SNMP traps are sent because only snmp is specified in the snmp-server host command. The community string is defined as comaccess.
Router(config)# snmp-server enable trapsRouter(config)# snmp-server host myhost.cisco.com comaccess snmpThe following example shows how to send the SNMP and Cisco environmental monitor enterprise-specific traps to address 192.30.2.160 using the community string public:
Router(config)# snmp-server enable traps snmpRouter(config)# snmp-server enable traps envmonRouter(config)# snmp-server host 192.30.2.160 public snmp envmonThe following example shows how to enable the router to send all traps to the host myhost.cisco.com using the community string public:
Router(config)# snmp-server enable trapsRouter(config)# snmp-server host myhost.cisco.com publicThe following example will not send traps to any host. The BGP traps are enabled for all hosts, but only the ISDN traps are enabled to be sent to a host. The community string is defined as public.
Router(config)# snmp-server enable traps bgpRouter(config)# snmp-server host myhost.cisco.com public isdnThe following example shows how to enable the router to send all inform requests to the host myhost.cisco.com using the community string public:
Router(config)# snmp-server enable trapsRouter(config)# snmp-server host myhost.cisco.com informs version 2c publicThe following example shows how to send HSRP MIB informs to the host specified by the name myhost.cisco.com. The community string is defined as public.
Router(config)# snmp-server enable traps hsrpRouter(config)# snmp-server host myhost.cisco.com informs version 2c public hsrpThe following example shows how to send all SNMP notifications to company.com over the VRF named trap-vrf using the community string public:
Router(config)# snmp-server host company.com vrf trap-vrf publicThe following example shows how to configure an IPv6 SNMP notification server with the IPv6 address 2001:0DB8:0000:ABCD:1 using the community string public:
Router(config)# snmp-server host 2001:0DB8:0000:ABCD:1 version 2c public udp-port 2012The following example shows how to specify VRRP as the protocol using the community string public:
Router(config)# snmp-server enable traps vrrpRouter(config)# snmp-server host myhost.cisco.com traps version 2c public vrrpThe following example shows how to send all Cisco Express Forwarding informs to the notification receiver with the IP address 192.40.3.130 using the community string public:
Router(config)# snmp-server enable traps cefRouter(config)# snmp-server host 192.40.3.130 informs version 2c public cefThe following example shows how to enable all NHRP traps, and how to send all NHRP traps to the notification receiver with the IP address 192.40.3.130 using the community string public:
Router(config)# snmp-server enable traps nhrpRouter(config)# snmp-server host 192.40.3.130 traps version 2c public nhrpRelated Commands
standby authentication
To configure an authentication string for the Hot Standby Router Protocol (HSRP), use the standby authentication command in interface configuration mode. To delete an authentication string, use the no form of this command.
standby [group-number] authentication {text string | md5 {key-string [0 | 7] key [timeout seconds] | key-chain name-of-chain}}
no standby [group-number] authentication {text string | md5 {key-string [0 | 7] key [timeout seconds] | key-chain name-of-chain}}
Syntax Description
Command Default
No text authentication string is configured.
Command Modes
Interface configuration (config-if)
Command History
Usage Guidelines
The authentication string is sent unencrypted in all HSRP messages when using the standby authentication text string option. The same authentication string must be configured on all routers and access servers on a cable to ensure interoperation. Authentication mismatch prevents a device from learning the designated Hot Standby IP address and the Hot Standby timer values from other routers configured with HSRP.
When group number 0 is used, no group number is written to NVRAM, providing backward compatibility.
If password encryption is configured with the service password-encryption command, the software saves the key string as encrypted text.
The timeout seconds is the duration that the HSRP group will accept message digests based on both the old and new keys. This allows time for configuration of all routers in a group with the new key. HSRP route flapping can be minimized by changing the keys on all the routers, provided that the active router is changed last. The active router should have its key string changed no later than one holdtime period, specified by the standby timers interface configuration command, after the non-active routers. This procedure ensures that the non-active routers do not time out the active router.
Examples
The following example configures "company1" as the authentication string required to allow Hot Standby routers in group 1 to interoperate:
interface ethernet 0standby 1 authentication text company1The following example configures MD5 authentication using a key string named "345890":
interface Ethernet0/1standby 1 ip 10.21.0.12standby 1 priority 110standby 1 preemptstandby 1 authentication md5 key-string 345890 timeout 30The following example configures MD5 authentication using a key chain. HSRP queries the key chain "hsrp1" to obtain the current live key and key ID for the specified key chain:
key chain hsrp1key 1key-string 543210interface Ethernet0/1standby 1 ip 10.21.0.10standby 1 priority 110standby 1 preemptstandby 1 authentication md5 key-chain hsrp1Related Commands
standby delay minimum reload
To configure the delay period before the initialization of Hot Standby Router Protocol (HSRP) groups, use the standby delay minimum reload command in interface configuration mode. To disable the delay period, use the no form of this command.
standby delay minimum min-seconds reload reload-seconds
no standby delay minimum min-seconds reload reload-seconds
Syntax Description
Command Default
HSRP group initialization is not delayed.
