Table Of Contents

show crypto isakmp policy

show crypto isakmp profile

show crypto map (IPsec)

show crypto session

show crypto socket

show dial-peer voice

show dmvpn

show eigrp address-family accounting

show eigrp address-family events

show eigrp address-family interfaces

show eigrp address-family neighbors

show eigrp address-family timers

show eigrp address-family topology

show eigrp address-family traffic

show erm statistics

show fm ipv6 traffic-filter

show frame-relay lmi

show frame-relay map

show frame-relay multilink

show frame-relay pvc

show glbp

show interfaces accounting

show ip sockets

show ipv6 access-list

show ipv6 cef

show ipv6 cef adjacency

show ipv6 cef non-recursive

show ipv6 cef platform

show ipv6 cef summary

show ipv6 cef switching statistics

show ipv6 cef traffic prefix-length

show ipv6 cef tree

show ipv6 cef unresolved

show ipv6 cef vrf

show ipv6 cef with epoch

show ipv6 cef with source

show ipv6 cga address-db

show ipv6 cga modifier-db

show ipv6 dhcp

show ipv6 dhcp binding

show ipv6 dhcp conflict

show ipv6 dhcp database

show ipv6 dhcp interface

show ipv6 dhcp pool

show ipv6 eigrp interfaces

show ipv6 eigrp neighbors

show crypto isakmp policy

To display the parameters for each Internet Key Exchange (IKE) policy, use the show crypto isakmp policy command in privileged EXEC mode.

show crypto isakmp policy

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History

Release	Modification
11.3T	This command was introduced.
12.2(13)T	The command output was expanded to include a warning message for users who try to configure an IKE encryption method that the hardware does not support.
12.4(4)T	Support for IPv6 was added.
12.2(33)SRA	This command was integrated into Cisco IOS Release 12.(33)SRA.
12.2SX	This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
12.4(20)T	The command output was expanded to include default IKE policies.
Cisco IOS XE Release 2.4	This command was implemented on the Cisco ASR 1000 series routers.

Usage Guidelines

There are eight default IKE default policies supported with protection suites of priorities 65507-65514, where 65507 is the highest priority and 65514 is the lowest priority. If you have neither manually configured IKE policies with the crypto isakmp policy command nor disabled the default IKE policies by issuing the no crypto isakmp default policy command, the default IKE policies will be displayed when the show crypto isakmp policy command is issued.

Examples

The following is sample output from the show crypto isakmp policy command, after two IKE policies have been configured (with priorities 15 and 20, respectively):

Router# show crypto isakmp policy

Protection suite priority 15

        encryption algorithm:    DES - Data Encryption Standard (56 bit keys)

        hash algorithm:  Message Digest 5

        authentication method:   Rivest-Shamir-Adleman Signature

        Diffie-Hellman Group:    #2 (1024 bit)

        lifetime:      5000 seconds, no volume limit

Protection suite priority 20

        encryption algorithm:    DES - Data Encryption Standard (56 bit keys)

        hash algorithm: Secure Hash Standard

        authentication method:   preshared Key

        Diffie-Hellman Group:    #1 (768 bit)

        lifetime:      10000 seconds, no volume limit

Default protection suite

        encryption algorithm:    DES - Data Encryption Standard (56 bit keys)

        hash algorithm: Secure Hash Standard

        authentication method:   Rivest-Shamir-Adleman Signature

        Diffie-Hellman Group:    #1 (768 bit)

        lifetime:      86400 seconds, no volume limit

---

Note Although the output shows "no volume limit" for the lifetimes, you can currently configure only a time lifetime (such as 86,400 seconds); volume limit lifetimes are not used.

---

The following sample output from the show crypto isakmp policy command displays a warning message after a user tries to configure an IKE encryption method that the hardware does not support:

Router# show crypto isakmp policy

Protection suite of priority 1

        encryption algorithm:  AES - Advanced Encryption Standard (256 bit keys).

WARNING:encryption hardware does not support the configured

encryption method for ISAKMP policy 1

        hash algorithm:        Secure Hash Standard

        authentication method: Pre-Shared Key

        Diffie-Hellman group:  #1 (768 bit)

        lifetime:              3600 seconds, no volume limit

The following sample output from the show crypto isakmp policy command displays the default IKE policies. The manually configured IKE policies with priorities 10 and 20 have been removed.

Router(config)# no crypto isakmp policy 10

Router(config)# no crypto isakmp policy 20

Router(config)# exit

R1# show crypto isakmp policy

Default IKE policy

Protection suite of priority 65507

        encryption algorithm:   AES - Advanced Encryption Standard (128 bit key.

        hash algorithm:         Secure Hash Standard

        authentication method:  Rivest-Shamir-Adleman Signature

        Diffie-Hellman group:   #5 (1536 bit)

        lifetime:               86400 seconds, no volume limit

Protection suite of priority 65508

        encryption algorithm:   AES - Advanced Encryption Standard (128 bit key.

        hash algorithm:         Secure Hash Standard

        authentication method:  Pre-Shared Key

        Diffie-Hellman group:   #5 (1536 bit)

        lifetime:               86400 seconds, no volume limit

Protection suite of priority 65509

        encryption algorithm:   AES - Advanced Encryption Standard (128 bit key.

        hash algorithm:         Message Digest 5

        authentication method:  Rivest-Shamir-Adleman Signature

        Diffie-Hellman group:   #5 (1536 bit)

        lifetime:               86400 seconds, no volume limit

Protection suite of priority 65510

        encryption algorithm:   AES - Advanced Encryption Standard (128 bit key.

        hash algorithm:         Message Digest 5

        authentication method:  Pre-Shared Key

        Diffie-Hellman group:   #5 (1536 bit)

        lifetime:               86400 seconds, no volume limit

Protection suite of priority 65511

        encryption algorithm:   Three key triple DES

        hash algorithm:         Secure Hash Standard

        authentication method:  Rivest-Shamir-Adleman Signature

        Diffie-Hellman group:   #2 (1024 bit)

        lifetime:               86400 seconds, no volume limit

Protection suite of priority 65512

        encryption algorithm:   Three key triple DES

        hash algorithm:         Secure Hash Standard

        authentication method:  Pre-Shared Key

        Diffie-Hellman group:   #2 (1024 bit)

        lifetime:               86400 seconds, no volume limit

Protection suite of priority 65513

        encryption algorithm:   Three key triple DES

        hash algorithm:         Message Digest 5

        authentication method:  Rivest-Shamir-Adleman Signature

        Diffie-Hellman group:   #2 (1024 bit)

        lifetime:               86400 seconds, no volume limit

Protection suite of priority 65514

        encryption algorithm:   Three key triple DES

        hash algorithm:         Message Digest 5

        authentication method:  Pre-Shared Key

        Diffie-Hellman group:   #2 (1024 bit)

        lifetime:               86400 seconds, no volume limit

The field descriptions in the display are self-explanatory.

Related Commands

Command	Description
authentication (IKE policy)	Specifies the authentication method within an IKE policy.
crypto isakmp policy	Defines an IKE policy.
encryption (IKE policy)	Specifies the encryption algorithm within an IKE policy.
group (IKE policy)	Specifies the DH group identifier within an IKE policy.
hash (IKE policy)	Specifies the hash algorithm within an IKE policy.
lifetime (IKE policy)	Specifies the lifetime of an IKE SA.
show crypto isakmp default policy	Displays the default IKE policies.

show crypto isakmp profile

To list all the Internet Security Association and Key Management Protocol (ISAKMP) profiles that are defined on a router, use the show crypto isakmp profile command in privileged EXEC mode.

show crypto isakmp profile [tag profilename | vrf vrfname]

Syntax Description

tag profilename	(Optional) Displays ISAKMP profile details specified by the profile name.
vrf vrfname	(Optional) Displays ISAKMP profile details specified by the VPN routing/forwarding instance (VRF) name.

Command Modes

Privileged EXEC

Command History

Release	Modification
12.2(15)T	This command was introduced.
12.4(4)T	IPv6 support was added.
12.4(11)T	The tag profilename and vrf vrfname keywords and arguments were added.
Cisco IOS XE Release 2.1	This command was introduced on Cisco ASR 1000 Series Routers.

Examples

The following is sample output from the show crypto isakmp profile command:

Router# show crypto isakmp profile

ISAKMP PROFILE vpn1-ra

   Identities matched are:

group vpn1-ra

   Identity presented is: ip-address

The following sample output shows information for an IPv6 router:

Router# show crypto isakmp profile

ISAKMP PROFILE tom

Identities matched are:

ipv6-address 2001:0DB8:0:1::1/32 

Certificate maps matched are:

Identity presented is: ipv6-address fqdn

keyring(s): <none>

trustpoint(s): <all>

Table 104 describes the significant fields shown in the display.

Table 104 show crypto isakmp profile Field Descriptions

Field	Description
ISAKMP PROFILE	Name of the ISAKMP profile.
Identities matched are:	Lists all identities that the ISAKMP profile will match.
Identity presented is:	The identity that the ISAKMP profile will present to the remote endpoint.

The following configuration was in effect when the preceding show crypto isakmp profile command was issued:

crypto isakmp profile vpn1-ra

 vrf vpn1

 self-identity address

 match identity group vpn1-ra

 client authentication list aaa-list

 isakmp authorization list aaa

 client configuration address initiate

 client configuration address respond

Related Commands

Command	Description
show crypto isakmp key	Lists the keyrings and their preshared keys.

show crypto map (IPsec)

To display the crypto map configuration, use the show crypto map command in user EXEC or privileged EXEC mode.

show crypto map [gdoi fail-close | interface interface | tag map-name]

Syntax Description

gdoi fail-close	(Optional) Displays information about the status of the fail-close mode.
interface interface	(Optional) Displays only the crypto map set that is applied to the specified interface.
tag map-name	(Optional) Displays only the crypto map set that is specified.

Command Default

No crypto maps are shown.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History

Release	Modification
11.2	This command was introduced.
12.3(8)T	Output has been modified to display the crypto input and output access control lists (ACLs) that have been configured.
12.4(4)T	IPv6 address information was added to command output.
12.2(33)SRA	This command was integrated into Cisco IOS Release 12.(33)SRA.
12.2SX	This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
12.4(20)T	Default transform set information was added to command output.
12.4(22)T	The gdoi fail-close keyword was added.
Cisco IOS XE Release 2.3	This command was implemented on the Cisco ASR 1000 series routers.

Usage Guidelines

The show crypto map command allows you to specify a particular crypto map. The crypto maps shown in the command output have been dynamically generated; the user does not have to configure crypto maps in order for them to appear in this command output.

There are two default transform sets supported in Cisco IOS k9 images only:

•Esp-aes esp-sha-hmac

•Esp-3des esp-sha-hmac

The show crypto map command will display the default transform sets if there are no other transform sets configured for the crypto map, you have not disabled the default transform sets by issuing the no crypto ipsec default transform-set command, and the crypto engine supports the encryption algorithm.

Examples

The following example shows that crypto input and output ACLs have been configured:

Router# show crypto map

Crypto Map "test" 10 ipsec-isakmp

 Peer

 Extended IP access list ipsec_acl 

  access-list ipsec_acl permit ip 192.168.2.0 0.0.0.255 192.168.102.0 0.0.0.255 

 Extended IP access check IN list 110 

  access-list 110 permit ip host 192.168.102.47 192.168.2.0 10.0.0.15

  access-list 110 permit ip host 192.168.102.47 192.168.2.32 10.0.0.15

  access-list 110 permit ip host 192.168.102.47 192.168.2.64 10.0.0.15

  access-list 110 permit ip host 192.168.102.57 192.168.2.0 10.0.0.15

  access-list 110 permit ip host 192.168.102.57 192.168.2.32 10.0.0.15

  access-list 110 permit ip host 192.168.102.57 192.168.2.64 10.0.0.15

 Extended IP access check OUT list 120

  access-list 120 permit ip 192.168.2.0 10.0.0.15 host 192.168.102.47 

  access-list 120 permit ip 192.168.2.32 10.0.0.15 host 192.168.102.47

  access-list 120 permit ip 192.168.2.64 10.0.0.15 host 192.168.102.47

  access-list 120 permit ip 192.168.2.0 10.0.0.15 host 192.168.102.57

  access-list 120 permit ip 192.168.2.32 10.0.0.15 host 192.168.102.57

  access-list 120 permit ip 192.168.2.64 10.0.0.15 host 192.168.102.57

 Current peer: 10.0.0.2 

 Security association lifetime: 4608000 kilobytes/3600 seconds 

 PFS (Y/N): N 

 Transform sets=test

 Interfaces using crypto map test: 

  Serial0/1

Table 105 describes the output in the display.

Table 105 show crypto map Field Descriptions 

Field	Description
Peer	Possible peers that are configured for this crypto map entry.
Extended IP access list	Access list that is used to define which data packets are to be encrypted. Packets that are denied by this access list are forwarded but not encrypted. The "reverse" of this access list is used to check the inbound return packets, which are also encrypted. Packets that are denied by the "reverse" access list are dropped because they should have been encrypted but were not.
Extended IP access check	Access lists that are used to more finely control which data packets are allowed into or out of the IPsec tunnel. Packets that are allowed by the "Extended IP access list" ACL but denied by the "Extended IP access list check" ACL are dropped.
Current peer	Current peer that is being used for this crypto map entry.
Security association lifetime	Number of bytes that are allowed to be encrypted or decrypted or the age of the security association before new encryption keys must be negotiated.
PFS	(Perfect Forward Secrecy) If "Yes," the Internet Security Association and Key Management Protocol (ISAKMP) SKEYID-d key is also renegotiated each time IPSec security association (SA) encryption keys are renegotiated (requires another Diffie-Hillman calculation). Otherwise, the same ISAKMP SKEYID-d key is used when renegotiating IPSec SA encryption keys. ISAKMP keys are renegotiated on a separate schedule, with a default time of 24 hours.
Transform sets	List of transform sets (encryption, authentication, and compression algorithms) that can be used with this crypto map.
Interfaces using crypto map test	Interfaces to which this crypto map is applied. Packets that are leaving from this interface are subject to the rules of this crypto map for encryption. Encrypted packets may enter the router on any interface, and they will be decrypted. Nonencrypted packets that are entering the router through this interface are subject to the "reverse" crypto access list check.

The following example displays the output of the show crypto map command. There are no transform sets configured for the crypto map "mymap", the default transform sets are enabled, and the crypto engine supports the encryption algorithm.

Router# show crypto map 

Crypto Map "mymap" 1 ipsec-isakmp

        Peer = 10.1.1.1

        Extended IP access list 102

            access-list 102 permit ip 192.168.1.0 0.0.0.255 10.0.0.0 0.0.255.255

        Security association lifetime: 4608000 kilobytes/3600 seconds

        PFS (Y/N): N

        Transform sets={ 

                #$!default_transform_set_1:  { esp-aes esp-sha-hmac  } , 

                #$!default_transform_set_0:  { esp-3des esp-sha-hmac  } , 

        }

        Reverse Route Injection Enabled

        Interfaces using crypto map mymap:

The following example displays the output of the show crypto map command. There are no transform sets configured for the crypto map "mymap" and the default transform sets have been disabled.

Router(config)# no crypto ipsec default transform-set

Router(config)# exit

Router# configure terminal

Router# show crypto map 

Crypto Map "mymap" 1 ipsec-isakmp

        Peer = 10.1.1.1

        Extended IP access list 102

            access-list 102 permit ip 192.168.1.0 0.0.0.255 10.0.0.0 0.0.255.255

        Security association lifetime: 4608000 kilobytes/3600 seconds

        PFS (Y/N): N

        Transform sets={ 

        }

! There are no transform sets for the crypto map "mymap."

        Reverse Route Injection Enabled

        Interfaces using crypto map mymap:

The following example displays output for the show crypto map command and gdoi fail-close keyword (show crypto map gdoi fail-close). Fail-close has been activated. In addition, an implicit "permit ip any any" entry is configured, causing any traffic other than Telnet and Open Shortest Path First (OSPF) to be dropped:

Router# show crypto map gdoi fail-close

Crypto Map: "svn" 

        Activate: yes

        Fail-Close Access-List: (Deny = Forward In Clear, Permit = Drop)

            access-list 105 deny tcp any port = 23 any

            access-list 105 deny ospf any any

Related Commands

Command	Description
show crypto ipsec default transform-set	Displays the default IPsec transform sets.
show crypto ipsec transform-set	Displays the configured transform sets.

show crypto session

To display status information for active crypto sessions, use the show crypto session command in privileged EXEC mode.

show crypto session [[brief | detail] [local ip-address [port local-port] [remote ip-address]] [remote ip-address [port remote-port]] | [fvrf fvrf-name] [ivrf ivrf-name] |
[interface interface-type] | [isakmp group group-name] | [ isakmp profile profile-name] | [username username]] | [groups] | [summary group-name]

IPsec and IKE Stateful Failover Syntax

show crypto session [active | standby]

Syntax Description

brief	(Optional) Provides brief information about the session, such as the peer IP address, interface, username, group name/phase1 ID, length of session uptime, and current session status (up/down).
detail	(Optional) Provides more detailed information about the session, such as the capability of the Internet Key Exchange (IKE) security association (SA), connection ID, remaining lifetime of the IKE SA, inbound or outbound encrypted or decrypted packet number of the IP security (IPsec) flow, dropped packet number, and kilobyte-per-second lifetime of the IPsec SA.
local ip-address	(Optional) Displays status information about crypto sessions of a local crypto endpoint. •The ip-address value is the IP address of the local crypto endpoint.
port local-port	(Optional) Port of the local crypto endpoint. •The local-port value can be 1 through 65535. The default value is 500.
remote ip-address	(Optional) Displays status information about crypto sessions of a remote session. •The ip-address value is the IP address of the remote crypto endpoint.
port remote-port	(Optional) Displays status information about crypto sessions of a remote crypto endpoint. •The remote-port value can be 1 through 65535. The default value is 500.
fvrf fvrf-name	(Optional) Displays status information about the front door virtual routing and forwarding (FVRF) session. •The fvrf-name value is the name of the (FVRF) session.
ivrf ivrf-name	(Optional) Displays status information about the inside VRF (IVRF) session. •The ivrf-name value is the name of the (IVRF) session.
interface interface-type	(Optional) Displays crypto sessions on the connected interface. •The interface-type value is the type of interface connection.
isakmp group group-name	(Optional) Displays crypto sessions using the Internet Security Association and Key Management Protocol (ISAKMP) group. •The group-name value is the name of the group.
isakmp profile profile-name	(Optional) Displays crypto sessions using the Internet Security Association and Key Management Protocol (ISAKMP) profile. The profile-name value is the name of the profile.
username username	(Optional) Displays the crypto session for the specified AAA Authentication (Xauth) or public key infrastructure (PKI) and authentication, authorization, and accounting (AAA) username.
groups	(Optional) Displays all crypto session group usage.
summary	(Optional) Displays a list of crypto session groups and associated group members.
active	(Optional) Displays all crypto sessions in the active state.
standby	(Optional) Displays all crypto sessions that are in the standby state.

Command Default

All existing sessions will be displayed.

Command Modes

Privileged EXEC (#)

Command History

Release	Modification
12.3(4)T	This command was introduced.
12.2(18)SXD	This command was integrated into Cisco IOS Release 12.2(18)SXD.
12.3(11)T	The active and standby keywords were added.
12.4(4)T	IPv6 address information was added to command output.
12.2(33)SRA	This command was integrated into Cisco IOS release 12.(33)SRA.
12.4(11)T	The brief, groups, interface interface-type, isakmp group group-name, isakmp profile profile-name, summary, and username username keywords and arguments were added. The show crypto session output has been updated to include username, isakmp profile, isakmp group, assigned address, and session uptime.
Cisco IOS XE Release 2.1	This command was introduced on Cisco ASR 1000 Series Routers.

