SIP and SPA Commands

Table Of Contents

SIP, SSC, and SPA Commands

atm sonet report

atm sonet threshold

atm tx-latency

bert errors

bert pattern

bre-connect

bridge-domain

bridge-domain (subinterface)

card type (T1-E1)

card type (T3-E3)

class arp-peruser

class-map arp-peruser

clear crypto engine accelerator counter

crypto connect vlan

crypto engine gre supervisor

crypto engine gre vpnblade

crypto engine mode vrf

crypto engine slot

crypto engine subslot

crypto ipsec ipv4 deny-policy

debug crypto ace b2b

debug hw-module all upgrade

debug hw-module subslot commands

debug hw-module subslot errors

debug hw-module subslot events

debug hw-module subslot interrupts

debug hw-module subslot ipcshim

debug hw-module subslot oir

debug hw-module subslot periodic

framing (T1/E1 controller)

framing (T3 controller)

framing (T3-E3 interface)

hw-module slot subslot only

hw-module subslot reload

hw-module subslot shutdown

interface

linecard-group feature card

logging-events (T1-E1 controller)

loopback (T3-E3 interface)

match vlan inner

mdl

police

police (percent)

police (two rates)

policy-map copp-peruser

random-detect aggregate

random-detect dscp (aggregate)

random-detect precedence (aggregate)

redundancy

set cos-inner

show controllers pos

show controllers serial

show controllers T1-E1 errors

show crypto ace redundancy

show crypto eli

show crypto engine accelerator statistic

show crypto vlan

show diagbus

show hw-module all fpd

show hw-module slot align

show hw-module slot fpd

show hw-module slot logging

show hw-module slot proc cpu

show hw-module slot tech-support

show hw-module subslot fpd

show hw-module subslot oir

show hw-module subslot transceiver

show idprom

show interfaces

show monitor event-trace

show policy-map interface

show redundancy linecard-group

show sip-disk

show upgrade fpd file

show upgrade fpd package default

show upgrade fpd progress

show upgrade fpd table

subslot

t1 framing

transmit-priority

ttb

tx-limit

upgrade fpd auto

upgrade fpd path

upgrade hw-module slot

upgrade hw-module slot fpd file

upgrade hw-module subslot

upgrade hw-module subslot fpd file


SIP, SSC, and SPA Commands


This chapter documents new, modified, and replaced commands. All other commands used with this feature are documented in related Cisco 7600 Series Router Command Reference publications for your release, and the Cisco IOS Release 12.2 command reference and master index publications.

Commands in this document that have been replaced by new commands continue to perform their normal function in this release but are no longer documented. Support for these commands will cease in a future release.


Note Some of the commands in this chapter apply to multiple Cisco products and are supported on different platforms. The documentation for these commands describes differences in syntax and usage for certain platform or product variations. Therefore, when you see multiple forms of syntax, examples, or usage guidelines for a command in this guide, be sure to locate the heading within the command reference page that corresponds to the related SPA (or SIP) for your platform.


New Commands

atm tx-latency

bridge-domain (subinterface)

class arp-peruser

class-map arp-peruser

class arp-peruser

crypto engine gre supervisor

crypto engine gre vpnblade

crypto engine gre supervisor

crypto engine slot

crypto engine subslot

crypto ipsec ipv4 deny-policy

debug crypto ace b2b

debug hw-module subslot commands

debug hw-module subslot errors

debug hw-module subslot events

debug hw-module subslot interrupts

debug hw-module subslot ipcshim

debug hw-module subslot oir

debug hw-module subslot periodic

hw-module slot subslot only

linecard-group feature card

logging-events (T1-E1 controller)

policy-map copp-peruser

random-detect dscp (aggregate)

random-detect precedence (aggregate)

set cos-inner

show controllers T1-E1 errors

show crypto ace redundancy

show crypto eli

show hw-module all fpd

show hw-module slot align

show hw-module slot fpd

show hw-module slot logging

show hw-module slot proc cpu

show hw-module slot tech-support

show hw-module subslot oir

show hw-module subslot transceiver

show redundancy linecard-group

subslot

tx-limit

upgrade hw-module slot

upgrade hw-module slot fpd file

upgrade hw-module subslot

upgrade hw-module subslot fpd file

Modified Commands

atm sonet report

atm sonet threshold

bert errors

bert pattern

bre-connect

bridge-domain

card type (T1-E1)

card type (T3-E3)

class arp-peruser

framing (T1/E1 controller)

framing (T3 controller)

framing (T3-E3 interface)

hw-module subslot reload

hw-module subslot shutdown

interface

loopback (T3-E3 interface)

match vlan inner

mdl

police

police (percent)

police (two rates)

redundancy

show controllers pos

show controllers serial

show crypto ace redundancy

show crypto eli

show hw-module subslot fpd

show idprom

show interfaces

show policy-map interface

show upgrade fpd file

show upgrade fpd package default

show upgrade fpd progress

show upgrade fpd table

t1 framing

transmit-priority

ttb

upgrade fpd auto

upgrade fpd path

upgrade hw-module subslot, page 40-306

Replaced Commands

Command in Cisco IOS Release 12.2 SX
Replacement Command in Cisco IOS Release 12.2(18)SXE

bridge-vlan

bridge-domain (VC configuration)

show controller cwan

show hw-module slot


Command in Cisco IOS Release 12.2 SX
Replacement Command in Cisco IOS Release 12.2(33)SRA

bridge-domain (VC configuration)

bridge-domain

crypto engine subslot

crypto engine slot


atm sonet report

To enable the reporting of some or all ATM Synchronous Optical Network (SONET) alarms, use the atm sonet report command in interface or subinterface configuration mode. To disable the reporting of some or all ATM SONET alarms, use the no form of this command.

atm sonet report {all | b1-tca | b2-tca | b3-tca | lais | lrdi | none [ignore] | pais | plop | pplm | prdi | ptim | puneq | sd-ber | sf-ber | slof | slos}

no atm sonet report {all | b1-tca | b2-tca | b3-tca | lais | lrdi | none [ignore] | pais | plop | pplm | prdi | ptim | puneq | sd-ber | sf-ber | slof | slos}

Syntax Description

all

Enables the reporting of all ATM SONET alarms.

b1-tca

Enables the reporting of B1 threshold crossing alarms (B1-TCA).

b2-tca

Enables the reporting of B2 threshold crossing alarms (B2-TCA).

b3-tca

Enables the reporting of B3 threshold crossing alarms (B3-TCA).

lais

Enables the reporting of line alarm indication signal (LAIS) alarms.

lrdi

Enables the reporting of line remote defect indication (LRDI) alarms.

none [ignore]

Disables the reporting of all ATM SONET alarms. The optional ignore keyword supports only OSM and SPA ATM interfaces, and instructs the ATM interface to ignore any ATM SONET alarms and to remain up and continue operation. This option allows the ATM interface to be used in a "transmit-only" mode, without a receive fiber being connected, so as to support one-way applications, such as video-on-demand.

Note You must remove all IP (layer 3) configuration (such as the IP address) from the interface before you can use the none [ignore] option. Also, the none [ignore] option cannot be used with any of the other atm sonet report options.

pais

Enables the reporting of path alarm indication signal (PAIS) alarms.

plop

Enables the reporting of path loss of pointer (PLOP) alarms.

pplm

Enables the reporting of path payload mismatch (PPLM) alarms.

prdi

Enables the reporting of path remote defect indication (PRDI) alarms.

ptim

Enables the reporting of path trace identifier mismatch (PTIM) alarms.

puneq

Enables the reporting of path label equivalent to zero (path unequal, PUNEQ) alarms.

sd-ber

Enables the reporting of signal degrade bit error rate (SD-BER) alarms.

sf-ber

Enables the reporting of signal failure bit error rate (SF-BER) alarms.

slof

Enables the reporting of signal loss of frame (SLOF) alarms.

slos

Enables the reporting of signal loss of signal (SLOS) alarms.


Defaults

PLOP, SLOF, and SLOS alarms are enabled. All other alarms are not enabled.

Command Modes

Interface or subinterface configuration

Command History

Release
Modification

12.1(7)E

This command was introduced.

12.2(14)SX

This command was integrated into Cisco IOS Release 12.2(14)SX to support OSM ATM interfaces.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE to support ATM shared port adapters (SPAs) on the Cisco 7600 series routers and Catalyst 6500 series switches. The none [ignore] option was also added to support one-way applications.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The atm sonet report command enables one or more of the possible SONET alarms that can be generated by the ATM interface. By default, only the PLOP, SLOF, and SLOS alarms are enabled, but you can enable the other alarms or all alarms, as well. You can also disable one or all of the alarms using the no form of the command.

Examples

The following example shows how to enable the alarm for B1 threshold crossings:

Router# configure terminal

Router(config)# interface atm 3/1/1

Router(config-if)# atm sonet report b1-tca

Router(config-if)# end

Router#

The following example shows multiple SONET alarms being enabled for an ATM interface:

Router# configure terminal 
Router(config)# interface atm 5/0/1 
Router(config-if)# atm sonet report b1-tca 
Router(config-if)# atm sonet report b2-tca 
Router(config-if)# atm sonet report b3-tca 
Router(config-if)# atm sonet report plop 
Router(config-if)# atm sonet report sf-ber 
Router(config-if)# atm sonet report slof 
Router(config-if)# atm sonet report slos 
Router(config-if)# end 
Router# 

The following example shows an ATM interface being configured to ignore all ATM SONET alarms, so as to allow transmit-only operation. This example shows the error message that appears if you attempt to give this command when an IP address is configured on the interface. To resolve the problem, you must first remove the IP address and then repeat the command.

Router# configure terminal 
Router(config)# interface atm 3/1/1 
Router(config-if)# ip address 192.168.100.12 255.255.255.0 
Router(config-if)# atm sonet report none ignore 

%Configuration is not allowed: IP address is already configured on ATM3/1/1 

Router(config-if)# no ip address 192.168.100.12 255.255.255.0 
Router(config-if)# atm sonet report none ignore 
Router(config-if)# 

Note When an ATM interface is configured to ignore ATM SONET alarms, you cannot then configure any IP (Layer 3) parameters on the interface. If you attempt to do so, the CLI displays the following error message:
%Configuration is not allowed: <interface> is already configured to ignore alarms


Related Commands

Command
Description

set mpls experimental imposition

Configures a policy map class with the value of the Multiprotocol Label Switching (MPLS) experimental (EXP) field to be set on all imposed label entries.

set mpls experimental topmost

Configures a policy map class to set the topmost MPLS label on outgoing packets with one or more specified experimental values.

show class-map

Displays information about the configured traffic classes.

show policy-map

Displays information about the configured policy maps and the interfaces on which they are applied.


atm sonet threshold

To configure the bit error rate (BER) threshold values for an ATM interface, use the atm sonet threshold command in interface configuration mode. To reset a threshold value to its default value, use the no form of this command.

atm sonet threshold {b1-tca value | b2-tca value | b3-tca value | sd-ber value | sf-ber value}

no atm sonet threshold {b1-tca | b2-tca | b3-tca | sd-ber | sf-ber }

Syntax Description

b1-tca value

Sets the threshold for B1 threshold crossing (B1-TCA) alarms. The value specifies a negative exponent to the power of 10 (10 to the power of minus value) for the threshold value, with a default value of 6 (10e-6).

b2-tca value

Sets the threshold for B2 threshold crossing (B2-TCA) alarms. The value specifies a negative exponent to the power of 10 (10 to the power of minus value) for the threshold value, with a default value of 6 (10e-6).

b3-tca value

Sets the threshold for B3 threshold crossing (B3-TCA) alarms. The value specifies a negative exponent to the power of 10 (10 to the power of minus value) for the threshold value, with a default value of 6 (10e-6).

sd-ber value

Sets the threshold for signal degrade bit error rate (SD-BER) alarms. The value specifies a negative exponent to the power of 10 (10 to the power of minus value) for the threshold value, with a default value of 6 (10e-6).

sf-ber value

Sets the threshold for signal failure bit error rate (SF-BER) alarms. The value specifies a negative exponent to the power of 10 (10 to the power of minus value) for the threshold value, with a default value of 3 (10e-3).


Defaults

The default values are 6 (10e-6) for b1-tca, b2-tca, b3-tca, and sd-ber, and 3 (10e-3) for sf-ber.

Command Modes

Interface configuration

Command History

Release
Modification

12.1(7)E

This command was introduced.

12.2(14)SX

This command was integrated into Cisco IOS Release 12.2(14)SX.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE to support ATM shared port adapters (SPAs) on the Cisco 7600 series router and Catalyst 6500 series switch.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The atm sonet threshold command configures the allowable threshold for errors before a Synchronous Optical Network (SONET) alarm is reported. The different SONET alarms report on errors at different points in the SONET network, allowing for the source of a problem to be more easily identified.

Use the atm sonet threshold command to increase or decrease the sensitivity of the ATM interface to these SONET alarms, depending on the nature of your network and application needs. In particular, if a particular problem seems to be occurring, you can increase the sensitivity of the related alarm to help you more quickly troubleshoot and diagnose the problem.

Examples

The following example shows how to configure the threshold for B1 threshold crossings:

Router# configure terminal

Router(config)# interface atm 3/1/1

Router(config-if)# atm sonet threshold b1-tca 9 

Router(config-if)# end

Router#

Use the show controllers atm command to display the currently configured BER threshold values:

Router# show controllers atm 5/1/0 

Interface ATM5/1/0 is up
 Framing mode: SONET OC3 STS-3c Clock source: Line
ATM framing errors:
  HCS (correctable):   0
  HCS (uncorrectable): 0

SONET Subblock:
APS
  COAPS = 0          PSBF = 0        
  State: PSBF_state = false
  Rx(K1/K2): 0 /0   Tx(K1/K2): 0 /0
SECTION
  LOF = 0          LOS    = 0                            BIP(B1) = 603
LINE
  AIS = 0          RDI    = 2          FEBE = 2332       BIP(B2) = 1018
PATH
  AIS = 0          RDI    = 1          FEBE = 28         BIP(B3) = 228
  LOP = 0          NEWPTR = 0          PSE  = 1          NSE     = 2

Active Defects: None
Active Alarms:  None
Alarm reporting enabled for: SF SLOS SLOF B1-TCA B2-TCA PLOP B3-TCA


BER thresholds:  SF = 10e-3, SD = 10e-6
TCA thresholds:  B1 = 10e-6, B2 = 10e-6, B3 = 10e-6

Rx S1S0 = 00, Rx C2 = 13

PATH TRACE BUFFER : STABLE 

Router# 

Note The actual display from the show controllers atm command varies slightly, depending on the type of line card.


Related Commands

Command
Description

set mpls experimental imposition

Configures a policy map class with the value of the Multiprotocol Label Switching (MPLS) experimental (EXP) field to be set on all imposed label entries.

set mpls experimental topmost

Configures a policy map class to set the topmost MPLS label on outgoing packets with one or more specified experimental values.

show class-map

Displays information about the configured traffic classes.

show policy-map

Displays information about the configured policy maps and the interfaces on which they are applied.


atm tx-latency

To specify the default transmit latency for an ATM Shared Port Adapter (SPA) interface, use the atm tx-latency command in interface configuration mode. To reset the default transmit latency to its default value, use the no form of this command.

atm tx-latency milliseconds

no atm tx-latency

Syntax Description

milliseconds

The default transmit latency for the interface, in milliseconds. The valid range is from 1 to 200, with a default of 100 milliseconds.


Defaults

100 milliseconds

Command Modes

Interface configuration (ATM interface only)

Command History

Release
Modification

12.2(18)SXE

This command was introduced for the ATM Shared Port Adapters (SPA) on the Cisco 7600 series router and Catalyst 6500 series switch.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The atm tx-latency command specifies the default maximum latency for all virtual circuits (VC) on a particular ATM SPA interface. This value is used, together with the value of the tx-limit command, to configure the interface and its VCs for the maximum number of transmit buffers for each VC, so that each VC can maintain the desired latency at the VC's configured line rate.


Caution When the atm tx-latency command is configured on an interface, all VCs on that interface are torn down and then set up again, so that the VCs are using the correct latency and buffer values. If you have a large number of VCs configured on the interface, we recommend using this command only during scheduled maintenance times, or at other times where disruption to customer traffic can be minimized.


Tip Use the atm tx-latency command to specify the default latency value for all VCs on the interface, and then use the tx-limit command to fine-tune the configuration for a particular VC, as needed.


Examples

The following example shows the default transmit latency for a particular ATM SPA interface being set to 20 milliseconds:

Router# configure terminal 
Router(config)# interface atm 3/1/1 
Router(config-if)# atm tx-latency 20 
Router(config-if)# 

Related Commands

Command
Description

tx-limit

Specifies the maximum number of transmit buffers for an ATM virtual circuit (VC).


bert errors

To transmit bit error ratio test (BERT) errors while running any BERT pattern, use the bert error command in interface configuration mode.

bert errors [number]

Syntax Description

number

(Optional) Range of 1-255 BERT errors that may be introduced in a BERT pattern.


Defaults

Default is 1.

Command Modes

Interface configuration

Command History

Release
Modification

12.1(12c)EX1

This command was introduced for Cisco 7304 routers.

12.2(18)S

This command was introduced on Cisco 7304 routers running Cisco IOS Release 12.2S.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE to support SPAs on the Cisco 7600 series router and Catalyst 6500 series switch.

12.2(25)S3

This command was integrated into Cisco IOS Release 12.2(25)S3.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Use this command to test link availability by injecting a fixed number of bert errors when a pattern is running and check that the same number of errors were received on the remote end.

Examples

This example injects 200 BERT errors in a running bit pattern on slot 5, subslot 0.

Router# configure terminal
Router(config)#interface serial 5/0/0
Router(config-if)#bert errors 200

Related Commands

Command
Description

bert pattern

Starts a BERT pattern on a port.

show controller serial

Displays serial line statistics.


bert pattern

To start a BERT pattern on a port, use the bert pattern command in interface configuration mode. Use the no bert pattern command to stop the sequence.

bert pattern {0s | 1s | 2^15 | 2^20 | 2^23 | alt-0-1 | qrss} interval minutes}

no bert pattern {0s | 1s | 2^15 | 2^20 | 2^23 | alt-0-1 | qrss} interval minutes}

Syntax Description

0s

Repeating pattern of zeros (...000...).

1s

Repeating pattern of ones (...111...).

2^15

Pseudorandom 0.151 test pattern that is 32,768 bits in length.

2^20

Pseudo-andom 0.153 test pattern that is 1,048,575 bits in length.

2^23

Pseudorandom 0.151 test pattern that is 8,388,607 bits in length.

alt-0-1

Repeating pattern of alternating zeros and ones (...01010...).

qrss

Pseudorandom quasi-random signal sequence (QRSS) 0.151 test pattern that is 1,048,575 bits in length.

interval minutes

Specifies the length of the BERT test in minutes.


Defaults

Bert is disabled by default.

Command Modes

Interface configuration

Command History

Release
Modification

11.1CC

The command was introduced.

12.0(5)XE

The command was enhanced as an ATM interface configuration command

12.0(7)XE1

Support for Cisco 7100 series routers was added.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.

12.1(12c)EX1

Support for Cisco 7304 routers was added.

12.2(18)S

Support for Cisco 7304 routers was added.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE to support SPAs on the Cisco 7600 series router and the Catalyst 6500 series switch.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(25)S3

This command was integrated into Cisco IOS Release 12.2(25)S3.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Use the bert pattern commamd to start or stop a specific bit pattern. To test link availability, start a pattern on one end and put the remote end in network loopback and verify that there are no bert errors.

Examples

This example starts a bert pattern on slot 5, bay 0.

Router# configure terminal
Router(config)# int serial 5/0/0
Router(config-if)# bert pattern 0s

Related Commands

Command
Description

bert errors

Transmit bert errors while running any bert pattern.

show controller serial

Displays serial line statistics.

loopback

Loopback at various points in the transmit and receive path.


bre-connect

To enable the bridging of routed encapsulations (BRE) over a permanent virtual circuit (PVC) or switched virtual circuit (SVC), use the bre-connect command in VC configuration mode. To disable the bridging of routed encapsulations, use the no form of this command.

bre-connect vlan-id [mac mac-address]

no bre-connect

Syntax Description

vlan-id

Specifies the number of the virtual LAN (VLAN) to be used in this bridging configuration. The valid range is from 2 to 4094.

mac mac-address

(Optional) Specifies the hardware (MAC) address of the Ethernet customer premises equipment (CPE) device at the remote end of this VLAN.


Defaults

Bridging of route encapsulations is disabled.

Command Modes

VC configuration mode

Command History

Release
Modification

12.1(12)E

This command was introduced for the 2-port OC-12 ATM WAN Optical Services Modules (OSMs) on Cisco 7600 series routers and Catalyst 6500 series switches.

12.1(19)E1

The ip ip-address keyword and argument were removed because they were not needed.

12.2(17)S

This command, as modified in Cisco IOS Release 12.1(19)E1, was integrated into Cisco IOS Release 12.2(18)S.

12.2(17a)SX

This command was integrated into Cisco IOS Release 12.2(17a)SX.