Command Modes
Interface configuration (config-if)
Command History
Usage Guidelines
If the active router fails or is removed from the network, then the standby router will automatically become the new active router. If the former active router comes back online, you can control whether it takes over as the active router by using the standby preempt command.
However, in some cases, even if the standby preempt command is not configured, the former active router will resume the active role after it reloads and comes back online. Use the standby delay minimum reload command to set a delay period for HSRP group initialization. This command allows time for the packets to get through before the router resumes the active role.
We recommend that all HSRP routers have the standby delay minimum reload configured with a minimum delay time of 30 seconds and a minimum reload time of 60 seconds.
The delay will be cancelled if an HSRP packet is received on an interface.
The standby delay minimum reload interface configuration command delays HSRP groups from initializing for the specified time after the interface comes up.
This command is separate from the standby preempt delay interface configuration command, which enables HSRP preemption delay.
Examples
The following example sets the minimum delay period to 30 seconds and the delay period after the first reload to 120 seconds:
interface ethernet 0ip address 10.20.0.7 255.255.0.0standby delay minimum 30 reload 60standby 3 ip 10.20.0.21standby 3 timers msec 300 msec 700standby 3 priority 100Related Commands
standby ip
To activate the Hot Standby Router Protocol (HSRP), use the standby ip command in interface configuration mode. To disable HSRP, use the no form of this command.
standby [group-number] ip [ip-address [secondary]]
no standby [group-number] ip [ip-address]
Syntax Description
Defaults
The default group number is 0.
HSRP is disabled by default.Command Modes
Interface configuration (config-if)
Command History
Usage Guidelines
The standby ip command activates HSRP on the configured interface. If an IP address is specified, that address is used as the designated address for the Hot Standby group. If no IP address is specified, the designated address is learned through the standby function. For HSRP to elect a designated router, at least one router on the cable must have been configured with, or have learned, the designated address. Configuration of the designated address on the active router always overrides a designated address that is currently in use.
When the standby ip command is enabled on an interface, the handling of proxy Address Resolution Protocol (ARP) requests is changed (unless proxy ARP was disabled). If the Hot Standby state of the interface is active, proxy ARP requests are answered using the MAC address of the Hot Standby group. If the interface is in a different state, proxy ARP responses are suppressed.
When group number 0 is used, no group number is written to NVRAM, providing backward compatibility.
HSRP version 2 permits an expanded group number range from 0 to 4095. The increased group number range does not imply that an interface can, or should, support that many HSRP groups. The expanded group number range was changed to allow the group number to match the VLAN number on subinterfaces.
Examples
The following example activates HSRP for group 1 on Ethernet interface 0. The IP address used by the Hot Standby group will be learned using HSRP.
interface ethernet 0standby 1 ipIn the following example, all three virtual IP addresses appear in the ARP table using the same (single) virtual MAC address. All three virtual IP addresses are using the same HSRP group (group 0).
ip address 10.1.1.1. 255.255.255.0ip address 10.2.2.2. 255.255.255.0 secondaryip address 10.3.3.3. 255.255.255.0 secondaryip address 10.4.4.4. 255.255.255.0 secondarystandby ip 10.1.1.254standby ip 10.2.2.254 secondarystandby ip 10.3.3.254 secondarystandby mac-address
To specify a virtual Media Access Control (MAC) address for the Hot Standby Router Protocol (HSRP), use the standby mac-address command in interface configuration mode. To revert to the standard virtual MAC address (000.0C07.ACxy), use the no form of this command.
standby [group-number] mac-address mac-address
no standby [group-number] mac-address
Syntax Description
group-number
(Optional) Group number on the interface for which HSRP is being activated. The default is 0.
mac-address
MAC address.
Command Default
If this command is not configured, and the standby use-bia command is not configured, the standard virtual MAC address is used: 0000.0C07.ACxy, where xy is the group number in hexadecimal. This address is specified in RFC 2281, Cisco Hot Standby Router Protocol (HSRP).
Command Modes
Interface configuration (config-if)
Command History
Usage Guidelines
This command cannot be used on a Token Ring interface.
HSRP is used to help end stations locate the first-hop gateway for IP routing. The end stations are configured with a default gateway. However, HSRP can provide first-hop redundancy for other protocols. Some protocols, such as Advanced Peer-to-Peer Networking (APN), use the MAC address to identify the first hop for outing purposes. In this case, it is often necessary to be able to specify the virtual MAC address; the virtual IP address is unimportant for these protocols. Use the standby mac-address command to specify the virtual MAC address.