Usage Guidelines

You can get a list of all the active Virtual Private Network (VPN) sessions and of the IKE and IPsec SAs for each VPN session by entering the show crypto session command. The listing will include the following information:

•Interface

•IKE peer description, if available

•IKE SAs that are associated with the peer by whom the IPsec SAs are created

•IPsec SAs serving the flows of a session

Multiple IKE or IPsec SAs may be established for the same peer (for the same session), in which case IKE peer descriptions will be repeated with different values for the IKE SAs that are associated with the peer and for the IPsec SAs that are serving the flows of the session.

IPv6 does not support the fvfr or ivrf keywords or the vrf-name argument.

Examples

The following examples shows active VPN sessions:

The following example shows sample output for the show crypto session command.

Router# show crypto session 

Crypto session current status

Interface: Virtual-Access2

Username: cisco

Profile: prof

Group: easy

Assigned address: 10.3.3.4

Session status: UP-ACTIVE     

Peer: 10.1.1.2 port 500 

  IKE SA: local 10.1.1.1/500 remote 10.1.1.2/500 Active 

  IKE SA: local 10.1.1.1/500 remote 10.1.1.2/500 Inactive 

  IPSEC FLOW: permit ip 0.0.0.0/0.0.0.0 host 3.3.3.4 

        Active SAs: 2, origin: crypto map

The following example shows sample output for the show crypto session brief command.

Router# show crypto session brief 

Status: A- Active, U - Up, D - Down, I - Idle, S - Standby, N - Negotiating 

        K - No IKE

ivrf = (none)

           Peer        I/F     Username     Group/Phase1_id    Uptime      Status        

           10.1.1.2    Vi2     cisco        easy               00:50:30    UA

The following example shows sample output for the show crypto session detail command.

Router# show crypto session detail

Crypto session current status 

Code: C - IKE Configuration mode, D - Dead Peer Detection 

K - Keepalives, N - NAT-traversal, X - IKE Extended Authentication 

Interface: Virtual-Access2

Username: cisco

Profile: prof

Group: easy

Assigned address: 10.3.3.4

Uptime: 00:49:33

Session status: UP-ACTIVE 

Peer: 10.1.1.2 port 500 fvrf: (none) ivrf: (none)

Phase1_id: easy

Desc: (none)

IKE SA: local 10.1.1.1/500 remote 10.1.1.2/500 Active 

Capabilities:CX connid:1002 lifetime:23:10:15

IPSEC FLOW: permit ip 10.0.0.0/0.0.0.0 host 10.3.3.4 

Active SAs: 2, origin: crypto map

Inbound: #pkts dec'ed 0 drop 0 life (KB/Sec) 4425776/626

Outbound: #pkts enc'ed 0 drop 0 life (KB/Sec) 4425776/626

Table 106 describes the significant fields shown in the display.

Table 106 show crypto session Field Descriptions 

Field	Description
Interface	Interface to which the crypto session is related.
Session status	Current status of the crypto (VPN) sessions. See Table 107 for the status of the IKE SA, IPsec SA, and tunnel as shown in the display.
IKE SA	Information is provided about the IKE SA, such as local and remote address and port, SA status, SA capabilities, crypto engine connection ID, and remaining lifetime of the IKE SA.
IPSEC FLOW	A snapshot of information about the IPsec-protected traffic flow, such as what the flow is (for example, permit ip host 10.1.1.5 host 10.1.2.5); how many IPsec SAs there are; the origin of the SA, such as manual keyed, dynamic, or static crypto map; the number of encrypted or decrypted packets or dropped packets; and the IPsec SA remaining lifetime in kilobytes per second.

Table 107 provides an explanation of the current status of the VPN sessions shown in the display.

Table 107 Current Status of the VPN Sessions

IKE SA	IPsec SA	Tunnel Status
Exist, active	Exist (flow exists)	UP-ACTIVE
Exist, active	None (flow exists)	UP-IDLE
Exist, active	None (no flow)	UP-IDLE
Exist, inactive	Exist (flow exists)	UP-NO-IKE
Exist, inactive	None (flow exists)	DOWN-NEGOTIATING
Exist, inactive	None (no flow)	DOWN-NEGOTIATING
None	Exist (flow exists)	UP-NO-IKE
None	None (flow exists)	DOWN
None	None (no flow)	DOWN

---

Note IPsec flow may not exist if a dynamic crypto map is being used.

---

The following sample output shows all crypto sessions that are in the standby state:

Router# show crypto session standby

Crypto session current status

Interface: Ethernet0/0

Session status: UP-STANDBY    

Peer: 10.165.200.225 port 500 

  IKE SA: local 10.165.201.3/500 remote 10.165.200.225/500 Active 

  IKE SA: local 10.165.201.3/500 remote 10.165.200.225/500 Active 

  IPSEC FLOW: permit ip host 192.168.0.1 host 172.16.0.1 

        Active SAs: 4, origin: crypto map

Related Commands

Command	Description
clear crypto session	Deletes crypto sessions (IPsec and IKE SAs).
description	Adds a description for an IKE peer.
show crypto isakmp peer	Displays peer descriptions.

show crypto socket

To list crypto sockets, use the show crypto socket command in privileged EXEC mode.

show crypto socket

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Command History

Release	Modification
12.2(11)T	This command was introduced.
12.2(18)SXE	This command was integrated into Cisco IOS Release 12.2(18)SXE.
12.4(5)	The Flags field was added to command output.
12.2(33)SRA	This command was integrated into Cisco IOS release 12.(33)SRA.
Cisco IOS XE Release 2.1	This command was introduced on Cisco ASR 1000 Series Routers.

Usage Guidelines

Use this command to list crypto sockets and the state of the sockets.

Examples

The following sample output shows the number of crypto socket connections (2) and its state:

Router# show crypto socket

Number of Crypto Socket connections 2

   Tu0 Peers (local/remote): 192.168.2.2/192.168.1.1 

       Local Ident  (addr/mask/port/prot): (192.168.2.2/255.255.255.255/0/47)

       Remote Ident (addr/mask/port/prot): (192.168.1.1/255.255.255.255/0/47)

       Flags: shared

       Socket State: Open

       Client: "TUNNEL SEC" (Client State: Active)

   Tu1 Peers (local/remote): 192.168.2.2/192.168.1.3 

       Local Ident  (addr/mask/port/prot): (192.168.2.2/255.255.255.255/0/47)

       Remote Ident (addr/mask/port/prot): (192.168.1.3/255.255.255.255/0/47)

       Flags: shared

       Socket State: Open

       Client: "TUNNEL SEC" (Client State: Active)

Crypto Sockets in Listen state:

Client: "TUNNEL SEC" Profile: "dmvpn-profile" Map-name: "dmvpn-profile-head-2"

Significant fields are described in Table 108.

Table 108 show crypto socket Field Descriptions 

Field	Description
Number of Crypto Socket connections	Number of crypto sockets in the system.
Socket State	This state can be Open, which means that active IPSec security associations (SAs) exist, or it can be Closed, which means that no active IPSec SAs exist.
Client	Application name and its state.
Crypto Sockets in Listen state	Name of the crypto IPSec profile.
Flags	If this field says "shared," the socket is shared with more than one tunnel interface.

show dial-peer voice

To display information for voice dial peers, use the show dial-peer voice command in user EXEC or privileged EXEC mode.

show dial-peer voice [number | summary]

Syntax Description

number	(Optional) A specific voice dial peer. The output displays detailed information about that dial peer.
summary	(Optional) Displays a short summary of each voice dial peer.

Command Default

If both the number argument and summary keyword are omitted, the output displays detailed information about all voice dial peers.

Command Modes

User EXEC (>)
Privileged EXEC (#)

Command History

Release	Modification
11.3(1)T	This command was introduced.
11.3(1)MA	The summary keyword was added for the Cisco MC3810.
12.0(3)XG	This command was implemented for Voice over Frame Relay (VoFR) on the Cisco 2600 series and Cisco 3600 series.
12.0(4)T	This command was implemented for VoFR on the Cisco 7200 series.
12.1(3)T	This command was implemented for modem pass-through over VoIP on the Cisco AS5300.
12.2(2)XB	This command was modified to support VoiceXML applications.
12.2(4)T	This command was implemented on the Cisco 1750.
12.2(8)T	This command was implemented on the Cisco 1751, Cisco 2600 series, Cisco 3600 series, Cisco 3725, and Cisco 3745.
12.2(2)XN	Support for enhanced Media Gateway Control Protocol (MGCP) voice gateway interoperability was added to Cisco CallManager 3.1 for the Cisco 2600 series, Cisco 3600 series, and Cisco VG200.
12.2(11)T	This command was integrated into Cisco IOS Release 12.2(11)T and Cisco CallManager 3.2 and implemented on the Cisco IAD2420. In addition, the command was enhanced to display configuration information for bandwidth, video codec, and rtp payload-type for H.263+ and H.264 video codec.
12.4(22)T	This command was enhanced to display the current configuration state of the history-info header. Command output was updated to show IPv6 information.
15.0(1)XA	This command was modified. The output was enhanced to show the logical partitioning class of restriction (LPCOR) policy for outgoing calls.

Usage Guidelines

Use this command to display the configuration for all VoIP and POTS dial peers configured for a gateway. To display configuration information for only one specific dial peer, use the number argument. To display summary information for all dial peers, use the summary keyword.

Examples

The following is sample output from the show dial-peer voice command for a POTS dial peer:

Router# show dial-peer voice 100

VoiceEncapPeer3201

peer type = voice, information type = video,

description = `',

tag = 3201, destination-pattern = `86001',

answer-address = `', preference=0,

CLID Restriction = None

CLID Network Number = `'

CLID Second Number sent 

CLID Override RDNIS = disabled,

source carrier-id = `',	target carrier-id = `',

source trunk-group-label = `',	target trunk-group-label = `',

numbering Type = `unknown'

group = 3201, Admin state is up, Operation state is up,

Outbound state is up,

incoming called-number = `', connections/maximum = 0/unlimited,

DTMF Relay = disabled,

URI classes:

	    Destination = 

huntstop = disabled,

in bound application associated: 'DEFAULT'

out bound application associated: ''

dnis-map = 

permission :both

        incoming COR list:maximum capability

outgoing COR list:minimum requirement

Translation profile (Incoming):

Translation profile (Outgoing):

incoming call blocking:

translation-profile = `'

disconnect-cause = `no-service'

advertise 0x40 capacity_update_timer 25 addrFamily 4 oldAddrFamily 4

type = pots, prefix = `',

forward-digits 4

session-target = `', voice-port = `2/0:23',

direct-inward-dial = enabled,

digit_strip = enabled,

register E.164 number with H323 GK and/or SIP Registrar = TRUE

fax rate = system,   payload size =  20 bytes

supported-language = ''

preemption level = `routine'

bandwidth:

	    maximum = 384 KBits/sec, minimum = 64 KBits/sec

voice class called-number:

	    inbound = `', outbound = `1'

Time elapsed since last clearing of voice call statistics never

        Connect Time = 0, Charged Units = 0,

Successful Calls = 0, Failed Calls = 0, Incomplete Calls = 0

Accepted Calls = 0, Refused Calls = 0,

Last Disconnect Cause is "",

Last Disconnect Text is "",

Last Setup Time = 0.

The following is sample output from this command for a VoIP dial peer:

Router# show dial-peer voice 101

VoiceOverIpPeer101

peer type = voice, information type = voice,

description = `',

tag = 6001, destination-pattern = `6001',

voice reg type = 0, corresponding tag = 0,

allow watch = FALSE

answer-address = `', preference=0,

CLID Restriction = None

CLID Network Number = `'

CLID Second Number sent 

CLID Override RDNIS = disabled,

rtp-ssrc mux = system

source carrier-id = `', target carrier-id = `',

source trunk-group-label = `',  target trunk-group-label = `',

numbering Type = `unknown'

group = 6001, Admin state is up, Operation state is up,

incoming called-number = `', connections/maximum = 0/unlimited,

DTMF Relay = disabled,

modem transport = system,

URI classes:

Incoming (Called) = 

Incoming (Calling) = 

Destination = 

huntstop = disabled,

in bound application associated: 'DEFAULT'

out bound application associated: ''

dnis-map = 

permission :both

incoming COR list:maximum capability

outgoing COR list:minimum requirement

outgoing LPCOR: voip_group

Translation profile (Incoming):

Translation profile (Outgoing):

incoming call blocking:

translation-profile = `'

disconnect-cause = `no-service'

advertise 0x40 capacity_update_timer 25 addrFamily 4 oldAddrFamily 4

type = voip, session-target = `ipv4:1.7.50.50',

technology prefix: 

settle-call = disabled

ip media DSCP = ef, ip signaling DSCP = af31,

ip video rsvp-none DSCP = af41,ip video rsvp-pass DSCP = af41

ip video rsvp-fail DSCP = af41,

ip defending Priority = 0, ip preemption priority = 0

ip policy locator voice:

ip policy locator video:

UDP checksum = disabled,

session-protocol = cisco, session-transport = system,

req-qos = best-effort, acc-qos = best-effort,

req-qos video = best-effort, acc-qos video = best-effort,

req-qos audio def bandwidth = 64, req-qos audio max bandwidth = 0,

req-qos video def bandwidth = 384, req-qos video max bandwidth = 0, 

RTP dynamic payload type values: NTE = 101

Cisco: NSE=100, fax=96, fax-ack=97, dtmf=121, fax-relay=122

   CAS=123, ClearChan=125, PCM switch over u-law=0,A-law=8

   h263+=118, h264=119

RTP comfort noise payload type = 19

fax rate = fax,  payload size =  20 bytes

fax protocol = system

fax-relay ecm enable

fax NSF = 0xAD0051 (default)

codec = g711ulaw,   

payload size =  160 bytes,

video codec = h263+

voice class codec = `'

voice class sip rsvp-fail-policy voice post-alert mandatory keep-alive 0

voice class sip rsvp-fail-policy voice post-alert optional keep-alive i0

voice class sip rsvp-fail-policy video post-alert mandatory keep-alive 0

voice class sip rsvp-fail-policy video post-alert optional keep-alive i0

text relay = disabled

Media Setting = flow-through (global)

Expect factor = 10, Icpif = 20,

Playout Mode is set to adaptive,

Initial 60 ms, Max 250 ms

Playout-delay Minimum mode is set to default, value 40 ms 

Fax nominal 300 ms

Max Redirects = 1, signaling-type = cas,

VAD = enabled, Poor QOV Trap = disabled, 

Source Interface = NONE

voice class sip url = system,

voice class sip rel1xx = system,

voice class sip outbound-proxy = system,

voice class sip asserted-id = system,

voice class sip privacy = system,

voice class sip e911 = system,

voice class sip history-info = system,

voice class sip anat = system,

voice class sip g729 annexb-all = system,

voice class sip early-offer forced = system,

voice class sip negotiate cisco = system,

redirect ip2ip = disabled

local peer = false

probe disabled,

Secure RTP: system (use the global setting)

voice class perm tag = `'

Time elapsed since last clearing of voice call statistics never

Connect Time = 0, Charged Units = 0,

Successful Calls = 0, Failed Calls = 0, Incomplete Calls = 0

Accepted Calls = 0, Refused Calls = 0,

Last Disconnect Cause is "",

Last Disconnect Text is "",

Last Setup Time = 0.

Last Disconnect Time = 0.

Table 109 describes the significant fields shown in the displays, in alphabetical order.

Table 109 show dial-peer voice Field Descriptions 

Field	Description
Accepted Calls	Number of calls accepted from this peer since system startup.
acc-qos	Lowest acceptable quality of service configured for calls for this peer.
Admin state	Administrative state of this peer.
answer-address	Answer address configured for this dial peer.
bandwidth maximum/minimum	The maximum and minimum bandwidth, in Kb/s.
Charged Units	Total number of charging units that have applied to this peer since system startup, in hundredths of a second.
CLID Restriction	Indicates if Calling Line ID (CLID) restriction is enabled.
CLID Network Number	Displays the network number sent as CLID, if configured.
CLID Second Number sent	Displays whether a second calling number is stripped from the call setup.
CLID Override RDNIS	Indicates whether the CLID is overridden by the redirecting number.
codec	Default voice codec rate of speech.
Connect Time	Accumulated connect time to the peer since system startup for both incoming and outgoing calls, in hundredths of a second.
connections/maximum	Indicates the maximum number of call connections per peer.
Destination	Indicates the voice class that is used to match the destination URL.
destination-pattern	Destination pattern (telephone number) for this peer.
digit_strip	Indicates if digit stripping is enabled.
direct-inward-dial	Indicates if direct inward dial is enabled.
disconnect-cause	Indicates the disconnect cause code to be used when an incoming call is blocked.
dnis-map	Name of the dialed-number identification service (DNIS) map.
DTMF Relay	Indicates if dual-tone multifrequency (DTMF) relay is enabled.
Expect factor	User-requested expectation factor of voice quality for calls through this peer.
Failed Calls	Number of failed call attempts to this peer since system startup.
fax rate	Fax transmission rate configured for this peer.
forward-digits	Indicates the destination digits to be forwarded of this peer.
group	Group number associated with this peer.
huntstop	Indicates whether dial-peer hunting is turned on, by the huntstop command, for this dial peer.
Icpif	Configured Impairment/Calculated Planning Impairment Factor (ICPIF) value for calls sent by a dial peer.
in bound application associated	Interactive voice response (IVR) application that is configured to handle inbound calls to this dial peer.
incall-number	Full E.164 telephone number to be used to identify the dial peer.
incoming call blocking	Indicates the incoming call blocking setup of this peer.
incoming called-number	Indicates the incoming called number if it has been set.
incoming COR list	Indicates the level of Class of Restrictions for incoming calls of this peer.
Incomplete Calls	Indicates the number of outgoing disconnected calls with the user busy (17), no user response (18), or no answer (19) cause code.
information type	Information type for this call (voice, fax, video).
Last Disconnect Cause	Encoded network cause associated with the last call. This value is updated whenever a call is started or cleared and depends on the interface type and session protocol being used on this interface.
Last Disconnect Text	ASCII text describing the reason for the last call termination.
Last Setup Time	Value of the system uptime when the last call to this peer was started.
Modem passthrough	Modem pass-through signaling method is named signaling event (NSE).
numbering Type	Indicates the numbering type for a peer call leg.
Operation state	Operational state of this peer.
outgoing COR list	Indicates the level of Class of Restrictions for outgoing calls of this peer.
outgoing LPCOR	Setting of the lpcor outgoing command.
out bound application associated	The voice application that is configured to handle outbound calls from this dial peer. Outbound calls are handed off to the named application.
Outbound state	Indicates the current outbound status of a POTS peer.
payload size	Indicates the size of the payload of the fax rate or codec setup.
payload type	NSE payload type.
peer type	Dial peer type (voice, data).
permission	Configured permission level for this peer.
Poor QOV Trap	Indicates if poor quality of voice trap messages is enabled.
preemption level	Indicates the call preemption level of this peer.
prefix	Indicates dialed digits prefix of this peer.
Redundancy	Packet redundancy (RFC 2198) for modem traffic.
Refused Calls	Number of calls from this peer refused since system startup.
register E.164 number with H.323 GK and/or SIP Registrar	Indicates the "register e.164" option of this peer.
req-qos	Configured requested quality of service for calls for this dial peer.
session-target	Session target of this peer.
session-protocol	Session protocol to be used for Internet calls between local and remote routers through the IP backbone.
source carrier-id	Indicates the source carrier ID of this peer that will be used to match the source carrier ID of an incoming call.
source trunk-group label	Indicates the source trunk group label of this peer that can be used to match the source trunk group label of an incoming call.
Successful Calls	Number of completed calls to this peer.
supported-language	Indicates the list of supported languages of this peer.
tag	Unique dial peer ID number.
target carrier-id	Indicates the target carrier ID of this peer that will be used to match the target carrier ID for an outgoing call.
target trunkgroup label	Indicates the target trunk group label of this peer that can be used to match the target trunk group label of an outgoing call.
Time elapsed since last clearing of voice call statistics	Elapsed time between the current time and the time when the clear dial-peer voice command was executed.
Translation profile (Incoming)	Indicates the translation profile for incoming calls.
Translation profile (Outgoing)	Indicates the translation profile for outgoing calls.
translation-profile	Indicates the number translation profile of this peer.
type	Indicates the peer encapsulation type (pots, voip, vofr, voatm or mmoip).
VAD	Whether voice activation detection (VAD) is enabled for this dial peer.
voice class called-number inbound/outbound	Indicates the voice-class called number inbound or outbound setup of this peer.
voice class sip history-info	Indicates the configuration state of the history-info header. If the history-info header is not configured for the dial peer, this field is set to system. If the history-info header is enabled on this dial peer, this field is set to enable. If the history-info header is disabled on this dial peer, this field is set to disable.
voice-port	Indicates the voice interface setting of this POTS peer.