12.2(18)SXE

Support was added for the 2-Port and 4-Port OC-3c/STM-1 ATM SPAs and the 1-Port OC-12c/STM-4 ATM SPA on the Cisco 7600 series routers and Catalyst 6500 series switches.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The bre-connect command allows the OC-12 ATM OSM or ATM SPA to receive RFC 1483 routed encapsulated packets and forward them as Layer 2 frames. When the bre-connect command is configured on a PVC (or SVC), the PVC (or SVC) receives routed packets, removes the RFC 1483 routed encapsulation header, and adds an Ethernet MAC header to the packet. The Layer 2 encapsulated packet is then switched to the Layer 2 interface that is determined by the VLAN number and the MAC address for the remote CPE device (if specified).


Note The bridge-vlan and bre-connect commands are mutually exclusive. You cannot use both commands on the same PVC for concurrent RFC 1483 and BRE bridging.



Note If the ATM interface is configured with only BRE VLANs, you must also use the spanning-tree bpdufilter enable command on the main ATM interface, so that the interface blocks all Spanning Tree BPDUs. If RFC 1483 bridged VLANs are also configured on the same ATM interface, or on one of its subinterfaces, do not enter the spanning-tree bpdufilter enable command unless you explicitly intend to block BPDUs on the interface.


Examples

The following example shows a PVC being configured for BRE bridging using a VLAN ID of 10:

Router# configure terminal

Router(config)# interface atm3/1.1 point-to-point

Router(config-subif)# pvc 1/101

Router(config-if-atm-vc)# bre-connect 10

Router(config-if-atm-vc)# end 

Related Commands

Command
Description

bridge-vlan

Configures a PVC for RFC 1483-compliant, point-to-point bridging of Layer 2 packets over an ATM interface.

show atm pvc

Displays the configuration of a particular permanent virtual circuit (PVC).


bridge-domain

To enable RFC 1483 ATM bridging or RFC 1490 Frame Relay bridging to map a bridged virtual LAN (VLAN) to an ATM permanent virtual circuit (PVC) or Frame Relay DLCI, use the bridge-domain command in interface ATM VC configuration, PVC range configuration, Frame Relay DLCI configuration, or interface configuration mode. To disable bridging, use the no form of this command.

bridge-domain vlan-id [access | dot1q [tag]| dot1q-tunnel] [broadcast] [ignore-bpdu-pid] [pvst-tlv CE-vlan] [increment] [lan-fcs] [split-horizon]

no bridge-domain vlan-id

Syntax Description

vlan-id

Specifies the number of the virtual LAN (VLAN) to be used in this bridging configuration. The valid range is from 2 to 4094.

access

(Optional) Enables bridging access mode, in which the bridged connection does not transmit or act upon bridge protocol data unit (BPDU) packets.

dot1q

(Optional) Enables IEEE 802.1Q tagging to preserve the class of service (CoS) information from the Ethernet frames across the ATM network. If not specified, the ingress side assumes a CoS value of 0 for QoS purposes.

tag

(Optional—ATM PVCs only) Specifies the 802.1Q value in the range 1 to 4095. You can specify up to 32 bridge-domain command entries using dot1q tag for a single PVC. The highest tag value in a group of bridge-domain commands must be greater than the first tag entered (but less than 32 greater).

dot1q-tunnel

(Optional) Enables IEEE 802.1Q tunneling mode, so that service providers can use a single VLAN to support customers who have multiple VLANs, while preserving customer VLAN IDs and keeping traffic in different customer VLANs segregated.

Note The access, dot1q, and dot1q-tunnel options are mutually exclusive. If you do not specify any of these options, the connection operates in "raw" bridging access mode, which is similar to access, except that the connection does act on and transmit BPDU packets.

broadcast

(Optional) Enables bridging broadcast mode on this PVC. This option is not supported for multipoint bridging. Support for this option was removed in Cisco IOS Release 12.2(18)SXF2 and Cisco IOS Release 12.2(33)SRA.

increment

(PVC range configuration mode only) (Optional) Increments the bridge domain number for each PVC in the range.

lan-fcs

(Optional) Specifies that the VLAN bridging should preserve the Ethernet LAN frame checksum (FCS) of the Ethernet frames across the ATM network.

Note This option applies only to routers using a FlexWAN module. Support for this option was removed in Cisco IOS Release 12.2(18)SXF2 and Cisco IOS Release 12.2(33)SRA.

ignore-bpdu-pid

(Optional - ATM interfaces only) Ignores bridge protocol data unit (BPDU) PIDs and treats all BPDU packets as data packets to allow interoperation with ATM customer premises equipment (CPE) devices that do not distinguish BPDU packets from data packets.

pvst-tlv

(Optional) When transmitting, translates PVST+ BPDUs into IEEE BPDUs.

When receiving, translates IEEE BPDUs into PVST+ BPDUs.

CE-vlan

Customer-edge VLAN in the SSTP TLV to be inserted in an IEEE BPDU to a PVST+ BPDU conversion.

split-horizon

(Optional) Enables RFC 1483 split horizon mode to globally prevent bridging between PVCs in the same VLAN.


Defaults

Bridging is disabled.

Command Modes

Interface ATM VC configuration

PVC range configuration

Frame Relay DLCI configuration

Interface configuration—Only the dot1q and dot1q-tunnel keywords are supported in interface configuration mode.

Command History

Release
Modification

12.1(13)E

This command was introduced as the bridge-vlan command for the 2-port OC-12 ATM WAN Optical Services Modules (OSMs) on Cisco 7600 series routers and Catalyst 6500 series switches.

12.1(12c)E

This command was integrated into Cisco IOS Release 12.1(12c)E.

12.1(14)E1

This command was integrated into Cisco IOS Release 12.1(14)E1. The dot1q-tunnel keyword was added.

12.2(14)SX

This command was integrated into Cisco IOS Release 12.2(14)SX. The dot1q-tunnel keyword is not supported in this release.

12.1(19)E

The split-horizon keyword was added.

12.2(18)S

This command was integrated into Cisco IOS Release 12.2(18)S. The dot1q-tunnel and split-horizon keywords are supported in this release.

12.2(17a)SX

Support was added for the dot1q-tunnel keyword in Cisco IOS Release 12.2(17a)SX.

12.2(18)SXE

This command was renamed from bridge-vlan to bridge-domain. The access, broadcast, ignore-bpu-pid, and increment keywords were added.

12.2(18)SXF2

Support for the lan-fcs and broadcast keywords was removed. The pvst-tlv keyword was added.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

RFC 1483 bridging on ATM interfaces supports the point-to-point bridging of Layer 2 packet data units (PDUs) over Ethernet networks. RFC 1490 Frame Relay bridging on POS or serial interfaces that are configured for Frame Relay encapsulation provides bridging of Frame Relay packets over Ethernet networks.

The Cisco 7600 router has the ability to transmit BPDUs with a PID of either 0x00-0E or 0x00-07. When connecting to a device that is fully compliant with RFC 1483 Appendix B, in which the IEEE BPDUs are sent and received by the other device using a PID of 0x00-0E, you must not use the ignore-bpdu-pid keyword.

If you do not enter the ignore-bpdu-pid keyword, the PVC between the devices operates in compliance with RFC 1483 Appendix B. This is referred to as strict mode. Entering the ignore-bpdu-pid keyword creates loose mode. Both modes are described as follows:

Without the ignore-bpdu-pid keyword, in strict mode, IEEE BPDUs are sent out using a PID of 0x00-0E, which complies with RFC 1483.

With the ignore-bpdu-pid keyword, in loose mode, IEEE BPDUs are sent out using a PID of 0x00-07, which is normally reserved for RFC-1483 data.

Cisco-proprietary PVST+ BPDUs are always sent out on data frames using a PID of 0x00-07, regardless of whether you enter the ignore-bpdu-pid keyword.

Use the ignore-bpdu-pid keyword when connecting to devices such as ATM DSL modems that send PVST (or 802.1D) BPDUs with a PID of 0x00-07.

The pvst-tlv keyword enables BPDU translation when interoperating with devices that understand only PVST or IEEE Spanning Tree Protocol. Because the Catalyst 6500 series switch ATM modules support PVST+ only, you must use the pvst-tlv keyword when connecting to a Catalyst 5000 family switch that only understands PVST on its ATM modules, or when connecting with other Cisco IOS routers that understand IEEE format only.

When transmitting, the pvst-tlv keyword translates PVST+ BPDUs into IEEE BPDUs.

When receiving, the pvst-tlv keyword translates IEEE BPDUs into PVST+ BPDUs.


Note The bridge-domain and bre-connect commands are mutually exclusive. You cannot use both commands on the same PVC for concurrent RFC 1483 and BRE bridging.


To preserve Class of Service (CoS) information across the ATM network, use the dot1q option. This configuration uses IEEE 802.1Q tagging to preserve the VLAN ID and packet headers as they are transported across the ATM network.

To enable service providers to use a single VLAN to support customers who have multiple VLANs, while preserving customer VLAN IDs and keeping traffic in different customer VLANs segregated, use the dot1q-tunneling option on the service provider router. Then use the dot1q option on the customer routers.

RFC 1483 bridging is supported on AAL5-MUX and AAL5-LLC Subnetwork Access Protocol (SNAP) encapsulated PVCs. RFC-1483 bridged PVCs must terminate on the ATM interface, and the bridged traffic must be forwarded over an Ethernet interface, unless the split-horizon option is used, which allows bridging of traffic across bridged PVCs.


Note RFC 1483 bridging is not supported for switched virtual circuits (SVCs). It also cannot be configured for PVCS on the main interface.


In interface configuration mode, only the dot1q and dot1q-tunnel keyword options are supported.

Examples

The following example shows a PVC being configured for IEEE 802.1Q VLAN bridging using a VLAN ID of 99:

Router# configure terminal 
Router(config)# interface ATM6/2 
Router(config-if)# pvc 2/101 
Router(config-if-atm-vc)# bridge-domain 99 dot1q 
Router(config-if-atm-vc)# end 

The following example shows how to enable BPDU translation when a Catalyst 6500 series switch is connected to a device that only understands IEEE BPDUs in an RFC-1483 compliant topology:

Router(config-if-atm-vc)# bridge-domain 100 pvst-tlv 150

The ignore-bpdu-pid keyword is not used because the device operates in an RFC-1483 compliant topology for IEEE BPDUs.

The following example shows how to enable BPDU translation when a Catalyst 5500 ATM module is a device that only understands PVST BPDUs in a non-RFC1483 compliant topology. When a Catalyst 6500 series switch is connected to a Catalyst 5500 ATM module, you must enter both keywords:

Router(config-if-atm-vc)# bridge-domain 100 ignore-bpdu-pid pvst-tlv 150

To enable BPDU translation for the Layer 2 Protocol Tunneling (L2PT) topologies, use the following command line:

Router(config-if-atm-vc)# bridge-domain 100 dot1qtunnel ignore-bpdu-pid pvst-tlv 150

The following example shows a range of PVCs being configured, with the bridge domain number being incremented for each PVC in the range:

Router(config)# interface atm 8/0.100 
Router(config-subif)# range pvc 102/100 102/199
Router(config-if-atm-range)# bridge-domain 102 increment

Related Commands

Command
Description

bre-connect

Enables the bridging of routed encapsulations (BRE) over a permanent virtual circuit (PVC) or switched virtual circuit (SVC).

show atm pvc

Displays the configuration of a particular permanent virtual circuit (PVC).


bridge-domain (subinterface)

To enable bridging across Gigabit Ethernet subinterfaces, use the bridge-domain command in subinterface configuration mode. To disable bridging, use the no form of this command.

bridge-domain vlan-id {dot1q | dot1q-tunnel} [bpdu {drop | transparent}] [split-horizon]

no bridge-domain vlan-id {dot1q | dot1q-tunnel} [bpdu {drop | transparent}] [split-horizon]

Syntax Description

vlan-id

Specifies the number of the virtual LAN (VLAN) to be used in this bridging configuration. The valid range is from 2 to 4094.

dot1q

Enables IEEE 802.1Q tagging to preserve the class of service (CoS) information from the Ethernet frames across the ATM network. If not specified, the ingress side assumes a CoS value of 0 for QoS purposes.

dot1q-tunnel

Enables IEEE 802.1Q tunneling mode, so that service providers can use a single VLAN to support customers who have multiple VLANs, while preserving customer VLAN IDs and keeping traffic in different customer VLANs segregated.

bpdu {drop | transparent}

(Optional) Specifies whether or not BPDUs are processed or dropped:

drop—Specifies that BPDU packets are dropped on the subinterface.

transparent—Specifies that BPDU packets are forwarded as data on the subinterface, but not processed.

split-horizon

(Optional) Enables RFC 1483 split horizon mode to globally prevent bridging between PVCs in the same VLAN.


Defaults

Bridging is disabled.

Command Modes

Subinterface configuration

Command History

Release
Modification

12.2(33)SRA

This command was introduced.


Usage Guidelines

This command has the following restrictions in Cisco IOS Release 12.2(33)SRA:

The command is available on the Cisco 7600 SIP-400 with a 2-Port Gigabit Ethernet SPA only.

You can place up to 120 subinterfaces in the same bridge-domain on a single Cisco 7600 SIP-400.

To enable service providers to use a single VLAN to support customers who have multiple VLANs, while preserving customer VLAN IDs and keeping traffic in different customer VLANs segregated, use the dot1q-tunnel option on the service provider router. Then use the dot1q option on the customer routers.

Examples

The following example shows configuration of IEEE 802.1Q encapsulation for VLANs on Gigabit Ethernet subinterfaces with configuration of multipoint bridging (MPB). The MPB feature requires configuration of 802.1Q encapsulation on the subinterface.

The first subinterface bridges traffic on VLAN 100 and preserves CoS information in the packets by specifying the dot1q keyword.

Router(config)# interface GigabitEthernet 1/0/1.1
Router(config-subif)# encapsulation dot1q 10
Router(config-subif)# bridge-domain 100 dot1q

The second subinterface shows bridging of traffic on VLAN 200 in tunneling mode using the 
dot1q-tunnel keyword, which preserves the VLAN IDs of the bridged traffic.

Router(config)# interface GigabitEthernet 2/0/2.2
Router(config-subif)# encapsulation dot1q 20
Router(config-subif)# bridge-domain 200 dot1q-tunnel

The following example shows bridging of traffic from different VLANs on two separate Gigabit Ethernet subinterfaces into the same VLAN. First, the bridging VLAN 100 is created using the vlan command. Then, the Gigabit Ethernet subinterfaces implement IEEE 802.1Q encapsulation on VLAN 10 and VLAN 20 and bridge the traffic from those VLANs onto VLAN 100 using the bridge-domain command:

Router(config)# vlan 100
Router(config-vlan)# exit
!
Router(config)# interface GigabitEthernet 1/0/1.1
Router(config-subif)# encapsulation dot1q 10
Router(config-subif)# bridge-domain 100 dot1q
Router(config-subif)# exit
!
Router(config)# interface GigabitEthernet 1/0/2.1
Router(config-subif)# encapsulation dot1q 20
Router(config-subif)# bridge-domain 100 dot1q

Related Commands

Command
Description

encapsulation dot1q

Enables IEEE 802.1Q encapsulation of traffic on a specified subinterface in a VLAN.

vlan

Adds the specified VLAN IDs to the VLAN database and enters VLAN configuration mode.


card type (T1-E1)

To configure a T1 or E1 card type, use the card type command in global configuration mode. To deselect the card type on non-SPA platforms, use the no form of this command. The no form of this command is not available on the SPA platforms.

card type {t1 | e1} slot [bay]

no card type {t1 | e1} slot [bay]

Channelized T/E1 Shared Port Adapters

card type {t1 | e1} slot subslot

Syntax Description

t1

Specifies T1 connectivity of 1.544 Mbps through the telephone switching network, using AMI or B8ZS coding.

e1

Specifies a wide-area digital transmission scheme used predominantly in Europe that carries data at a rate of 2.048 Mbps.

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs, SSCs, and SPAs" topic in the platform-specific SPA software configuration guide.

bay

(Optional) Card interface bay number in a slot (route switch processor [RSP] platform only). This option is not available on other platforms.

subslot

(Channelized T/E1 Shared Port Adapters Only) Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.


Defaults

No default behavior or values

Command Modes

Global configuration

Command History

Release
Modification

12.0(5)XE

This command was introduced.

12.0(7)T

This command was integrated into Cisco IOS Release 12.0(7)T.

12.3(1)

This command was integrated into Cisco IOS Release 12.3(1) and support was added for Cisco 2610XM, Cisco 2611XM, Cisco 2620XM, Cisco 2621XM, Cisco 2650XM, Cisco 2651XM, Cisco 2691, Cisco 3631, Cisco 3660, Cisco 3725, and Cisco 3745 platforms.

12.2S

This command was integrated into Cisco IOS Release 12.2S.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE to support SPAs on the Cisco 7600 series routers and Catalyst 6500 series switches.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S to support SPAs on Cisco 12000 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Changes made using this command on non-SPA platforms, do not take effect unless the reload command is used or the router is rebooted.

Channelized T1/E1 Shared Port Adapters

There is no card type when the SPA is inserted for first time. The user must configure this command before they can configure individual ports.

The no form of this command is not available on the SPA platforms. To change an existing card type on SPA platforms, perform the following steps:

1. Remove the SPA from its subslot.

2. Save the configuration.

3. Reboot the router.

4. Insert the new SPA into the subslot.

5. Configure the new card using this command.

Examples

The following example configures T1 data transmission on slot 1 of the router:

Router(config)# card type t1 1

The following example configures all ports of an 8-Port Channelized T1/E1 SPA, seated in slot 5, subslot 2, in T1 mode:

Router(config)# card type t1 5 2

Related Commands

Command
Description

controller

Configures a T1 or E1 controller and enters controller configuration mode.

reload

Reloads the operating system.

show controller

Displays the controller state that is specific to controller hardware

show interface serial

Displays the serial interface type and other information.


card type (T3-E3)

To configure a T3 or E3 card type, use the card type command in global configuration mode. To deselect the card type, use the no form of this comand. The no form of this command is not supported on the 2-Port and 4-Port Clear Channel T3/E3 SPA on Cisco 12000 series routers.

T3 or E3 Controllers

card type {t3 | e3} slot

no card type {t3 | e3} slot

Clear Channel T3/E3 Shared Port Adapters

card type {t3 | e3} slot subslot

no card type {t3 | e3} slot subslot

Clear Channel T3/E3 Shared Port Adapters on Cisco 12000 Series Routers

card type {t3 | e3} slot subslot

Syntax Description

t3

Specifies T3 connectivity of 44210 kbps through the network, using B8ZS coding.

e3

Specifies a wide-area digital transmission scheme used predominantly in Europe that carries data at a rate of 34010 kbps.

slot

Slot number of the interface.

subslot

(Clear Channel T3/E3 Shared Port Adapters Only) Secondary slot number on a SIP where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.


Defaults

No default behavior or values.

Command Modes

Global configuration

Command History

Release
Modification

12.1(1)T

This command was introduced.

12.2(11)YT

This command was integrated into Cisco IOS Release 12.2(11)YT and implemented on the following platforms: Cisco 2650XM, Cisco 2651XM, Cisco 2691, Cisco 3660 series, Cisco 3725, and Cisco 3745 routers.

12.2(15)T

This command was integrated into Cisco IOS Release 12.2(15)T.

12.3(1)

This command was integrated into Cisco IOS Release 12.3(1) and support was added for Cisco 2610XM, Cisco 2611XM, Cisco 2620XM, Cisco 2621XM, Cisco 2650XM, Cisco 2651XM, Cisco 2691, Cisco 3631, Cisco 3660, Cisco 3725, and Cisco 3745 platforms.

12.2S

This command was integrated into Cisco IOS Release 12.2S.

12.2(25)S3

This command was integrated into Cisco IOS Release 12.2(25)S3 to support SPAs on the Cisco 7304 routers.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE to support SPAs on the Cisco 7600 series routers and Catalyst 6500 series switches.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S to support SPAs on the Cisco 12000 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Usage guidelines vary slightly from platform to platform as follows:

T3 or E3 Controllers

Once a card type is issued, you enter the no card type command and then another card type command to configure a new card type. You must save the configuration to the NVRAM and reboot the router in order for the new configuration to take effect.

When the router comes up, the software comes up with the new card type. Note that the software will reject the configuration associated with the old controller and old interface. You must configure the new controller and serial interface and save it.

Clear Channel T3/E3 Shared Port Adapters

To change all the SPA ports from T3 to E3, or vice versa, you enter the no card type command and then another card type command to configure a new card type.

When the router comes up, the software comes up with the new card type. Note that the software will reject the configuration associated with the old controller and old interface. You must configure the new controller and serial interface and save it.