The MAC address specified is used as the virtual MAC address when the router is active.
This command is intended for certain APPN configurations. The parallel terms are shown in Table 152.
In an APPN network, an end node is typically configured with the MAC address of the adjacent network node. Use the standby mac-address command in the routers to set the virtual MAC address to the value used in the end nodes.
Examples
If the end nodes are configured to use 4000.1000.1060 as the MAC address of the network node, the following example shows the command used to configure HSRP group 1 with the virtual MAC address:
Router(config-if)# standby 1 mac-address 4000.1000.1060Related Commands
show standby
Displays HSRP information.
standby use-bia
Configures HSRP to use the burned-in address of the interface as its virtual MAC address.
standby mac-refresh
To change the interval at which packets are sent to refresh the Media Access Control (MAC) cache when the Hot Standby Router Protocol (HSRP) is running over FDDI, use the standby mac-refresh command in interface configuration mode. To restore the default value, use the no form of this command.
standby mac-refresh seconds
no standby mac-refresh
Syntax Description
seconds
Number of seconds in the interval at which a packet is sent to refresh the MAC cache. The maximum value is 255 seconds. The default is 10 seconds.
Defaults
seconds: 10 seconds
Command Modes
Interface configuration (config-if)
Command History
Usage Guidelines
This command applies to HSRP running over FDDI only. Packets are sent every 10 seconds to refresh the MAC cache on learning bridges or switches. By default, the MAC cache entries age out in 300 seconds (5 minutes).
All other routers participating in HSRP on the FDDI ring receive the refresh packets, although the packets are intended only for the learning bridge or switch. Use this command to change the interval. Set the interval to 0 if you want to prevent refresh packets (if you have FDDI but do not have a learning bridge or switch).
Examples
The following example changes the MAC refresh interval to 100 seconds. Therefore, a learning bridge would need to miss three packets before the entry ages out.
standby mac-refresh 100standby preempt
To configure Hot Standby Router Protocol (HSRP) preemption and preemption delay, use the standby preempt command in interface configuration mode. To restore the default values, use the no form of this command.
standby [group-number] preempt [delay {minimum seconds | reload seconds | sync seconds}]
no standby [group-number] preempt [delay {minimum seconds | reload seconds | sync seconds}]
Syntax Description
Defaults
The default group number is 0.
The default delay is 0 seconds; if the router wants to preempt, it will do so immediately.
By default, the router that comes up later becomes the standby.Command Modes
Interface configuration (config-if)
Command History
Usage Guidelines
Note
When the standby preempt command is configured, the router is configured to preempt, which means that when the local router has a Hot Standby priority higher than the current active router, the local router should attempt to assume control as the active router. If preemption is not configured, the local router assumes control as the active router only if it receives information indicating no router is in the active state (acting as the designated router).
This command is separate from the standby delay minimum reload interface configuration command, which delays HSRP groups from initializing for the specified time after the interface comes up.
When a router first comes up, it does not have a complete routing table. If it is configured to preempt, it will become the active router, yet it is unable to provide adequate routing services. Solve this problem by configuring a delay before the preempting router actually preempts the currently active router.
When group number 0 is used, no group number is written to NVRAM, providing backward compatibility.
IP redundancy clients can prevent preemption from taking place. The standby preempt delay sync seconds command specifies a maximum number of seconds to allow IP redundancy clients to prevent preemption. When this expires, preemption takes place regardless of the state of the IP redundancy clients.
The standby preempt delay reload seconds command allows preemption to occur only after a router reloads. This provides stabilization of the router at startup. After this initial delay at startup, the operation returns to the default behavior.
The no standby preempt delay command will disable the preemption delay but preemption will remain enabled. The no standby preempt delay minimum seconds command will disable the minimum delay but leave any synchronization delay if it was configured.
When the standby follow command is used to configure an HSRP group to become an IP redundancy client of another HSRP group, the client group takes its state from the master group it is following. Therefore, the client group does not use its timer, priority, or preemption settings. A warning is displayed if these settings are configured on a client group:
Router(config-if)# standby 1 preempt delay minimum 300% Warning: This setting has no effect while following another group.Examples
In the following example, the router will wait for 300 seconds (5 minutes) before attempting to become the active router:
interface ethernet 0standby ip 172.19.108.254standby preempt delay minimum 300standby priority
To configure Hot Standby Router Protocol (HSRP) priority, use the standby priority command in interface configuration mode. To restore the default values, use the no form of this command.
standby [group-number] priority priority
no standby [group-number] priority priority
Syntax Description
Defaults
The default group number is 0.
The default priority is 100.Command Modes
Interface configuration (config-if)
Command History
Usage Guidelines
Note
When group number 0 is used, the number 0 is written to NVRAM, providing backward compatibility.