The following is sample output from this command with the summary keyword:

Router# show dial-peer voice summary

dial-peer hunt 0

                                                      PASS

  TAG TYPE   ADMIN OPER PREFIX   DEST-PATTERN     PREF THRU SESS-TARGET    PORT

  100 pots   up    up                              0

  101 voip   up    up            5550112           0   syst ipv4:10.10.1.1

  102 voip   up    up            5550134           0   syst ipv4:10.10.1.1

   99 voip   up    down                            0   syst

   33 pots   up    down                            0

Table 110 describes the significant fields shown in the display.

Table 110 show dial-peer voice summary Field Descriptions 

Field	Description
dial-peer hunt	Hunt group selection order that is defined for the dial peer by the dial-peer hunt command.
TAG	Unique identifier assigned to the dial peer when it was created.
TYPE	Type of dial peer (pots, voip, vofr, voatm or mmoip).
ADMIN	Whether the administrative state is up or down.
OPER	Whether the operational state is up or down.
PREFIX	Prefix that is configured in the dial peer by the prefix command.
DEST-PATTERN	Destination pattern that is configured in the dial peer by the destination-pattern command.
PREF	Hunt group preference that is configured in the dial peer by the preference command.
PASS THRU	Modem pass-through method that is configured in the dial peer by the modem passthrough command.
SESS-TARGET	Destination that is configured in the dial peer by the session target command.
PORT	Router voice port that is configured for the dial peer. Valid only for POTS dial peers.

Related Commands

Command	Description
show call active voice	Displays the VoIP active call table.
show call history voice	Displays the VoIP call history table.
show dialplan incall number	Displays which POTS dial peer is matched for a specific calling number or voice port.
show dialplan number	Displays which dial peer is reached when a specific telephone number is dialed.
show num-exp	Displays how the number expansions are configured in VoIP.
show voice port	Displays configuration information about a specific voice port.

show dmvpn

To display Dynamic Multipoint VPN (DMVPN) specific session information, use the show dmvpn command in privileged EXEC mode.

show dmvpn [ipv4 | ipv6] [peer [nbma | tunnel {ip-address | ipv6-address}] | network {ip-address mask}] [vrf vrf-name] [interface tunnel number] [detail] [static] [debug-condition]

Syntax Description

ipv4	(Optional) View information only about IPv4 private networks
ipv6	(Optional) View information only about IPv6 private networks
peer	(Optional) Displays information for a specific DMVPN peer.
nbma	(Optional) Displays DMVPN information based on nonbroadcast multiaccess (NBMA) addresses.
tunnel	(Optional) Displays DMVPN information based on the peer virtual private network (VPN) address.
ip-address	(Optional) Specifies DMVPN peer IP address.
ipv6-address	(Optional) Specifies DMVPN peer IPv6 address.
network ip-address mask	(Optional) Displays DMVPN information based on a specific destination network and mask address.
vrf vrf-name	(Optional) Displays information based on the specified virtual routing forwarding (VRF).
interface	(Optional) Displays DMVPN information based on a specific interface.
tunnel number	(Optional) Specifies tunnel address for DMVPN peer.
detail	(Optional) Displays detail DMVPN information for each session, including Next Hop Server (NHS) and NHS status, crypto session information, and socket details.
static	(Optional) Displays only static DMVPN information.
debug-condition	(Optional) Displays DMVPN conditional debugging.

Command Default

Information is displayed for all DMVPN-specific sessions.

Command Modes

Privileged EXEC

Command History

Release	Modification
12.4(9)T	This command was introduced.
12.4(20)T	The ipv4 keyword, the ipv6 keyword, the ipv6-address argument, and the network ipv6-address keyword and argument combination were added.
12.4(22)T	The output of this command was extended to display the NHRP group received from the spoke and the QoS policy applied to the spoke tunnel.

Usage Guidelines

Use this command to obtain DMVPN specific session information. By default, summary information will be displayed.

When the detail keyword is used, command output will include information from the show crypto session detail command, including inbound and outbound security parameter indexes (SPI) and the show crypto socket command.

Examples

The following example shows sample summary output:

Router# show dmvpn

Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete

        N - NATed, L - Local, X - No Socket

        # Ent --> Number of NHRP entries with same NBMA peer

! The line below indicates that the sessions are being displayed for Tunnel1. 

! Tunnel1 is acting as a spoke and is a peer with three other NBMA peers.

Tunnel1, Type: Spoke, NBMA Peers: 3, 

 # Ent  Peer NBMA Addr Peer Tunnel Add State  UpDn Tm Attrb

 ----- --------------- --------------- ----- -------- -----

     2    192.0.2.21       192.0.2.116   IKE     3w0d D    

     1    192.0.2.102      192.0.2.11   NHRP 02:40:51 S    

     1    192.0.2.225      192.0.2.10     UP     3w0d S    

Tunnel2, Type: Spoke, NBMA Peers: 1, 

 # Ent  Peer NBMA Addr Peer Tunnel Add State  UpDn Tm Attrb

 ----- --------------- --------------- ----- -------- -----

     1      192.0.2.25     192.0.2.171   IKE    never S    

Table 111 describes the significant fields shown in the display.

Table 111 show dmvpn Field Descriptions 

Field	Description
# Ent	The number of Next Hop Routing Protocol (NHRP) entries in the current session.
Peer NBMA Addr	The remote NBMA address.
Peer Tunnel Add	The remote tunnel endpoint IP address.
State	The state of the DMVPN session. The DMVPN session is either up or down. If the DMVPN state is down, the reason for the down state error is displayed—Internet Key Exchange (IKE), IPsec, or NHRP.
UpDn Tm	Displays how long the session has been in the current state.
Attrib	Displays any associated attributes of the current session. One of the following attributes will be displayed—dynamic (D), static (S), incomplete (I), Network Address Translation (NAT) for the peer address, or NATed, (N), local (L), no socket (X).

The following example shows output of the show dmvpn command with the detail keyword:

Router# show dmvpn detail

Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete

        N - NATed, L - Local, X - No Socket

        # Ent --> Number of NHRP entries with same NBMA peer

-------------- Interface Tunnel1 info: -------------- 

Intf. is up, Line Protocol is up, Addr. is 192.0.2.5

   Source addr: 192.0.2.229, Dest addr: MGRE

  Protocol/Transport: "multi-GRE/IP", Protect "gre_prof",

Tunnel VRF "" ip vrf forwarding ""

NHRP Details: NHS: 192.0.2.10 RE 192.0.2.11  E

Type: Spoke, NBMA Peers: 4

# Ent  Peer NBMA Addr Peer Tunnel Add State  UpDn Tm Attrb    Target Network

----- --------------- --------------- ----- -------- ----- -----------------

    2        192.0.2.21      192.0.2.116    UP 00:14:59 D      192.0.2.118/24

                                            UP 00:14:59 D      192.0.2.116/32

  IKE SA: local 192.0.2.229/500 remote 192.0.2.21/500 Active 

          Capabilities:(none) connid:1031 lifetime:23:45:00

  Crypto Session Status: UP-ACTIVE     

  fvrf: (none)

  IPSEC FLOW: permit 47 host 192.0.2.229 host 192.0.2.21 

        Active SAs: 2, origin: crypto map

        Inbound:  #pkts dec'ed 1 drop 0 life (KB/Sec) 4494994/2700

        Outbound: #pkts enc'ed 1 drop 0 life (KB/Sec) 4494994/2700

   Outbound SPI : 0xD1EA3C9B, transform : esp-3des esp-sha-hmac 

    Socket State: Open

# Ent  Peer NBMA Addr Peer Tunnel Add State  UpDn Tm Attrb    Target Network

----- --------------- --------------- ----- -------- ----- -----------------

    1     192.0.2.229       192.0.2.5    UP 00:15:00 DLX        192.0.2.5/32

# Ent  Peer NBMA Addr Peer Tunnel Add State  UpDn Tm Attrb    Target Network

----- --------------- --------------- ----- -------- ----- -----------------

    1     192.0.2.102      192.0.2.11 NHRP 02:55:47  S         192.0.2.11/32

  IKE SA: local 192.0.2.229/4500 remote 192.0.2.102/4500 Active 

          Capabilities:N connid:1028 lifetime:11:45:37

  Crypto Session Status: UP-ACTIVE     

  fvrf: (none)

  IPSEC FLOW: permit 47 host 192.0.2.229 host 192.0.2.102 

        Active SAs: 2, origin: crypto map

        Inbound:  #pkts dec'ed 199056 drop 393401 life (KB/Sec) 4560270/1524

        Outbound: #pkts enc'ed 416631 drop 10531 life (KB/Sec) 4560322/1524

   Outbound SPI : 0x9451AF5C, transform : esp-3des esp-sha-hmac 

    Socket State: Open

# Ent  Peer NBMA Addr Peer Tunnel Add State  UpDn Tm Attrb    Target Network

----- --------------- --------------- ----- -------- ----- -----------------

    1     192.0.2.225      192.0.2.10    UP     3w0d S         192.0.2.10/32

  IKE SA: local 192.0.2.229/500 remote 192.0.2.225/500 Active 

          Capabilities:(none) connid:1030 lifetime:03:46:44

  Crypto Session Status: UP-ACTIVE     

  fvrf: (none)

  IPSEC FLOW: permit 47 host 192.0.2.229 host 192.0.2.225 

        Active SAs: 2, origin: crypto map

        Inbound:  #pkts dec'ed 430261 drop 0 life (KB/Sec) 4415197/3466

        Outbound: #pkts enc'ed 406232 drop 4 life (KB/Sec) 4415197/3466

   Outbound SPI : 0xAF3E15F2, transform : esp-3des esp-sha-hmac 

    Socket State: Open

 -------------- Interface Tunnel2 info: -------------- 

Intf. is up, Line Protocol is up, Addr. is 192.0.2.172

   Source addr: 192.0.2.20, Dest addr: MGRE

  Protocol/Transport: "multi-GRE/IP", Protect "gre_prof",

Tunnel VRF "" ip vrf forwarding ""

NHRP Details: NHS:         192.0.2.171  E

Type: Spoke, NBMA Peers: 1

# Ent  Peer NBMA Addr Peer Tunnel Add State  UpDn Tm Attrb    Target Network

----- --------------- --------------- ----- -------- ----- -----------------

    1      192.0.2.25     192.0.2.171  IKE     never S        192.0.2.171/32

  IKE SA: local 192.0.2.20/500 remote 192.0.2.25/500 Inactive 

          Capabilities:(none) connid:0 lifetime:0

  IKE SA: local 192.0.2.20/500 remote 192.0.2.25/500 Inactive 

          Capabilities:(none) connid:0 lifetime:0

  Crypto Session Status: DOWN-NEGOTIATING

  fvrf: (none)

  IPSEC FLOW: permit 47 host 192.0.2.20 host 192.0.2.25 

        Active SAs: 0, origin: crypto map

        Inbound:  #pkts dec'ed 0 drop 0 life (KB/Sec) 0/0

        Outbound: #pkts enc'ed 0 drop 436431 life (KB/Sec) 0/0

   Outbound SPI : 0x       0, transform : 

    Socket State: Closed

Pending DMVPN Sessions:

!There are no pending DMVPN sessions.

The following example shows output of the show dmvpn command with the detail keyword. This example displays the NHRP group received from the spoke and the QoS policy applied to the spoke tunnel:

Router# show dmvpn detail

Legend: Attrb --> S - Static, D - Dynamic, I - Incompletea

        N - NATed, L - Local, X - No Socket

        # Ent --> Number of NHRP entries with same NBMA peer

 -------------- Interface Tunnel0 info: -------------- 

Intf. is up, Line Protocol is up, Addr. is 10.0.0.1

   Source addr: 172.17.0.1, Dest addr: MGRE

  Protocol/Transport: "multi-GRE/IP", Protect "dmvpn-profile",

Tunnel VRF "", ip vrf forwarding ""

NHRP Details: 

Type:Hub, NBMA Peers:2

# Ent  Peer NBMA Addr Peer Tunnel Add State  UpDn Tm Attrb    Target Network

----- --------------- --------------- ----- -------- ----- -----------------

    1      172.17.0.2        10.0.0.2    UP 00:19:57 D           10.0.0.2/32

NHRP group: test-group-0

 Output QoS service-policy applied: queueing

  IKE SA: local 172.17.0.1/500 remote 172.17.0.2/500 Active 

  Crypto Session Status: UP-ACTIVE     

  fvrf: (none), Phase1_id: 172.17.0.2

  IPSEC FLOW: permit 47 host 172.17.0.1 host 172.17.0.2 

        Active SAs: 2, origin: crypto map

   Outbound SPI : 0x44E4E634, transform : esp-des esp-sha-hmac 

    Socket State: Open

  IKE SA: local 172.17.0.1/500 remote 172.17.0.2/500 Active 

  IPSEC FLOW: permit 47 host 172.17.0.1 host 172.17.0.2 

        Active SAs: 2, origin: crypto map

   Outbound SPI : 0x44E4E634, transform : esp-des esp-sha-hmac 

    Socket State: Open

# Ent  Peer NBMA Addr Peer Tunnel Add State  UpDn Tm Attrb    Target Network

----- --------------- --------------- ----- -------- ----- -----------------

    1      172.17.0.3        10.0.0.3    UP 00:02:21 D           10.0.0.3/32

NHRP group: test-group-0

 Output QoS service-policy applied: queueing

  IKE SA: local 172.17.0.1/500 remote 172.17.0.3/500 Active 

  Crypto Session Status: UP-ACTIVE     

  fvrf: (none), Phase1_id: 172.17.0.3

  IPSEC FLOW: permit 47 host 172.17.0.1 host 172.17.0.3 

        Active SAs: 2, origin: crypto map

   Outbound SPI : 0xBF13C9CC, transform : esp-des esp-sha-hmac 

    Socket State: Open

  IKE SA: local 172.17.0.1/500 remote 172.17.0.3/500 Active 

  IPSEC FLOW: permit 47 host 172.17.0.1 host 172.17.0.3 

        Active SAs: 2, origin: crypto map

   Outbound SPI : 0xBF13C9CC, transform : esp-des esp-sha-hmac 

    Socket State: Open

 -------------- Interface Tunnel1 info: -------------- 

Intf. is up, Line Protocol is up, Addr. is 11.0.0.1

   Source addr: 172.17.0.1, Dest addr: MGRE

  Protocol/Transport: "multi-GRE/IP", Protect "dmvpn-profile",

Tunnel VRF "", ip vrf forwarding ""

NHRP Details: 

Type:Hub, NBMA Peers:1

# Ent  Peer NBMA Addr Peer Tunnel Add State  UpDn Tm Attrb    Target Network

----- --------------- --------------- ----- -------- ----- -----------------

    1      172.17.0.2        11.0.0.2    UP 00:20:01 D           11.0.0.2/32

NHRP group: test-group-1

 Output QoS service-policy applied: queueing

Pending DMVPN Sessions:

The following example shows DMVPN debug-condition information:

Router# show dmvpn debug-condition 

NBMA addresses under debug are:

Interfaces under debug are:

Tunnel101, 

Crypto DMVPN filters:

Interface = Tunnel101

DMVPN Conditional debug context unmatched flag: OFF

Related Commands

Command	Description
debug dmvpn	Debugs DMVPN sessions.
show crypto session detail	Displays detailed status information for active crypto sessions.
show crypto socket	Lists crypto sockets.
show policy-map mgre	Displays statistics about a specific QoS policy as it is applied to a tunnel endpoint.

show eigrp address-family accounting

To display prefix accounting information for Enhanced Interior Gateway Routing Protocol (EIGRP) processes, use the show eigrp address-family accounting command in user EXEC or privileged EXEC mode.

show eigrp address-family {ipv4 | ipv6} [vrf vrf-name] [autonomous-system-number] [multicast] accounting

Syntax Description

ipv4	Selects the IPv4 protocol address family.
ipv6	Selects the IPv6 protocol address family.
vrf vrf-name	(Optional) Displays information about the specified VRF. This keyword/argument pair is available only for IPv4 configurations.
autonomous-system- number	(Optional) Autonomous system number.
multicast	(Optional) Displays information about multicast instances.

Command Modes

User EXEC (>)
Privileged EXEC (#)

Command Default

Prefix accounting information for all EIGRP processes is displayed.

Command History

Release	Modification
15.0(1)M	This command was introduced.

Usage Guidelines

This command can be used to display information about EIGRP named configurations and EIGRP autonomous-system (AS) configurations.

This command displays the same information as the show ip eigrp accounting command. Cisco recommends using the show eigrp address-family accounting command.

Examples

The following example shows how to display EIGRP prefix accounting information for autonomous-system 22:

Router# show eigrp address-family ipv4 22 accounting 

EIGRP-IPv4 VR(saf) Accounting for AS(22)/ID(10.0.0.1) 

Total Prefix Count: 3  States: A-Adjacency, P-Pending, D-Down 

State Address/Source    Interface       Prefix   Restart  Restart/ 

                                        Count     Count   Reset(s) 

 A    10.0.0.2          Et0/0               2         0        0

 P    10.0.2.4          Se2/0               0         2        114

 D    10.0.1.3          Et0/0               0         3        0 

Table 112 describes the significant fields shown in the display.

Table 112 show eigrp address-family accounting Field Descriptions 

Field	Description
IP-EIGRP accounting for AS...	Identifies the EIGRP instance, AS number, router ID, and table ID.
Total Prefix Count	Number of distinct prefixes that are present in this autonomous system.
State	State of the given neighbor: Adjacency, Pending, or Down.
Address/Source	IP address of the neighbor.
Interface	Interface on which the neighbor is connected.
Prefix Count	Number of prefixes that are advertised by this neighbor.
Restart Count	Number of times this neighbor has been restarted due to exceeding prefix limits.
Restart/Reset(s)	Time remaining until the neighbor will be restarted (if in Pending state) or until the restart count will be cleared (if in Adjacency state.)