Clear Channel T3/E3 Shared Port Adapters on Cisco 12000 Series Routers

The no form of this command is not available on the 2-Port and 4-Port Clear Channel T3/E3 SPA on Cisco 12000 series routers. To change an existing card type on Cisco 12000 series routers, perform the following steps:

1. Remove the SPA from its subslot.

2. Save the configuration.

3. Reboot the router.

4. Insert the new SPA into the subslot.

5. Configure the new card using this command.

Examples

The following example shows T3 data transmission configured in slot 1:

Router(config)# card type t3 1

The following example configures all ports of 2-Port and 4-Port Clear Channel T3/E3 SPA, seated in slot 5, subslot 2, in T3 mode:

Router(config)# card type t3 5 2

Related Commands

Command
Description

controller

Configures a T3 or E3 controller and enters controller configuration mode.

reload

Reloads the operating system.

show interface serial

Displays the serial interface type and other information.


class arp-peruser

To create a control class for arp-peruser, use the class arp-peruser command in policy map configuration mode. To remove the arp-peruser class, use the no form of this command.

class arp-peruser

no class arp-peruser

Command Default

A control policy map is not created.

Command Modes

Policy map configuration

Command History

Release
Modification

12.2(33)SRB

This command was introduced.


Usage Guidelines

Use this command when creating a per-user policy map.

Examples

The following example shows creating a per-user policy map.

Router(config-pmap)# class arp-peruser
Router(config)# policy-map copp-peruser
Router(config-pmap)# class arp-peruser
Router(config-pmap-c)# police rate 5 pps burst 50 packets
Router(config-pmap-c)# class dhcp-peruser
Router(config-pmap-c)# police rate 10 pps burst 100 packets

Related Commands

Command
Description

policy-map copp-peruser

Creates a policy map that defines a CoPP per-user policy.

class-map arp-peruser

Creates a class map to be used for matching ARP per-user packets.


class-map arp-peruser

To create a class map to be used for matching Address Resolution Protocol (ARP) per-user packets, use the class-map arp-peruser command in global configuration mode. To disable, use the no form of the command.

class-map arp-peruser

no class map arp-peruser

Syntax Description

arp per-user

Specifies Address Resolution Protocol per user.


Command Default

Enabled

Command Modes

Global configuration

Command History

Release
Modification

12.2(33)SRB

This command was introduced.


Usage Guidelines

Use this command to create an ARP class map when configuring CoPP.

Examples

The following example shows creating an ARP class-map:


Router(config)#class-map arp-peruser
Router(config-cmap)#match protocol arp
Router(config-cmap)#match subscriber access

Related Commands

Command
Description

match protocol arp

Matches ARP traffic to a policy map.

match subscriber access

Matches subscriber access traffic to a policy map.


clear crypto engine accelerator counter

To reset the statistical and error counters of the router hardware accelerator or the IPSec VPN SPA to zero, use the clear crypto engine accelerator counter command in privileged EXEC mode.

clear crypto engine accelerator counter

IPSec VPN SPA

clear crypto engine accelerator counter [slot slot/subslot | all] [detail]

Syntax Description

slot slot/subslot

(IPSec VPN SPA only—Optional) Chassis slot number and secondary slot number on the SIP where the SPA is installed. Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

Resets platform statistics for the corresponding IPSec VPN SPA to zero. This reset will not include network interface controller statistics.

all

(IPSec VPN SPA only—Optional) Resets platform statistics for all IPSec VPN SPAs on the router to zero. This reset will not include network interface controller statistics.

detail

(IPSec VPN SPA only—Optional) Resets both platform statistics for the IPSec VPN SPA and network interface controller statistic to zero.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(3)XL

This command was introduced for the Cisco uBR905 cable access router.

12.2(2)XA

Support was added for the Cisco uBR925 cable access router.

12.2(13)T

This command was integrated into Cisco IOS Release 12.2(13)T and implemented for the AIM-VPN/EPII and AIM-VPN/HPII on the following platforms: Cisco 2691, Cisco 3660, Cisco 3725, and Cisco 3745.

12.2(15)ZJ

This command was implemented for the AIM-VPN/BPII on the following platforms: Cisco 2610XM, Cisco 2611XM, Cisco 2620XM, Cisco 2621XM, Cisco 2650XM, and Cisco 2651XM.

12.3(4)T

The AIM-VPN/BPII was integrated into Cisco IOS Release 12.3(4)T on the following platforms: Cisco 2610XM, Cisco 2611XM, Cisco 2620XM, Cisco 2621XM, Cisco 2650XM, and Cisco 2651XM.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA to support the IPSec VPN SPA on Cisco 7600 series routers and Catalyst 6500 series switches.


Usage Guidelines

No specific usage guidelines apply to the hardware accelerators.

IPSec VPN SPA

Enter the slot keyword to reset platform statistics for the corresponding IPSec VPN SPA to zero. This reset will not include network interface controller statistics.

Enter the all keyword to reset platform statistics for all IPSec VPN SPAs on the router to zero. This reset will not include network interface controller statistics.

Enter the detail keyword to reset platform statistics for the IPSec VPN SPA and network interface controller statistics to zero.

Examples

The following example shows the statistical and error counters of the router hardware accelerator being cleared to zero:

Router# clear crypto engine accelerator counter

The following example shows the platform statistics for the IPSec VPN SPA in slot 2, subslot 1 being cleared to zero:

Router# clear crypto engine accelerator counter slot 2/1

The following example shows the platform statistics for all IPSec VPN SPAs on the router being cleared to zero:

Router# clear crypto engine accelerator counter all 

Related Commands

Command
Description

crypto ca

Defines the parameters for the certification authority used for a session.

crypto cisco

Defines the encryption algorithms and other parameters for a session.

crypto dynamic-map

Creates a dynamic map crypto configuration for a session.

crypto engine accelerator

Enables the use of the onboard hardware accelerator for IPSec encryption.

crypto ipsec

Defines the IPSec security associations and transformation sets.

crypto isakmp

Enables and defines the IKE protocol and its parameters.

crypto key

Generates and exchanges keys for a cryptographic session.

crypto map

Creates and modifies a crypto map for a session.

debug crypto engine accelerator control

Displays each control command as it is given to the crypto engine.

debug crypto engine accelerator packet

Displays information about each packet sent for encryption and decryption.

show crypto engine accelerator ring

Displays the contents of command and transmits rings for the crypto engine.

show crypto engine accelerator sa-database

Displays the active (in-use) entries in the crypto engine SA database.

show crypto engine accelerator statistic

Displays the current run-time statistics and error counters for the crypto engine.

show crypto engine brief

Displays a summary of the configuration information for the crypto engine.

show crypto engine configuration

Displays the version and configuration information for the crypto engine.

show crypto engine connections

Displays a list of the current connections maintained by the crypto engine.


crypto connect vlan

To create an interface VLAN for an IPSec VPN SPA and enter crypto-connect mode, use the crypto connect vlan command in interface configuration mode. To remove the interface VLAN status from the VLAN, use the no form of this command.

crypto connect vlan vlan-id

no crypto connect [vlan vlan-id]

Syntax Description

vlan-id

VLAN ID number.


Defaults

No default behavior or values.

Command Modes

Interface configuration

Command History

Release
Modification

12.2(18)SXE2

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

You can enter the crypto connect vlan command only from the following:

The associated port VLAN interface when the EtherChannel interface (port-channel interface) and participating interfaces are switch ports.

The EtherChannel interface when the EtherChannel interface (port-channel interface) and participant interfaces are routed ports.

The crypto engine subslot command is only available for VLANs prior to the VLANs being made interface VLANs by the crypto connect vlan command.

When you enter the crypto connect vlan command, a target VLAN is made an interface VLAN if and only if the target VLAN is not currently an interface VLAN, and the target VLAN has been added to an inside trunk port using the crypto engine subslot command. If the VLAN has been added to more than one inside trunk port, the crypto connect vlan command is rejected.

The no crypto engine subslot command is allowed only after you enter the no crypto connect vlan command, or before you enter the crypto connect vlan command.

When you remove an interface VLAN from an inside trunk port and a corresponding crypto engine subslot configuration state exists, then that crypto engine subslot configuration state is not removed. If you remove a VLAN that has a crypto engine subslot configuration state, you need to manually add it back to recover. While in this inconsistent state, any attempt to enter the no crypto connect vlan command is rejected.

When you enter the no crypto connect vlan command, the interface VLAN status is removed from a VLAN. Any associated crypto engine subslot configuration state is not altered.

Examples

The following example adds port 2/1 to the outside access port VLAN and connects the outside access port VLAN to the inside interface VLAN:

Router(config)# interface Vlan101
Router(config-if)# ip address 192.168.101.1 255.255.255.0
Router(config-if)# crypto map cmap
Router(config-if)# crypto engine subslot 3/0

Router(config-if)# interface GigabitEthernet2/1
Router(config-if)# crypto connect vlan 101

Related Commands

Command
Description

crypto engine subslot

Assign an interface VLAN that requires encryption to the IPSec VPN SPA.

crypto map (interface IPSec)

Applies a previously defined crypto map set to an interface.

show crypto vlan

Displays the VPN running state for an IPSec VPN SPA.


crypto engine gre supervisor

To configure a router to process Generic Routing Encapsulation (GRE) using the Supervisor Engine hardware or the Route Processor (RP), use the crypto engine gre supervisor command in global or interface configuration mode. When this command is specified, GRE processing by the Supervisor Engine hardware takes precedence over processing by the RP; the RP only takes over GRE processing if the Supervisor Engine hardware cannot do the processing.

To disable GRE processing by the Supervisor Engine hardware or RP, use the no form of this command. When the no form of the command is used, GRE processing will be reevaluated based on the rules described in the Usage Guidelines that follow.

crypto engine gre supervisor

no crypto engine gre supervisor

Command Default

When neither the crypto engine gre supervisor command, nor the crypto engine gre vpnblade command is specified globally or individually for a tunnel, GRE processing will be performed based on the following IPSec VPN SPA GRE takeover criteria:

The IPSec VPN SPA will only attempt to take over GRE processing if the following conditions apply:

The Supervisor hardware does not take over GRE processing.

Protocol Independent Multicast (PIM) is configured on the tunnel.

The tunnels are from duplicate tunnel sources and more than one tunnel is up. (If only one tunnel is up, the Supervisor Engine hardware can still perform the GRE processing.)

The IPSec VPN SPA will not take over GRE processing if any of the following options is configured on the tunnel interface:

DMVPN

Crypto-connect mode

IP policy

NAT

Service policy

Traffic shaping

QOS

ACL

Command Modes

Global or Interface configuration

Command History

Release
Modification

12.2(18)SXE5

This command was introduced to support the IPSec VPN SPA on a Cisco 7600 series router and Catalyst 6500 series switch.

12.2(18)SXF2

The takeover criteria was modified as follows:

If tunnels are from duplicate tunnel sources and only one tunnel is up, the Supervisor Engine hardware can still perform the GRE processing.

If Protocol Independent Multicast (PIM) is configured on the tunnel, the IPSec VPN SPA performs the GRE processing.


Usage Guidelines

The crypto engine gre supervisor command can be configured globally or at an individual tunnel.

Individual configuration takes precedence over the global configuration. For example, when the crypto engine gre supervisor command is configured at the global configuration level, the command will apply to all tunnels except those tunnels which have been configured individually using either a crypto engine gre supervisor command or a crypto engine gre vpnblade command.

The crypto engine gre supervisor command is related to the crypto engine gre vpnblade command. The crypto engine gre vpnblade command configures a router to process GRE using the service blade.

At any time only one of the two commands (crypto engine gre supervisor or crypto engine gre vpnblade) can be configured globally or individually at a tunnel. If either command is already configured, configuring the second command will overwrite the first command, and only the configuration applied by the second command will be used.

When the crypto engine gre supervisor command is specified, GRE processing by the Supervisor Engine hardware takes precedence over processing by the RP unless the tunnels are from duplicate sources. If this command is configured, duplicate source GREs will be processed by the RP.

When neither a global, nor an individual GRE takeover configuration is specified for a tunnel, the GRE processing will be performed based on the criteria specified in Defaults. In this way, backward compatibility is supported.

When a new configuration file is copied to the running configuration, the new configuration will overwrite the old configuration for the crypto engine gre supervisor and crypto engine gre vpnblade commands. If the new configuration does not specify a GRE takeover criteria globally or for an individual tunnel, the existing old configuration will be used.

Examples

The following example shows that the GRE takeover criteria has been set globally and the Supervisor Engine hardware or RP always does the GRE processing:

Router(config)# crypto engine gre supervisor

The following example shows that the GRE takeover criteria has been set individually for tunnel interface 3 and the Supervisor Engine hardware or RP always does the GRE processing:

Router(config)# interface tunnel 3
Router(config-if)# crypto engine gre supervisor

Related Commands

Command
Description

crypto engine gre vpnblade

Configures a router to process Generic Routing Encapsulation (GRE) using the service blade.


crypto engine gre vpnblade

To configure a router to process Generic Routing Encapsulation (GRE) using the service blade, use the crypto engine gre vpnblade command in global or interface configuration mode.

If the service blade can't take over the GRE processing, the GRE processing will be handled either by Supervisor Engine hardware (which has precedence) or the Route Processor (RP).

To disable GRE processing by the service blade, use the no form of this command. When the no form of the command is used, GRE processing will be reevaluated based on the rules described in the Usage Guidelines.

crypto engine gre vpnblade

no crypto engine gre vpnblade

Command Default

When neither the crypto engine gre vpnblade command, nor the crypto engine gre supervisor command is specified globally or individually for a tunnel, GRE processing will be performed based on the following IPSec VPN SPA GRE takeover criteria:

The IPSec VPN SPA will only attempt to take over GRE processing if the following conditions apply:

The Supervisor Engine hardware does not take over GRE processing.

Protocol Independent Multicast (PIM) is configured on the tunnel.

The tunnels are from duplicate tunnel sources and more than one tunnel is up. (If only one tunnel is up, the Supervisor Engine hardware can still perform the GRE processing.)

The IPSec VPN SPA will not take over GRE processing if any of the following options is configured on the tunnel interface:

DMVPN

Crypto-connect mode

IP policy

NAT

Service policy

Traffic shaping

QOS

ACL

Command Modes

Global configuration or Interface configuration

Command History

Release
Modification

12.2(18)SXE5

This command was introduced to support the IPSec VPN SPA on a Cisco 7600 series router and Catalyst 6500 series switch.

12.2(18)SXF2

The takeover criteria was modified as follows:

If tunnels are from duplicate tunnel sources and only one tunnel is up, the Supervisor Engine hardware can still perform the GRE processing.

If Protocol Independent Multicast (PIM) is configured on the tunnel, the IPSec VPN SPA performs the GRE processing.


Usage Guidelines

The crypto engine gre vpnblade command can be configured globally or at an individual tunnel.

Individual configuration takes precedence over the global configuration. For example, when the crypto engine gre vpnblade command is configured at the global configuration level, the command will apply to all tunnels except those tunnels which have been configured individually using either a crypto engine gre vpnblade command or a crypto engine gre supervisor command.

The crypto engine gre vpnblade command is related to the crypto engine gre supervisor command. The crypto engine gre supervisor command configures a router to process GRE using the Supervisor Engine hardware or the RP.

At any time only one of the two commands (crypto engine gre vpnblade or crypto engine gre supervisor) can be configured globally or individually for a tunnel. If either command is already configured for a tunnel, configuring the second command will overwrite the first command, and only the configuration applied by the second command will be used.

If neither a global, nor an individual GRE takeover configuration is specified for a tunnel, the GRE processing will be performed based on the criteria specified in Defaults. In this way, backward compatibility is supported.

For a GRE tunnel to be taken over by the service blade, it must first satisfy the following criteria:

The GRE tunnel interface must be up.

The route to the tunnel destination must go through the IPSec blade.

The Address Resolution Protocol (ARP) entry for the next hop must exist.

The tunnel mode must be GRE.

The only supported options are tunnel ttl, tunnel tos, and keepalives. If any of the following options are configured, then the tunnel will not be taken over:

tunnel key

tunnel sequence-datagrams

tunnel checksum

All other options configured are ignored.

If the GRE tunnels have the same source and destination addresses, then the IPSec VPN SPA will, at most, take over only one of them, and the determination of which specific tunnel is taken over is random.

GRE processing cannot be performed by the service blade if any of the following options is configured on the tunnel interface:

DMVPN

Crypto-connect mode

IP policy

NAT

PIM

Service policy

Traffic shaping

QOS

ACL

If the service blade cannot take over the GRE processing, the GRE processing will be handled either by the Supervisor Engine hardware (which has precedence) or the RP.

When a new configuration file is copied to the running configuration, the new configuration will overwrite the old configuration for the crypto engine gre vpnblade and crypto engine gre supervisor commands. If the new configuration does not specify a GRE takeover criteria globally or for an individual tunnel, the existing old configuration will be used.

Examples

The following example shows that the GRE takeover criteria has been set globally and the IPSec VPN SPA always does the GRE processing:

Router(config)# crypto engine gre vpnblade

The following example shows that the GRE takeover criteria has been set individually for tunnel interface 3 and the IPSec VPN SPA always does the GRE processing:

Router(config)# interface tunnel 3
Router(config-if)# crypto engine gre vpnblade

Related Commands

Command
Description

crypto engine gre supervisor

Configures a router to process Generic Routing Encapsulation (GRE) using the Supervisor Engine hardware or the Route Processor (RP).


crypto engine mode vrf

To enable VRF-aware mode for the IPSec VPN SPA, use the crypto engine mode vrf command in interface configuration mode. The VRF-aware IPSec feature introduces IPSec tunnel mapping to Multiprotocol Label Switching (MPLS) VPNs. Using the VRF-aware IPSec feature, you can map IPSec tunnels to Virtual Routing and Forwarding (VRF) instances using a single public-facing address.. To disable VRF-aware mode, use the no form of this command.

crypto engine mode vrf

no crypto engine mode vrf

Defaults

No default behavior or values.

Command Modes

Interface configuration mode.

Command History

Release
Modification

12.2(18)SXE2

This command was introduced.


Usage Guidelines

Follow these guidelines and restrictions when configuring IPSec VPN SPAs using the crypto engine mode vrf command:

Unlike other IPSec VPN SPA feature configuration, when configuring VRF-Aware features. you od not use the crypto connect vlan command.

Examples

The following example shows a VRF-Aware IPSec implementation:

ip vrf pepsi
 rd 1000:1
 route-target export 1000:1
 route-target import 1000:1
!
ip vrf coke
 rd 2000:1
 route-target export 2000:1
 route-target import 2000:1

crypto engine mode vrf

interface vlan 100
 ip vrf forwarding pepsi
 ip address 10.2.1.1 255.255.255.0
 crypto engine subslot 3/0
 crypto map map100

interface vlan 200
 ip vrf forwarding coke
 ip address 10.2.1.1 255.255.255.0
 crypto engine subslot 3/0
 crypto map map200

interface gi1/1 (hidden VLAN 1000)
 ip address 171.1.1.1
 crypto engine subslot 3/0

! BASIC MPLS CONFIGURATION
mpls label protocol ldp
tag-switching tdp router-id Loopback0
mls ip multicast flow-stat-timer 9
no mls flow ip
no mls flow ipv6
!
! CONFIGURE THE INTERFACE CONNECTED TO THE MPLS BACKBONE WITH LABEL/TAG SWITCHING
interface GigabitEthernet2/12
 ip address 20.1.0.34 255.255.255.252
 logging event link-status
 speed nonegotiate
 mpls label protocol ldp
tag-switching ip

Related Commands

Command
Description

crypto engine sublot

Assigns the specifed crypto engine to the interface.

ip vrf

Configures a VRF routing table and enters VRF configuration mode.

ip vrf forwarding

Associates a VRF with an interface or subinterface.

vrf

Defines the VRF to which the IPSec tunnel will be mapped.


crypto engine slot

To assign an interface VLAN that requires encryption to the IPSec VPN SPA, use the crypto engine slot command in interface configuration mode. To remove the interface VLAN, use the no form of this command.

crypto engine slot slot/subslot

no crypto engine slot slot/subslot

Syntax Description

slot

Chassis slot number where the Cisco 7600 SSC-400 card is located. Refer to the appropriate hardware manual for slot information. For SIPs and SSCs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

subslot

Secondary slot number on the SSC where the IPSec VPN SPA is installed.


Defaults

No default behavior or values.

Command Modes

Interface configuration

Command History

Release
Modification

12.2(33)SRA

This command was introduced.


Usage Guidelines

With this command, you do not need to explicitly add interface VLANs to the IPSec VPN SPA inside trunk port.

It is strongly recommended that you use the crypto engine slot command instead of manually adding and removing VLANs from the inside trunk port.

When you add an interface VLAN to an inside trunk port and that interface VLAN is not already added to another inside trunk port, the crypto engine slot configuration state on the interface VLAN is combined. If the interface VLAN is already added to another inside trunk port, the command is rejected.

You should not try to add all VLANs at one time (If you attempt this, you can recover by manually removing the VLANs from the inside trunk port.)

The crypto engine slot command is used in conjunction with the crypto connect vlan command.

The crypto engine slot command is only available for VLANs prior to the VLANs being made interface VLANs by the crypto connect vlan command.

The crypto engine slot command is rejected if you enter it on a crypto-connected interface VLAN whose current crypto engine slot configuration is different from the subslot specified in the crypto engine slot command. To change the crypto engine slot configuration on an interface VLAN, you must ensure that the VLAN is not crypto-connected.

If you change the crypto engine slot configuration on an interface VLAN, any IPSec and IKE SAs that are currently active on that interface VLAN are deleted.