The assigned priority is used to help select the active and standby routers. Assuming that preemption is enabled, the router with the highest priority becomes the designated active router. In case of ties, the primary IP addresses are compared, and the higher IP address has priority.
Note that the priority of the device can change dynamically if an interface is configured with the standby track command and another interface on the router or a tracked object goes down.
When the standby follow command is used to configure an HSRP group to become an IP redundancy client of another HSRP group, the client group takes its state from the master group it is following. Therefore, the client group does not use its timer, priority, or preemption settings. A warning is displayed if these settings are configured on a client group:
Router(config-if)# standby 1 priority 110%Warning: This setting has no effect while following another group.Examples
In the following example, the router has a priority of 120 (higher than the default value):
interface ethernet 0standby ip 172.19.108.254standby priority 120standby preempt delay 300Related Commands
standby track
Configures an interface so that the Hot Standby priority changes based on the availability of other interfaces.
standby redirect
To enable Hot Standby Router Protocol (HSRP) filtering of Internet Control Message Protocol (ICMP) redirect messages, use the standby redirect command in interface configuration mode. To disable the HSRP filtering of ICMP redirect messages, use the no form of this command.
standby redirect [timers advertisement holddown] [unknown]
no standby redirect [unknown]
Syntax Description
Command Default
HSRP filtering of ICMP redirect messages is enabled if HSRP is configured on an interface.
Command Modes
Interface configuration (config-if)
Command History
Usage Guidelines
The standby redirect command can be configured globally or on a per-interface basis. When HSRP is first configured on an interface, the setting for that interface will inherit the global value. If the filtering of ICMP redirects is explicitly disabled on an interface, then the global command cannot reenable this functionality.
With the standby redirect command enabled, the real IP address of a router can be replaced with a virtual IP address in the next hop address or gateway field of the redirect packet. HSRP looks up the next hop IP address in its table of real IP addresses versus virtual IP addresses. If HSRP does not find a match, the HSRP router allows the redirect packet to go out unchanged. The host HSRP router is redirected to a router that is unknown, that is, a router with no active HSRP groups. You can specify the no standby redirect unknown command to stop these redirects from being sent.
Examples
The following example shows how to allow HSRP to filter ICMP redirect messages on interface Ethernet 0:
interface ethernet 0ip address 10.0.0.1 255.0.0.0standby redirectstandby 1 ip 10.0.0.11The following example shows how to change the HSRP router advertisement interval to 90 seconds and the holddown timer to 270 seconds on interface Ethernet 0:
interface ethernet 0ip address 10.0.0.1 255.0.0.0standby redirect timers 90 270standby 1 ip 10.0.0.11Related Commands
show standby
Displays the HSRP information.
show standby redirect
Displays ICMP redirect information on interfaces configured with the HSRP.
standby timers
To configure the time between hello packets and the time before other routers declare the active Hot Standby or standby router to be down, use the standby timers command in interface configuration mode. To restore the timers to their default values, use the no form of this command.
standby [group-number] timers [msec] hellotime [msec] holdtime
no standby [group-number] timers [msec] hellotime [msec] holdtime
Syntax Description
Defaults
The default group number is 0.
The default hello interval is 3 seconds.
The default hold time is 10 seconds.Command Modes
Interface configuration (config-if)
Command History
Usage Guidelines
The standby timers command configures the time between standby hello packets and the time before other routers declare the active or standby router to be down. Routers or access servers on which timer values are not configured can learn timer values from the active or standby router. The timers configured on the active router always override any other timer settings. All routers in a Hot Standby group should use the same timer values. Normally, holdtime is greater than or equal to 3 times the value of hellotime. The range of values for holdtime force the holdtime to be greater than the hellotime. If the timer values are specified in milliseconds, the holdtime is required to be at least three times the hellotime value and not less than 50 milliseconds.
Some HSRP state flapping can occasionally occur if the holdtime is set to less than 250 milliseconds, and the processor is busy. It is recommended that holdtime values less than 250 milliseconds be used on Cisco 7200 platforms or better, and on Fast-Ethernet or FDDI interfaces or better. Setting the process-max-time command to a suitable value may also help with flapping.
The value of the standby timer will not be learned through HSRP hellos if it is less than 1 second.
When group number 0 is used, no group number is written to NVRAM, providing backward compatibility.