Related Commands

Command	Description
show eigrp address-family events	Displays information about EIGRP events.
show eigrp address-family interfaces	Displays information about interfaces configured for EIGRP.
show eigrp address-family neighbors	Displays the neighbors discovered by EIGRP.
show eigrp address-family sia-event	Displays information about EIGRP SIA events.
show eigrp address-family sia-statistics	Displays information about EIGRP SIA statistics.
show eigrp address-family timers	Displays information about EIGRP timers and expiration times.
show eigrp address-family topology	Displays entries in the EIGRP topology table.
show eigrp address-family traffic	Displays the number of EIGRP packets sent and received.

show eigrp address-family events

To display information about Enhanced Interior Gateway Routing Protocol (EIGRP) address-family events, use the show eigrp address-family events command in user EXEC or privileged EXEC mode.

show eigrp address-family {ipv4 | ipv6} [vrf vrf-name] [autonomous-system-number] [multicast] events [starting-event-number ending-event-number] [errmsg [starting-event-number ending-event-number]] [sia [starting-event-number ending-event-number]] [type]

Syntax Description

ipv4	Selects the IPv4 protocol address family.
ipv6	Selects the IPv6 protocol address family.
vrf vrf-name	(Optional) Displays information about the specified VRF.
autonomous-system- number	(Optional) Autonomous system number.
multicast	(Optional) Displays information about multicast instances.
starting-event-number	Number of first event to display.
ending-event-number	Number of last event to display.
errmsg	Displays error message events.
sia	Displays Stuck in Active (SIA) events.
type	Displays the types of events being logged.

Command Modes

User EXEC (>)
Privileged EXEC (#)

Command Default

All EIGRP address-family events are displayed.

Command History

Release	Modification
15.0(1)M	This command was introduced.

Usage Guidelines

The event log is used by Cisco technical support to display a history of EIGRP internal events that are specific to a particular address family.

To display information about EIGRP service-family events, use the show eigrp service-family events command.

This command can be used to display information about EIGRP named configurations and EIGRP autonomous-system (AS) configurations.

This command displays the same information as the show ip eigrp events command. Cisco recommends using the show eigrp address-family events command.

Examples

The following example shows how to display EIGRP address-family events for autonomous-system 3:

Router# show eigrp address-family ipv4 3 events

Event information for AS 3:

1 15:37:47.015 Change queue emptied, entries: 1 

2 15:37:47.015 Metric set: 10.0.0.0/24 307200 

3 15:37:47.015 Update reason, delay: new if 4294967295 

4 15:37:47.015 Update sent, RD: 10.0.0.0/24 4294967295 

5 15:37:47.015 Update reason, delay: metric chg 4294967295 

6 15:37:47.015 Update sent, RD: 10.0.0.0/24 4294967295 

7 15:37:47.015 Route installed: 10.0.0.0/24 1.1.1.2 

8 15:37:47.015 Route installing: 10.0.0.0/24 10.0.1.2  

Related Commands

Command	Description
show eigrp address-family accounting	Displays prefix accounting information for EIGRP processes.
show eigrp address-family interfaces	Displays information about interfaces configured for EIGRP.
show eigrp address-family neighbors	Displays the neighbors discovered by EIGRP.
show eigrp address-family sia-event	Displays information about EIGRP SIA events.
show eigrp address-family sia-statistics	Displays information about EIGRP SIA statistics.
show eigrp address-family timers	Displays information about EIGRP timers and expiration times.
show eigrp address-family topology	Displays entries in the EIGRP topology table.
show eigrp address-family traffic	Displays the number of EIGRP packets sent and received.
show eigrp service-family events	Displays information about EIGRP service-family events.

show eigrp address-family interfaces

To display information about interfaces that are configured for Enhanced Interior Gateway Routing Protocol (EIGRP), use the show eigrp address-family interfaces command in user EXEC or privileged EXEC mode.

show eigrp address-family {ipv4 | ipv6} [vrf vrf-name] [autonomous-system-number] [multicast] interfaces [detail] [interface-type interface-number]

Syntax Description

ipv4	Selects the IPv4 protocol address family.
ipv6	Selects the IPv6 protocol address family.
vrf vrf-name	(Optional) Displays information about the specified VRF.
autonomous-system- number	(Optional) Autonomous system number.
multicast	(Optional) Displays information about multicast instances.
detail	(Optional) Displays detailed information about EIGRP interfaces.
interface-type interface-number	(Optional) Interface type and number to display. If unspecified, all enabled interfaces are displayed.

Command Default

All enabled EIGRP interfaces are displayed.

Command Modes

User EXEC (>)
Privileged EXEC (#)

Command History

Release	Modification
15.0(1)M	This command was introduced.

Usage Guidelines

Use the show eigrp address-family interfaces command to determine on which interfaces EIGRP is active and to learn EIGRP information about those interfaces.

If an interface is specified, only information about that interface is displayed. Otherwise, information about all interfaces on which EIGRP is running is displayed.

If an autonomous system is specified, only the routing process for the specified autonomous system is displayed. Otherwise, all EIGRP processes are displayed.

This command can be used to display information about EIGRP named configurations and EIGRP autonomous-system (AS) configurations.

This command displays the same information as the show ip eigrp interfaces command. Cisco recommends using the show eigrp address-family interfaces command.

Examples

The following example shows how to display information about EIGRP interfaces for autonomous-system 4453:

Router# show eigrp address-family ipv4 4453 interfaces 

EIGRP-IPv4 VR(Virtual-name) Address-family Neighbors for AS(4453) 

					Xmit Queue   Mean   Pacing Time   Multicast    Pending 

Interface     Peers  Un/Reliable  SRTT   Un/Reliable   Flow Timer   Services 

Se0           1          0/0        28      0/15          127           0 

Se1           1          0/0        44      0/15          211           0 

The following example shows how to display detailed information about Loopback interface 1 in autonomous-system 2:

Router# show eigrp address-family ipv4 2 interfaces detail Loopback1 

EIGRP-IPv4 VR(saf2) Address-family Neighbors for AS(2) 

                    Xmit Queue   Mean  Pacing Time     Multicast    Pending 

Interface    Peers  Un/Reliable  SRTT  Un/Reliable     Flow Timer   Services 

Lo1          166        0/0        48      0/1            258           0 

	Hello-interval is 5, Hold-time is 15 

	Split-horizon is enabled 

	Next xmit serial <none> 

	Un/reliable mcasts: 0/0 Un/reliable ucasts: 10148/67233 

	Mcast exceptions: 0 CR packets: 0 ACKs suppressed: 8719 

	Retransmissions sent: 2696 Out-of-sequence rcvd: 594 

	Interface has all stub peers 

	Topology-ids on interface - 0 

	Authentication mode is not set 

Table 113 describes the significant fields shown in the display.

Table 113 show eigrp address-family interfaces Field Descriptions 

Field	Description
Interface	Interface over which EIGRP is configured.
Peers	Number of EIGRP neighbors connected on this interface.
Xmit Queue Un/Reliable	Number of packets remaining in the Unreliable and Reliable transmit queues.
Mean SRTT	Mean smooth round-trip time interval, in milliseconds.
Pacing Time Un/Reliable	Pacing time used to determine when reliable and unreliable EIGRP packets should be sent out of the interface.
Multicast Flow Timer	Maximum number of seconds the router sends multicast EIGRP packets.
Pending Services	Number of services in the packets in the transmit queue waiting to be sent.
CR packets	Packets marked for conditional Receive.

Related Commands

Command	Description
show eigrp address-family accounting	Displays prefix accounting information for EIGRP processes.
show eigrp address-family events	Displays information about EIGRP events.
show eigrp address-family neighbors	Displays the neighbors discovered by EIGRP.
show eigrp address-family sia-event	Displays information about EIGRP SIA events.
show eigrp address-family sia-statistics	Displays information about EIGRP SIA statistics.
show eigrp address-family timers	Displays information about EIGRP timers and expiration times.
show eigrp address-family topology	Displays entries in the EIGRP topology table.
show eigrp address-family traffic	Displays the number of EIGRP packets sent and received.

show eigrp address-family neighbors

To display the neighbors that are discovered by Enhanced Interior Gateway Routing Protocol (EIGRP), use the show eigrp address-family neighbors command in user EXEC or privileged EXEC mode.

show eigrp address-family {ipv4 | ipv6} [vrf vrf-name] [autonomous-system-number] [multicast] neighbors [static] [detail] [interface-type interface-number]

Syntax Description

ipv4	Selects the IPv4 protocol address family.
ipv6	Selects the IPv6 protocol address family.
vrf vrf-name	(Optional) Displays information about the specified VRF.
autonomous-system- number	(Optional) Autonomous system number.
multicast	(Optional) Displays information about multicast instances.
static	(Optional) Displays static neighbors.
detail	(Optional) Displays detailed EIGRP neighbor information.
interface-type interface-number	(Optional) Interface type and number to display. If unspecified, all enabled interfaces are displayed.

Command Default

Information about all neighbors discovered by EIGRP is displayed.

Command Modes

User EXEC (>)
Privileged EXEC (#)

Command History

Release	Modification
15.0(1)M	This command was introduced.

Usage Guidelines

Use the show eigrp address-family neighbors command to determine when neighbors become active and inactive. It is also useful for debugging certain types of transport problems.

This command can be used to display information about EIGRP named configurations and EIGRP autonomous-system (AS) configurations.

This command displays the same information as the show ip eigrp neighbors command. Cisco recommends using the show eigrp address-family neighbors command.

Examples

The following example shows how to display neighbors that are discovered by EIGRP:

Router# show eigrp address-family ipv4 4453 neighbors 

EIGRP-IPv4 VR(Virtual-name) Address-family Neighbors for AS(4453) 

Address 						Interface 			 Hold Uptime  SRTT  RTO    Q     Seq 

                                     (sec)         (ms)  (ms)   Cnt   Num 

172.16.81.28            Ethernet1     13   0:00:41  0      11   4     20

172.16.80.28            Ethernet0     14   0:02:01  0      10   12    24

172.16.80.31            Ethernet0     12   0:02:02  0      4    5     20 

Table 114 describes the significant fields shown in the display.

The following example shows how to display detailed information about neighbors that are discovered by EIGRP, including whether a neighbor has been gracefully restarted:

Router# show eigrp address-family ipv4 neighbors detail 

EIGRP-IPv4 VR(test) Address-Family Neighbors for AS(3)

H Address Interface Hold Uptime SRTT RTO Q Seq

                    (sec)       (ms) Cnt   Num

172.16.81.28 Et1/1 11 01:11:08 10 200 0 8

Time since Restart 00:00:05

Version 5.0/3.0, Retrans: 2, Retries: 0, Prefixes: 2

Topology-ids from peer - 0  

Table 114 show eigrp address-family neighbors Field Descriptions 

Field	Description
AS(4453)	Autonomous system number specified in the configuration command, in this example 4453.
Address	IP address of the peer.
Interface	Interface on which the router is receiving hello packets from the peer.
Hold time	Length of time, in seconds, that the router will wait to hear from the peer before declaring it down. If the peer is using the default hold time, this number will be less than 15. If the peer configures a nondefault hold time, it will be reflected here.
Uptime	Elapsed time since the local router first heard from this neighbor.
Q Cnt	Number of packets (update, query, and reply) that the software is waiting to send.
Seq Num	Sequence number of the last update, query, or reply packet that was received from this neighbor.
SRTT	Smooth round-trip time. This is the number of milliseconds that it takes for an EIGRP packet to be sent to this neighbor and for the local router to receive an acknowledgment of that packet.
RTO	Retransmission timeout, in milliseconds. Indicates the amount of time EIGRP waits before retransmitting a packet from the retransmission queue to a neighbor.
Time since Restart	Time elapsed since a neighbor has been gracefully restarted.

Related Commands

Command	Description
show eigrp address-family accounting	Displays prefix accounting information for EIGRP processes.
show eigrp address-family events	Displays information about EIGRP events.
show eigrp address-family interfaces	Displays information about interfaces configured for EIGRP.
show eigrp address-family sia-event	Displays information about EIGRP SIA events.
show eigrp address-family sia-statistics	Displays information about EIGRP SIA statistics.
show eigrp address-family timers	Displays information about EIGRP timers and expiration times.
show eigrp address-family topology	Displays entries in the EIGRP topology table.
show eigrp address-family traffic	Displays the number of EIGRP packets sent and received.

show eigrp address-family timers

To display information about Enhanced Interior Gateway Routing Protocol (EIGRP) timers and expiration times, use the show eigrp address-family timers command in user EXEC or privileged EXEC mode.

show eigrp address-family {ipv4 | ipv6} [vrf vrf-name] [autonomous-system-number] [multicast] timers

Syntax Description

ipv4	Selects the IPv4 protocol address family.
ipv6	Selects the IPv6 protocol address family.
vrf vrf-name	(Optional) Displays information about the specified VRF.
autonomous-system- number	(Optional) Autonomous system number.
multicast	(Optional) Displays information about multicast instances.

Command Default

Information about all EIGRP timers is displayed.

Command Modes

User EXEC (>)
Privileged EXEC (#)

Command History

Release	Modification
15.0(1)M	This command was introduced.

Usage Guidelines

This command is useful for debugging and troubleshooting by Cisco technical support, but it is not intended for normal EIGRP administration tasks. This command should not be used without guidance from Cisco technical support.

This command can be used to display information about EIGRP named configurations and EIGRP autonomous-system (AS) configurations.

This command displays the same information as the show ip eigrp timers command. Cisco recommends using the show eigrp address-family timers command.

Examples

The following example shows how to display information about EIGRP timers:

Router# show eigrp address-family ipv4 4453 timers

EIGRP-IPv4 VR(Virtual-name) Address-family Timers for AS(4453) 

Hello Process 

Expiration Type 

| 1.022 (parent) 

| 1.022 Hello (Et0/0) 

Update Process 

Expiration Type 

| 14.984 (parent) 

| 14.984 (parent) 

| 14.984 Peer holding 

SIA Process 

Expiration Type for Topo(base) 

| 0.000 (parent) 

Related Commands

Command	Description
show eigrp address-family accounting	Displays prefix accounting information for EIGRP processes.
show eigrp address-family events	Displays information about EIGRP events.
show eigrp address-family interfaces	Displays information about interfaces configured for EIGRP.
show eigrp address-family neighbors	Displays the neighbors discovered by EIGRP.
show eigrp address-family sia-event	Displays information about EIGRP SIA events.
show eigrp address-family sia-statistics	Displays information about EIGRP SIA statistics.
show eigrp address-family topology	Displays entries in the EIGRP topology table.
show eigrp address-family traffic	Displays the number of EIGRP packets sent and received.

show eigrp address-family topology

To display entries in the Enhanced Interior Gateway Routing Protocol (EIGRP) topology table, use the show eigrp address-family topology command in user EXEC or privileged EXEC mode.

show eigrp address-family {ipv4 | ipv6} [vrf vrf-name] [autonomous-system-number] [multicast] topology [topology-name] [ip-address] [active] [all-links] [detail-links] [pending] [summary] [zero-successors] [route-type {connected | external | internal | local | redistributed | summary | vpn}]

Syntax Description

ipv4	Selects the IPv4 protocol address family.
ipv6	Selects the IPv6 protocol address family.
vrf vrf-name	(Optional) Displays information about the specified VRF.
autonomous-system- number	(Optional) Specifies the autonomous system number.
multicast	(Optional) Displays information about multicast instances.
topology-name	(Optional) Named entry in the EIGRP topology table.
ip-address	(Optional) Network or network and mask. When specified, a detailed description of the entry is provided.
active	(Optional) Displays only active entries in the EIGRP topology table.
all-links	(Optional) Displays all entries in the EIGRP topology table (including non-feasible-successor sources).
detail-links	(Optional) Displays detailed information about all entries in the topology table.
pending	(Optional) Displays all entries in the EIGRP topology table that are waiting for an update from a neighbor or are waiting to reply to a neighbor.
summary	(Optional) Displays summary information about the EIGRP topology table.
zero-successors	(Optional) Displays available routes in the EIGRP topology table that have zero successors.
route-type	(Optional) Displays information about services of the specified route type.
connected	(Optional) Displays information about all connected routes.
external	(Optional) Displays information about all external routes.
internal	(Optional) Displays information about all internal routes.
local	(Optional) Displays information about all locally originated routes.
redistributed	(Optional) Displays information about all redistributed routes.
summary	(Optional) Displays information about all summary routes.
vpn	(Optional) Displays information about all VPN sourced routes. Applies to IPv4 only.

Command Default

If this command is used without any keywords or arguments, only routes that are feasible successors are displayed.

Command Modes

User EXEC (>)
Privileged EXEC (#)

Command History

Release	Modification
15.0(1)M	This command was introduced.

Usage Guidelines

This command can be used to display information about EIGRP named configurations and EIGRP autonomous-system (AS) configurations.

This command displays the same information as the show ip eigrp topology command. Cisco recommends using the show eigrp address-family topology command.

Examples

The following example shows how to display entries in the EIGRP topology table:

Router# show eigrp address-family ipv4 4453 topology 

EIGRP-IPv4 VR(Virtual-name) Topology Table for AS(4453)/ID(10.0.0.1) 

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, 

       r - Reply status, s - sia Status 

P  10.17.17.0/24, 1 successors, FD is 409600 

          via 10.10.10.2 (409600/128256), Ethernet3/0 

P  172.16.19.0/24, 1 successors, FD is 409600 

          via 10.10.10.2 (409600/128256), Ethernet3/0 

P  192.168.10.0/24, 1 successors, FD is 281600 

          via Connected, Ethernet3/0 

P  10.10.10.0/24, 1 successors, FD is 281600 

          via Redistributed (281600/0) 

The following example shows how to display EIGRP metrics for specified internal services and external services:

Router# show eigrp address-family ipv4 4453 topology 10.10.10.0/24

EIGRP-IPv4 VR(virtual-name) Topology Entry for AS(4453)/ID(10.0.0.1) for 10.10.10.0/24 

  State is Passive, Query origin flag is 1, 1 Successor(s), FD is 128256 

  Descriptor Blocks: 

  0.0.0.0 (Null0), from Connected, Send flag is 0x0 

      Composite metric is (128256/0), service is Internal 

      Vector metric: 

        Minimum bandwidth is 10000000 Kbit 

        Total delay is 5000 microseconds 

        Reliability is 255/255 

        Load is 1/255 

        Minimum MTU is 1514 

        Hop count is 0 

        Originating router is 10.0.0.1

Table 115 describes the significant fields shown in the display.

Table 115 show eigrp address-family topology Field Descriptions 

Field	Description
Codes	State of this topology table entry. Passive and Active refer to the EIGRP state with respect to this destination; Update, Query, and Reply refer to the type of packet that is being sent.
P—Passive	No EIGRP computations are being performed for this destination.
A—Active	EIGRP computations are being performed for this destination.
U—Update	An update packet was sent to this destination.
Q—Query	A query packet was sent to this destination.
R—Reply	A reply packet was sent to this destination.
r—reply Status	Flag that is set after the software has sent a query and is waiting for a reply.
s—sia Status	Flag that is set if a route is in a stuck in active state.
successors	Number of successors. This number corresponds to the number of next hops in the IP routing table. If "successors" is capitalized, then the route or next hop is in a transition state.
FD	Feasible distance. The feasible distance is the best metric to reach the destination or the best metric that was known when the route went active. This value is used in the feasibility condition check. If the reported distance of the router (the metric after the slash) is less than the feasible distance, the feasibility condition is met and that path is a feasible successor. Once the software determines it has a feasible successor, it need not send a query for that destination.
replies	(Not shown in the output.) Number of replies that are still outstanding (have not been received) with respect to this destination. This information appears only when the destination is in the Active state.
state	(Not shown in the output) Exact EIGRP state that this destination is in. It can be the number 0, 1, 2, or 3. This information appears only when the destination is in the Active state.
via	IP address of the peer that told the software about this destination. The first N of these entries, where N is the number of successors, is the current successors. The remaining entries on the list are feasible successors.
(409600/128256)	The first number is the EIGRP metric that represents the cost to the destination. The second number is the EIGRP metric that this peer advertised.
Ethernet3/0	Interface from which this information was learned.