If you enter the no crypto engine slot command and the interface VLAN is crypto-connected, the no crypto engine slot command is rejected. The no crypto engine slot command is allowed only after you enter the no crypto connect vlan command, or before you enter the crypto connect vlan command.

When you remove an interface VLAN from an inside trunk port and a corresponding crypto engine slot configuration state exists, then that crypto engine slot configuration state is not removed. If you remove a VLAN that has a crypto engine slot configuration state, you need to manually add it back to recover. While in this inconsistent state, any attempt to enter the no crypto connect vlan command is rejected.

When you enter the no crypto connect vlan command, the interface VLAN status is removed from a VLAN. Any associated crypto engine slot configuration state is not altered.

When you write the configuration or show the configuration, the crypto engine slot configuration state is expressed in the context of the associated interface VLAN. The interface VLAN is also shown as having been added to the appropriate inside trunk port. This is the case even if the configuration was loaded from a legacy (pre-crypto engine slot) configuration file, or if VLANs were manually added instead of being added through the crypto engine slot command.

By editing the crypto engine slot commands and inside trunk port VLANs, it is possible to produce an inconsistent configuration file.

Examples

The following example assigns the interface VLAN Vlan101 to the IPSec VPN SPA in slot 3, subslot 0:

Router(config)# interface Vlan101
Router(config-if)# ip address 192.168.101.1 255.255.255.0
Router(config-if)# crypto map cmap
Router(config-if)# crypto engine slot 3/0

Router(config)# interface GigabitEthernet2/1
Router(config-if)# crypto connect Vlan101

Related Commands

Command
Description

crypto connect vlan

Creates an interface VLAN for an IPSec VPN SPA and enters crypto-connect mode.

crypto map (interface IPSec)

Applies a previously defined crypto map set to an interface.

show crypto vlan

Displays the VPN running state for an IPSec VPN SPA.


crypto engine subslot

To assign an interface VLAN that requires encryption to the IPSec VPN SPA, use the crypto engine subslot command in interface configuration mode. To remove the interface VLAN, use the no form of this command.

crypto engine subslot slot/subslot

no crypto engine subslot slot/subslot

Syntax Description

slot

Chassis slot number where the Cisco 7600 SSC-400 card is located. Refer to the appropriate hardware manual for slot information. For SIPs and SSCs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

subslot

Secondary slot number on the SSC where the IPSec VPN SPA is installed.


Defaults

No default behavior or values.

Command Modes

Interface configuration

Command History

Release
Modification

12.2(18)SXE2

This command was introduced.

12.2(33)SRA

This command is replaced by the crypto engine slot command.


Usage Guidelines


Note This command is replaced by the crypto engine slot command in Cisco IOS Release 12.2(33)SRA.


With this command, you do not need to explicitly add interface VLANs to the IPSec VPN SPA inside trunk port.

It is strongly recommended that you use the crypto engine subslot command instead of manually adding and removing VLANs from the inside trunk port.

When you add an interface VLAN to an inside trunk port and that interface VLAN is not already added to another inside trunk port, the crypto engine subslot configuration state on the interface VLAN is combined. If the interface VLAN is already added to another inside trunk port, the command is rejected.

You should not try to add all VLANs at one time (If you attempt this, you can recover by manually removing the VLANs from the inside trunk port.)

The crypto engine subslot command is used in conjunction with the crypto connect vlan command.

The crypto engine subslot command is only available for VLANs prior to the VLANs being made interface VLANs by the crypto connect vlan command.

The crypto engine subslot command is rejected if you enter it on a crypto-connected interface VLAN whose current crypto engine subslot is different from the subslot specified in the crypto engine subslot command. To change the crypto engine subslot on an interface VLAN, you must ensure that the VLAN is not crypto-connected.

If you change the crypto engine subslot configuration on an interface VLAN, any IPSec and IKE SAs that are currently active on that interface VLAN are deleted.

If you enter the no crypto engine subslot command and the interface VLAN is crypto-connected, the no crypto engine subslot command is rejected. The no crypto engine subslot command is allowed only after you enter the no crypto connect vlan command, or before you enter the crypto connect vlan command.

When you remove an interface VLAN from an inside trunk port and a corresponding crypto engine subslot configuration state exists, then that crypto engine subslot configuration state is not removed. If you remove a VLAN that has a crypto engine subslot configuration state, you need to manually add it back to recover. While in this inconsistent state, any attempt to enter the no crypto connect vlan command is rejected.

When you enter the no crypto connect vlan command, the interface VLAN status is removed from a VLAN. Any associated crypto engine subslot configuration state is not altered.

When you write the configuration or show the configuration, the crypto engine subslot configuration state is expressed in the context of the associated interface VLAN. The interface VLAN is also shown as having been added to the appropriate inside trunk port. This is the case even if the configuration was loaded from a legacy (pre-crypto engine subslot) configuration file, or if VLANs were manually added instead of being added through the crypto engine subslot command.

By editing the crypto engine subslot commands and inside trunk port VLANs, it is possible to produce an inconsistent configuration file.

Examples

The following example assigns the interface VLAN Vlan101 to the IPSec VPN SPA in slot 3, subslot 0:

Router(config)# interface Vlan101
Router(config-if)# ip address 192.168.101.1 255.255.255.0
Router(config-if)# crypto map cmap
Router(config-if)# crypto engine subslot 3/0

Router(config)# interface GigabitEthernet2/1
Router(config-if)# crypto connect Vlan101

Related Commands

Command
Description

crypto connect vlan

Creates an interface VLAN for an IPSec VPN SPA and enters crypto-connect mode.

crypto map (interface IPSec)

Applies a previously defined crypto map set to an interface.

show crypto vlan

Displays the VPN running state for an IPSec VPN SPA.


crypto ipsec ipv4 deny-policy

To configure deny address ranges at the global (IPSec VPN SPA) level, use the crypto ipsec ipv4 deny-policy command in global configuration mode.

crypto ipsec ipv4 deny-policy {jump | clear | drop}

Syntax Description

jump

Causes the search to jump to the beginning of the ACL associated with the next sequence in the crypto map and continues the search when a deny address is hit.

clear

Allows traffic to pass through in the clear (unencrypted) state when a deny address is hit.

drop

Causes traffic to be dropped when a deny address is hit.


Defaults

The default behavior is jump.

Command Modes

Global configuration

Command History

Release
Modification

12.2(18)SXE2

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Use this command to prevent repeated address ranges from being programmed in the hardware, resulting in more efficient TCAM space utilization.

Specifying a deny address range in an ACL results in "jump" behavior. When a denied address range is hit, it forces the search to "jump" to the beginning of the ACL associated with the next sequence in a crypto map and continue the search.

If you want to pass clear traffic on an address, you must insert a deny address range for each sequence in a crypto map.

Each permit list of addresses inherits all the deny address ranges specified in the ACL. A deny address range causes the software to do a subtraction of the deny address range from a permit list, and creates multiple permit address ranges that need to be programmed in hardware. This behavior can cause repeated address ranges to be programmed in the hardware for a single deny address range, resulting in multiple permit address ranges in a single ACL.

If you apply the specified keyword (jump, clear, or drop) when crypto maps are already configured on the IPSec VPN SPA, all existing IPSec sessions are temporarily removed and restarted, which impacts traffic on your network.

The number of deny entries that can be specified in an ACL are dependent on the keyword specified:

jump—Supports up to 8 deny entries in an ACL.

clear—Supports up to 1000 deny entries in an ACL.

drop—Supports up to 1000 deny entries in an ACL.

Examples

The following example shows a configuration using the deny-policy clear option. In this example, when a deny address is hit, the search will stop and traffic will be allowed to pass in the clear (unencrypted) state:

Router(config)# crypto ipsec ipv4 deny-policy clear

Related Commands

Command
Description

access-list

Defines a standard or extended IP access list.


debug crypto ace b2b

To enable IPSec VPN SPA debugging for a Blade Failure Group, use the debug crypto ace b2b command in privileged EXEC mode.

debug crypto ace b2b

Defaults

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE2

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Examples

The following example enables IPSec VPN SPA debugging for a Blade Failure Group:

Router# debug crypto ace b2b

ACE B2B Failover debugging is on

Related Commands

Command
Description

linecard-group feature card

Assigns a group ID to a Blade Failure Group.

show crypto ace redundancy

Displays information about a Blade Failure Group.

show redundancy linecard-group

Displays the components of a Blade Failure Group.


debug hw-module all upgrade

To enable debug messages for field-programmable devices (FPDs), use the debug hw-module all upgrade command in privileged EXEC configuration mode. To disable debug messages, use the no form of the command.

debug hw-module all upgrade [error | event]

no debug hw-module all upgrade [error | event]

Syntax Description

all

Enable debug messaging for all supported modules in the system.

error

(Optional) Enables display of FPD upgrade error messages.

event

(Optional) Enables display of FPD upgrade event messages.


Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The debug hw-module all upgrade command is intended for use by Cisco Systems technical support personnel.

If you attempt to use this command without a SPA installed, or with an incompatible SPA installed, the keyword options are not provided.


Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

For more information about FPD upgrades on SPA interface processors (SIPs) and shared port adapters (SPAs), refer to the Cisco 7600 Series Router SIP, SSC, and SPA Software Configuration Guide.

Examples

The following example enables FPD upgrade debug messages for all supported card types on the Cisco 7600 series router:

Router# debug hw-module all upgrade

debug hw-module subslot commands

To enable debug messages for control plane configuration and commands on a shared port adapter (SPA), use the debug hw-module subslot commands command in privileged EXEC configuration mode. To disable debug messages, use the no form of the command.

debug hw-module subslot {slot/subslot | all} commands

no debug hw-module subslot {slot/subslot | all} commands

Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

all

Enable debug messaging for all supported modules in the system.


Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The debug hw-module subslot commands are intended for use by Cisco Systems technical support personnel.

If you attempt to use a debug hw-module subslot command without a SPA installed, or with an incompatible SPA installed, the keyword options are not provided.


Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

The following example enables control plane debug messages for the SPA located in the top subslot (0) of the SIP that is installed in slot 4 of a router:

Router# debug hw-module subslot 4/0 commands

debug hw-module subslot errors

To enable debug messages for error handling and race conditions on a shared port adapter (SPA), use the debug hw-module subslot errors command in privileged EXEC configuration mode. To disable debug messages, use the no form of the command.

debug hw-module subslot {slot/subslot | all} errors

no debug hw-module subslot {slot/subslot | all} errors

Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

all

Enable debug messaging for all supported modules in the system.


Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The debug hw-module subslot commands are intended for use by Cisco Systems technical support personnel.

If you attempt to use a debug hw-module subslot command without a SPA installed, or with an incompatible SPA installed, the keyword options are not provided.


Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

The following example enables error handling debug messages for the SPA located in the top subslot (0) of the SIP that is installed in slot 4 of a router:

Router# debug hw-module subslot 4/0 errors

debug hw-module subslot events

To enable debug messages for control plane event notifications on a shared port adapter (SPA), use the debug hw-module subslot events command in privileged EXEC configuration mode. To disable debug messages, use the no form of the command.

debug hw-module subslot {slot/subslot | all} events

no debug hw-module subslot {slot/subslot | all} events

Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

all

Enable debug messaging for all supported modules in the system.


Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The debug hw-module subslot commands are intended for use by Cisco Systems technical support personnel.

If you attempt to use a debug hw-module subslot command without a SPA installed, or with an incompatible SPA installed, the keyword options are not provided.


Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

The following example enables control plane event messages for the SPA located in the top subslot (0) of the SIP that is installed in slot 4 of a router:

Router# debug hw-module subslot 4/0 events

debug hw-module subslot interrupts

To enable debug messages for interrupt handling on a shared port adapter (SPA), use the debug hw-module subslot interrupts command in privileged EXEC configuration mode. To disable debug messages, use the no form of the command.

debug hw-module subslot {slot/subslot | all} interrupts

no debug hw-module subslot {slot/subslot | all} interrupts

Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

all

Enable debug messaging for all supported modules in the system.


Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The debug hw-module subslot commands are intended for use by Cisco Systems technical support personnel.

If you attempt to use a debug hw-module subslot command without a SPA installed, or with an incompatible SPA installed, the keyword options are not provided.


Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

The following example enables interrupt handling debug messages for the SPA located in the top subslot (0) of the SIP that is installed in slot 4 of a router:

Router# debug hw-module subslot 4/0 interrupts

debug hw-module subslot ipcshim

To enable debug messages for IPC shim application processing for all supported modules in the system, use the debug hw-module subslot ipcshim command in privileged EXEC configuration mode. To disable debug messages, use the no form of the command.

debug hw-module subslot all ipcshim

no debug hw-module subslot all ipcshim

Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The debug hw-module subslot commands are intended for use by Cisco Systems technical support personnel.

The debug hw-module subslot ipcshim command is only supported by certain shared port adapters (SPAs).


Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

The following example enables IPC SHIM application debug messages for all supported modules in the router:

Router# debug hw-module subslot all ipcshim

debug hw-module subslot oir

To enable debug messages for online insertion and removal (OIR) processing on a shared port adapter (SPA), use the debug hw-module subslot oir command in privileged EXEC configuration mode. To disable debug messages, use the no form of the command.

debug hw-module subslot {slot/subslot | all} oir {plugin | state-machine}

no debug hw-module subslot {slot/subslot | all} oir {plugin | state-machine}

Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

all

Enable debug messaging for all supported modules in the system.

plugin

Enable debug messaging for platform-provided plugin routines.

state-machine

Enable debug messaging for SPA OIR state machines.


Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The debug hw-module subslot commands are intended for use by Cisco Systems technical support personnel.

If you attempt to use a debug hw-module subslot command without a SPA installed, or with an incompatible SPA installed, the keyword options are not provided.


Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

The following example shows enabling of OIR plugin debug messages for the SPA located in subslot 1 of the SIP that is installed in slot 4 of the router, and the corresponding messages during a SPA reload:

Router# debug hw-module subslot 4/1 oir plugin
WARNING: This command is not intended for production use
and should only be used under the supervision of
Cisco Systems technical support personnel.

SPA subslot 4/1:
   SPA specific oir handling debugging is on
Router# hw-module subslot 4/1 reload
Router#
Mar 26 01:35:04: cwrp_handle_spa_oir_tsm_event: subslot 4/1 event=9
Mar 26 01:35:04: cwrp_handle_spa_oir_tsm_event: subslot 4/1 event=1
Router#
Mar 26 01:35:09: cwrp_handle_spa_oir_tsm_event: subslot 4/1 event=0
Mar 26 01:35:10: cwrp_handle_spa_oir_tsm_event: subslot 4/1 event=2

debug hw-module subslot periodic

To enable debug messages for periodic processing on a shared port adapter (SPA), use the debug hw-module subslot periodic command in privileged EXEC configuration mode. To disable debug messages, use the no form of the command.

debug hw-module subslot {slot/subslot | all} periodic

no debug hw-module subslot {slot/subslot | all} periodic

Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

all

Enable debug messaging for all supported modules in the system.


Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The debug hw-module subslot commands are intended for use by Cisco Systems technical support personnel.

If you attempt to use a debug hw-module subslot command without a SPA installed, or with an incompatible SPA installed, the keyword options are not provided.


Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

The following example enables periodic processing debug messages for the SPA located in the top subslot (0) of the SIP that is installed in slot 4 of a router:

Router# debug hw-module subslot 4/0 periodic

framing (T1/E1 controller)

To select the frame type for the T1 or E1 data line, use the framing command in controller configuration mode. To return to the default, use the no form of the command.

T1 Lines

framing {sf | esf}

E1 Lines

framing {crc4 | no-crc4} [australia]

T1 Shared Port Adapter

framing {sf | esf}

no framing {sf | esf}

E1 Shared Port Adapter

framing {crc4 | no-crc4 | unframed}

no framing {crc4 | no-crc4 | unframed}

Syntax Description

sf

Specifies super frame as the T1 frame type. This is the default.

esf

Specifies extended super frame as the T1 frame type.

crc4

Specifies CRC4 as the E1 frame type. This is the default for Australia.

no-crc4

Specifies CRC4 disabled as the E1 frame type.

unframed

Specifies unframed mode.

australia

(Optional) Specifies the E1 frame type used in Australia.


Defaults

sf on a T1 line

crc4 on an E1 line

Command Modes

Controller configuration

Command History

12.2S

This command was integrated into Cisco IOS Release 12.2S.

12.2(25)S3

This command was integrated into Cisco IOS Release 12.2(25)S3.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE to support SPAs on a Cisco 7600 series router and Catalyst 6500 series switch.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Use this command in configurations in which the router or access server is intended to communicate with T1 or E1 fractional data lines. The service provider determines the framing type required for your T1/E1 circuit.

To return to the default mode on a T1/E1 SPA, use the no form of this command. This command does not have a no form for other T1/E1 lines.

Examples

The following example selects extended super frame as the T1 frame type:

Router(config-controller)# framing esf

Related Commands

Command
Description

cablelength

Specifies the distance of the cable from the routers to the network equipment.

linecode

Selects the linecode type for T1 or E1 line.


framing (T3 controller)

To choose framing mode on a T3 port, use the framing command in controller configuration mode. To return to the default mode, use the no form of this command.

T3 Controllers

framing {c-bit | m23}

no framing

Channelized T3 Shared Port Adapters and the Cisco 7500 Series Routers with CT3IP Port Adapter

framing {c-bit | m23 | auto-detect}

no framing

Syntax Description

auto-detect

Specifies detection of the framing type that it receives from the far-end equipment.

c-bit

Specifies that C-bit framing is used as the T3 framing type.

m23

Specifies that M23 framing is used as the T3 framing type.


Defaults

c-bit (for the 2-Port and 4-Port Channelized T3 SPA and most T3 controllers)

auto-detect (for the CT3IP in a Cisco 7500 series router)

Command Modes

Controller configuration

Command History

Release
Modification

11.1CA

This command was introduced.

12.2(11)YT

This command was integrated into Cisco IOS Release 12.2(11)YT and implemented on the following platforms for T3: Cisco 2650XM, Cisco 2651XM, Cisco 2691, Cisco 3660 series, Cisco 3725, and Cisco 3745 routers.

12.2(15)T

This command was integrated into Cisco IOS Release 12.2(15)T.

12.2S

This command was integrated into Cisco IOS Release 12.2S.

12.2(25)S3

This command was integrated into Cisco IOS Release 12.2(25)S3 to support SPAs on the Cisco 7304 routers.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE to support SPAs on a Cisco 7600 series router or Catalyst 6500 series switch.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S to support SPAs on the Cisco 12000 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

You can set the framing for each T1 channel by using the t1 framing controller configuration command.

Cisco 7500 Series Routers with CT3IP Port Adapter

Because the CT3IP supports the Application Identification Channel (AIC) signal, the setting for the framing might be overridden by the CT3IP firmware.

Examples

The following example sets the framing mode on a T3 interface.

Router# configure terminal
Router(config)# controller t1 6/0/0
Router(config-controller)# framing m23

The following example sets the framing for the CT3IP to C-bit:

Router(config)# controller t3 9/0/0
Router(config-controller)# framing c-bit

Related Commands

Command
Description

controller

Configures a T1, E1, or T3 controller and enters controller configuration mode.

show controller

Displays controller configuration.

t1 framing

Specifies the type of framing used by the T1 channels.


framing (T3-E3 interface)

To choose framing mode on a T3 or E3 port, use the framing command in interface configuration mode. To return to the default mode, use the no form of this command.

PA-T3 and T3 Shared Port Adapters

framing {bypass | c-bit | m13}

no framing {bypass | c-bit | m13}

PA-E3 and E3 Shared Port Adapters

framing {bypass | g751 | g832}

no framing {bypass | g751 | g832}

Syntax Description

bypass

Bypasses DS3 framing mode.

c-bit

Enables DS3 C-bit framing mode.

m13

Enables DS3 M13 framing mode.

g751

Enables E3 G.751 framing mode.

g832

Enables E3 G.832 framing mode. The g832 keyword is not supported on Cisco 7304 routers with the 4-Port Clear Channel T3/E3 SPA.


Defaults

T3: C-bit framing

E3: g751 framing

Command Modes

Interface configuration

Command History

Release
Modification

11.1

This command was introduced.

12.2S

This command was integrated into Cisco IOS Release 12.2S.

12.2(25)S3

This command was integrated into Cisco IOS Release 12.2(25)S3 to support SPAs on the Cisco 7304 routers.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE to support SPAs on a Cisco 7600 series router and Catalyst 6500 series switch. The g832 keyword option was added to the command.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S to support SPAs on the Cisco 12000 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The default framing is described in the ITU-T Recommendation G.751.


Note The International Telecommunication Union Telecommunication Standardization Sector (ITU-T) carries out the functions of the former Consultative Committee for International Telegraph and Telephone (CCITT).


When the framing mode is bypass, the T3 frame data is not included in the T3 frame, just the data.

When the framing mode is bypass, the E3 frame data is not included in the E3 frame, just the data.

If you use the bypass keyword, scrambling must be set to the default (disabled), the DSU mode must be set to the default (0), and the DSU bandwidth must be set to the default (44736).