When the standby follow command is used to configure an HSRP group to become an IP redundancy client of another HSRP group, the client group takes its state from the master group it is following. Therefore, the client group does not use its timer, priority, or preemption settings. A warning is displayed if these settings are configured on a client group:
Router(config-if)# standby 1 timers 5 15% Warning: This setting has no effect while following another group.Examples
The following example sets, for group number 1 on Ethernet interface 0, the time between hello packets to 5 seconds, and the time after which a router is considered to be down to 15 seconds:
interface ethernet 0standby 1 ipstandby 1 timers 5 15The following example sets, for the Hot Router interface located at 172.19.10.1 on Ethernet interface 0, the time between hello packets to 300 milliseconds, and the time after which a router is considered to be down to 900 milliseconds:
interface ethernet 0standby ip 172.19.10.1standby timers msec 300 msec 900The following example sets, for the Hot Router interface located at 172.18.10.1 on Ethernet interface 0, the time between hello packets to 15 milliseconds, and the time after which a router is considered to be down to 50 milliseconds. Note that the holdtime is larger than three times the hellotime because the minimum holdtime value in milliseconds is 50.
interface ethernet 0standby ip 172.18.10.1standby timers msec 15 msec 50standby track
To configure the Hot Standby Router Protocol (HSRP) to track an object and change the Hot Standby priority on the basis of the state of the object, use the standby track command in interface configuration mode. To remove the tracking, use the no form of this command.
Cisco IOS XE Release 2.1 and Later Releases
standby track {object-number | interface-type interface-number [decrement priority-decrement]} [shutdown]
no standby track {object-number | interface-type interface-number}
Cisco IOS Release 12.2(33)SXH, 12.2(33)SRB and Later Releases
standby track {object-number | interface-type interface-number [decrement priority-decrement]} [shutdown]
no standby track {object-number | interface-type interface-number}
Cisco IOS Release 12.4(9)T and Later Releases
standby track {object-number [priority-decrement] | interface-type interface-number [decrement priority-decrement]} [shutdown]
no standby track {object-number | interface-type interface-number}
Cisco IOS Release 12.2(15)T and Later Releases
standby track {object-number [priority-decrement] | interface-type interface-number [decrement priority-decrement]}
no standby track {object-number | interface-type interface-number}
Cisco IOS Releases 12.2(13)T, 12.2(14)SX, 12.2(17dSXB), 12.2(33)SRA, and Earlier Releases
standby track interface-type interface-number [interface-priority]
no standby track interface-type interface-number [interface-priority]
Syntax Description
Command Default
There is no tracking.
Command Modes
Interface configuration (config-if)
Command History
Usage Guidelines
This command ties the Hot Standby priority of the router to the availability of its tracked objects. Use the track interface command or track ip route command to track an interface object or an IP-route object. The HSRP client can register its interest in the tracking process by using the standby track command and take action when the object changes.
When a tracked object goes down, the Hot Standby priority decreases by 10. If an object is not tracked, its state changes do not affect the Hot Standby priority. For each object configured for Hot Standby, you can configure a separate list of objects to be tracked.
The optional priority-decrement and interface-priority arguments specify how much to decrement the Hot Standby priority when a tracked object goes down. When the tracked object comes back up, the priority is incremented by the same amount.
When multiple tracked objects are down, the decrements are cumulative, whether configured with priority-decrement or interface-priority values or not.
The optional shutdown keyword configures the HSRP group to change to the Init state and become disabled rather than having its priority decremented when a tracked object goes down.
Use the no standby group-number track command to delete all tracking configuration for a group.
When group number 0 is used, no group number is written to NVRAM, providing backward compatibility.
The standby track command syntax prior to Cisco IOS Release 12.2(15)T is still supported. Using the older form of the command syntax will cause a tracked object to be created in the new tracking process. This tracking information can be displayed using the show track command.
Note
If you configure HSRP to track an interface, and that interface is physically removed as in the case of an Online Insertion and Removal (OIR) operation, then HSRP regards the interface as always down. You cannot remove the HSRP interface-tracking configuration. To prevent this situation, use the no standby track command before you physically remove the interface.
If an object is already being tracked by an HSRP group, you cannot change the configuration to use the HSRP Group Shutdown feature that disables the HSRP group. You must first remove the tracking configuration using the no standby track command and then reconfigure it using the standby track command with the shutdown keyword.
Examples
In the following example, the tracking process is configured to track the IP-routing capability of serial interface 1/0. HSRP on Ethernet interface 0/0 then registers with the tracking process to be informed of any changes to the IP-routing state of serial interface 1/0. If the IP state on serial interface 1/0 goes down, the priority of the HSRP group is reduced by 10.
If both serial interfaces are operational, Router A will be the HSRP active router because it has the higher priority. However, if IP routing on serial interface 1/0 in Router A fails, the HSRP group priority will be reduced and Router B will take over as the active router, thus maintaining a default virtual gateway service to hosts on the 10.1.0.0 subnet.