Related Commands

Command	Description
show eigrp address-family accounting	Displays prefix accounting information for EIGRP processes.
show eigrp address-family events	Displays information about EIGRP events.
show eigrp address-family interfaces	Displays information about interfaces configured for EIGRP.
show eigrp address-family neighbors	Displays the neighbors discovered by EIGRP.
show eigrp address-family sia-event	Displays information about EIGRP SIA events.
show eigrp address-family sia-statistics	Displays information about EIGRP SIA statistics.
show eigrp address-family timers	Displays information about EIGRP timers and expiration times.
show eigrp address-family traffic	Displays the number of EIGRP packets sent and received.

show eigrp address-family traffic

To display the number of Enhanced Interior Gateway Routing Protocol (EIGRP) packets that are sent and received, use the show eigrp address-family traffic command in user EXEC or privileged EXEC mode.

show eigrp address-family {ipv4 | ipv6} [vrf vrf-name] [autonomous-system-number] [multicast] traffic

Syntax Description

ipv4	Selects the IPv4 protocol address family.
ipv6	Selects the IPv6 protocol address family.
vrf vrf-name	(Optional) Displays information about the specified VRF.
autonomous-system- number	(Optional) Autonomous system number.
multicast	(Optional) Displays information about multicast instances.

Command Default

The number of all EIGRP packets sent and received is displayed.

Command Modes

User EXEC (>)
Privileged EXEC (#)

Command History

Release	Modification
15.0(1)M	This command was introduced.

Usage Guidelines

This command can be used to display information about EIGRP named configurations and EIGRP autonomous-system (AS) configurations.

This command displays the same information as the show ip eigrp traffic command. Cisco recommends using the show eigrp address-family traffic command.

Examples

The following example shows how to display the number of EIGRP packets sent and received for autonomous system number 4453:

Router# show eigrp address-family ipv4 4453 traffic

EIGRP-IPv4 VR(virtual-name) Address-family Traffic Statistics for AS(4453) 

  Hellos sent/received: 122/122 

  Updates sent/received: 3/1 

  Queries sent/received: 0/0 

  Replies sent/received: 0/0 

  Acks sent/received: 0/3 

  SIA-Queries sent/received: 0/0 

  SIA-Replies sent/received: 0/0 

  Hello Process ID: 128 

  PDM Process ID: 191 

  Socket Queue: 0/2000/1/0 (current/max/highest/drops) 

  Input Queue: 0/2000/1/0 (current/max/highest/drops

Table 116 describes the significant fields shown in the display.

Table 116 show eigrp address-family traffic Field Descriptions 

Field	Description
Hellos sent/received	Number of hello packets sent and received.
Updates sent/received	Number of update packets sent and received.
Queries sent/received	Number of query packets sent and received.
Replies sent/received	Number of reply packets sent and received.
Acks sent/received	Number of acknowledgement packets sent and received.
SIA-Queries sent/received	Number of stuck in active query packets sent and received.
SIA-Replies sent/received	Number of stuck in active reply packets sent and received.
Hello Process ID	Cisco IOS hello process identifier.
PDM Process ID	Protocol-dependent module IOS process identifier.
Socket Queue	IP to EIGRP Hello Process socket queue counters.
Input Queue	EIGRP Hello Process to EIGRP PDM socket queue counters.

Related Commands

Command	Description
show eigrp address-family accounting	Displays prefix accounting information for EIGRP processes.
show eigrp address-family events	Displays information about EIGRP events.
show eigrp address-family interfaces	Displays information about interfaces configured for EIGRP.
show eigrp address-family neighbors	Displays the neighbors discovered by EIGRP.
show eigrp address-family sia-event	Displays information about EIGRP SIA events.
show eigrp address-family sia-statistics	Displays information about EIGRP SIA statistics.
show eigrp address-family timers	Displays information about EIGRP timers and expiration times.
show eigrp address-family topology	Displays entries in the EIGRP topology table.

show erm statistics

To display the Embedded Resource Manager (ERM) Forwarding Information Base (FIB) ternary content addressable memory (TCAM) exception status for IPv4, IPv6, and Multiprotocol Label Switching (MPLS) protocols, use the show erm statistics command in privileged EXEC mode.

show erm statistics

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Command History

Release	Modification
12.2(17b)SXA	This command was introduced on the Supervisor Engine 720.
12.2(33)SRA	This command was integrated into Cisco IOS Release 12.2(33)SRA.

Usage Guidelines

This command is not supported on Cisco 7600 series routers that are configured with a Supervisor Engine 2.

The IPv4, IPv6, and MPLS exception state displays FALSE when the protocol is not under the exception or displays TRUE when the protocol is under the exception.

Examples

This example shows how to display FIB TCAM exception status for IPv4, IPv6, and MPLS protocols:

Router# show erm statistics

#IPv4 excep notified     = 0

#IPv6 excep notified     = 0

#MPLS excep notified     = 0

#IPv4 reloads done       = 0

#IPv6 reloads done       = 0

#MPLS reloads done       = 0

Current IPv4 excep state = FALSE

Current IPv6 excep state = FALSE

Current MPLS excep state = FALSE

#Timer expired           = 0

#of erm msgs             = 1

Table 117 describes the significant fields shown in the display.

Table 117 show erm statistics Field Descriptions 

Field	Description
... excep notified	The number of exceptions for each protocol.
... reloads done	The number of reloads for each protocol.
...Current protocol exception state	The current exception status of each protocol.
#of erm msgs	The number of ERM messages sent.

Related Commands

Command	Description
mls erm priority	Assigns the priorities to define an order in which protocols attempt to recover from the exception status.

show fm ipv6 traffic-filter

To display the IPv6 information, use the show fm ipv6 traffic-filter command in privileged EXEC mode.

show fm ipv6 traffic-filter {all | interface type number}

Syntax Description

all	Displays IPv6 traffic filter information for all interfaces.
interface type	Displays IPv6 traffic filter information for the specified interface; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, atm, ge-wan and vlan.
number	Module and port number; see the "Usage Guidelines" section for valid values.

Command Modes

Privileged EXEC

Command History

Release	Modification
12.2(14)SX	This command was introduced on the Supervisor Engine 720.
12.2(17d)SXB	Support for this command on the Supervisor Engine 2 was extended to Release 12.2(17d)SXB.
12.2(33)SRA	This command was integrated into Cisco IOS Release 12.2(33)SRA.

Usage Guidelines

The pos, atm, and ge-wan keywords are supported on Cisco 7600 series routers that are configured with a Supervisor Engine 2.

The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48.

Examples

This example shows how to display the IPv6 information for a specific interface:

Router# show fm ipv6 traffic-filter interface vlan 50 

----------------------------------------------------------------------------- 

FM_FEATURE_IPV6_ACG_INGRESS Name:testipv6 i/f: Vlan50 

============================================================================= 

DPort - Destination Port SPort - Source Port Pro - Protocol 

X - XTAG TOS - TOS Value Res - VMR Result 

RFM - R-Recirc. Flag MRTNP - M-Multicast Flag R - Reflexive flag 

- F-Fragment flag - T-Tcp Control N - Non-cachable 

- M-More Fragments - P-Mask Priority(H-High, L-Low) 

Adj. - Adj. Index T - M(Mask)/V(Value) FM - Flow Mask 

NULL - Null FM SAO - Source Only FM DAO - Dest. Only FM 

SADA - Sour.& Dest. Only VSADA - Vlan SADA Only FF - Full Flow 

VFF - Vlan Full Flow F-VFF - Either FF or VFF A-VSD - Atleast VSADA 

A-FF - Atleast FF A-VFF - Atleast VFF A-SON - Atleast SAO 

A-DON - Atleast DAO A-SD - Atleast SADA SHORT - Shortest 

A-SFF - Any short than FF A-EFF - Any except FF A-EVFF- Any except VFF 

A-LVFF- Any less than VFF ERR - Flowmask Error 

+----+-+----------------------------------------+----------------------------------------+
---+---+-+-----+----+------+

|Indx|T| Dest IPv6 Addr | Source IPv6 

Addr |Pro|RFM|X|MRTNP|Adj.| FM | 

+----+-+----------------------------------------+----------------------------------------+
---+---+-+-----+----+------+

1 V 0:200E:: 

200D::1 0 -F- - ----L ---- Shorte 

M 0:FFFF:FFFF:FFFF:FFFF:: 

FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF 0 1 

TM_SOFT_BRIDGE_RESULT

2 V 0:200E:: 

200D::1 17 --- - ----L ---- Shorte 

M 0:FFFF:FFFF:FFFF:FFFF:: 

FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF 255 0 

TM_PERMIT_RESULT

3 V 200E:: 

200D::1 0 -F- - ----L ---- Shorte 

M FFFF:FFFF:FFFF:FFFF:: 

FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF 0 1 

TM_SOFT_BRIDGE_RESULT

4 V 200E:: 

200D::1 17 --- - ----L ---- Shorte 

M FFFF:FFFF:FFFF:FFFF:: 

FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF 255 0 

TM_PERMIT_RESULT

5 V 

:: :: 0 -F- - ----L ---- Shorte 

M 

:: :: 0 1 

TM_SOFT_BRIDGE_RESULT

6 V 

:: :: 0 -F- - ----L ---- Shorte 

M 

:: :: 0 1 

TM_SOFT_BRIDGE_RESULT

7 V 

:: :: 58 --- - ----L ---- Shorte 

M 

:: :: 255 0 

TM_PERMIT_RESULT

8 V 

:: :: 58 --- - ----L ---- Shorte 

M 

:: :: 255 0 

TM_PERMIT_RESULT

9 V 

:: :: 58 --- - ----L ---- Shorte 

M 

:: :: 255 0 

TM_PERMIT_RESULT

10 V 

:: :: 58 --- - ----L ---- Shorte 

M 

:: :: 255 0 

TM_PERMIT_RESULT

11 V 

:: :: 58 --- - ----L ---- Shorte 

M 

:: :: 255 0 

TM_PERMIT_RESULT

12 V 

:: :: 58 --- - ----L ---- Shorte 

M 

:: :: 255 0 

TM_PERMIT_RESULT

13 V 

:: :: 58 --- - ----L ---- Shorte 

M 

:: :: 255 0 

TM_PERMIT_RESULT

14 V 

:: :: 58 --- - ----L ---- Shorte 

M 

:: :: 255 0 

TM_PERMIT_RESULT

15 V 

:: :: 0 --- - ----L ---- Shorte 

M 

:: :: 0 0 

TM_L3_DENY_RESULT

Router#

This example shows how to display the IPv6 information for all interfaces:

Router# show fm ipv6 traffic-filter all 

----------------------------------------------------------------------------- 

FM_FEATURE_IPV6_ACG_INGRESS Name:testipv6 i/f: Vlan50 

============================================================================= 

DPort - Destination Port SPort - Source Port Pro - Protocol 

X - XTAG TOS - TOS Value Res - VMR Result 

RFM - R-Recirc. Flag MRTNP - M-Multicast Flag R - Reflexive flag 

- F-Fragment flag - T-Tcp Control N - Non-cachable 

- M-More Fragments - P-Mask Priority(H-High, L-Low) 

Adj. - Adj. Index T - M(Mask)/V(Value) FM - Flow Mask 

NULL - Null FM SAO - Source Only FM DAO - Dest. Only FM 

SADA - Sour.& Dest. Only VSADA - Vlan SADA Only FF - Full Flow 

VFF - Vlan Full Flow F-VFF - Either FF or VFF A-VSD - Atleast VSADA 

A-FF - Atleast FF A-VFF - Atleast VFF A-SON - Atleast SAO 

A-DON - Atleast DAO A-SD - Atleast SADA SHORT - Shortest 

A-SFF - Any short than FF A-EFF - Any except FF A-EVFF- Any except VFF 

A-LVFF- Any less than VFF ERR - Flowmask Error 

+----+-+----------------------------------------+----------------------------------------+
---+---+-+-----+----+------+

|Indx|T| Dest IPv6 Addr | Source IPv6 

Addr |Pro|RFM|X|MRTNP|Adj.| FM | 

+----+-+----------------------------------------+----------------------------------------+
---+---+-+-----+----+------+

1 V 0:200E:: 

200D::1 0 -F- - ----L ---- Shorte 

M 0:FFFF:FFFF:FFFF:FFFF:: 

FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF 0 1 

TM_SOFT_BRIDGE_RESULT

2 V 0:200E:: 

200D::1 17 --- - ----L ---- Shorte 

M 0:FFFF:FFFF:FFFF:FFFF:: 

FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF 255 0 

TM_PERMIT_RESULT

3 V 200E:: 

200D::1 0 -F- - ----L ---- Shorte 

M FFFF:FFFF:FFFF:FFFF:: 

FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF 0 1 

TM_SOFT_BRIDGE_RESULT

4 V 200E:: 

200D::1 17 --- - ----L ---- Shorte 

M FFFF:FFFF:FFFF:FFFF:: 

FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF 255 0 

TM_PERMIT_RESULT

5 V 

:: :: 0 -F- - ----L ---- Shorte 

M 

:: :: 0 1 

TM_SOFT_BRIDGE_RESULT

6 V 

:: :: 0 -F- - ----L ---- Shorte 

M 

:: :: 0 1 

TM_SOFT_BRIDGE_RESULT

7 V 

:: :: 58 --- - ----L ---- Shorte 

M 

:: :: 255 0 

TM_PERMIT_RESULT

8 V 

:: :: 58 --- - ----L ---- Shorte 

M 

:: :: 255 0 

TM_PERMIT_RESULT

9 V 

:: :: 58 --- - ----L ---- Shorte 

M 

:: :: 255 0 

TM_PERMIT_RESULT

10 V 

:: :: 58 --- - ----L ---- Shorte 

M 

:: :: 255 0 

13 V 

:: :: 58 --- - ----L ---- Shorte 

M 

:: :: 255 0 

.

. Output is truncated

.

Interface(s) using this IPv6 Ingress Traffic Filter: 

Vl50,

show frame-relay lmi

To display statistics about the Local Management Interface (LMI), use the show frame-relay lmi command in user EXEC or privileged EXEC mode.

show frame-relay lmi [type number]

Syntax Description

type	(Optional) Interface type; it must be serial.
number	(Optional) Interface number.

Command Modes

User EXEC
Privileged EXEC

Command History

Release	Modification
10.0	This command was introduced.
12.2(33)SRA	This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX	This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
12.0(33)S	Support for IPv6 was added. This command was implemented on the Cisco 12000 series routers.

Usage Guidelines

Enter the command without arguments to obtain statistics about all Frame Relay interfaces.

Examples

The following is sample output from the show frame-relay lmi command when the interface is a data terminal equipment (DTE) device:

Router# show frame-relay lmi

LMI Statistics for interface Serial1 (Frame Relay DTE) LMI TYPE = ANSI

  Invalid Unnumbered info 0             Invalid Prot Disc 0

  Invalid dummy Call Ref 0              Invalid Msg Type 0

  Invalid Status Message 0              Invalid Lock Shift 0

  Invalid Information ID 0              Invalid Report IE Len 0

  Invalid Report Request 0              Invalid Keep IE Len 0

  Num Status Enq. Sent 9                Num Status msgs Rcvd 0

  Num Update Status Rcvd 0              Num Status Timeouts 9 

The following is sample output from the show frame-relay lmi command when the interface is a Network-to-Network Interface (NNI):

Router# show frame-relay lmi

LMI Statistics for interface Serial3 (Frame Relay NNI) LMI TYPE = CISCO

  Invalid Unnumbered info 0             Invalid Prot Disc 0

  Invalid dummy Call Ref 0              Invalid Msg Type 0

  Invalid Status Message 0              Invalid Lock Shift 0

  Invalid Information ID 0              Invalid Report IE Len 0

  Invalid Report Request 0              Invalid Keep IE Len 0

  Num Status Enq. Rcvd 11               Num Status msgs Sent 11

  Num Update Status Rcvd 0              Num St Enq. Timeouts 0

  Num Status Enq. Sent 10               Num Status msgs Rcvd 10

  Num Update Status Sent 0              Num Status Timeouts 0

Table 118 describes significant fields shown in the output.

Table 118 show frame-relay lmi Field Descriptions

Field	Description
LMI Statistics	Signalling or LMI specification: CISCO, ANSI, or ITU-T.
Invalid Unnumbered info	Number of received LMI messages with invalid unnumbered information field.
Invalid Prot Disc	Number of received LMI messages with invalid protocol discriminator.
Invalid dummy Call Ref	Number of received LMI messages with invalid dummy call references.
Invalid Msg Type	Number of received LMI messages with invalid message type.
Invalid Status Message	Number of received LMI messages with invalid status message.
Invalid Lock Shift	Number of received LMI messages with invalid lock shift type.
Invalid Information ID	Number of received LMI messages with invalid information identifier.
Invalid Report IE Len	Number of received LMI messages with invalid Report IE Length.
Invalid Report Request	Number of received LMI messages with invalid Report Request.
Invalid Keep IE Len	Number of received LMI messages with invalid Keep IE Length.
Num Status Enq. Sent	Number of LMI status inquiry messages sent.
Num Status Msgs Rcvd	Number of LMI status messages received.
Num Update Status Rcvd	Number of LMI asynchronous update status messages received.
Num Status Timeouts	Number of times the status message was not received within the keepalive time value.
Num Status Enq. Rcvd	Number of LMI status enquiry messages received.
Num Status Msgs Sent	Number of LMI status messages sent.
Num Status Enq. Timeouts	Number of times the status enquiry message was not received within the T392 DCE timer value.
Num Update Status Sent	Number of LMI asynchronous update status messages sent.

show frame-relay map

To display current Frame Relay map entries and information about connections, use the show frame-relay map command in privileged EXEC mode.

show frame-relay map [interface type number] [dlci]

Syntax Description

interface type number	(Optional) Specifies an interface for which mapping information will be displayed. A space is optional between the interface type and number.
dlci	(Optional) Specifies a data-link connection identifier (DLCI) for which mapping information will be displayed. Range: 16 to 1022.

Command Default

Static and dynamic Frame Relay map entries and information about connections for all DLCIs on all interfaces are displayed.

Command Modes

Privileged EXEC

Command History

Release	Modification
10.0	This command was introduced.
12.2(2)T	The display output for this command was modified to include the IPv6 address mappings of remote nodes to Frame Relay permanent virtual circuits (PVCs).
12.0(21)ST	This command was integrated into Cisco IOS Release 12.0(21)ST.
12.0(22)S	This command was integrated into Cisco IOS Release 12.0(22)S.
12.2(14)S	This command was integrated into Cisco IOS Release 12.2(14)S.
12.2(13)T	The display output for this command was modified to include information about Frame Relay PVC bundle maps.
12.2(28)SB	This command was integrated into Cisco IOS Release 12.2(28)SB, the interface keyword was added, and the dlci argument was added.
12.2(33)SRA	This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.4(9)T	The interface keyword was added, and the dlci argument was added.
12.2SX	This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Cisco IOS XE Release 2.1	This command was introduced on Cisco ASR 1000 Series Routers.
12.0(33)S	This command was implemented on the Cisco 12000 series routers.