The g832 keyword is not supported on Cisco 7304 routers with the 2-Port and 4-Port Clear Channel T3/E3 SPA.

Examples

The following example sets the framing mode to bypass on interface 1/0/0:

Router(config)# interface serial 1/0/0
Router(config-if)# framing bypass

Related Commands

Command
Description

show controller serial

Displays serial line statistics.


hw-module slot subslot only

To change the mode of the Cisco 7600 SSC-400 card to allocate full buffers to the specified subslot, use the hw-module slot subslot only command in global configuration mode. If this command is not used, the total amount of buffers available is divided between the two subslots on the Cisco 7600 SSC-400 card.


Note This command automatically generates a reset on the Cisco 7600 SSC-400 card. See Usage Guidelines below for details.


hw-module slot slot subslot subslot only

Syntax Description

slot

Chassis slot number where the Cisco 7600 SSC-400 card is located. Refer to the appropriate hardware manual for slot information. For SIPs and SSCs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

subslot

Secondary slot number on the SSC where the IPSec VPN SPA is installed.


Defaults

No default behavior or values.

Command Modes

Global configuration mode

Command History

Release
Modification

12.2(18)SXF2

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Follow these guidelines and restrictions when configuring Cisco 7600 SSC-400 cards and IPSec VPN SPAs using the hw-module slot subslot only command:

This command is useful when supporting IP multicast over GRE on the IPSec VPN SPA.

When this command is executed, it automatically takes a reset action on the Cisco 7600 SSC-400 card and issues the following prompt to the console:

Module n will be reset? Confirm [n]:

The prompt will default to "N" (no). You must type "Y" (yes) to activate the reset action.

When in this mode, if you manually plug in a second SPA, or if you attempt to reset the SPA (by entering a no hw-module subslot shutdown command, for example), a message is displayed on the router console which refers you to the customer documentation.

Examples

The following example allocates full buffers to the SPA that is installed in subslot 0 of the SIP located in slot 1 of the router and takes a reset action of the Cisco 7600 SSC-400 card.

Router(config)# hw-module slot 4 subslot 1 only
Module 4 will be reset? Confirm [no]: y

Note that the prompt will default to "N' (no). You must type "Y" (yes) to activate the reset action.

Related Commands

Command
Description

ip multicast-routing

Enables IP multicast routing.

ip pim

Enables Protocol Independent Multicast (PIM) on an interface.


hw-module subslot reload

To restart a shared port adapter (SPA) and its interfaces, use the hw-module subslot reload command in privileged EXEC configuration mode. The command does not have a no form.

hw-module subslot slot/subslot reload

Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.


Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(25)S3

This command was introduced.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE on the Cisco 7600 series router and Catalyst 6500 series switch.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The hw-module subslot reload command stops and starts power to the SPA. This command is useful when you want to restart all interfaces on a SPA.

The command is recommended to restart a SPA under some of the following conditions:

To restart a SPA after it has been powered off because of a failure.

To recover from corrupted messaging between the Route Processor (RP) and the SIP.

Examples

The following command power cycles the SPA in subslot 2 of the SIP installed in chassis slot 13:

Router# hw-module subslot 13/2 reload
Router#

Note The hw-module subslot reload command does not produce a message on the router console to indicate the status of the command action. However, some interface configurations might produce console output related to the action of reloading the SPA.


Related Commands

Command
Description

show hw-module subslot oir

Displays the operational status of a SPA.


hw-module subslot shutdown

To disable a shared port adapter (SPA) with or without power, and save the configuration to the configuration file, use the hw-module subslot shutdown command in global configuration mode. To reenable the SPA, use the no form of this command.

hw-module subslot slot/subslot shutdown [powered | unpowered]

no hw-module subslot slot/subslot shutdown [powered | unpowered]

Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

powered

(Optional) Shuts down the SPA and all of its interfaces, and leaves them in an administratively down state with power enabled. This is the default state.

unpowered

(Optional) Shuts down the SPA and all of its interfaces, and leaves them in an administratively down state wihout power.


Defaults

If this command is not used, no hw-module subslot shutdown is the default behavior. When no hw-module subslot is configured, the SPA will be powered for normal operation.

If the hw-module subslot shutdown command is entered but neither powered or unpowered are specified in the CLI, powered is the default behavior.

Command Modes

Global configuration

Command History

Release
Modification

12.2(25)S3

This command was introduced.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

When you shut down a SPA using this command, you can choose to put it into one of two states:

Powered state—(Default) Shuts down the SPA, but the SPA remains powered on. Use this option when you plan to leave the SPA physically installed and cabled in the router. You might choose to do this if you want to install a SPA and configure it, but do not want it online or to start communicating with the remote end of the connection.

Unpowered state—Shuts down the SPA and removes power from the SPA. Use this option when you plan to remove the SPA from the chassis.

This command is useful when a user wants all the interfaces on a SPA disabled but does not or cannot remove the SPA. Unlike the hw-module subslot stop EXEC command on the Cisco 7304 router, this command is saved in the configuration file and will keep the SPA disabled when other router events (such as a router reload or OIR) attempt to restart the SPA. All other settings and configurations of the SPA will be maintained even if the SPA itself is shutdown using this command.

As a general rule, you do not need to shut down a SPA if you are removing it and replacing it with the same exact model of SPA in an online insertion and removal (OIR) operation. However, you should shut down a SPA whenever you are replacing a SPA with a different model of SPA.

When you shut down a SPA using the hw-module subslot shutdown command, it remains shut down even if you reset the router or install a new SPA in that subslot. To begin using the card again, you must manually reenable the card using the no hw-module subslot shutdown command.


Note This is a global configuration command, not an EXEC command. On the Cisco 7304 router, another hw-module subslot command is also available in EXEC mode, but that command is used for different purposes. An important distinction between this command and the hw-module subslot command in EXEC mode on the Cisco 7304 router is that this command is saved in the configuration.


Examples

The following example shows how to disable the SPA in subslot 4/1 while leaving the SPA in the router chassis. This command will be saved to the configuration file and no actions, outside of changing this configuration, will reenable the SPA:

Router(config)# hw-module subslot 4/1 shutdown unpowered

The following example shows how to configure the SPA to resume normal operation after the unpowered option has been used to disable the SPA:

Router(config)# hw-module subslot 4/1 shutdown powered

No messages are provided on the console when you shut down or reenable a SPA.

Related Commands

Command
Description

show hw-module subslot oir

Displays the operational status of a SPA.

hw-module slot1

Deactivates or reactivates a carrier card that is installed in a router slot. This command is entered in EXEC mode and is not saved to the configuration file.

1 Refer to the Cisco 7300 Series Platform-Specific Commands publication.


interface

To configure an interface type and to enter interface configuration mode, use the interface command in the appropriate configuration mode.

Standard Syntax

interface type number [name-tag]

Module-Specific and Platform-Specific Syntax

Analysis Module Network Module

interface analysis-module slot/unit

Content Engine Network Module

interface content-engine slot/unit

Cisco 830 Series

interface type [number]

Cisco 2600 Series

interface type slot/{port-adapter | port.subinterface-number}

Cisco 2600 Series on Voice Interfaces

interface type slot/voice-module-slot/voice-interface-slot

Cisco 3600 Series

interface type slot/{port | port.subinterface-number}

Cisco 3600 Series on Voice Interfaces

interface type slot/voice-module-slot/voice-interface-slot

Cisco 7100 Series

interface type slot/{port-adapter | port.subinterface-number}

Cisco 7200 Series and Cisco 7500 Series with a Packet over SONET Interface Processor

interface type slot/port

Cisco 7200 VXR Router Used as a Router Shelf in a Cisco AS5800 Universal Access Server

interface type router-shelf/slot/port

Cisco 7500 Series with Channelized T1 or E1

interface serial slot/port:channel-group

Cisco 7500 Series with Ports on VIP Cards

interface type slot/port-adapter/port

Subinterface Syntax Forms in Global Configuration Mode

Cisco 7200 Series

interface type slot/port.subinterface-number [multipoint | point-to-point]

Cisco 7500 Series

interface type slot/port-adapter.subinterface-number [multipoint | point-to-point]

Cisco 7500 Series with Ports on VIP Cards

interface type slot/port-adapter/port.subinterface-number [multipoint | point-to-point]

Cisco 12000 Series

interface type slot/{port-adapter | port.subinterface-number}

Shared Port Adapters

interface type slot/subslot/port[.subinterface-number]

Syntax Description

type

Type of interface to be configured. See Table 40-1.

number

Port, connector, or interface card number. On Cisco 830 series routers, the number argument specifies the ethernet interface number. On Cisco 4700 series routers, the number argument specifies the network interface module (NIM) or network processor module (NPM) number. The numbers are assigned at the factory at the time of installation or when added to a system; they can be displayed with the show interfaces command.

name-tag

(Optional) Specifies the logic name to identify the server configuration so that multiple server configurations can be entered.

This optional argument is for use with the Redundant Link Manager (RLM) feature.

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/voice-module-slot

Voice module slot number. The slash (/) is required.

Refer to the "Cisco 3700 Series Routers Voice Interface Numbering" section of the "Understanding Interface Numbering and Cisco IOS Basics" chapter in the platform-specific SPA software configuration guide.

/voice-interface-slot

Voice interface slot number. The slash (/) is required.

Refer to the "Cisco 3700 Series Routers Voice Interface Numbering" section of the "Understanding Interface Numbering and Cisco IOS Basics" chapter in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SIP where a SPA is installed. The slash (/) is required.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

/unit

Number of the daughter card on the network module. For analysis module and content engine (CE) network modules, always use 0. / is required.

/port

Port or interface number.The slash (/) is required.

Refer to the appropriate hardware manual for port information. For SPAs, refer to the corresponding "Specifying the Interface Address on a SPA" topics in the platform-specific SPA software configuration guide.

router-shelf

Router shelf number in a Cisco AS5800 universal access server. Refer to the appropriate hardware manual for router shelf information.

:channel-group

Channel group number. Cisco 7500 series routers specify the channel group number in the range of 0 to 4 defined with the channel-group controller configuration command.

/port-adapter

Port adapter number. Refer to the appropriate hardware manual for information about port adapter compatibility. The slash (/) is required.

.subinterface-number

Subinterface number in the range 1 to 4294967293. The number that precedes the period (.) must match the number to which this subinterface belongs.

multipoint | point-to-point

(Optional) Specifies a multipoint or point-to-point subinterface. There is no default.


Command Default

No interface types are configured.

Command Modes

Global configuration
RITE configuration


Note To use this command with the RLM feature, you must be in interface configuration mode.


Command History

Release
Modification

10.0

This command was introduced for the Cisco 7000 series routers.

11.0

This command was implemented on the Cisco 4000 series routers.

12.0(3)T

The optional name-tag argument was added for the RLM feature.

12.2(13)T

The content-engine keyword was added.

12.2(15)T

The lex keyword was removed because the LAN Extension feature is no longer available in Cisco IOS software.

12.2(20)S2

This command was implemented for SPAs on the Cisco 7304 router.

12.3(4)T

The service engine keyword was added. Support was added for the interface command to be used in RITE configuration mode to support IP trfaffic export profiles.

12.3(7)T

The analysis-module keyword was added.

12.2(22)S

Support for RITE configuration mode and IP traffic export profiles was added.

12.3(14)T

The satellite keyword was added to support satellite interface configuration on network modules.

12.2(18)SXE

This command was implemented for SPAs on the Cisco 7600 series routers and Catalyst 6500 series switches.

12.0(31)S

This command was implemented for SPAs on the Cisco 12000 series routers.

12.2(18)SXF

The tengigabitethernet keyword was added for support of the10 Gigabit Ethernet interface type.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

This command does not have a no form.

Table 40-1 displays the keywords that represent the types of interfaces that can be configured with the interface command. Replace the type argument with the appropriate keyword from the table.

Table 40-1 Interface Type Keywords 

Keyword
Interface Type

analysis-module

Analysis module interface. The analysis module interface is a Fast Ethernet interface on the router that connects to the internal interface on the Network Analysis Module (NAM). This interface cannot be configured for subinterfaces or for speed, duplex mode, and similar parameters. See the command-line interface (CLI) help for a list of valid parameters.

async

Port line used as an asynchronous interface.

atm

ATM interface.

bri

ISDN BRI. This interface configuration is propagated to each of the B channels. B channels cannot be individually configured. The interface must be configured with dial-on-demand commands in order for calls to be placed on that interface.

content-engine

Content engine (CE) network module interface. The CE network module interface cannot be configured for subinterfaces or for speed, duplex mode, and similar parameters. See the command-line interface (CLI) help for a list of valid parameters.

Note The content-engine keyword was formerly documented as the interface content-engine command.

dialer

Dialer interface.

ethernet

Ethernet IEEE 802.3 interface.

fastethernet

100-Mbps Ethernet interface. In RITE configuration mode, specifies the outgoing (monitored) interface for exported IP traffic.

Note The fastethernet keyword was formerly documented as the interface fastethernet command.

fddi

FDDI interface.

gigabitethernet

1000-Mbps Ethernet interface.

Note The gigabitethernet keyword was formerly documented as the interface gigabitethernet command.

group-async

Master asynchronous interface.

Note The group-async keyword was formerly documented as the interface group-async command.

hssi

High-Speed Serial Interface (HSSI).

loopback

Software-only loopback interface that emulates an interface that is always up. It is a virtual interface supported on all platforms. The number argument is the number of the loopback interface that you want to create or configure. There is no limit on the number of loopback interfaces that you can create.

null

Null interface.

port-channel

Port channel interface.

Note The port-channel keyword was formerly documented as the interface port-channel command.

pos

Packet OC-3 interface on the Packet-over-SONET (POS) interface processor.

Note The pos keyword was formerly documented as the interface pos command.

Satellite

Satellite network module. Enters satellite configuration mode.

sdcc

Section data communications channel interface.

serial

Serial interface.

service-engine

Network module (NM) or an Advanced Integration Module (AIM), this command may be used for NMs and AIMs only. If your system does not have this hardware, you will be unable to enter this command. The no form of this command (no interface service-engine) is not available. The exit command can be used to exit interface configuration mode.

switch

Switch interface.

tengigabitethernet

10-Gigabit Ethernet interface.

tokenring

Token Ring interface.

tunnel

Tunnel interface; a virtual interface. The number argument is the number of the tunnel interface that you want to create or configure. There is no limit on the number of tunnel interfaces that you can create.

vg-anylan

100VG-AnyLAN port adapter.

Note The vg-anylan keyword was formerly documented as the interface vg-anylan command.


Creating an IP Traffic Export Profile

Ip traffic export is intended only for software switching platforms; distributed architectures are not supported.

After you configure an IP traffic export profile using the ip traffic-export profile global configuration command, you must also include the interface command after the ip traffic-export profile command; otherwise, the profile will be unable to export the captured IP packets. If you do not use the interface command, you will receive a warning that indicates that the profile is incomplete.

Subinterfaces

Subinterfaces can be configured to support partially meshed Frame Relay networks. Refer to the "Configuring Serial Interfaces" chapter in the Cisco IOS Interface and Hardware Component Configuration Guide.

Using the analysis-module Keyword

The analysis module interface is used to access the NAM console for the initial configuration. After the NAM IP parameters are configured, the analysis module interface is typically used only during NAM software upgrades and while troubleshooting if the NAM Traffic Analyzer is inaccessible.

Visible only to the Cisco IOS software on the router, the analysis module interface is an internal Fast Ethernet interface on the router that connects to the internal NAM interface. The analysis module interface is connected to the router's Peripheral Component Interconnect (PCI) backplane, and all configuration and management of the analysis module interface must be performed from the Cisco IOS CLI.

Using the group-async Keyword

Using the group-async keyword, you create a single asynchronous interface with which other interfaces are associated as members using the group-range command. This one-to-many configuration allows you to configure all associated member interfaces by entering one command on the group master interface, rather than entering this command on each individual interface. You can create multiple group masters on a device; however, each member interface can be associated only with one group.

Using the port-channel Keyword

The Fast EtherChannel feature allows multiple Fast Ethernet point-to-point links to be bundled into one logical link to provide bidirectional bandwidth of up to 800 Mbps. You can configure the port-channel interface as you would any Fast Ethernet interface.

After you create a port-channel interface, you assign upto four Fast Ethernet interfaces to it. For information on how to assign a Fast Ethernet interface to a port-channel interface, refer to the channel-group command in the interface configuration mode.


Caution The port-channel interface is the routed interface. Do not enable Layer 3 addresses on the physical
Fast Ethernet interfaces. Do not assign bridge groups on the physical Fast Ethernet interfaces
because doing so creates loops. Also, you must disable spanning tree.


Caution With Release 11.1(20)CC, the Fast EtherChannel supports Cisco Express Forwarding (CEF) and distributed Cisco Express Forwarding (dCEF). We recommend that you clear all explicit
ip route-cache distributed commands from the Fast Ethernet interfaces before enabling dCEF on
the port-channel interface. Clearing the route cache gives the port-channel interface proper control
of its physical Fast Ethernet links. When you enable CEF/dCEF globally, all interfaces that support CEF/dCEF are enabled. When CEF/dCEF is enabled on the port-channel interface, it is automatically enabled on each of the Fast Ethernet interfaces in the channel group. However, if you have
previously disabled CEF/dCEF on the Fast Ethernet interface, CEF/dCEF is not automatically
enabled. In this case, you must enable CEF/dCEF on the Fast Ethernet interface.

As you work with the port-channel keyword, consider the following points:

Currently, if you want to use the Cisco Discovery Protocol (CDP), you must configure it only on the port-channel interface and not on the physical Fast Ethernet interface.

If you do not assign a static MAC address on the port-channel interface, the Cisco IOS software automatically assigns a MAC address. If you assign a static MAC address and then later remove it, Cisco IOS software automatically assigns a MAC address.

Using the vg-anylan Keyword

The 100VG-AnyLAN port adapter provides a single interface port that is compatible with and specified by IEEE 802.12. The 100VG-AnyLAN port adapter provides 100 Mbps over Category 3 or Category 5 cable with RJ-45 terminators and supports IEEE 802.3 Ethernet packets.

You configure the 100VG-AnyLAN port adapter as you would any Ethernet or Fast Ethernet interface. The 100VG-AnyLAN port adapter can be monitored with the IEEE 802.12 Interface MIB.

Examples

Analysis Module Interface with NAM Router: Example

The following example configures an analysis module interface when the NAM router is in router slot 1:

Router(config)# interface analysis-module 1/0

Asynchronous Group Master Interface: Example

The following example shows how to define asynchronous group master interface 0:

Router(config)# interface group-async 0

Content Engine Network Module Interface: Example

The following example configures an interface for a content engine network module in slot 1:

Router(config)# interface content-engine 1/0

Ethernet Interface on Cisco 830 Router: Example

The following example configures a new ethernet2 interface on the LAN or on the WAN side of the Cisco 830 series router.

c837# configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
c837(config)# interface ethernet 2

Ethernet Port on Ethernet Interface Processor on Cisco 7500 Series Router Example

The following example shows how to configure Ethernet port 4 on the Ethernet Interface Processor (EIP) in slot 2 on the Cisco 7500 series router:

Router(config)# interface ethernet 2/4

Exporting IP Traffic (RITE) Example

The following example shows how to configure the profile "corp1," which will send captured IP traffic to host "00a.8aab.90a0" at the interface "FastEthernet 0/1." This profile is also configured to export one in every 50 packets and to allow incoming traffic only from the access control list "ham_ACL."

Router(config)# ip traffic-export profile corp1
Router(config-rite)# interface FastEthernet 0/1
Router(config-rite)# bidirectional
Router(config-rite)# mac-address 00a.8aab.90a0
Router(config-rite)# outgoing sample one-in-every 50
Router(config-rite)# incoming access-list ham_acl
Router(config-rite)# exit
Router(config)# interface FastEthernet 0/0
Router(config-if)# ip traffic-export apply corp1

Fast Ethernet Interface on Cisco 2600 Router Example

The following example shows how to configure Fast Ethernet interface 0 on a Cisco 2600 series router:

Router(config)# interface fastethernet0/0
or
Router(config)# interface fastethernet0/0.1

Fast Ethernet Interface on Cisco 3600 Router Example

The following example shows how to configure Fast Ethernet interface 0 on a Cisco 3600 series router:

Router(config)# interface fastethernet0/0

or

Router(config)# interface fastethernet0/0.1

Fast Ethernet Interface with ARPA Encapsulation on Cisco 4700 Router Example

The following example shows how to configure Fast Ethernet interface 0 for standard ARPA encapsulation (the default setting) on a Cisco 4700 series router:

Router(config)# interface fastethernet 0

Fast Ethernet Interface on Cisco 7100 Router Example

The following example shows how to configure Fast Ethernet interface 0 on a Cisco 7100 series router:

Router(config)# interface fastethernet0/0

or

Router(config)# interface fastethernet0/0.1

Fast Ethernet Interface on Cisco 12000 Router Example

The following example shows how to configure Fast Ethernet interface 6 on a Cisco 12000 series router:

Router(config)# interface fastethernet6/0

or

Router(config)# interface fastethernet6/0.1

Gigabit Ethernet Interface Example

The following example shows how to configure the Gigabit Ethernet interface for slot 0, port 0:

Router(config)# interface gigabitethernet 0/0

Loopback Interface Example

The following example shows how to enable loopback mode and assign an IP network address and network mask to the interface. The loopback interface established here will always appear to be up.