Router A Configuration
track 100 interface serial1/0 ip routing!interface Ethernet0/0ip address 10.1.0.21 255.255.0.0standby 1 ip 10.1.0.1standby 1 preemptstandby 1 priority 105standby 1 track 100 decrement 10Router B Configuration
track 100 interface serial1/0 ip routing!interface Ethernet0/0ip address 10.1.0.22 255.255.0.0standby 1 ip 10.1.0.1standby 1 preemptstandby 1 priority 11standby 1 track 100 decrement 10The following example shows how to change the configuration of a tracked object to include the HSRP Group Shutdown feature:
no standby 1 track 101 decrement 10standby 1 track 101 shutdownRelated Commands
standby use-bia
To configure the Hot Standby Router Protocol (HSRP) to use the burned-in address of the interface as its virtual MAC address, instead of the preassigned MAC address (on Ethernet and FDDI) or the functional address (on Token Ring), use the standby use-bia command in interface configuration mode. To restore the default virtual MAC address, use the no form of this command.
standby use-bia [scope interface]
no standby use-bia
Syntax Description
scope interface
(Optional) Specifies that this command is configured just for the subinterface on which it was entered, instead of the major interface.
Command Default
HSRP uses the preassigned MAC address on Ethernet and FDDI, or the functional address on Token Ring.
Command Modes
Interface configuration (config-if)
Command History
Usage Guidelines
Note
For an interface with this command configured, multiple standby groups can be configured. Hosts on the interface must have a default gateway configured. We recommend that you set the no ip proxy-arp command on the interface. It is desirable to configure the standby use-bia command on a Token Ring interface if there are devices that reject ARP replies with source hardware addresses set to a functional address.
When HSRP runs on a multiple-ring, source-routed bridging environment and the HRSP routers reside on different rings, configuring the standby use-bia command can prevent confusion about the routing information field.
Without the scope interface keywords, the standby use-bia command applies to all subinterfaces on the major interface. The standby use-bia command may not be configured both with and without the scope interface keywords at the same time.
Note
Examples
In the following example, the burned-in address of Token Ring interface 4/0 will be the virtual MAC address mapped to the virtual IP address:
Router(config)# interface token4/0Router(config-if)# standby use-biasubscriber redundancy
To configure broadband subscriber session redundancy policy for synchronization between high availability (HA) active and standby processors, use the subscriber redundancy command in global configuration mode. To delete the policy, use the no form of this command.
subscriber redundancy [{bulk dynamic} limit cpu percentage delay seconds allow value] [delay seconds] [rate sessions seconds]
no subscriber redundancy
Syntax Description
Command Default
Subscriber redundancy policy applies default values.
Command Modes
Global configuration
Command History
12.2(31)SB2
This command was introduced.
12.2(33)SRC
This command was integrated into Cisco IOS Release 12.2(33)SRC.
Usage Guidelines
Cisco IOS HA functionality for broadband protocols and applications allows for stateful switchover (SSO) and in service software upgrade (ISSU) features that minimize planned and unplanned downtime and failures. HA uses the CCM to manage the capability to synchronize subscriber session initiation on the standby processor of a redundant processor system. Use the subscriber redundancy bulk command to create and modify redundancy policy used during bulk (startup) synchronization. Use the subscriber redundancy dynamic command to tune subscriber redundancy policies that throttle dynamic synchronization by monitoring CPU usage and synchronization rates. Use the subscriber redundancy delay command to establish session duration minimums for synchronization and manage dynamic synchronizing of short duration calls. Use the subscriber redundancy rate command to throttle the number of sessions to be synchronized per period.
Examples
The following example configures a 10 second delay when CPU usage exceeds 90 percent during bulk synchronization, after which 25 sessions will be synchronized before the CCM again checks CPU usage:
Router(config)# subscriber redundancy bulk limit cpu 90 delay 10 allow 25The following example configures a minimum session duration of 15 seconds before dynamic synchronization to the standby processor:
Router(config)# subscriber redundancy dynamic 15The following example configures 2000 sessions to be synchronized per second during bulk and dynamic synchronization:
Router(config)# subscriber redundancy rate 2000 1Related Commands
subscribe-to-alert-group
To subscribe a destination profile to an alert group, use the subscribe-to-alert-group command in destination profile configuration mode. To unsubscribe from an alert group or all alert groups, use the no form of this command.
subscribe-to-alert-group {all | configuration [periodic {daily hh:mm | monthly day hh:mm | weekly day hh:mm}] | diagnostic [severity level] | environment | inventory | syslog}
Syntax Description
Command Default
Destination profiles are not subscribed to alert groups by default.
Command Modes
Destination profile configuration
Command History
Usage Guidelines
The valid values for the level argument are as follows:
•
•
•
•
•
•
•
•
•
•
Selecting the lowest severity level includes all higher severity events. The types of severity levels are as follows:
•
•
•
•
•
•
•
•
•
•
Examples
The following examples shows how to subscribe to all alert groups:
subscribe-to-alert-group alltime-period
To set the time increment for automatically saving an archive file of the current running configuration in the Cisco IOS configuration archive, use the time-period command in archive configuration mode. To disable this function, use the no form of this command.
time-period minutes
no time-period minutes
Syntax Description
minutes
Specifies how often, in minutes, to automatically save an archive file of the current running configuration in the Cisco IOS configuration archive.