Examples

This section contains the following examples:

•Display All Maps or Maps for Specific DLCIs on Specific Interfaces or Subinterfaces: Example

•Display Maps for PVC Bundles: Example

•Display Maps for IPv6 Addresses: Example

Display All Maps or Maps for Specific DLCIs on Specific Interfaces or Subinterfaces: Example

The sample output in these examples uses the following configuration:

interface POS2/0

 no ip address

 encapsulation frame-relay

 frame-relay map ip 10.1.1.1 20 tcp header-compression

 frame-relay map ip 10.1.2.1 21 tcp header-compression

 frame-relay map ip 10.1.3.1 22 tcp header-compression

 frame-relay map bridge 23

 frame-relay interface-dlci 25

 frame-relay interface-dlci 26

 bridge-group 1

interface POS2/0.1 point-to-point

 frame-relay interface-dlci 24 protocol ip 10.1.4.1

interface Serial3/0

 no ip address

 encapsulation frame-relay

 serial restart-delay 0

 frame-relay map ip 172.16.3.1 20

 frame-relay map ip 172.16.4.1 21 tcp header-compression active

 frame-relay map ip 172.16.1.1 100

 frame-relay map ip 172.16.2.1 101

interface Serial3/0.1 multipoint

 frame-relay map ip 192.168.11.11 24

 frame-relay map ip 192.168.11.22 105

The following example shows how to display all maps:

Router# show frame-relay map

POS2/0 (up): ip 10.1.1.1 dlci 20(0x14,0x440), static,

              CISCO, status deleted

              TCP/IP Header Compression (enabled), connections: 256

POS2/0 (up): ip 10.1.2.1 dlci 21(0x15,0x450), static,

              CISCO, status deleted

              TCP/IP Header Compression (enabled), connections: 256

POS2/0 (up): ip 10.1.3.1 dlci 22(0x16,0x460), static,

              CISCO, status deleted

              TCP/IP Header Compression (enabled), connections: 256

POS2/0 (up): bridge dlci 23(0x17,0x470), static,

              CISCO, status deleted

POS2/0.1 (down): point-to-point dlci, dlci 24(0x18,0x480), broadcast

          status deleted

Serial3/0 (downup): ip 172.16.3.1 dlci 20(0x14,0x440), static,

              CISCO, status deleted

Serial3/0 (downup): ip 172.16.4.1 dlci 21(0x15,0x450), static,

              CISCO, status deleted

              TCP/IP Header Compression (enabled), connections: 256

Serial3/0.1 (downup): ip 192.168.11.11 dlci 24(0x18,0x480), static,

              CISCO, status deleted

Serial3/0 (downup): ip 172.16.1.1 dlci 100(0x64,0x1840), static,

              CISCO, status deleted

Serial3/0 (downup): ip 172.16.2.1 dlci 101(0x65,0x1850), static,, CISCO, 

              CISCO, status deleted

              ECRTP Header Compression (enabled, IETF), connections 16

              TCP/IP Header Compression (enabled, IETF), connections 16 

Serial3/0.1 (downup): ip 192.168.11.22 dlci 105(0x69,0x1890), static,

              CISCO, status deleted

Serial4/0/1:0.1 (up): point-to-point dlci, dlci 102(0x66,0x1860), broadcast, CISCO

          status defined, active,

              RTP Header Compression (enabled), connections: 256

The following example shows how to display maps for a specific DLCI:

Router# show frame-relay map 20

POS2/0 (up): ip 10.1.1.1 dlci 20(0x14,0x440), static,

              CISCO, status deleted

              TCP/IP Header Compression (enabled), connections: 256

Serial3/0 (down): ip 172.16.3.1 dlci 20(0x14,0x440), static,

              CISCO, status deleted

The following example shows how to display maps for a specific interface:

Router# show frame-relay map interface pos2/0

POS2/0 (up): ip 10.1.1.1 dlci 20(0x14,0x440), static,

              CISCO, status deleted

              TCP/IP Header Compression (enabled), connections: 256

POS2/0 (up): ip 10.1.2.1 dlci 21(0x15,0x450), static,

              CISCO, status deleted

              TCP/IP Header Compression (enabled), connections: 256

POS2/0 (up): ip 10.1.3.1 dlci 22(0x16,0x460), static,

              CISCO, status deleted

              TCP/IP Header Compression (enabled), connections: 256

POS2/0 (up): bridge dlci 23(0x17,0x470), static,

              CISCO, status deleted

POS2/0.1 (down): point-to-point dlci, dlci 24(0x18,0x480), broadcast

          status deleted

The following example shows how to display maps for a specific DLCI on a specific interface:

Router# show frame-relay map interface pos2/0 20

POS2/0 (up): ip 10.1.1.1 dlci 20(0x14,0x440), static,

              CISCO, status deleted

              TCP/IP Header Compression (enabled), connections: 256

The following example shows how to display maps for a specific subinterface:

Router# show frame-relay map interface pos2/0.1

POS2/0.1 (down): point-to-point dlci, dlci 24(0x18,0x480), broadcast

          status deleted

The following example shows how to display maps for a specific DLCI on a specific subinterface:

Router# show frame-relay map interface pos2/0.1 24

POS2/0.1 (down): point-to-point dlci, dlci 24(0x18,0x480), broadcast

          status deleted

Display Maps for PVC Bundles: Example

The sample output in this example uses the following router configuration:

hostname router1

!

interface Serial2/0

 ip address 10.0.0.2 255.255.255.0

 encapsulation frame-relay

 frame-relay vc-bundle vcb1

  pvc 100 vcb1-classA

   precedence 1-7

   class vcb1-classA

  pvc 109 vcb1-others

   precedence other

   class others

 frame-relay intf-type dce

!

map-class frame-relay vcb1-classA

 frame-relay cir 128000

!

map-class frame-relay others

 frame-relay cir 64000

hostname router2

!

interface Serial3/3

 ip address 10.0.0.1 255.255.255.0

 encapsulation frame-relay

 frame-relay vc-bundle vcb1

  pvc 100 vcb1-classA

   precedence 1-7

   class vcb1-classA

  pvc 109 vcb1-others

   precedence other

   class others

!

map-class frame-relay vcb1-classA

 frame-relay cir 128000

!

map-class frame-relay others

 frame-relay cir 64000

The following sample output displays mapping information for two PVC bundles. The PVC bundle MAIN-1-static is configured with a static map. The map for PVC bundle MAIN-2-dynamic is created dynamically using Inverse Address Resolution Protocol (ARP).

Router# show frame-relay map

Serial1/4 (up): ip 10.1.1.1 vc-bundle MAIN-1-static, static, 

          CISCO, status up

Serial1/4 (up): ip 10.1.1.2 vc-bundle MAIN-2-dynamic, dynamic, 

          broadcast, status up

Display Maps for IPv6 Addresses: Example

The sample output in this example uses the following router configuration:

hostname router1

!

interface Serial2/0

 no ip address

 encapsulation frame-relay

!

interface Serial2/0.1 point-to-point

 ipv6 address 1::1/64

 frame-relay interface-dlci 101   

!

interface Serial2/0.2 multipoint

 ipv6 address 2::1/64

 frame-relay map ipv6 2::2 201

 frame-relay interface-dlci 201   

! 

hostname router2

!

interface Serial3/3

 no ip address

 encapsulation frame-relay

 frame-relay intf-type dce

!

interface Serial3/3.1 point-to-point

 ipv6 address 1::2/64

 frame-relay interface-dlci 101   

!

interface Serial3/3.2 multipoint

 ipv6 address 2::2/64

 frame-relay map ipv6 3::1 201

 frame-relay interface-dlci 201

!

The following sample output from the show frame-relay map command shows that the link-local and global IPv6 addresses (FE80::E0:F727:E400:A and 2001:0DB8:2222:1044::32; FE80::60:3E47:AC8:8 and 2001:0DB8:2222:1044::32) of two remote nodes are explicitly mapped to DLCI 17 and DLCI 19, respectively. Both DLCI 17 and DLCI 19 are terminated on interface serial 3 of this node; therefore, interface serial 3 of this node is a point-to-multipoint interface.

Router# show frame-relay map

Serial3 (up): ipv6 FE80::E0:F727:E400:A dlci 17(0x11,0x410), static, 

              broadcast, CISCO, status defined, active 

Serial3 (up): ipv6 2001:0DB8:2222:1044::32 dlci 19(0x13,0x430), static, 

              CISCO, status defined, active 

Serial3 (up): ipv6 2001:0DB8:2222:1044::32 dlci 17(0x11,0x410), static, 

              CISCO, status defined, active 

Serial3 (up): ipv6 FE80::60:3E47:AC8:8 dlci 19(0x13,0x430), static, 

              broadcast, CISCO, status defined, active 

Table 119 describes the significant fields shown in the displays.

 

Table 119 show frame-relay map Field Descriptions  

Field	Description
POS2/0 (up)	Identifies a Frame Relay interface and its status (up or down).
ip 10.1.1.1	Destination IP address.
dlci 20(0x14,0x440)	DLCI that identifies the logical connection being used to reach this interface. This value is displayed in three ways: its decimal value (20), its hexadecimal value (0x14), and its value as it would appear on the wire (0x440).
vc-bundle	PVC bundle that serves as the logical connection being used to reach the interface.
static/dynamic	Indicates whether this is a static or dynamic entry.
broadcast	Indicates pseudobroadcasting.
CISCO	Indicates the encapsulation type for this map: either CISCO or IETF.
TCP/IP Header Compression (inherited), passive (inherited)	Indicates the header compression type (TCP/IP, Real-Time Transport Protocol (RTP), or Enhanced Compressed Real-Time Transport Protocol (ECRTP)) and whether the header compression characteristics were inherited from the interface or were explicitly configured for the IP map.
status defined, active	Indicates that the mapping between the destination address and the DLCI used to connect to the destination address is active.

Related Commands

Command	Description
show frame-relay pvc	Displays statistics about PVCs for Frame Relay interfaces.
show frame-relay vc-bundle	Displays attributes and other information about a Frame Relay PVC bundle.

show frame-relay multilink

To display configuration information and statistics about multilink Frame Relay bundles and bundle links, use the show frame-relay multilink command in privileged EXEC mode.

show frame-relay multilink [mfr number | serial number] [detailed]

Syntax Description

mfr number	(Optional) Specific bundle interface for which information will be displayed.
serial number	(Optional) Specific bundle link interface for which information will be displayed.
detailed	(Optional) Display replace information, including counters for the control messages sent to and from the peer device and the status of the bundle links.

Command Default

Information for all bundles and bundle links is displayed.

Command Modes

Privileged EXEC

Command History

Release	Modification
12.0(17)S	This command was introduced.
12.2(8)T	This command was integrated into Cisco IOS Release 12.2(8)T.
12.0(24)S	This command was implemented on VIP-enabled Cisco 7500 series routers.
12.2(14)S	This command was integrated into Cisco IOS Release 12.2(14)S.
12.3(4)T	This command was implemented on VIP-enabled Cisco 7500 series routers.
12.0(30)S	This command was updated to display Multilink Frame Relay variable bandwidth class status.
12.4(2)T	This command was updated to display Multilink Frame Relay variable bandwidth class status.
12.2(28)SB	This command was integrated into Cisco IOS Release 12.2(28)SB.
12.2(33)SRA	This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX	This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
12.0(33)S	Support for IPv6 was added. This command was implemented on the Cisco 12000 series routers.

Usage Guidelines

If you do not specify a bundle or bundle link, information for all bundles and bundle links is displayed.

Examples

All Bundles and Bundle Links: Example

The following example shows output for the show frame-relay multilink command (see Table 120 for descriptions of the fields). Because a specific bundle or bundle link is not specified, information for all bundles and bundle links is displayed:

Router# show frame-relay multilink 

Bundle:MFR0, State = up, class = A, fragmentation disabled

 BID = MFR0

 Bundle links :

 Serial2/1:3, HW state :up, Protocol state :Idle, LID :Serial2/1:3

 Serial2/1:2, HW state :up, Protocol state :Idle, LID :Serial2/1:2

 Serial2/1:1, HW state :up, Protocol state :Idle, LID :Serial2/1:1

The following example shows output for the show frame-relay multilink command when a Frame Relay bundle is configured as bandwidth class C (threshold) (see Table 120 for descriptions of the fields):

Router# show frame-relay multilink 

Bundle: MFR0, state down, class C (threshold 2), no fragmentation

 ID: Bundle-Dallas

 Serial5/1, state up/up, ID: BL-Dallas-1

 Serial5/3, state up/add-sent, ID: BL-Dallas-3

Bundle Link: Example

The following example shows output for the show frame-relay multilink command when it is issued with the serial number option (see Table 120 for descriptions of the fields). It displays information about the specified bundle link:

Router# show frame-relay multilink serial 3/2

 Bundle links :

 Serial3/2, HW state : down, Protocol state :Down_idle, LID :Serial3/2

 Bundle interface = MFR0,  BID = MFR0

Detailed Bundle Links: Examples

The following example shows output for the show frame-relay multilink command when it is issued with the serial number and detailed options (see Table 120 for descriptions of the fields). The example shows a bundle link in the "idle" state:

Router# show frame-relay multilink serial 3 detailed

 Bundle links:

  Serial3, HW state = up, link state = Idle, LID = Serial3

  Bundle interface = MFR0,  BID = MFR0

    Cause code = none, Ack timer = 4, Hello timer = 10,

    Max retry count = 2, Current count = 0,

    Peer LID = Serial5/3, RTT = 0 ms

    Statistics:

    Add_link sent = 0, Add_link rcv'd = 10,

    Add_link ack sent = 0, Add_link ack rcv'd = 0,

    Add_link rej sent = 10, Add_link rej rcv'd = 0,

    Remove_link sent = 0, Remove_link rcv'd = 0,

    Remove_link_ack sent = 0, Remove_link_ack rcv'd = 0,

    Hello sent = 0, Hello rcv'd = 0,

    Hello_ack sent = 0, Hello_ack rcv'd = 0,

    outgoing pak dropped = 0, incoming pak dropped = 0

The following example shows output for the show frame-relay multilink command when it is issued with the serial number and detailed options (see Table 120 for descriptions of the fields). The example shows a bundle link in the "up" state:

Router# show frame-relay multilink serial 3 detailed

 Bundle links:

  Serial3, HW state = up, link state = Up, LID = Serial3

  Bundle interface = MFR0,  BID = MFR0

    Cause code = none, Ack timer = 4, Hello timer = 10,

    Max retry count = 2, Current count = 0,

    Peer LID = Serial5/3, RTT = 4 ms

    Statistics:

    Add_link sent = 1, Add_link rcv'd = 20,

    Add_link ack sent = 1, Add_link ack rcv'd = 1,

    Add_link rej sent = 19, Add_link rej rcv'd = 0,

    Remove_link sent = 0, Remove_link rcv'd = 0,

    Remove_link_ack sent = 0, Remove_link_ack rcv'd = 0,

    Hello sent = 0, Hello rcv'd = 1,

    Hello_ack sent = 1, Hello_ack rcv'd = 0,

    outgoing pak dropped = 0, incoming pak dropped = 0

Table 120 describes significant fields shown in the displays.

Table 120 show frame-relay multilink Field Descriptions 

Field	Description
Bundle	Bundle interface.
State	Operational state of the bundle interface.
class	The bandwidth class criterion used to activate or deactivate a Frame Relay bundle. •Class A (single link)—The bundle activates when any bundle link is up and deactivates when all bundle links are down (default). •Class B (all links)—The bundle activates when all bundle links are up and deactivates when any bundle link is down. •Class C (threshold)—The bundle activates when the minimum configured number of bundle links is up (the threshold) and deactivates when the minimum number of configured bundle links fails to meet the threshold.
BID	Bundle identification.
Bundle links	Bundle links for which information will be displayed.
HW state	Operational state of the physical link.
Protocol state	Operational state of the bundle link line protocol.
link state	Operational state of the bundle link.
LID	Bundle link identification.
Bundle interface	Bundle interface with which the bundle link is associated.
Cause code	May be one of the following values: •ack timer expiry—Add link synchronization process is exhausted. •bundle link idle—Peer's bundle link is idle. This usually occurs when the peer's bundle interface is shut down. •inconsistent bundle—Peer already has this bundle associated with another bundle. •loopback detected—Local bundle link's physical line is looped back. •none—ADD_LINK and ADD_LINK_ACK messages were properly exchanged, and no cause code was recorded. •other—Indicates one of the following: a link identifier (LID) mismatch, an ID from the peer that is too long, or a failure to allocate ID memory. •unexpected Add_link—ADD_LINK message is received when the bundle link is already in the "up" state. This code might appear when the line protocol is being set up, but will disappear once the connection is stabilized.
Ack timer	Number of seconds for which the bundle link waits for a hello acknowledgment before resending a hello message or resending an ADD_LINK message used for initial synchronization.
Hello timer	Interval at which a bundle link sends out hello messages.
Max retry count	Maximum number of times that a bundle link will resend a hello message before receiving an acknowledgment or resending an ADD_LINK message.
Current count	Number of retries that have been attempted.
Peer LID	Bundle link identification name of the peer end of the link.
RTT	Round-trip time as measured by utilizing the Timestamp Information Element in the HELLO and HELLO_ACK messages.
Statistics	Displays statistics for each bundle link.
Add_link sent	Number of Add_link messages sent. Add_link messages notify the peer endpoint that the local endpoint is ready to process frames.
Add_link rcv'd	Number of Add_link messages received.
Add_link ack sent	Number of Add_link acknowledgments sent. Add_link acknowledgments notify the peer endpoint that an Add_link message was received.
Add_link ack rcv'd	Number of Add_link acknowledgments received.
Add_link rej sent	Number of Add_link_reject messages sent.
Add_link rej rcv'd	Number of Add_link_reject messages received.
Remove_link sent	Number of Remove_link messages sent. Remove_link messages notify the peer that on the local end, a bundle link is being removed from the bundle.
Remove_link rcv'd	Number of Remove_link messages received.
Remove_link_ack sent	Number of Remove_link acknowledgments sent. Remove_link acknowledgments notify the peer that a Remove_link message has been received.
Remove_link_ack rcv'd	Number of Remove_link acknowledgments received.
Hello sent	Number of hello messages sent. Hello messages notify the peer endpoint that the local endpoint remains in the "up" state.
Hello rcv'd	Number of hello messages received.
Hello_ack sent	Number of hello acknowledgments sent. Hello acknowledgments notify the peer that hello messages have been received.
Hello_ack rcv'd	Number of hello acknowledgments received.
outgoing pak dropped	Number of outgoing packets dropped.
incoming pak dropped	Number of incoming packets dropped.

Related Commands

Command	Description
debug frame-relay multilink	Displays debug messages for multilink Frame Relay bundles and bundle links.

show frame-relay pvc

To display statistics about Frame Relay permanent virtual circuits (PVCs), use the show frame-relay pvc command in privileged EXEC mode.

show frame-relay pvc [[interface interface] [dlci] [64-bit] | summary [all]]

Syntax Description

interface	(Optional) Specific interface for which PVC information will be displayed.
interface	(Optional) Interface number containing the data-link connection identifiers (DLCIs) for which you wish to display PVC information.
dlci	(Optional) A specific DLCI number used on the interface. Statistics for the specified PVC are displayed when a DLCI is also specified.
64-bit	(Optional) Displays 64-bit counter statistics.
summary	(Optional) Displays a summary of all PVCs on the system.
all	(Optional) Displays a summary of all PVCs on each interface.