Router(config)# interface loopback 0
Router(config-if)# ip address 10.108.1.1 255.255.255.0

Packet over SONET Interface Example

The following example shows how to specify the single Packet OC-3 interface on port 0 of the POS OC-3 port adapter in slot 2:

Router(config)# interface pos 2/0

Partially Meshed Frame Relay Network Example

The following example shows how to configure a partially meshed Frame Relay network. In this example, subinterface serial 0.1 is configured as a multipoint subinterface with two associated Frame Relay permanent virtual connections (PVCs), and subinterface serial 0.2 is configured as a point-to-point subinterface.

Router(config)# interface serial 0
Router(config-if)# encapsulation frame-relay
Router(config-if)# exit
Router(config)# interface serial 0/0.1 multipoint
Router(config-if)# ip address 10.108.10.1 255.255.255.0
Router(config-if)# frame-relay interface-dlci 42 broadcast
Router(config-if)# frame-relay interface-dlci 53 broadcast
Router(config-if)# exit
Router(config)# interface serial 0/0.2 point-to-point
Router(config-if)# ip address 10.108.11.1 255.255.255.0
Router(config-if)# frame-relay interface-dlci 59 broadcast

Port Channel Interface Example

The following example shows how to create a port-channel interface with a channel group number of 1 and add two Fast Ethernet interfaces to port-channel 1:

Router(config)# interface port-channel 1
Router(config-if)# ip address 10.1.1.10 255.255.255.0
Router(config-if)# exit
Router(config)# interface fastethernet 1/0/0
Router(config-if)# channel-group 1
Router(config-if)# exit
Router(config)# interface fastethernet 4/0/0
Router(config-if)# channel-group 1

SDCC Interface on a POS Shared Port Adapter Example

The following example configures the first interface (port 0) as a section data communications channel (SDCC) interface on a POS SPA, where the SPA is installed in the top subslot (0) of the MSC, and the MSC is installed in slot 4 of the Cisco 7304 router:

Router(config)# interface sdcc 4/3/0 
Router(config-if)# ip address 10.1.9.2 255.255.255.0 
Router(config-if)# logging event link-status 
Router(config-if)# load-interval 30 
Router(config-if)# no keepalive 
Router(config-if)# no fair-queue 
Router(config-if)# no cdp enable 

Serial Interface with PPP Encapsulation Example

The following example shows how to configure serial interface 0 with PPP encapsulation:

Router(config)# interface serial 0
Router(config-if)# encapsulation ppp

Shared Port Adapter Interface Example

The following example configures the second interface (port 1) on a 4-Port 10/100 Fast Ethernet SPA for standard ARPA encapsulation (the default setting), where the SPA is installed in the bottom subslot (1) of the MSC, and the MSC is installed in slot 2 of the Cisco 7304 router:

Router(config)# interface fastethernet 2/1/1

T1 Serial Interface Example

The following example shows how to configure circuit 0 of a T1 link for PPP encapsulation:

Router(config)# controller t1 4/1
Router(config-controller)# circuit 0 1
Router(config-controller)# exit
Router(config)# interface serial 4/1:0
Router(config-if)# ip address 10.108.13.1 255.255.255.0
Router(config-if)# encapsulation ppp

Token Ring Interface Processor Example

The following example shows how to configure the Token Ring interface processor in slot 1 on port 0 of a Cisco 7500 series router:

Router(config)# interface tokenring 1/0

100VG-AnyLAN Interface Example

The following example shows how to specify the 100VG-AnyLAN port adapter in the first port adapter in slot 1:

Router(config)# interface vg-anylan 1/0/0

Related CommandsT

Command
Description

channel-group

Defines the time slots that belong to each T1 or E1 circuit.

channel-group (Fast EtherChannel)

Assigns a Fast Ethernet interface to a Fast EtherChannel group.

clear interface

Resets the hardware logic on an interface.

controller

Configures an E1, J1, T1, or T3 controller and enters controller configuration mode.

group-range

Creates a list of asynchronous interfaces that are associated with a group interface on the same device.

ip traffic-export profile

Create or edit an IP traffic export profile.

mac-address

Sets the MAC layer address.

ppp

Starts an asynchronous connection using PPP.

show controllers content-engine

Displays controller information for CE network modules.

show interfaces

Displays information about interfaces.

show interfaces content-engine

Displays basic interface configuration information for a CE network module.

shutdown (RLM)

Shuts down all of the links under the RLM group.

slip

Starts a serial connection to a remote host using SLIP.


linecard-group feature card

To identify the group ID for a Blade Failure Group, use the linecard-group feature card command in redundancy configuration mode.

linecard-group group-id feature card

Syntax Description

group-id

Group ID number.


Defaults

No default behavior or values.

Command Modes

Redundancy configuration

Command History

Release
Modification

12.2(18)SXE2

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

To complete the configuration of a Blade Failure Group, you must add the two IPSec VPN SPAs to the group using the subslot command.

Examples

The following example configures a Blade Failure Group that has a group ID of 1 and consists of two IPSec VPN SPAs—one IPSec VPN SPA is in slot 5, subslot 1 and one IPSec VPN SPA is in slot 6, subslot 1:

Router(config)# redundancy
Router(config-red)# linecard-group 1 feature card
Router(config-r-lc)# subslot 5/1
Router(config-r-lc)# subslot 6/1

Related Commands

Command
Description

redundancy

Enters redundancy configuration mode.

show crypto ace redundancy

Displays information about a Blade Failure Group.

show redundancy linecard-group

Displays the components of a Blade Failure Group.


logging-events (T1-E1 controller)

To show the controller state change and alarms on a controller, use the logging-events command in controller configuration mode. To turn off controller state change reporting, use the no form of the command.

logging-events detail

no logging-events

Syntax Description

detail

Alarm along with the controller state change.


Defaults

Logging-events is the default.

Command Modes

Controller configuration

Command History

Release
Modification

12.2(18)SXE

This command was introduced to support SPAs on the Cisco 7600 series router and Catalyst 6500 series switch.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Use the logging-events command to show the state change and alarms on a controller on an 8-Port Channelized T1/E1 SPA.

Examples

The following shows enabling the logging-events command.

Router(config)#contr e1 2/1/0
Router(config-controller)# logging-events

Related Commands

Command
Description

controller

Configures a T1, E1, or T3 controller and enters controller configuration mode.

show controller

Displays controller configuration.


loopback (T3-E3 interface)

To loopback at various points in the transmit and receive path, use the loopback command in interface configuration mode. To stop the loopback, use the no form of this command.

PA-T3 Port Adapter

loopback {dte | local | network {line | payload} | remote}

no loopback

PA-E3 Port Adapter

loopback {dte | local | network {line | payload}}

no loopback

T3/E3 Shared Port Adapters

loopback {dte | local | dual | network {line | payload} | remote}

no loopback {dte | local | dual | network {line | payload} | remote}

Syntax Description

dte

Loopback after the line interface unit (LIU) towards the terminal.

local

Loopback after going through the framer toward the terminal.

dual

Sets both local loopback and network line loopback. The dual keyword is not supported on Cisco 7304 routers with the 2-Port and 4-Port Channelized T3 SPA.

network {line | payload}

Sets the loopback toward the network before going through the framer (line) or after going through the framer (payload).

remote

Sends FEAC to set remote in loopback.


Defaults

No loopback by default.

Command Modes

Interface configuration

Command History

Release
Modification

11.1

This command was introduced.

11.3

This command was introduced.

12.2(11)YT

This command was integrated into Cisco IOS Release 12.2(11)YT and implemented on the following platforms for E3: Cisco 2650XM, Cisco 2651XM, Cisco 2691, Cisco 3660 series, Cisco 3725, and Cisco 3745 routers.

12.2(15)T

This command was integrated into Cisco IOS Release 12.2(15)T.

12.2S

This command was integrated into Cisco IOS Release 12.2S.

12.2(25)S3

This command was integrated into Cisco IOS Release 12.2(25)S3 to support SPAs on the Cisco 7304 routers.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE to support SPAs on the Cisco 7600 series routers and Catalyst 6500 series switches. The dual keyword was added.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S to support SPAs on Cisco 12000 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Use the loopback command to diagnose problems on the local port, between the framer and the line interface unit (LIU) level.

To verify that a loopback is configured on the interface, use the show interfaces serial or show interfaces loopback command.

The dual keyword is not supported on Cisco 7304 routers with the 2-Port and 4-Port Channelized T3 SPA.

Examples

The following example configures the serial interface located in slot 3/0/0 for a local loopback:

Router(config)# interface serial 3/0/0
Router(config-if)# loopback local

The following example creates a loopback on slot 5, bay 0 after the LIU towards the terminal.

Router# configure terminal
Router(config)# interface serial 5/0/0
Router(config-if)# loopback dte

Related Commands

Command
Description

show controllers serial

Displays information that is specific to the interface hardware.

show interfaces loopback

Displays information about the loopback interface.

show interfaces serial

Displays information about a serial interface.


match vlan inner

To configure a class map to match the innermost VLAN ID in an 802.1q tagged frame, use the match vlan inner command in ATM interface configuration mode. To remove matching on the innermost VLAN ID of an 802.1q tagged frame, use the no form of this command.

match vlan inner vlan-ids

no match vlan inner vlan-ids

Syntax Description

vlan-ids

One or more VLAN IDs to be matched. The valid range for VLAN IDs is from 1 to 4095, and the list of VLAN IDs can include one or all of the following:

Single VLAN IDs, separated by spaces. For example:
100 200 300

One or more ranges of VLAN IDs, separated by spaces. For example:
1-1024 2000-2499


Command Default

Packets are not matched on the basis of incoming dot1q VLAN inner IDs.

Command Modes

Class map configuration

Command History

Release
Modification

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(18)SXF

This command was implemented on Cisco 7600 series routers.


Examples

The following example creates a class map that matches packets with a VLAN IDs of 100 to 300.

Router(config)# class-map match-all vlan100
Router(config-cmap)# match vlan inner 100 
Router(config-cmap)# exit 
Router(config)# class-map match-all vlan200
Router(config-cmap)# match vlan inner 200
Router(config-cmap)# exit 
Router(config)# class-map match-all vlan300
Router(config-cmap)# match vlan inner 300

Related Commands

Command
Description

clear cef linecard

Clears Cisco Express Forwarding (CEF) information on one or more line cards, but does not clear the CEF information on the main route processor (RP). This forces the line cards to synchronize their CEF information with the information that is on the RP.

match qos-group

Identifies a specified QoS group value as a match criterion.

mls qos trust

Sets the trusted state of an interface to determine which incoming QoS field on a packet, if any, should be preserved.

policy-map

Creates or modifies a policy map that can be attached to one or more interfaces to specify a service policy.

service-policy

Attaches a policy map to an input interface or VC, or an output interface or VC, to be used as the service policy for that interface or VC.

show policy-map

Displays the configuration of all classes for a specified service policy map or all classes for all existing policy maps.

show policy-map interface

Displays the configuration of all classes configured for all service policies on the specified interface or displays the classes for the service policy for a specific PVC on the interface.

show platform qos policy-map

Displays the type and number of policy maps that are configured on the router.


mdl

To configure the Maintenance Data Link (MDL) message defined in the ANSI T1.107a-1990 specification, use the mdl command in controller configuration mode. To remove the message, use the no form of this command.

mdl {transmit {path | idle-signal | test-signal} | string {eic | lic | fic | unit | pfi | port | generator} string}

no mdl {transmit {path | idle-signal | test-signal} | string {eic | lic | fic | unit | pfi | port generator} string}

Syntax Description

transmit path

Enables transmission of the MDL Path message.

transmit idle-signal

Enables transmission of the MDL Idle Signal message.

transmit test-signal

Enables transmission of the MDL Test Signal message.

string eic string

Specifies the Equipment Identification Code; can be up to 10 characters.

string lic string

Specifies the Location Identification Code; can be up to 11 characters.

string fic string

Specifies the Frame Identification Code; can be up to 10 characters.

string unit string

Specifies the Unit Identification Code; can be up to 6 characters.

string pfi string

Specifies the Path Facility Identification Code sent in the MDL Path message; can be up to 38 characters.

string port string

Specifies the Port number string sent in the MDL Idle Signal message; can be up to 38 characters.

string generator string

Specifies the Generator number string sent in the MDL Test Signal message; can be up to 38 characters.


Defaults

No MDL message is configured.

Command Modes

Controller configuration

Command History

Release
Modification

11.3

This command was introduced.

12.1(13)EX

This command was introduced on the Cisco 7304 router.

12.2(11)YT

This command was integrated into Cisco IOS Release 12.2(11)YT and implemented on the following platforms: Cisco 2650XM, Cisco 2651XM, Cisco 2691, Cisco 3660 series, Cisco 3725, and Cisco 3745 routers.

12.2(15)T

This command was integrated into Cisco IOS Release 12.2(15)T.

12.2(18)S

This command was introduced on Cisco 7304 routers running Cisco IOS Release 12.2(18)S.

12.2(25)S3

This command was integrated into Cisco IOS Release 12.2(25)S3 to support SPA on the Cisco 7304 routers.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE to support SPAs on the Cisco 7600 series routers and Catalyst 6500 series switches.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S to support SPAs on the Cisco 12000 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Use the mdl command to send messages in maintenance data link in T3 c-bit framing mode.


Note MDL is supported only when the DS3 framing is C-bit parity.


Examples

The following example shows the mdl commands on a T3 controller in slot 1, port 0:

Router(config)# controller t3 1/0
Router(config-controller)# clock source line
Router(config-controller)# mdl string eic ID
Router(config-controller)# mdl string fic Building B
Router(config-controller)# mdl string unit ABC
Router(config-controller)# mdl string pfi Facility Z
Router(config-controller)# mdl string port Port 7
Router(config-controller)# mdl transmit path
Router(config-controller)# mdl transmit idle-signal

Related Commands

Command
Description

controller

Configures a T1, E1, or T3 controller and enters controller configuration mode.

show controllers serial

Displays serial line statistics.

show controllers t3

Displays information about T3 controllers.


police

To configure traffic policing, use the police command in policy-map class configuration mode or policy-map class police configuration mode. To remove traffic policing from the configuration, use the no form of this command.

police bps [burst-normal] [burst-max] conform-action action exceed-action action [violate-action  action]

no police bps [burst-normal] [burst-max] conform-action action exceed-action action [violate-action action]

Syntax Description

bps

Average rate in bits per second. Valid values are 8000 to 200000000.

burst-normal

(Optional) Normal burst size in bytes. Valid values are 1000 to 51200000. The default normal burst size is 1500 bytes.

burst-max

(Optional) Excess burst size in bytes. Valid values are 1000 to 51200000.

conform-action action

Action to take on packets that conform to the rate limit.

exceed-action action

Action to take on packets that exceed the rate limit.

violate-action action

(Optional) Action to take on packets that violate the normal and maximum burst sizes.

action

Action to take on packets. Specify one of the following keywords:

drop—Drops the packet.

set-clp-transmit value—Sets the ATM Cell Loss Priority (CLP) bit from 0 to 1 on the ATM cell and transmits the packet with the ATM CLP bit set to 1.

set-cos-inner-transmit value—Sets the inner class of service field as a policing action for a bridged frame on the Enhanced FlexWAN module, and when using bridging features on SPAs with the Cisco 7600 SIP-200 and Cisco 7600 SIP-400 on the Cisco 7600 series router.

set-cos-transmit value—Sets the packet COS value and sends it.

set-discard-class-transmit—Sets the discard class attribute of a packet and transmits the packet with the new discard class setting.

set-dscp-transmit value—Sets the IP differentiated services code point (DSCP) value and transmits the packet with the new IP DSCP value setting.

set-frde-transmit value—Sets the Frame Relay Discard Eligibility (DE) bit from 0 to 1 on the frame relay frame and transmits the packet with the DE bit set to 1.

set-mpls-experimental-imposition-transmit value—Sets the Multiprotocol Label Switching (MPLS) experimental (EXP) bits (0 to 7) in the imposed label headers and transmits the packet with the new MPLS EXP bit value setting.

set-mpls-experimental-topmost-transmit value—Sets the MPLS EXP field value in the topmost MPLS label header at the input and/or output interfaces.

set-prec-transmit value—Sets the IP precedence and transmits the packet with the new IP precedence value setting.

set-qos-transmit value—Sets the qos-group value and transmits the packet with the new qos-group value setting.

transmit—Transmits the packet. The packet is not altered.


Defaults

Disabled

Command Modes

Policy-map class configuration (when specifying a single action to be applied to a marked packet)

Policy-map class police configuration (when specifying multiple actions to be applied to a marked packet)

Command History

Release
Modification

12.0(5)XE

This police command was introduced.

12.1(1)E

This command was integrated in Cisco IOS Release 12.1(1)E.

12.1(5)T

This command was integrated in Cisco IOS Release 12.1(5)T. The violate-action keyword was added.

12.2(2)T

The set-clp-transmit keyword for the action argument was added.
The set-frde-transmit keyword for the action argument was added. However, the set-frde-transmit keyword is not supported for AToM traffic in this release. Also, the set-frde-transmit keyword is supported only when Frame Relay is implemented on a physical interface without encapsulation.

The set-mpls-exp-transmit keyword for the action argument was added to the police command.

12.2(8)T

The command was modified for the Policer Enhancement — Multiple Actions feature. This command can now accommodate multiple actions for packets marked as conforming to, exceeding, or violating a specific rate.

12.2(13)T

In the action argument, the set-mpls-experimental-transmit keyword was renamed to set-mpls-experimental-imposition-transmit.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB.

12.2(33)SRA

The set-cos-inner-transmit keyword for the action argument was added when using multipoint bridging (MPB) features on the Enhanced FlexWAN module, and when using MPB on SPAs with the Cisco 7600 SIP-200 and Cisco 7600 SIP-400 on the Cisco 7600 series router.


Usage Guidelines

Use the police command to mark a packet with different quality of service (QoS) values based on conformance to the service-level agreement.

Traffic policing will not be executed for traffic that passes through an interface.

Specifying Multiple Actions

The police command allows you to specify multiple policing actions. When specifying multiple policing actions when configuring the police command, note the following points:

You can specify a maximum of four actions at one time.

You cannot specify contradictory actions such as conform-action transmit and conform-action drop.

Using the Police Command with the Traffic Policing Feature

The police command can be used with the Traffic Policing feature. The Traffic Policing feature works with a token bucket algorithm. Two types of token bucket algorithms are in Cisco IOS Release 12.1(5)T: a single-token bucket algorithm and a two-token bucket algorithm. A single-token bucket system is used when the violate-action option is not specified, and a two-token bucket system is used when the violate-action option is specified.

The token bucket algorithm for the police command that was introduced in Cisco IOS Release 12.0(5)XE is different from the token bucket algorithm for the police command introduced in Cisco IOS Release 12.1(5)T. For information on the token bucket algorithm introduced in Release 12.0(5)XE, refer to the Traffic Policing document for Release 12.0(5)XE. This document is available on the New Features for 12.0(5)XE feature documentation index (under Modular QoS CLI-related feature modules) at www.cisco.com.

The following are explanations of how the token bucket algorithms introduced in Cisco IOS Release 12.1(5)T work.

Token Bucket Algorithm with One Token Bucket

The one token bucket algorithm is used when the violate-action option is not specified in the police command command-line interface (CLI).

The conform bucket is initially set to the full size (the full size is the number of bytes specified as the normal burst size).

When a packet of a given size (for example, "B" bytes) arrives at specific time (time "T") the following actions occur:

Tokens are updated in the conform bucket. If the previous arrival of the packet was at T1 and the current time is T, the bucket is updated with (T - T1) worth of bits based on the token arrival rate. The token arrival rate is calculated as follows:

(time between packets <which is equal to T - T1> * policer rate)/8 bytes

If the number of bytes in the conform bucket B is greater than or equal to 0, the packet conforms and the conform action is taken on the packet. If the packet conforms, B bytes are removed from the conform bucket and the conform action is completed for the packet.

If the number of bytes in the conform bucket B is fewer than 0, the exceed action is taken.

Token Bucket Algorithm with Two Token Buckets

The two-token bucket algorithm is used when the violate-action option is specified in the police command CLI.

The conform bucket is initially full (the full size is the number of bytes specified as the normal burst size).

The exceed bucket is initially full (the full exceed bucket size is the number of bytes specified in the maximum burst size).

The tokens for both the conform and exceed token buckets are updated based on the token arrival rate, or committed information rate (CIR).

When a packet of given size (for example, "B" bytes) arrives at specific time (time "T") the following actions occur:

Tokens are updated in the conform bucket. If the previous arrival of the packet was at T1 and the current arrival of the packet is at t, the bucket is updated with T -T1 worth of bits based on the token arrival rate. The refill tokens are placed in the conform bucket. If the tokens overflow the conform bucket, the overflow tokens are placed in the exceed bucket.