Command Default
By default, no time increment is set.
Command Modes
Archive configuration (config-archive)
Command History
Usage Guidelines
Note
If this command is configured, an archive file of the current running configuration is automatically saved after the given time specified by the minutes argument. Archive files continue to be automatically saved at this given time increment until this function is disabled. Use the maximum command to set the maximum number of archive files of the running configuration to be saved.
Note
Examples
In the following example, a value of 20 minutes is set as the time increment for which to automatically save an archive file of the current running configuration in the Cisco IOS configuration archive:
Router# configure terminal!Router(config)# archiveRouter(config-archive)# path disk0:myconfigRouter(config-archive)# time-period 20Router(config-archive)# endRelated Commands
timers graceful-restart purge-time
To set the route-hold timer to determine how long a nonstop forwarding (NSF)-aware router that is running Enhanced Interior Gateway Routing Protocol (EIGRP) will hold routes for an inactive peer, use the timers graceful-restart purge-time command in router configuration or address-family configuration mode. To return the route-hold timer to the default value, use the no form of this command.
timers graceful-restart purge-time seconds
no timers graceful-restart purge-time
Syntax Description
seconds
Time, in seconds, for which EIGRP will hold routes for an inactive peer. The configurable time range is from 20 to 300 seconds. The default is 240 seconds.
Command Default
EIGRP NSF awareness is enabled by default. The default value for the route-hold timer is 240 seconds.
Command Modes
Router configuration (config-router)
Address-family configuration (config-router-af)Command History
Usage Guidelines
The route-hold timer sets the maximum period of time for which the NSF-aware router will hold known routes for an NSF-capable neighbor during a switchover operation or a well-known failure condition. The route-hold timer is configurable so that you can tune network performance and avoid undesired effects, such as "black holing" routes if the switchover operation takes too much time. When this timer expires, the NSF-aware router scans the topology table and discards any stale routes, allowing EIGRP peers to find alternate routes instead of waiting during a long switchover operation.
Examples
The following configuration example sets the route-hold timer value for an NSF-aware address family. In the example, the route-hold timer is set to 1 minute:
Router(config)# router eigrp virtual-nameRouter(config-router)# address-family ipv4 autonomous-system 1Router(config-router-af)# timers graceful-restart purge-time 60Related Commands
timers nsf converge
To adjust the maximum time that a restarting router will wait for the end of table (EOT) notification from a nonstop forwarding (NSF)-capable or NSF-aware peer, use the timers nsf converge command in router configuration mode or address-family configuration mode. To return the signal timer to the default value, use the no form of this command.
timers nsf converge seconds
no timers nsf converge
Syntax Description
seconds
Time, in seconds, for which a restarting router will wait for an EOT notification. Valid range is 60 to 180 seconds. The default is 120 seconds.
Command Default
Enhanced Interior Gateway Routing Protocol (EIGRP) NSF awareness is enabled by default. EIGRP NSF awareness uses 120 seconds as the default value if this command is not configured or if the no form of this command is entered.
Command Modes
Router configuration (config-router)
Address-family configuration (config-router-af)Command History
Usage Guidelines
This command is entered only on an NSF-capable router. The converge timer is be used to wait for the last EOT update if all startup updates have not been received within the signal timer period. If an EIGRP process discovers no neighbor, or if it has received all startup updates from its neighbor within the signal timer period, the converge timer will not be started.
Examples
The following configuration example adjusts the converge timer on an NSF-capable router. In the example, the converge timer is set to 1 minute:
Router(config-router)# timers nsf converge 60The following EIGRP named configuration example adjusts the converge timer on an NSF-capable router. In the example, the converge timer is set to 1 minute:
Router(config)# router eigrp virtual-nameRouter(config-router)# address-family ipv4 autonomous-system 1Router(config-router-af)# timers nsf converge 60Related Commands
timers nsf route-hold
Note
To set the route-hold timer to determine how long a nonstop forwarding (NSF)-aware router that is running Enhanced Interior Gateway Routing Protocol (EIGRP) will hold routes for an inactive peer, use the timers nsf route-hold command in router configuration mode. To return the route-hold timer to the default value, use the no form of this command.
timers nsf route-hold seconds
no timers nsf route-hold
Syntax Description
seconds
Time, in seconds, for which EIGRP will hold routes for an inactive peer. Valid range is 20 to 300 seconds. The default is 240 seconds.
Command Default
EIGRP NSF awareness is enabled by default. The default value for the route-hold timer is 240 seconds.