Command Modes

Privileged EXEC

Command History

Release	Modification
10.0	This command was introduced.
12.0(1)T	This command was modified to display statistics about virtual access interfaces used for PPP connections over Frame Relay.
12.0(3)XG	This command was modified to include the fragmentation type and size associated with a particular PVC when fragmentation is enabled on the PVC.
12.0(4)T	This command was modified to include the fragmentation type and size associated with a particular PVC when fragmentation is enabled on the PVC.
12.0(5)T	This command was modified to include information on the special voice queue that is created using the queue keyword of the frame-relay voice bandwidth command.
12.1(2)T	This command was modified to display the following information: •Details about the policy map attached to a specific PVC. •The priority configured for PVCs within Frame Relay PVC interface priority queueing. •Details about Frame Relay traffic shaping and policing on switched PVCs.
12.0(12)S	This command was modified to display reasons for packet drops and complete status information for switched NNI PVCs.
12.1(5)T	This command was modified to display the following information: •The number of packets in the post-hardware-compression queue. •The reasons for packet drops and complete status information for switched network-to-network PVCs.
12.0(17)S	This command was modified to display the number of outgoing packets dropped and the number of outgoing bytes dropped because of QoS policy.
12.2 T	This command was modified to show that when payload compression is configured for a PVC, the throughput rate reported by the PVC is equal to the rate reported by the interface.
12.2(4)T	The 64-bit keyword was added.
12.2(11)T	This command was modified to display the number of outgoing packets dropped and the number of outgoing bytes dropped because of QoS policy.
12.2(13)T	This command was modified to support display of Frame Relay PVC bundle information.
12.2(15)T	This command was modified to support display of Frame Relay voice-adaptive fragmentation information.
12.2(27)SBC	This command was integrated into Cisco IOS Release 12.2(27)SBC, and the summary and all keywords were added.
12.2(28)SB	This command was integrated into Cisco IOS Release 12.2(28)SB, and support was added for hierarchical queueing framework (HQF).
12.4(9)T	The summary and all keywords were added, and support was added for hierarchical queueing framework (HQF).
12.2(33)SRA	This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX	This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
12.0(33)S	Support for IPv6 was added. This command was implemented on the Cisco 12000 series routers.

Usage Guidelines

Use this command to monitor the PPP link control protocol (LCP) state as being open with an up state or closed with a down state.

When "vofr" or "vofr cisco" has been configured on the PVC, and a voice bandwidth has been allocated to the class associated with this PVC, configured voice bandwidth and used voice bandwidth are also displayed.

Statistics Reporting

To obtain statistics about PVCs on all Frame Relay interfaces, use this command with no arguments.

To obtain statistics about a PVC that include policy-map configuration or the priority configured for that PVC, use this command with the dlci argument.

To display a summary of all PVCs on the system, use the show frame-relay pvc command with the summary keyword. To display a summary of all PVCs per interface, use the summary all keywords.

Per-VC counters are not incremented at all when either autonomous or silicon switching engine (SSE) switching is configured; therefore, PVC values will be inaccurate if either switching method is used.

You can change the period of time over which a set of data is used for computing load statistics. If you decrease the load interval, the average statistics are computed over a shorter period of time and are more responsive to bursts of traffic. To change the length of time for which a set of data is used to compute load statistics for a PVC, use the load-interval command in Frame-Relay DLCI configuration mode.

Traffic Shaping

Congestion control mechanisms are currently not supported on terminated PVCs nor on PVCs over ISDN. Where congestion control mechanisms are supported, the switch passes forward explicit congestion notification (FECN) bits, backward explicit congestion notification (BECN) bits, and discard eligible (DE) bits unchanged from entry points to exit points in the network.

Examples

The various displays in this section show sample output for a variety of PVCs. Some of the PVCs carry data only; some carry a combination of voice and data. This section contains the following examples:

•Summary of Frame Relay PVCs: Example

•Frame Relay Generic Configuration: Example

•Frame Relay Voice-Adaptive Fragmentation: Example

•Frame Relay PVC Bundle: Example

•Frame Relay 64-Bit Counter: Example

•Frame Relay Fragmentation and Hardware Compression: Example

•Switched PVC: Example

•Frame Relay Congestion Management on a Switched PVC: Example

•Frame Relay Policing on a Switched PVC: Example

•Frame Relay PVC Priority Queueing: Example

•Low Latency Queueing for Frame Relay: Example

•PPP over Frame Relay: Example

•Voice over Frame Relay: Example

•FRF.12 Fragmentation: Example

•Multipoint Subinterfaces Transporting Data: Example

•PVC Shaping When HQF is Enabled: Example

•PVC Transporting Voice and Data: Example

Summary of Frame Relay PVCs: Example

The following example shows sample output of the show frame-relay pvc command with the summary keyword. The summary keyword displays all PVCs on the system.

Router# show frame-relay pvc summary          

Frame-Relay VC Summary

              Active     Inactive      Deleted       Static

  Local          0           12            0            0

  Switched       0            0            0            0

  Unused         0            0            0            0

The following example shows sample output for the show frame-relay pvc command with the summary and all keywords. The summary and all keywords display all PVCs per interface.

Router# show frame-relay pvc summary all

VC Summary for interface Serial3/0 (Frame Relay DTE)

              Active     Inactive      Deleted       Static

  Local          0            7            0            0

  Switched       0            0            0            0

  Unused         0            0            0            0

VC Summary for interface Serial3/1 (Frame Relay DTE)

              Active     Inactive      Deleted       Static

  Local          0            5            0            0

  Switched       0            0            0            0

  Unused         0            0            0            0

Frame Relay Generic Configuration: Example

The following sample output shows a generic Frame Relay configuration on DLCI 100:

Router# show frame-relay pvc 100

PVC Statistics for interface Serial4/0/1:0 (Frame Relay DTE)

DLCI = 100, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE (EEK UP), INTERFACE = Serial4/0/1:0.1

  input pkts 4360          output pkts 4361         in bytes 146364    

  out bytes 130252         dropped pkts 3735        in pkts dropped 0         

  out pkts dropped 3735             out bytes dropped 1919790

  late-dropped out pkts 3735        late-dropped out bytes 1919790

  in FECN pkts 0           in BECN pkts 0           out FECN pkts 0         

  out BECN pkts 0          in DE pkts 0             out DE pkts 0         

  out bcast pkts 337       out bcast bytes 102084    

  5 minute input rate 0 bits/sec, 0 packets/sec

  5 minute output rate 0 bits/sec, 0 packets/sec

  pvc create time 05:34:06, last time pvc status changed 05:33:38

Frame Relay Voice-Adaptive Fragmentation: Example

The following sample output indicates that Frame Relay voice-adaptive fragmentation is active on DLCI 202 and there are 29 seconds left on the deactivation timer. If no voice packets are detected in the next 29 seconds, Frame Relay voice-adaptive fragmentation will become inactive.

Router# show frame-relay pvc 202

PVC Statistics for interface Serial3/1 (Frame Relay DTE)

DLCI = 202, DLCI USAGE = LOCAL, PVC STATUS = STATIC, INTERFACE = Serial3/1.2

  input pkts 0             output pkts 479          in bytes 0

  out bytes 51226          dropped pkts 0           in pkts dropped 0

  out pkts dropped 0                out bytes dropped 0

  in FECN pkts 0           in BECN pkts 0           out FECN pkts 0

  out BECN pkts 0          in DE pkts 0             out DE pkts 0

  out bcast pkts 0         out bcast bytes 0

  5 minute input rate 0 bits/sec, 0 packets/sec 

  5 minute output rate 5000 bits/sec, 5 packets/sec

  pvc create time 00:23:36, last time pvc status changed 00:23:31     

  fragment type end-to-end fragment size 80 adaptive active, time left 29 secs

Frame Relay PVC Bundle: Example

The following sample output indicates that PVC 202 is a member of VC bundle MAIN-1-static:

Router# show frame-relay pvc 202

PVC Statistics for interface Serial1/4 (Frame Relay DTE)

DLCI = 202, DLCI USAGE = LOCAL, PVC STATUS = STATIC, INTERFACE = Serial1/4

  input pkts 0             output pkts 45           in bytes 0

  out bytes 45000          dropped pkts 0           in FECN pkts 0

  in BECN pkts 0           out FECN pkts 0          out BECN pkts 0

  in DE pkts 0             out DE pkts 0

  out bcast pkts 0         out bcast bytes 0

  5 minute input rate 0 bits/sec, 0 packets/sec

  5 minute output rate 2000 bits/sec, 2 packets/sec

  pvc create time 00:01:25, last time pvc status changed 00:01:11

  VC-Bundle MAIN-1-static 

Frame Relay 64-Bit Counter: Example

The following sample output displays the Frame Relay 64-bit counters:

Router# show frame-relay pvc 35 64-bit

DLCI = 35, INTERFACE = Serial0/0

  input pkts 0                       output pkts 0

  in bytes 0                         out bytes 0

Frame Relay Fragmentation and Hardware Compression: Example

The following is sample output for the show frame-relay pvc command for a PVC configured with Cisco-proprietary fragmentation and hardware compression:

Router# show frame-relay pvc 110

PVC Statistics for interface Serial0/0 (Frame Relay DTE)

DLCI = 110, DLCI USAGE = LOCAL, PVC STATUS = STATIC, INTERFACE = Serial0/0

  input pkts 409           output pkts 409          in bytes 3752      

  out bytes 4560           dropped pkts 1           in FECN pkts 0         

  in BECN pkts 0           out FECN pkts 0          out BECN pkts 0         

  in DE pkts 0             out DE pkts 0         

  out bcast pkts 0          out bcast bytes 0         

  pvc create time 3d00h, last time pvc status changed 2d22h

  Service type VoFR-cisco

   Voice Queueing Stats: 0/100/0 (size/max/dropped)

  Post h/w compression queue: 0

  Current fair queue configuration:

   Discard     Dynamic      Reserved

   threshold   queue count  queue count

   64          16           2    

  Output queue size 0/max total 600/drops 0

  configured voice bandwidth 16000, used voice bandwidth 0

  fragment type VoFR-cisco         fragment size 100

  cir 64000     bc   640       be 0         limit 80     interval 10  

  mincir 32000     byte increment 80    BECN response no 

  frags 428       bytes 4810      frags delayed 24        bytes delayed 770      

  shaping inactive    

  traffic shaping drops 0

  ip rtp priority parameters 16000 32000 20000

Switched PVC: Example

The following is sample output from the show frame-relay pvc command for a switched Frame Relay PVC. This output displays detailed information about Network-to-Network Interface (NNI) status and why packets were dropped from switched PVCs.

Router# show frame-relay pvc

 PVC Statistics for interface Serial2/2 (Frame Relay NNI) 

 DLCI = 16, DLCI USAGE = SWITCHED, PVC STATUS = INACTIVE, INTERFACE = Serial2/2 

 LOCAL PVC STATUS = INACTIVE, NNI PVC STATUS = INACTIVE

   input pkts 0             output pkts 0            in bytes 0 

   out bytes 0              dropped pkts 0           in FECN pkts 0 

   in BECN pkts 0           out FECN pkts 0          out BECN pkts 0 

   in DE pkts 0             out DE pkts 0 

   out bcast pkts 0         out bcast bytes 0 

   switched pkts0 

   Detailed packet drop counters: 

   no out intf 0            out intf down 0          no out PVC 0 

   in PVC down 0            out PVC down 0           pkt too big 0 

   shaping Q full 0         pkt above DE 0           policing drop 0 

   pvc create time 00:00:07, last time pvc status changed 00:00:07

Frame Relay Congestion Management on a Switched PVC: Example

The following is sample output from the show frame-relay pvc command that shows the statistics for a switched PVC on which Frame Relay congestion management is configured:

Router# show frame-relay pvc 200

PVC Statistics for interface Serial3/0 (Frame Relay DTE)

DLCI = 200, DLCI USAGE = SWITCHED, PVC STATUS = ACTIVE, INTERFACE = Serial3/0

  input pkts 341           output pkts 390          in bytes 341000

  out bytes 390000         dropped pkts 0           in FECN pkts 0

  in BECN pkts 0           out FECN pkts 0          out BECN pkts 0

  in DE pkts 0             out DE pkts 390

  out bcast pkts 0          out bcast bytes 0            Num Pkts Switched 341

  pvc create time 00:10:35, last time pvc status changed 00:10:06

  Congestion DE threshold 50 

  shaping active 

  cir 56000     bc 7000      be 0         byte limit 875    interval 125

  mincir 28000     byte increment 875   BECN response no

  pkts 346       bytes 346000    pkts delayed 339       bytes delayed 339000

  traffic shaping drops 0

  Queueing strategy:fifo

  Output queue 48/100, 0 drop, 339 dequeued 

Frame Relay Policing on a Switched PVC: Example

The following is sample output from the show frame-relay pvc command that shows the statistics for a switched PVC on which Frame Relay policing is configured:

Router# show frame-relay pvc 100

PVC Statistics for interface Serial1/0 (Frame Relay DCE)

DLCI = 100, DLCI USAGE = SWITCHED, PVC STATUS = ACTIVE, INTERFACE = Serial1/0  

  input pkts 1260          output pkts 0            in bytes 1260000

  out bytes 0              dropped pkts 0           in FECN pkts 0

  in BECN pkts 0           out FECN pkts 0          out BECN pkts 0

  in DE pkts 0             out DE pkts 0

  out bcast pkts 0          out bcast bytes 0            Num Pkts Switched 1260

  pvc create time 00:03:57, last time pvc status changed 00:03:19

  policing enabled, 180 pkts marked DE

  policing Bc  6000        policing Be  6000        policing Tc  125 (msec)

  in Bc pkts   1080        in Be pkts   180         in xs pkts   0

  in Bc bytes  1080000     in Be bytes  180000      in xs bytes  0

Frame Relay PVC Priority Queueing: Example

The following is sample output for a PVC that has been assigned high priority:

Router# show frame-relay pvc 100

PVC Statistics for interface Serial0 (Frame Relay DTE)

DLCI = 100, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0

  input pkts 0             output pkts 0            in bytes 0

  out bytes 0              dropped pkts 0           in FECN pkts 0

  in BECN pkts 0           out FECN pkts 0          out BECN pkts 0

  in DE pkts 0             out DE pkts 0

  out bcast pkts 0          out bcast bytes 0

  pvc create time 00:00:59, last time pvc status changed 00:00:33

  priority high 

Low Latency Queueing for Frame Relay: Example

The following is sample output from the show frame-relay pvc command for a PVC shaped to a 64000 bps committed information rate (CIR) with fragmentation. A policy map is attached to the PVC and is configured with a priority class for voice, two data classes for IP precedence traffic, and a default class for best-effort traffic. Weighted Random Early Detection (WRED) is used as the drop policy on one of the data classes.

Router# show frame-relay pvc 100

PVC Statistics for interface Serial1/0 (Frame Relay DTE)

DLCI = 100, DLCI USAGE = LOCAL, PVC STATUS = INACTIVE, INTERFACE = Serial1/0.1

  input pkts 0             output pkts 0            in bytes 0         

  out bytes 0              dropped pkts 0           in FECN pkts 0         

  in BECN pkts 0           out FECN pkts 0          out BECN pkts 0         

  in DE pkts 0             out DE pkts 0         

  out bcast pkts 0          out bcast bytes 0         

  pvc create time 00:00:42, last time pvc status changed 00:00:42

  service policy mypolicy

 Class voice

  Weighted Fair Queueing

      Strict Priority

      Output Queue: Conversation 72 

        Bandwidth 16 (kbps) Packets Matched 0

        (pkts discards/bytes discards) 0/0

 Class immediate-data

  Weighted Fair Queueing

      Output Queue: Conversation 73 

        Bandwidth 60 (%) Packets Matched 0

        (pkts discards/bytes discards/tail drops) 0/0/0

        mean queue depth: 0

        drops: class  random   tail     min-th   max-th   mark-prob 

               0      0        0        64       128      1/10

               1      0        0        71       128      1/10

               2      0        0        78       128      1/10

               3      0        0        85       128      1/10

               4      0        0        92       128      1/10

               5      0        0        99       128      1/10

               6      0        0        106      128      1/10

               7      0        0        113      128      1/10

               rsvp   0        0        120      128      1/10

 Class priority-data

  Weighted Fair Queueing

      Output Queue: Conversation 74 

        Bandwidth 40 (%) Packets Matched 0 Max Threshold 64 (packets)

        (pkts discards/bytes discards/tail drops) 0/0/0

 Class class-default

  Weighted Fair Queueing

      Flow Based Fair Queueing

      Maximum Number of Hashed Queues 64  Max Threshold 20 (packets)

  Output queue size 0/max total 600/drops 0

  fragment type end-to-end         fragment size 50

  cir 64000     bc   640       be 0         limit 80     interval 10  

  mincir 64000     byte increment 80    BECN response no 

  frags 0         bytes 0         frags delayed 0         bytes delayed 0        

  shaping inactive    

  traffic shaping drops 0

PPP over Frame Relay: Example

The following is sample output from the show frame-relay pvc command that shows the PVC statistics for serial interface 5 (slot 1 and DLCI 55 are up) during a PPP session over Frame Relay:

Router# show frame-relay pvc 55

PVC Statistics for interface Serial5/1 (Frame Relay DTE)

DLCI = 55, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial5/1.1

     input pkts 9             output pkts 16           in bytes 154

     out bytes 338            dropped pkts 6           in FECN pkts 0

     in BECN pkts 0           out FECN pkts 0          out BECN pkts 0

     in DE pkts 0             out DE pkts 0

     out bcast pkts 0         out bcast bytes 0

     pvc create time 00:35:11, last time pvc status changed 00:00:22

     Bound to Virtual-Access1 (up, cloned from Virtual-Template5)

Voice over Frame Relay: Example

The following is sample output from the show frame-relay pvc command for a PVC carrying Voice over Frame Relay (VoFR) traffic configured via the vofr cisco command. The frame-relay voice bandwidth command has been configured on the class associated with this PVC, as has fragmentation. The fragmentation type employed is proprietary to Cisco.

A sample configuration for this situation is shown first, followed by the output for the show frame-relay pvc command.

interface serial 0

 encapsulation frame-relay

 frame-relay traffic-shaping

 frame-relay interface-dlci 108

  vofr cisco

  class vofr-class

map-class frame-relay vofr-class

 frame-relay fragment 100

 frame-relay fair-queue

 frame-relay cir 64000

 frame-relay voice bandwidth 25000

Router# show frame-relay pvc 108

PVC Statistics for interface Serial0 (Frame Relay DTE)

DLCI = 108, DLCI USAGE = LOCAL, PVC STATUS = STATIC, INTERFACE = Serial0

  input pkts 1260          output pkts 1271         in bytes 95671     

  out bytes 98604          dropped pkts 0           in FECN pkts 0         

  in BECN pkts 0           out FECN pkts 0          out BECN pkts 0         

  in DE pkts 0             out DE pkts 0         

  out bcast pkts 1271       out bcast bytes 98604     

  pvc create time 09:43:17, last time pvc status changed 09:43:17

  Service type VoFR-cisco

  configured voice bandwidth 25000, used voice bandwidth 0

  voice reserved queues 24, 25

  fragment type VoFR-cisco         fragment size 100

  cir 64000     bc 64000     be 0         limit 1000   interval 125 

  mincir 32000     byte increment 1000  BECN response no 

  pkts 2592      bytes 205140    pkts delayed 1296      bytes delayed 102570   

  shaping inactive    

  shaping drops 0

  Current fair queue configuration:

   Discard     Dynamic      Reserved

   threshold   queue count  queue count

    64          16           2    

  Output queue size 0/max total 600/drops 0

FRF.12 Fragmentation: Example

The following is sample output from the show frame-relay pvc command for an application employing pure FRF.12 fragmentation. A sample configuration for this situation is shown first, followed by the output for the show frame-relay pvc command.

interface serial 0

 encapsulation frame-relay

 frame-relay traffic-shaping

 frame-relay interface-dlci 110

  class frag

map-class frame-relay frag

 frame-relay fragment 100

 frame-relay fair-queue

 frame-relay cir 64000

Router# show frame-relay pvc 110

PVC Statistics for interface Serial0 (Frame Relay DTE)

DLCI = 110, DLCI USAGE = LOCAL, PVC STATUS = STATIC, INTERFACE = Serial0

  input pkts 0             output pkts 243          in bytes 0         

  out bytes 7290           dropped pkts 0           in FECN pkts 0         

  in BECN pkts 0           out FECN pkts 0          out BECN pkts 0         

  in DE pkts 0             out DE pkts 0         

  out bcast pkts 243        out bcast bytes 7290      

  pvc create time 04:03:17, last time pvc status changed 04:03:18

  fragment type end-to-end         fragment size 100

  cir 64000     bc 64000     be 0         limit 1000   interval 125 

  mincir 32000     byte increment 1000  BECN response no 

  pkts 486       bytes 14580     pkts delayed 243       bytes delayed 7290     

  shaping inactive    

  shaping drops 0

  Current fair queue configuration:

   Discard     Dynamic      Reserved

   threshold   queue count  queue count

   64          16           2    

  Output queue size 0/max total 600/drops 0

Note that when voice is not configured, voice bandwidth output is not displayed.