The token arrival rate is calculated as follows:

(time between packets <which is equal to T-T1> * policer rate)/8 bytes

If the number of bytes in the conform bucket - B is greater than or equal to 0, the packet conforms and the conform action is taken on the packet. If the packet conforms, B bytes are removed from the conform bucket and the conform action is taken. The exceed bucket is unaffected in this scenario.

If the number of bytes in the conform bucket B is less than 0, the excess token bucket is checked for bytes by the packet. If the number of bytes in the exceed bucket B is greater than or equal to 0, the exceed action is taken and B bytes are removed from the exceed token bucket. No bytes are removed from the conform bucket.

If the number bytes in the exceed bucket B is fewer than 0, the packet violates the rate and the violate action is taken. The action is complete for the packet.

Using the set-cos-inner-transmit Action for SIPs and SPAs on the Cisco 7600 Series Router

The set-cos-inner-transmit keyword action was introduced in Cisco IOS Release 12.2(33)SRA to support marking of the inner CoS value as a policing action when using MPB features on the Enhanced FlexWAN module, and when using MPB features on SPAs with the Cisco 7600 SIP-200 and Cisco 7600 SIP-400 on the Cisco 7600 series router.

This command is not supported on the Cisco 7600 SIP-600.

For more information about QoS and the forms of police commands supported by the SIPs on the Cisco 7600 series router, refer to the Cisco 7600 Series SIP, SSC, and SPA Software Configuration Guide.

Examples

Token Bucket Algorithm with One Token Bucket Example

The token bucket algorithm for the police command that was introduced in Cisco IOS Release 12.0(5)XE is different from the token bucket algorithms introduced in Cisco IOS Release 12.1(5)T. The following example is for the token bucket algorithm with one token bucket introduced in Cisco IOS Release 12.1(5)T.

If the violate-action option is not specified when you configure a policy with the police command in Cisco IOS Release 12.1(5)T onward, the token bucket algorithm uses one token bucket. If the violate-action option is specified, the token bucket algorithm uses two token buckets. In the following example, the violate-action option is not specified, so the token bucket algorithm only uses one token bucket.

The following configuration shows users how to define a traffic class (using the class-map command) and associate the match criteria from the traffic class with the traffic policing configuration, which is configured in the service policy (using the policy-map command). The service-policy command is then used to attach this service policy to the interface.

In this particular example, traffic policing is configured with the average rate at 8000 bits per second and the normal burst size at 1000 bytes for all packets leaving Fast Ethernet interface 0/0:

Router(config)# class-map access-match
Router(config-cmap)# match access-group 1
Router(config-cmap)# exit
Router(config)# policy-map police-setting
Router(config-pmap)# class access-match
Router(config-pmap-c)# police 8000 1000 conform-action transmit exceed-action drop
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface fastethernet 0/0
Router(config-if)# service-policy output police-setting

The treatment of a series of packets leaving Fast Ethernet interface 0/0 depends on the size of the packet and the number of bytes remaining in the conform bucket. These packets are policed based on the following rules:

Tokens are updated in the conform bucket. If the previous arrival of the packet was at t1 and the current time is t, the bucket is updated with T -T1 worth of bits based on the token arrival rate. The token arrival rate is calculated as follows:

(time between packets <which is equal to T - T1> * policer rate)/8 bytes

If the number of bytes in the conform bucket B is greater than or equal to 0, the packet conforms and the conform action is taken on the packet. If the packet conforms, B bytes are removed from the conform bucket and the conform action is completed for the packet.

If the number of bytes in the conform bucket B is fewer than 0, the exceed action is taken.

In this example, the initial token buckets starts full at 1000 bytes. If a 450-byte packet arrives, the packet conforms because enough bytes are available in the conform token bucket. The conform action (send) is taken by the packet and 450 bytes are removed from the conform token bucket (leaving 550 bytes).

If the next packet arrives 0.25 seconds later, 250 bytes are added to the token bucket ((0.25 * 8000)/8), leaving 800 bytes in the token bucket. If the next packet is 900 bytes, the packet exceeds and the exceed action (drop) is taken. No bytes are taken from the token bucket.

Token Bucket Algorithm with Two Token Buckets Example

If the violate-action option is specified when you configure a policy with the police command in Cisco IOS Release 12.1(5)T onward, the token bucket algorithm uses two token buckets. The following example uses the token bucket algorithm with two token buckets.

The following configuration shows users how to define a traffic class (using the class-map command) and associate the match criteria from the traffic class with the traffic policing configuration, which is configured in the service policy (using the policy-map command). The service-policy command is then used to attach this service policy to the interface.

In this particular example, traffic policing is configured with the average rate at 8000 bits per second, the normal burst size at 1000 bytes, and the excess burst size at 1000 bytes for all packets leaving Fast Ethernet interface 0/0.

Router(config)# class-map access-match
Router(config-cmap)# match access-group 1
Router(config-cmap)# exit
Router(config)# policy-map police-setting
Router(config-pmap)# class access-match
Router(config-pmap-c)# police 8000 1000 1000 conform-action transmit exceed-action 
set-qos-transmit 1 violate-action drop
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface fastethernet 0/0
Router(config-if)# service-policy output police-setting

The treatment of a series of packets leaving Fast Ethernet interface 0/0 depends on the size of the packet and the number of bytes remaining in the conform and exceed token buckets. The series of packets are policed based on the following rules:

If the previous arrival of the packet was at T1 and the current arrival of the packet is at T, the bucket is updated with T -T1 worth of bits based on the token arrival rate. The refill tokens are placed in the conform bucket. If the tokens overflow the conform bucket, the overflow tokens are placed in the exceed bucket. The token arrival rate is calculated as follows:

(time between packets <which is equal to T - T1> * policer rate)/8 bytes

If the number of bytes in the conform bucket B is greater than or equal to 0, the packet conforms and the conform action is taken on the packet. If the packet conforms, B bytes are removed from the conform bucket and the conform action is taken. The exceed bucket is unaffected in this scenario.

If the number of bytes in the conform bucket B is less than 0, the excess token bucket is checked for bytes by the packet. If the number of bytes in the exceed bucket B is greater than or equal to 0, the exceed action is taken and B bytes are removed from the exceed token bucket. No bytes are removed from the conform bucket in this scenario.

If the number bytes in the exceed bucket B is fewer than 0, the packet violates the rate and the violate action is taken. The action is complete for the packet.

In this example, the initial token buckets starts full at 1000 bytes. If a 450-byte packet arrives, the packet conforms because enough bytes are available in the conform token bucket. The conform action (send) is taken by the packet and 450 bytes are removed from the conform token bucket (leaving 550 bytes).

If the next packet arrives 0.25 seconds later, 250 bytes are added to the conform token bucket
((0.25 * 8000)/8), leaving 800 bytes in the conform token bucket. If the next packet is 900 bytes, the packet does not conform because only 800 bytes are available in the conform token bucket.

The exceed token bucket, which starts full at 1000 bytes (as specified by the excess burst size) is then checked for available bytes. Because enough bytes are available in the exceed token bucket, the exceed action (set the QoS transmit value of 1) is taken and 900 bytes are taken from the exceed bucket (leaving 100 bytes in the exceed token bucket.

If the next packet arrives 0.40 seconds later, 400 bytes are added to the token buckets ((.40 * 8000)/8). Therefore, the conform token bucket now has 1000 bytes (the maximum number of tokens available in the conform bucket) and 200 bytes overflow the conform token bucket (because it only 200 bytes were needed to fill the conform token bucket to capacity). These overflow bytes are placed in the exceed token bucket, giving the exceed token bucket 300 bytes.

If the arriving packet is 1000 bytes, the packet conforms because enough bytes are available in the conform token bucket. The conform action (transmit) is taken by the packet, and 1000 bytes are removed from the conform token bucket (leaving 0 bytes).

If the next packet arrives 0.20 seconds later, 200 bytes are added to the token bucket ((.20 * 8000)/8). Therefore, the conform bucket now has 200 bytes. If the arriving packet is 400 bytes, the packet does not conform because only 200 bytes are available in the conform bucket. Similarly, the packet does not exceed because only 300 bytes are available in the exceed bucket. Therefore, the packet violates and the violate action (drop) is taken.

Conforming to the MPLS EXP Value Example

The following example shows that if packets conform to the rate limit, the MPLS EXP field is set to 5. If packets exceed the rate limit, the MPLS EXP field is set to 3.

Router(config)# policy-map input-IP-dscp
Router(config-pmap)# class dscp24
Router(config-pmap-c)# police 8000 1500 1000
Router(config-pmap-c)# conform-action set-mpls-experimental-imposition-transmit 5
Router(config-pmap-c)# exceed-action set-mpls-experimental-imposition-transmit 3
Router(config-pmap-c)# violate-action drop

Setting the Inner CoS Value as an Action for SIPs and SPAs on the Cisco 7600 Series Router Example

The following example shows configuration of a QoS class that filters all traffic for virtual LAN (VLAN) 100 into a class named "vlan-inner-100," and establishes a traffic shaping policy for the vlan-inner-100 class. The service policy limits traffic to an average rate of 500 kbps, with a normal burst of 1000 bytes, a maximum burst of 1500 bytes, and sets the inner CoS value to 3. Since setting of the inner CoS value is only supported with bridging features, the configuration also shows the service policy being applied as an output policy for an ATM SPA interface permanent virtual circuit (PVC) that bridges traffic into VLAN 100 using the bridge-domain command.

Router(config)# class-map match-all vlan-inner-100
Router(config-cmap)# match vlan inner 100
Router(config-cmap)# exit
Router(config)# policy-map vlan-inner-100
Router(config-pmap-c)# police 500000 1000 1500 conform-action set-cos-inner-transmit 3
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface atm3/0/0
Router(config-if)# pvc 100/100
Router(config-if-atm-vc)# bridge-domain 100 dot1q
Router(config-if-atm-vc)# service-policy output vlan-inner-100
Router(config-if)# end

Related Commands

Command
Description

bridge-domain

Enables RFC 1483 ATM bridging or RFC 1490 Frame Relay bridging to map a bridged VLAN to an ATM PVC or Frame Relay data-link connection identifier (DLCI).

class-map

Creates a class map to be used for matching packets to a specified class.

policy-map

Creates or modifies a policy map that can be attached to one or more interfaces to specify a service policy.

service-policy

Specifies the name of the service policy to be attached to the interface.

show policy-map

Displays the configuration of all classes for a specified service policy map or all classes for all existing policy maps.

show policy-map interface

Displays the configuration of all classes configured for all service policies on the specified interface or displays the classes for the service policy for a specific PVC on the interface.


police (percent)

To configure traffic policing on the basis of a percentage of bandwidth available on an interface, use the police command in policy-map class configuration mode. To remove traffic policing from the configuration, use the no form of this command.

police cir percent percentage [burst-in-msec] [bc conform-burst-in-msec ms] [be peak-burst-in-msec ms] [pir percent percentage] [conform-action action [exceed-action action [violate-action action]]]

no police cir percent percentage [burst-in-msec] [bc conform-burst-in-msec ms] [be peak-burst-in-msec ms] [pir percent percentage] [conform-action action [exceed-action action [violate-action action]]]

Syntax Description

cir

Committed information rate. Indicates that the CIR will be used for policing traffic.

percent

Specifies that a percentage of bandwidth will be used for calculating the CIR.

percentage

Specifies the bandwidth percentage. Valid range is a number from 1 to 100.

burst-in-msec

(Optional) Burst in milliseconds. Valid range is a number from 1 to 2000.

bc

(Optional) Conform burst (bc) size used by the first token bucket for policing traffic.

conform-burst-in-msec

(Optional) Specifies the bc value in milliseconds (ms). Valid range is a number from 1 to 2000.

ms

(Optional) Indicates that the burst value is specified in milliseconds.

be

(Optional) Peak burst (be) size used by the second token bucket for policing traffic.

peak-burst-in-msec

(Optional) Specifies the be size in ms. Valid range is a number from 1 to 2000.

pir

(Optional) Peak information rate. Indicates that the PIR will be used for policing traffic.

percent

(Optional) Specifies that a percentage of bandwidth will be used for calculating the PIR.

conform-action

(Optional) Action to take on packets whose rate is less than the conform burst.

exceed-action

(Optional) Action to take on packets whose rate is within the conform and conform plus exceed burst.

violate-action

(Optional) Action to take on packets whose rate exceeds the the conform plus exceed burst.

action

(Optional) Action to take on packets. Specify one of the following keywords:

drop—Drops the packet.

policed-dscp-transmit—(Exceed and violate action only). Change dscp value per policed-dscp map and send it.

set-clp-transmit—Sets the ATM Cell Loss Priority (CLP) bit from 0 to 1 on the ATM cell and sends the packet with the ATM CLP bit set to 1.

set-cos-inner-transmit value—Sets the inner class of service field as a policing action for a bridged frame on the Enhanced FlexWAN module, and when using bridging features on SPAs with the Cisco 7600 SIP-200 and Cisco 7600 SIP-400 on the Cisco 7600 series router.

set-cos-transmit value—Sets the packet COS value and sends it.

set-dscp-transmit new-dscpSets the IP differentiated services code point (DSCP) value and sends the packet with the new IP DSCP value setting.

set-frde-transmit—Sets the Frame Relay discard eligible (DE) bit from 0 to 1 on the Frame Relay frame and sends the packet with the DE bit set to 1.

set-mpls-exposition-transmit—Sets the Multiprotocol Label Switching (MPLS) experimental bits from 0 to 7 and sends the packet with the new MPLS experimental bit value setting.

set-mpls-topmost-transmit—Sets the MPLS experimental bits on the topmost label and sends it.

set-prec-transmit new-prec—Sets the IP precedence and sends the packet with the new IP precedence value setting.

transmit—Sends the packet with no alteration.


Defaults

The default bc and be is 4 ms.

Command Modes

Policy-map class configuration

Command History

Release
Modification

11.1CC

The rate-limit command was introduced.

12.0(5)XE

This police command, which was closely related to the rate-limit command, was introduced.

12.1(1)E

This command was integrated into Cisco IOS Release 12.2(1)E.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.

12.2(13)T

This command was modified for the Percentage-Based Policing and Shaping feature.

12.0(28)S

The command was integrated into Cisco IOS Release 12.0(28)S.

12.2(18)SXE

The command was integrated into Cisco IOS Release 12.2(18)SXE.

12.2(28)SB

The command was integrated into Cisco IOS Release 12.2(28)SB.

12.2(33)SRA

The set-cos-inner-transmit keyword for the action argument was added when using multipoint bridging (MPB) features on the Enhanced FlexWAN module, and when using MPB on SPAs with the Cisco 7600 SIP-200 and Cisco 7600 SIP-400 on the Cisco 7600 series router.


Usage Guidelines

This command calculates the cir and pir on the basis of a percentage of the maximum amount of bandwidth available on the interface. When a policy map is attached to the interface, the equivalent cir and pir values in bits per second (bps) are calculated on the basis of the interface bandwidth and the percent value entered with this command. The show policy-map interface command can then be used to verify the bps rate calculated.

The calculated cir and pir bps rates must be in the range of 8000 and 2000000000 bps. If the rates are outside this range, the associated policy map cannot be attached to the interface. If the interface bandwidth changes (for example, more is added), the bps values of the cir and the pir are recalculated on the basis of the revised amount of bandwidth. If the cir and pir percentages are changed after the policy map is attached to the interface, the bps values of the cir and pir are recalculated.

Conform Burst and Peak Burst Sizes in Milliseconds

This command also allows you to specify the values for the conform burst size and the peak burst size in milliseconds. If you want bandwidth to be calculated as a percentage, the conform burst size and the peak burst size must be specified in milliseconds (ms).

Hierarchical Policy Maps

Policy maps can be configured in two-level (nested) hierarchies; a top (or "parent") level and a secondary (or "child") level. The police (percent) command can be configured for use in either a parent or child policy map.

Notes About Bandwidth and Hierarchical Policy Maps

The police (percent) command uses the maximum rate of bandwidth available as the reference point for calculating the bandwidth percentage. When the police (percent) command is configured in a child policy map, the police (percent) command uses the bandwidth amount specified in the next higher-level policy (in this case, the parent policy map). If the parent policy map does not specify the maximum bandwidth rate available, the police (percent) command uses the maximum bandwidth rate available on the next higher level (in this case, the physical interface, the highest point in the hierarchy) as the reference point. The police (percent) command always looks to the next higher level for the bandwidth reference point. The following sample configuration illustrates this point:

Policymap parent_policy
 class parent
  shape average 512000
  service-policy child_policy

Policymap child_policy
 class normal_type
  police cir percent 30

In this sample configuration, there are two hierarchical policies; one called parent_policy and one called child_policy. In the policy map called child_policy, the police command has been configured in the class called normal_type. In this class, the percentage specified by for the police (percent) command is 30 percent. The command will use 512 kbps, the peak rate, as the bandwidth reference point for class parent in the parent_policy. The police (percent) command will use 512 kbps as the basis for calculating the cir rate (512 kbps * 30 percent).

interface serial 4/0
 service-policy output parent_policy

Policymap parent_policy
 class parent
  bandwidth 512
  service-policy child_policy

In the above example, there is one policy map called parent_policy. In this policy map, a peak rate has not been specified. The bandwidth command has been used, but this command does not represent the maximum rate of bandwidth available. Therefore, the police (percent) command will look to the next higher level (in this case serial interface 4/0) to get the bandwidth reference point. Assuming the bandwidth of serial interface 4/0 is 1.5 Mbps, the police (percent) command will use 1.5 Mbps as the basis for calculating the cir rate (1500000 * 30 percent).

How Bandwidth Is Calculated

The police (percent) command is often used in conjunction with the bandwidth and priority commands. The bandwidth and priority commands can be used to calculate the total amount of bandwidth available on an entity (for example, a physical interface). When the bandwidth and priority commands calculate the total amount of bandwidth available on an entity, the following guidelines are invoked:

If the entity is a physical interface, the total bandwidth is the bandwidth on the physical interface.

If the entity is a shaped ATM permanent virtual circuit (PVC), the total bandwidth is calculated as follows:

For a variable bit rate (VBR) virtual circuit (VC), the sustained cell rate (SCR) is used in the calculation.

For an available bit rate (ABR) VC, the minimum cell rate (MCR) is used in the calculation.

For more information on bandwidth allocation, refer to the" Congestion Management Overview " chapter in the Cisco IOS Quality of Service Solutions Configuration Guide.

Using the set-cos-inner-transmit Action for SIPs and SPAs on the Cisco 7600 Series Router

The set-cos-inner-transmit keyword action was introduced in Cisco IOS Release 12.2(33)SRA to support marking of the inner CoS value as a policing action when using MPB features on the Enhanced FlexWAN module, and when using MPB features on SPAs with the Cisco 7600 SIP-200 and Cisco 7600 SIP-400 on the Cisco 7600 series router.

This command is not supported on the Cisco 7600 SIP-600.

For more information about QoS and the forms of police commands supported by the SIPs on the Cisco 7600 series router, refer to the Cisco 7600 Series SIP, SSC, and SPA Software Configuration Guide.

Examples

The following example configures traffic policing using a CIR and a PIR on the basis of a percentage of bandwidth. In this example, a CIR of 20 percent and a PIR of 40 percent have been specified. Additionally, an optional bc value and be value (300 ms and 400 ms, respectively) have been specified.

Router> enable
Router# configure terminal
Router(config)# policy-map policy1
Router(config-pmap)# class class1
Router(config-pmap-c)# police cir percent 20 bc 300 ms be 400 ms pir percent 40 
Router(config-pmap-c-police)# exit 

After the policy map and class maps are configured, the policy map is attached to interface as shown in the following example.

Router> enable
Router# configure terminal
Router(config)# interface serial4/0 
Router(config-if)# service-policy input policy1
Router(config-if)# exit

Setting the Inner CoS Value as an Action for SIPs and SPAs on the Cisco 7600 Series Router Example

The following example shows configuration of a QoS class that filters all traffic for virtual LAN (VLAN) 100 into a class named "vlan-inner-100," and establishes a traffic shaping policy for the vlan-inner-100 class. The service policy limits traffic to a CIR of 20 percent and a PIR of 40 percent , with an conform burst (bc) of 300 ms, and peak burst (be) of 400 ms, and sets the inner CoS value to 3. Since setting of the inner CoS value is only supported with bridging features, the configuration also shows the service policy being applied as an output policy for an ATM SPA interface permanent virtual circuit (PVC) that bridges traffic into VLAN 100 using the bridge-domain command.