Command Modes
Router configuration (config-router)
Command History
Usage Guidelines
The route-hold timer sets the maximum period of time that the NSF-aware router will hold known routes for an NSF-capable neighbor during a switchover operation or a well-known failure condition. The route-hold timer is configurable so that you can tune network performance and avoid undesired effects, such as "black holing" routes if the switchover operation takes too much time. When this timer expires, the NSF-aware router scans the topology table and discards any stale routes, allowing EIGRP peers to find alternate routes instead of waiting during a long switchover operation.
Examples
The following configuration example sets the route-hold timer value for an NSF-aware router. In the example, the route-hold timer is set to 2 minutes:
Router(config-router)# timers nsf route-hold 120Related Commands
timers nsf signal
To adjust the maximum time for the initial signal timer restart period, use the timers nsf signal command in router configuration mode or address-family configuration mode. To return the signal timer to the default value, use the no form of this command.
timers nsf signal seconds
no timers nsf signal
Syntax Description
seconds
Time, in seconds, for which Enhanced Interior Gateway Routing Protocol (EIGRP) will hold routes for an inactive peer. Valid range is 10 to 30 seconds. The default is 20 seconds.
Command Default
EIGRP NSF awareness is enabled by default. EIGRP NSF awareness uses 20 seconds as the default value if this command is not configured or if the no form of this command is entered.
Command Modes
Router configuration (config-router)
Address-family configuration (config-router-af)Command History
Usage Guidelines
This command is entered only on a nonstop forwarding (NSF)-capable router. The EIGRP process starts a signal timer when it is notified of a switchover event. Hello packets with the RS bit set are sent during this period.
The converge timer is used to wait for the last end of table (EOT) update if all startup updates have not been received within the signal timer period. If an EIGRP process discovers no neighbor, or if it has received all startup updates from its neighbor within the signal timer period, the converge timer will not be started.
Examples
The following configuration example adjusts the signal timer value on an NSF-capable router. In the example, the signal timer is set to 30 seconds:
Router(config-router)# timers nsf signal 30The following EIGRP named configuration example adjusts the signal timer value on an NSF-capable router. In the example, the signal timer is set to 30 seconds:
Router(config)# router eigrp virtual-nameRouter(config-router)# address-family ipv4 autonomous-system 1Router(config-router-af)# timers nsf signal 30Related Commands
track
To configure an interface to be tracked where the Gateway Load Balancing Protocol (GLBP) weighting changes based on the state of the interface, use the track command in global configuration mode. To remove the tracking, use the no form of this command.
track object-number interface type number {line-protocol | ip routing}
no track object-number interface type number {line-protocol | ip routing}
Syntax Description
Command Default
The state of the interfaces is not tracked.
Command Modes
Global configuration (config)
Command History
Usage Guidelines
Use the track command in conjunction with the glbp weighting and glbp weighting track commands to configure parameters for an interface to be tracked. If a tracked interface on a GLBP router goes down, the weighting for that router is reduced. If the weighting falls below a specified minimum, the router will lose its ability to act as an active GLBP virtual forwarder.
Examples
In the following example, Fast Ethernet interface 0/0 tracks whether serial interfaces 2/0 and 3/0 are up. If either serial interface goes down, the GLBP weighting is reduced by the default value of 10. If both serial interfaces go down, the GLBP weighting will fall below the lower threshold and the router will no longer be an active forwarder. To resume its role as an active forwarder, the router must have both tracked interfaces back up, and the weighting must rise above the upper threshold.
track 1 interface serial 2/0 line-protocoltrack 2 interface serial 3/0 line-protocolinterface FastEthernet 0/0ip address 10.21.8.32 255.255.255.0glbp 10 weighting 110 lower 95 upper 105glbp 10 weighting track 1glbp 10 weighting track 2In the following example, Fast Ethernet interface 0/0 tracks whether serial interface 2/0 is enabled for IP routing, whether it is configured with an IP address, and whether the state of the interface is up. If serial interface 2/0 goes down, the GLBP weighting is reduced by a value of 20.
track 2 interface serial 2/0 ip routinginterface FastEthernet 0/0ip address 10.21.8.32 255.255.255.0glbp 10 weighting 110 lower 95 upper 105glbp 10 weighting track 2 decrement 20Related Commands
glbp weighting
Specifies the initial weighting value of a GLBP gateway.
glbp weighting track
Specifies an object to be tracked that affects the weighting of a GLBP gateway.
tunnel mpls traffic-eng backup-bw
To specify what types of label-switched paths (LSPs) can use a backup tunnel or whether the backup tunnel should provide bandwidth protection, and if so, how much, use the tunnel mpls traffic-eng backup-bw command in interface configuration mode.
tunnel mpls traffic-eng backup-bw {kbps | [sub-pool {kbps | Unlimited}] [global-pool {kbps | Unlimited}]} {kbps | [class-type {kbps | Unlimited}]
Syntax Description