Multipoint Subinterfaces Transporting Data: Example

The following is sample output from the show frame-relay pvc command for multipoint subinterfaces carrying data only. The output displays both the subinterface number and the DLCI. This display is the same whether the PVC is configured for static or dynamic addressing. Note that neither fragmentation nor voice is configured on this PVC.

Router# show frame-relay pvc

DLCI = 300, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0.103

input pkts 10  output pkts 7  in bytes 6222 

out bytes 6034  dropped pkts 0  in FECN pkts 0 

in BECN pkts 0  out FECN pkts 0  out BECN pkts 0 

in DE pkts 0  out DE pkts 0         

outbcast pkts 0  outbcast bytes 0

pvc create time 0:13:11  last time pvc status changed 0:11:46

DLCI = 400, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0.104

input pkts 20  output pkts 8  in bytes 5624 

out bytes 5222  dropped pkts 0  in FECN pkts 0 

in BECN pkts 0  out FECN pkts 0  out BECN pkts 0 

in DE pkts 0  out DE pkts 0         

outbcast pkts 0  outbcast bytes 0

pvc create time 0:03:57  last time pvc status changed 0:03:48

PVC Shaping When HQF is Enabled: Example

The following is sample output from the show frame-relay pvc command for a PVC when HQF is enabled:

Router# show frame-relay pvc 16

PVC Statistics for interface Serial4/1 (Frame Relay DTE)

DLCI = 16, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial4/1

  input pkts 1             output pkts 1            in bytes 34

  out bytes 34             dropped pkts 0           in pkts dropped 0

  out pkts dropped 0                out bytes dropped 0

  in FECN pkts 0           in BECN pkts 0           out FECN pkts 0

  out BECN pkts 0          in DE pkts 0             out DE pkts 0

  out bcast pkts 1         out bcast bytes 34

  pvc create time 00:09:07, last time pvc status changed 00:09:07

  shaping inactive

PVC Transporting Voice and Data: Example

The following is sample output from the show frame-relay pvc command for a PVC carrying voice and data traffic, with a special queue specifically for voice traffic created using the frame-relay voice bandwidth command queue keyword:

Router# show frame-relay pvc interface serial 1 45

 PVC Statistics for interface Serial1 (Frame Relay DTE)

 DLCI = 45, DLCI USAGE = LOCAL, PVC STATUS = STATIC, INTERFACE = Serial1

   input pkts 85            output pkts 289          in bytes 1730      

   out bytes 6580           dropped pkts 11          in FECN pkts 0         

   in BECN pkts 0           out FECN pkts 0          out BECN pkts 0         

   in DE pkts 0             out DE pkts 0         

   out bcast pkts 0          out bcast bytes 0         

   pvc create time 00:02:09, last time pvc status changed 00:02:09

   Service type VoFR

   configured voice bandwidth 25000, used voice bandwidth 22000

   fragment type VoFR         fragment size 100

   cir 20000     bc   1000      be 0         limit 125    interval 50  

   mincir 20000     byte increment 125   BECN response no 

   fragments 290       bytes 6613      fragments delayed 1         bytes delayed 33       

   shaping inactive    

   traffic shaping drops 0

    Voice Queueing Stats: 0/100/0 (size/max/dropped)

   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   Current fair queue configuration:

    Discard     Dynamic      Reserved

    threshold   queue count  queue count

    64          16           2    

   Output queue size 0/max total 600/drops 0

Table 121 describes the significant fields shown in the displays.

Table 121 show frame-relay pvc Field Descriptions 

Field	Description
DLCI	One of the DLCI numbers for the PVC.
DLCI USAGE	Lists SWITCHED when the router or access server is used as a switch, or LOCAL when the router or access server is used as a DTE device.
PVC STATUS	Status of the PVC: ACTIVE, INACTIVE, or DELETED.
INTERFACE	Specific subinterface associated with this DLCI.
LOCAL PVC STATUS1	Status of PVC configured locally on the NNI interface.
NNI PVC STATUS1	Status of PVC learned over the NNI link.
input pkts	Number of packets received on this PVC.
output pkts	Number of packets sent on this PVC.
in bytes	Number of bytes received on this PVC.
out bytes	Number of bytes sent on this PVC.
dropped pkts	Number of incoming and outgoing packets dropped by the router at the Frame Relay level.
in pkts dropped	Number of incoming packets dropped. Incoming packets may be dropped for a number of reasons, including the following: •Inactive PVC •Policing •Packets received above DE discard level •Dropped fragments •Memory allocation failures •Configuration problems
out pkts dropped	Number of outgoing packets dropped, including shaping drops and late drops.
out bytes dropped	Number of outgoing bytes dropped.
late-dropped out pkts	Number of outgoing packets dropped because of QoS policy (such as with VC queuing or Frame Relay traffic shaping). This field is not displayed when the value is zero.
late-dropped out bytes	Number of outgoing bytes dropped because of QoS policy (such with as VC queuing or Frame Relay traffic shaping). This field is not displayed when the value is zero.
in FECN pkts	Number of packets received with the FECN bit set.
in BECN pkts	Number of packets received with the BECN bit set.
out FECN pkts	Number of packets sent with the FECN bit set.
out BECN pkts	Number of packets sent with the BECN bit set.
in DE pkts	Number of DE packets received.
out DE pkts	Number of DE packets sent.
out bcast pkts	Number of output broadcast packets.
out bcast bytes	Number of output broadcast bytes.
switched pkts	Number of switched packets.
no out intf2	Number of packets dropped because there is no output interface.
out intf down2	Number of packets dropped because the output interface is down.
no out PVC2	Number of packets dropped because the outgoing PVC is not configured.
in PVC down2	Number of packets dropped because the incoming PVC is inactive.
out PVC down2	Number of packets dropped because the outgoing PVC is inactive.
pkt too big2	Number of packets dropped because the packet size is greater than media MTU3 .
shaping Q full2	Number of packets dropped because the Frame Relay traffic-shaping queue is full.
pkt above DE2	Number of packets dropped because they are above the DE level when Frame Relay congestion management is enabled.
policing drop2	Number of packets dropped because of Frame Relay traffic policing.
pvc create time	Time at which the PVC was created.
last time pvc status changed	Time at which the PVC changed status.
VC-Bundle	PVC bundle of which the PVC is a member.
priority	Priority assigned to the PVC.
pkts marked DE	Number of packets marked DE because they exceeded the Bc.
policing Bc	Committed burst size.
policing Be	Excess burst size.
policing Tc	Measurement interval for counting Bc and Be.
in Bc pkts	Number of packets received within the committed burst.
in Be pkts	Number of packets received within the excess burst.
in xs pkts	Number of packets dropped because they exceeded the combined burst.
in Bc bytes	Number of bytes received within the committed burst.
in Be bytes	Number of bytes received within the excess burst.
in xs bytes	Number of bytes dropped because they exceeded the combined burst.
Congestion DE threshold	PVC queue percentage at which packets with the DE bit are dropped.
Congestion ECN threshold	PVC queue percentage at which packets are set with the BECN and FECN bits.
Service type	Type of service performed by this PVC. Can be VoFR or VoFR-cisco.
Post h/w compression queue	Number of packets in the post-hardware-compression queue when hardware compression and Frame Relay fragmentation are configured.
configured voice bandwidth	Amount of bandwidth in bits per second (bps) reserved for voice traffic on this PVC.
used voice bandwidth	Amount of bandwidth in bps currently being used for voice traffic.
service policy	Name of the output service policy applied to the VC.
Class	Class of traffic being displayed. Output is displayed for each configured class in the policy.
Output Queue	The WFQ4 conversation to which this class of traffic is allocated.
Bandwidth	Bandwidth in kbps or percentage configured for this class.
Packets Matched	Number of packets that matched this class.
Max Threshold	Maximum queue size for this class when WRED is not used.
pkts discards	Number of packets discarded for this class.
bytes discards	Number of bytes discarded for this class.
tail drops	Number of packets discarded for this class because the queue was full.
mean queue depth	Average queue depth, based on the actual queue depth on the interface and the exponential weighting constant. It is a moving average. The minimum and maximum thresholds are compared against this value to determine drop decisions.
drops:	WRED parameters.
class	IP precedence value.
random	Number of packets randomly dropped when the mean queue depth is between the minimum threshold value and the maximum threshold value for the specified IP precedence value.
tail	Number of packets dropped when the mean queue depth is greater than the maximum threshold value for the specified IP precedence value.
min-th	Minimum WRED threshold in number of packets.
max-th	Maximum WRED threshold in number of packets.
mark-prob	Fraction of packets dropped when the average queue depth is at the maximum threshold.
Maximum Number of Hashed Queues	(Applies to class default only) Number of queues available for unclassified flows.
fragment type	Type of fragmentation configured for this PVC. Possible types are as follows: •end-to-end—Fragmented packets contain the standard FRF.12 header •VoFR—Fragmented packets contain the FRF.11 Annex C header •VoFR-cisco—Fragmented packets contain the Cisco proprietary header
fragment size	Size of the fragment payload in bytes.
adaptive active/inactive	Indicates whether Frame Relay voice-adaptive fragmentation is active or inactive.
time left	Number of seconds left on the Frame Relay voice-adaptive fragmentation deactivation timer. When this timer expires, Frame Relay fragmentation turns off.
cir	Current CIR in bps.
bc	Current committed burst (Bc) size, in bits.
be	Current excess burst (Be) size, in bits.
limit	Maximum number of bytes sent per internal interval (excess plus sustained).
interval	Interval being used internally (may be smaller than the interval derived from Bc/CIR; this happens when the router determines that traffic flow will be more stable with a smaller configured interval).
mincir	Minimum CIR for the PVC.
byte increment	Number of bytes that will be sustained per internal interval.
BECN response	Indication that Frame Relay has BECN adaptation configured.
pkts	Number of packets associated with this PVC that have gone through the traffic-shaping system.
frags	Total number of fragments (and unfragmented packets that are too small to be fragmented) shaped on this VC.
bytes	Number of bytes associated with this PVC that have gone through the traffic-shaping system.
pkts delayed	Number of packets associated with this PVC that have been delayed by the traffic-shaping system.
frags delayed	Number of fragments (and unfragmented packets that are too small to be fragmented) delayed in the shaping queue before being sent.
bytes delayed	Number of bytes associated with this PVC that have been delayed by the traffic-shaping system.
shaping	Indication that shaping will be active for all PVCs that are fragmenting data; otherwise, shaping will be active if the traffic being sent exceeds the CIR for this circuit.
shaping drops	Number of packets dropped by the traffic-shaping process.
Queueing strategy	Per-VC queueing strategy.
Output queue 48/100 0 drop 300 dequeued	State of the per-VC queue. •Number of packets enqueued/size of the queue •Number of packets dropped •Number of packets dequeued
Voice Queueing Stats	Statistics showing the size of packets, the maximum number of packets, and the number of packets dropped in the special voice queue created using the frame-relay voice bandwidth command queue keyword.
Discard threshold	Maximum number of packets that can be stored in each packet queue. Additional packets received after a queue is full will be discarded.
Dynamic queue count	Number of packet queues reserved for best-effort traffic.
Reserved queue count	Number of packet queues reserved for voice traffic.
Output queue size	Size in bytes of each output queue.
max total	Maximum number of packets of all types that can be queued in all queues.
drops	Number of frames dropped by all output queues.

1 The LOCAL PVC STATUS and NNI PVC STATUS fields are displayed only for PVCs configured on Frame Relay NNI interface types. These fields are not displayed if the PVC is configured on DCE or DTE interface types. 2 The detailed packet drop fields are displayed for switched Frame Relay PVCs only. These fields are not displayed for terminated PVCs. 3 MTU = maximum transmission unit. 4 WFQ = weighted fair queueing.

Related Commands

Command	Description
frame-relay accounting adjust	Enables byte count adjustment at the PVC level so that the number of bytes sent and received at the PVC corresponds to the actual number of bytes sent and received on the physical interface.
frame-relay interface-queue priority	Enables FR PIPQ on a Frame Relay interface and assigns priority to a PVC within a Frame Relay map class.
frame-relay pvc	Configures Frame Relay PVCs for FRF.8 Frame Relay-ATM Service Interworking.
service-policy	Attaches a policy map to an input interface or VC or an output interface or VC.
show dial-peer voice	Displays configuration information and call statistics for dial peers.
show frame-relay fragment	Displays Frame Relay fragmentation details.
show frame-relay map	Displays the current Frame Relay map entries and information about the connections
show frame-relay vc-bundle	Displays attributes and other information about a Frame Relay PVC bundle.

show glbp

To display Gateway Load Balancing Protocol (GLBP) information, use the show glbp command in privileged EXEC mode.

show glbp [interface-type interface-number] [group-number] [state] [brief]

Syntax Description

interface-type interface-number	(Optional) Interface type and number for which output is displayed.
group-number	(Optional) GLBP group number in the range from 0 to 1023.
state	(Optional) State of the GLBP router, one of the following: active, disabled, init, listen, speak, and standby.
brief	(Optional) Summarizes each virtual gateway or virtual forwarder with a single line of output.

Command Modes

Privileged EXEC (#)

Command History

Release	Modification
12.2(14)S	This command was introduced.
12.2(15)T	This command was integrated into Cisco IOS Release 12.2(15)T.
12.3(2)T	The output was enhanced to display information about Message Digest 5 (MD5) authentication.
12.3(7)T	The output was enhanced to display information about assigned redundancy names to specified groups.
12.2(33)SRA	This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2(31)SB2	This command was enhanced to display information about GLBP support of Stateful Switchover (SSO) mode.
12.2(33)SXH	This command was integrated into Cisco IOS Release 12.2(33)SXH.
Cisco IOS XE Release 2.1	This command was integrated into Cisco IOS XE Release 2.1.
12.4(24)T	This command was modified. The output was modified to hide configured passwords when MD5 key-string or text authentication is configured.
12.2(33)SXI1	This command was modified. The output was modified to hide configured passwords when MD5 key-string or text authentication is configured.
Cisco IOS XE Release 2.4	This command was modified. The output was modified to hide configured passwords when MD5 key-string or text authentication is configured.

Usage Guidelines

Use the show glbp command to display information about GLBP groups on a router. The brief keyword displays a single line of information about each virtual gateway or virtual forwarder.

Examples

The following is sample output from the show glbp command:

Router# show glbp

FastEthernet0/0 - Group 10

  State is Active

    2 state changes, last state change 23:50:33

  Virtual IP address is 10.21.8.10

  Hello time 5 sec, hold time 18 sec

    Next hello sent in 4.300 secs

  Redirect time 600 sec, forwarder time-out 7200 sec

  Authentication MD5, key-string

  Preemption enabled, min delay 60 sec

  Active is local

  Standby is unknown

  Priority 254 (configured)

  Weighting 105 (configured 110), thresholds: lower 95, upper 105

    Track object 2 state Down decrement 5

  Load balancing: host-dependent

  There is 1 forwarder (1 active)

  Forwarder 1

    State is Active

      1 state change, last state change 23:50:15

    MAC address is 0007.b400.0101 (default)

    Owner ID is 0005.0050.6c08

    Redirection enabled

    Preemption enabled, min delay 60 sec

    Active is local, weighting 105

The following is sample output from the show glbp command with the brief keyword specified:

Router# show glbp brief

Interface   Grp  Fwd Pri State    Address         Active router   Standby router

Fa0/0       10   -   254 Active   10.21.8.10       local           unknown       

Fa0/0       10   1   7   Active   0007.b400.0101   local           -

The following is sample output from the show glbp command that displays GLBP group 10:

Router# show glbp 10

FastEthernet0/0 - Group 10

  State is Active

    2 state changes, last state change 23:50:33

  Virtual IP address is 10.21.8.10

  Hello time 5 sec, hold time 18 sec

    Next hello sent in 4.300 secs

  Redirect time 600 sec, forwarder time-out 7200 sec

  Authentication MD5, key-string

  Preemption enabled, min delay 60 sec

  Active is local

  Standby is unknown

  Priority 254 (configured)

  Weighting 105 (configured 110), thresholds: lower 95, upper 105

    Track object 2 state Down decrement 5

  Load balancing: host-dependent

  There is 1 forwarder (1 active)

  Forwarder 1

    State is Active

      1 state change, last state change 23:50:15

    MAC address is 0007.b400.0101 (default)

    Owner ID is 0005.0050.6c08

    Redirection enabled

    Preemption enabled, min delay 60 sec

    Active is local, weighting 105

The following output shows that the redundancy name has been assigned to the "glbp1" group:

Router# show glbp ethernet0/1 1

Ethernet0/1 - Group 1

 State is Listen

   64 state changes, last state change 00:00:54

 Virtual IP address is 10.1.0.7

 Hello time 50 msec, hold time 200 msec

   Next hello sent in 0.030 secs

 Redirect time 600 sec, forwarder time-out 14400 sec

  Authentication text, string "authword"

 Preemption enabled, min delay 0 sec

 Active is 10.1.0.2, priority 105 (expires in 0.184 sec)

 Standby is 10.1.0.3, priority 100 (expires in 0.176 sec)

 Priority 96 (configured)

 Weighting 100 (configured 100), thresholds: lower 95, upper 100

   Track object 1 state Up decrement 10

 Load balancing: round-robin

 IP redundancy name is "glbp1"

  Group members:

   0004.4d83.4801 (10.0.0.0)

   0010.7b5a.fa41 (10.0.0.1)

   00d0.bbd3.bc21 (10.0.0.2) local

The following output shows GLBP support for SSO mode on an active RP:

Router# show glbp 

Ethernet0/0 - Group 1 

State is Standby 

1 state change, last state change 00:00:20 

Virtual IP address is 172.24.1.254 

Hello time 3 sec, hold time 10 sec 

Next hello sent in 0.232 secs 

Redirect time 600 sec, forwarder time-out 14400 sec 

Preemption disabled 

Active is 172.24.1.2, priority 100 (expires in 7.472 sec) 

Standby is local 

Priority 100 (default) 

Weighting 100 (default 100), thresholds: lower 1, upper 100 

Load balancing: round-robin 

Group members: 

aabb.cc00.0100 (172.24.1.1) local 

aabb.cc00.0200 (172.24.1.2) 

There are 2 forwarders (1 active) 

Forwarder 1 

State is Listen 

MAC address is 0007.b400.0101 (learnt) 

Owner ID is aabb.cc00.0200 

Time to live: 14397.472 sec (maximum 14400 sec) 

Preemption enabled, min delay 30 sec 

Active is 172.24.1.2 (primary),