Router(config)# class-map match-all vlan-inner-100
Router(config-cmap)# match vlan inner 100
Router(config-cmap)# exit
Router(config)# policy-map vlan-inner-100
Router(config-pmap-c)# police cir percent 20 bc 300 ms be 400 ms pir percent 40 
conform-action set-cos-inner-transmit 3
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface atm3/0/0
Router(config-if)# pvc 100/100
Router(config-if-atm-vc)# bridge-domain 100 dot1q
Router(config-if-atm-vc)# service-policy output vlan-inner-100
Router(config-if)# end

Related Commands

Command
Description

bridge-domain

Enables RFC 1483 ATM bridging or RFC 1490 Frame Relay bridging to map a bridged VLAN to an ATM PVC or Frame Relay data-link connection identifier (DLCI).

policy-map

Creates or modifies a policy map that can be attached to one or more interfaces to specify a service policy.

service-policy

Attaches a policy map to an input interface or VC, or an output interface or VC, to be used as the service policy for that interface or VC.

shape (percent)

Specifies average or peak rate traffic shaping on the basis of a percentage of bandwidth available on an interface.

show policy-map

Displays the configuration of all classes for a specified service policy map or all classes for all existing policy maps.

show policy-map interface

Displays the packet statistics of all classes that are configured for all service policies either on the specified interface or subinterface or on a specific PVC on the interface.


police (two rates)

To configure traffic policing using two rates, the committed information rate (CIR) and the peak information rate (PIR), use the police command in policy-map configuration mode. To remove two-rate traffic policing from the configuration, use the no form of this command.

police cir cir [bc conform-burst] pir pir [be peak-burst] [conform-action action [exceed-action action [violate-action action]]]

no police cir cir [bc conform-burst] pir pir [be peak-burst] [conform-action action [exceed-action action [violate-action action]]]

Syntax Description

cir

Committed information rate (CIR) at which the first token bucket is updated.

cir

Specifies the CIR value in bits per second. The value is a number from 8000 to 200000,000.

bc

(Optional) Conform burst (bc) size used by the first token bucket for policing.

conform-burst

(Optional) Specifies the bc value in bytes. The value is a number from 1000 to 51200,000.

pir

Peak information rate (PIR) at which the second token bucket is updated.

pir

Specifies the PIR value in bits per second. The value is a number from 8000 to 200000000.

be

(Optional) Peak burst (be) size used by the second token bucket for policing.

peak-burst

(Optional) Specifies the peak burst (be) size in bytes. The size varies according to the interface and platform in use.

conform-action

(Optional) Action to take on packets that conform to the CIR and PIR.

exceed-action

(Optional) Action to take on packets that conform to the PIR but not the CIR.

violate-action

(Optional) Action to take on packets exceed the PIR.

action

(Optional) Action to take on packets. Specify one of the following keywords:

drop—Drops the packet.

set-clp-transmit—Sets the ATM Cell Loss Priority (CLP) bit from 0 to 1 on the ATM cell and sends the packet with the ATM CLP bit set to 1.

set-cos-inner-transmit value—Sets the inner class of service field as a policing action for a bridged frame on the Enhanced FlexWAN module, and when using bridging features on SPAs with the Cisco 7600 SIP-200 and Cisco 7600 SIP-400 on the Cisco 7600 series router.

set-dscp-transmit new-dscpSets the IP differentiated services code point (DSCP) value and sends the packet with the new IP DSCP value setting.

set-frde-transmit—Sets the Frame Relay discard eligible (DE) bit from 0 to 1 on the Frame Relay frame and sends the packet with the DE bit set to 1.

set-mpls-exp-transmit—Sets the Multiprotocol Label Switching (MPLS) experimental bits from 0 to 7 and sends the packet with the new MPLS experimental bit value setting.

set-prec-transmit new-prec—Sets the IP precedence and sends the packet with the new IP precedence value setting.

set-qos-transmit new-qos—Sets the quality of service (QoS) group value and sends the packet with the new QoS group value setting.

transmit—Sends the packet with no alteration.


Defaults

Disabled

Command Modes

Policy-map configuration

Command History

Release
Modification

12.0(5)XE

The police command was introduced.

12.1(1)E

This command was integrated into Cisco IOS Release 12.1(1)E.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T. The violate-action keyword was added.

12.2(2)T

The following keywords for the action argument were added:

set-clp-transmit

set-frde-transmit

set-mpls-exp-transmit

12.2(4)T

This command expanded for the Two-Rate policing feature. The cir and pir keywords were added to accommodate two-rate traffic policing.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB.

12.2(33)SRA

The set-cos-inner-transmit keyword for the action argument was added when using multipoint bridging (MPB) features on the Enhanced FlexWAN module, and when using MPB on SPAs with the Cisco 7600 SIP-200 and Cisco 7600 SIP-400 on the Cisco 7600 series router.


Usage Guidelines

Two-rate traffic policing uses two token buckets—Tc and Tp—for policing traffic at two independent rates. Note the following points about the two token buckets:

The Tc token bucket is updated at the CIR value each time a packet arrives at the two-rate policer. The Tc token bucket can contain up to the confirm burst (Bc) value.

The Tp token bucket is updated at the PIR value each time a packet arrives at the two-rate policer. The Tp token bucket can contain up to the peak burst (Be) value.

Updating Token Buckets

The following scenario illustrates how the token buckets are updated:

A packet of B bytes arrives at time t. The last packet arrived at time t1. The CIR and the PIR token buckets at time t are represented by Tc(t) and Tp(t), respectively. Using these values and in this scenario, the token buckets are updated as follows:

Tc(t) = min(CIR * (t-t1) + Tc(t1), Bc)

Tp(t) = min(PIR * (t-t1) + Tp(t1), Be)

Marking Traffic

The two-rate policer marks packets as either conforming, exceeding, or violating a specified rate. The following points (using a packet of B bytes) illustrate how a packet is marked:

If B > Tp(t), the packet is marked as violating the specified rate.

If B > Tc(t), the packet is marked as exceeding the specified rate, and the Tp(t) token bucket is updated as Tp(t) = Tp(t) - B.

Otherwise, the packet is marked as conforming to the specified rate, and both token buckets—Tc(t) and Tp(t)—are updated as follows:

Tp(t) = Tp(t) - B

Tc(t) = Tc(t) - B

For example, if the CIR is 100 kbps, the PIR is 200 kbps, and a data stream with a rate of 250 kbps arrives at the two-rate policer, the packet would be marked as follows:

100 kbps would be marked as conforming to the rate

100 kbps would be marked as exceeding the rate

50 kbps would be marked as violating the rate

Marking Packets and Assigning Actions Flowchart

The flowchart in Figure 40-1 illustrates how the two-rate policer marks packets and assigns a corresponding action (that is, violate, exceed, or conform) to the packet.

Figure 40-1 Marking Packets and Assigning Actions with the Two-Rate Policer

Using the set-cos-inner-transmit Action for SIPs and SPAs on the Cisco 7600 Series Router

The set-cos-inner-transmit keyword action was introduced in Cisco IOS Release 12.2(33)SRA to support marking of the inner CoS value as a policing action when using MPB features on the Enhanced FlexWAN module, and when using MPB features on SPAs with the Cisco 7600 SIP-200 and Cisco 7600 SIP-400 on the Cisco 7600 series router.

This command is not supported on the Cisco 7600 SIP-600.

For more information about QoS and the forms of police commands supported by the SIPs on the Cisco 7600 series router, refer to the Cisco 7600 Series SIP, SSC, and SPA Software Configuration Guide.

Examples

In the following example, two-rate traffic policing is configured on a class to limit traffic to an average committed rate of 500 kbps and a peak rate of 1 Mbps:

Router(config)# class-map police
Router(config-cmap)# match access-group 101
Router(config-cmap)# policy-map policy1
Router(config-pmap)# class police
Router(config-pmap-c)# police cir 500000 bc 10000 pir 1000000 be 10000 conform-action 
transmit exceed-action set-prec-transmit 2 violate-action drop
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface serial3/0
Router(config-if)# service-policy output policy1
Router(config-if)# end
Router# show policy-map policy1

 Policy Map policy1
  Class police
   police cir 500000 conform-burst 10000 pir 1000000 peak-burst 10000 conform-action 
transmit exceed-action set-prec-transmit 2 violate-action drop

Traffic marked as conforming to the average committed rate (500 kbps) will be sent as is. Traffic marked as exceeding 500 kbps, but not exceeding 1 Mbps, will be marked with IP Precedence 2 and then sent. All traffic marked as exceeding 1 Mbps will be dropped. The burst parameters are set to 10000 bytes.

In the following example, 1.25 Mbps of traffic is sent ("offered") to a policer class:

Router# show policy-map interface serial3/0

 Serial3/0

  Service-policy output: policy1

   Class-map: police (match all)
    148803 packets, 36605538 bytes
    30 second offered rate 1249000 bps, drop rate 249000 bps
    Match: access-group 101
    police:
     cir 500000 bps, conform-burst 10000, pir 1000000, peak-burst 100000
     conformed 59538 packets, 14646348 bytes; action: transmit
     exceeded 59538 packets, 14646348 bytes; action: set-prec-transmit 2
     violated 29731 packets, 7313826 bytes; action: drop
     conformed 499000 bps, exceed 500000 bps violate 249000 bps

   Class-map: class-default (match-any)
    19 packets, 1990 bytes
    30 seconds offered rate 0 bps, drop rate 0 bps
    Match: any

The two-rate policer marks 500 kbps of traffic as conforming, 500 kbps of traffic as exceeding, and 250 kbps of traffic as violating the specified rate. Packets marked as conforming to the rate will be sent as is, and packets marked as exceeding the rate will be marked with IP Precedence 2 and then sent. Packets marked as violating the rate are dropped.

Setting the Inner CoS Value as an Action for SIPs and SPAs on the Cisco 7600 Series Router Example

The following example shows configuration of a QoS class that filters all traffic for virtual LAN (VLAN) 100 into a class named "vlan-inner-100," and establishes a traffic shaping policy for the vlan-inner-100 class. The service policy limits traffic to an average committed rate of 500 kbps and a peak rate of 1 Mbps and sets the inner CoS value to 3. Since setting of the inner CoS value is only supported with bridging features, the configuration also shows the service policy being applied as an output policy for an ATM SPA interface permanent virtual circuit (PVC) that bridges traffic into VLAN 100 using the bridge-domain command.

Router(config)# class-map match-all vlan-inner-100
Router(config-cmap)# match vlan inner 100
Router(config-cmap)# exit
Router(config)# policy-map vlan-inner-100
Router(config-pmap-c)# police cir 500000 bc 10000 pir 1000000 be 10000 conform-action 
set-cos-inner-transmit 3
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface atm3/0/0
Router(config-if)# pvc 100/100
Router(config-if-atm-vc)# bridge-domain 100 dot1q
Router(config-if-atm-vc)# service-policy output vlan-inner-100
Router(config-if)# end

Related Commands

Command
Description

bridge-domain

Enables RFC 1483 ATM bridging or RFC 1490 Frame Relay bridging to map a bridged VLAN to an ATM PVC or Frame Relay data-link connection identifier (DLCI).

police

Configures traffic policing.

policy-map

Creates or modifies a policy map that can be attached to one or more interfaces to specify a service policy.

service-policy

Attaches a policy map to an input interface or an output interface to be used as the service policy for that interface.

show policy-map

Displays the configuration of all classes for a specified service policy map or all classes for all existing policy maps.

show policy-map interface

Displays the packet statistics of all classes that are configured for all service policies either on the specified interface or subinterface or on a specific PVC on the interface.


policy-map copp-peruser

To create a policy map that defines a Control Plane Policing and Protection (CoPP) per-user policy, use the policy-map copp-peruser command in global configuration mode. To disable, use the no form of the command.

policy-map copp-peruser

no policy-map copp-peruser

Syntax Description

copp-peruser

Specifies Control Plane Policing and Protection per user.


Command Default

Enabled

Command Modes

Global configuration

Command History

Release
Modification

12.2(33)SRB

This command was introduced.


Usage Guidelines

Use this command to create a CoPP per-user policy map when configuring CoPP.

Examples

The following example shows creating a CoPP per-user policy map:

Router(config)#policy-map copp-peruser
Router(config-pmap)#class arp-peruser
Router(config-pmap-c)#police rate 5 pps burst 50 packets
Router(config-pmap-c)#class dhcp-peruser
Router(config-pmap-c)#police rate 10 pps burst 100 packets

Related Commands

Command
Description

class-map arp-peruser

Creates a class map to be used for matching ARP per-user packets.

match subscriber access

Matches subscriber access traffic to a policy map.


random-detect aggregate

To enable aggregate Weighted Random Early Detection (WRED), use the random-detect aggregate command in policy-map class configuration mode. To disable aggregate WRED, use the no form of this command.

random-detect [precedence-based | dscp-based] aggregate [minimum-thresh min-thresh maximum-thresh max-thresh mark-probability mark-prob]

no random-detect [precedence-based | dscp-based] aggregate

Syntax Description

precedence-based

(Optional) Enables aggregate WRED based on IP precedence values. This is the default.

dscp-based

(Optional) Enables aggregate WRED based on differentiated services code point (DSCP) values.

minimum-thresh min-thresh

(Optional) Default minimum threshold (in number of packets) to be used for all subclasses (IP precedence or DSCP values) that have not been specifically configured. Valid values are from 1 to 12288.

maximum-thresh max-thresh

(Optional) Default maximum threshold (in number of packets) to be used for all subclasses (IP precedence or DSCP values) that have not been specifically configured. Valid values are from the minimum threshold argument to 12288.

mark-probability mark-prob

(Optional) Default denominator for the fraction of packets dropped when the average queue depth is at the maximum threshold. This value is used for all subclasses (IP precedence or DSCP values) that have not been specifically configured. Valid values are from 1 to 255.


Defaults

If no precedence-based or dscp-based keyword is specified in the command, the default is precedence-based.

If optional parameters for a default aggregate class are not defined, all subclass values that are not explicitly configured will use plain (non-weighted) RED drop behavior. This is different from standard random-detect configuration where the default is to always use WRED behavior.

Command Modes

Policy-map class configuration

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

For ATM interfaces, the Aggregate WRED feature requires that the ATM SPA cards are installed in a Cisco 7600 SIP-200 carrier card or a Cisco 7600 SIP-400 carrier card.

To configure WRED on an ATM interface, you must use the random-detect aggregate commands; the standard random-detect commands are no longer supported on ATM interfaces.

The precedence-based and dscp-based keywords are mutually exclusive. If you do not specify either keyword, precedence-based is the default.

Defining WRED profile parameter values for the default aggregate class is optional. If defined, WRED profile parameters applied to the default aggregate class will be used for all subclasses that have not been explicitly configured. If all possible IP precedence or DSCP values are defined as subclasses, a default specification is unneccessary. If the optional parameters for a default aggregate class are not defined and packets with an unconfigured IP precedence or DSCP value arrive at the interface, plain (non-weighted) RED drop behavior will be used.

Use this command with a random-detect precedence (aggregate) or random-detect dscp (aggregate) command within a policy map configuration to configure aggregate Weighted Random Early Detection (WRED) parameters for specific IP precedence or DSCP value(s).

After the policy map is defined, the policy map must be attached at the VC level.

Use the show policy-map interface command to display the statistics for aggregated subclasses.

Examples

The following example shows a precedence-based aggregate WRED configuration for an ATM interface. Note that first a policy map named prec-aggr-wred is defined for the default class, then precedence-based Aggregate WRED is enabled with the random-detect aggregate command, then subclasses and WRED parameter values are assigned in a series of random-detect precedence (aggregate) commands, and, finally, the policy map is attached at the ATM VC level using the interface and service-policy commands.

Router (config)# policy-map prec-aggr-wred
Router (config-pmap)# class class-default
Router (config-pmap-c)# random-detect aggregate
Router (config-pmap-c)# random-detect precedence values 0 1 2 3 minimum thresh 10 
maximum-thresh 100 mark-prob 10
Router (config-pmap-c)# random-detect precedence values 4 5 minimum-thresh 40 
maximum-thresh 400 mark-prob 10
Router (config-pmap-c)# random-detect precedence values 6 minimum-thresh 60 maximum-thresh 
600 mark-prob 10
Router (config-pmap-c)# random-detect precedence values 7 minimum-thresh 70 maximum-thresh 
700 mark-prob 10
Router (config-pmap-c)# interface ATM4/1/0.10 point-to-point
Router (config-subif)# ip address 10.0.0.2 255.255.255.0
Router (config-subif)# pvc 10/110

Router (config-subif)# service-policy output prec-aggr-wred

The following example shows a DSCP-based aggregate WRED configuration for an ATM interface. Note that first a policy map named dscp-aggr-wred is defined for the default class, then dscp-based Aggregate WRED is enabled with the random-detect dscp-based aggregate command, then subclasses and WRED parameter values are assigned in a series of random-detect dscp (aggregate) commands, and, finally, the policy map is attached at the ATM VC level using the interface and service-policy commands.

Router (config)# policy-map dscp-aggr-wred
Router (config-pmap)# class class-default
Router (config-pmap-c)# random-detect dscp-based aggregate minimum-thresh 1 maximum-thresh 
10 mark-prob 10
Router (config-pmap-c)# random-detect dscp values 0 1 2 3 4 5 6 7 minimum-thresh 10 
maximum-thresh 20 mark-prob 10
Router (config-pmap-c)random-detect dscp values 8 9 10 11 minimum-thresh 10 maximum-thresh 
40 mark-prob 10
Router (config)# interface ATM4/1/0.11 point-to-point
Router (config-subif)# ip address 10.0.0.2 255.255.255.0
Router (config-subif) pvc 11/101

Router (config-subif)# service-policy output dscp-aggr-wred

Related Commands

Command
Description

class (policy-map)

Specifies the name of the class whose policy you want to create or change, and the default class (commonly known as the class-default class) before you configure its policy.

interface

Configures an interface type and enters interface configuration mode.

policy-map

Creates a policy map that can be attached to one or more interfaces to specify a service policy.

random-detect precedence (aggregate)

Configures aggregate WRED parameters for specific IP precedence values.

random-detect dscp (aggregate)

Configures aggregate WRED parameters for specific DSCP values.

service-policy

Attaches a policy map to an input interface or VC, or an output interface or VC, to be used as the service policy for that interface or VC.

show policy-map interface

Displays the configuration of all classes configured for all service policies on the specified interface or displays the classes for the service policy for a specific PVC on the interface.


random-detect dscp (aggregate)

To configure aggregate Weighted Random Early Detection (WRED) parameters for specific differentiated services code point (DSCP) value(s), use the random-detect dscp (aggregate) command in policy-map class configuration mode. To disable configuration of aggregate WRED DSCP values, use the no form of this command.

random-detect dscp values sub-class-val1 [...[sub-class-val8]] minimum-thresh min-thresh maximum-thresh max-thresh mark-probability mark-prob

no random-detect dscp values sub-class-val1 [...[sub-class-val8]]

Syntax Description

sub-class-val1 [...[subclass-val8]]

DSCP value(s) to which the following WRED profile parameter specifications are to apply. A maximum of 8 subclasses (DSCP values) can be specified per CLI entry. The DSCP value can be a number from 0 to 63, or it can be one of the following keywords: ef, af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, cs1, cs2, cs3, cs4, cs5, or cs7.

minimum-thresh min-thresh

Minimum threshold (in number of packets) for the subclass(es). Valid values are from 1 to 12288.

maximum-thresh max-thresh

Specifies the maximum threshold (in number of packets) for the subclass(es). Valid values are from the minimum threshold argument to 12288.

mark-probability mark-prob

Specifies the denominator for the fraction of packets dropped when the average queue depth is at the maximum threshold for the subclass(es). Valid values are from 1 to 255.


Defaults

No default behavior or values.

Command Modes

Policy-map class configuration

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

For ATM interfaces, the Aggregate WRED feature requires that the ATM SPA cards are installed in a Cisco 7600 SIP-200 carrier card or a Cisco 7600 SIP-400 carrier card.

To configure WRED on an ATM interface, you must use the random-detect aggregate commands; the standard random-detect commands are no longer supported on ATM interfaces.

Use this command with a random-detect aggregate command within a policy map configuration.

Repeat this command for each set of DSCP values that share WRED parameters.

After the policy map is defined, the policy map must be attached at the VC level.

The set of subclass (DSCP precedence) values defined on a random-detect dscp (aggregate) CLI will be aggregated into a single hardware WRED resource. The statistics for these subclasses will also be aggregated.

Use the show policy-map interface command to display the statistics for aggregated subclasses.

Examples

The following example shows a DSCP-based aggregate WRED configuration for an ATM interface. Note that first a policy map named dscp-aggr-wred is defined for the default class, then dscp-based aggregate WRED is enabled with the random-detect dscp-based aggregate command, then subclasses and WRED parameter values are assigned in a series of random-detect dscp (aggregate) commands, and, finally, the policy map is attached at the ATM VC level using the interface and service-policy commands.

Router (config)# policy-map dscp-aggr-wred
Router (config-pmap)# class class-default
Router (config-pmap-c)# random-detect dscp-based aggregate minimum-thresh 1 maximum-thresh 
10 mark-prob 10
!
! Define an aggregate subclass for packets with DSCP values of 0-7 and assign the WRED
! profile parameter values for this subclass
Router (config-pmap-c)# random-detect dscp values 0 1 2 3 4 5 6 7 minimum-thresh 10 
maximum-thresh 20 mark-prob 10
Router (config-pmap-c)random-detect dscp values 8 9 10 11 minimum-thresh 10 maximum-thresh 
40 mark-prob 10
Router (config)# interface ATM4/1/0.11 point-to-point
Router (config-subif)# ip address 10.0.0.2 255.255.255.0
Router (config-subif) pvc 11/101

Router (config-subif)# service-policy output dscp-aggr-wred

Related Commands

Command
Description

class (policy-map)

Specifies the name of the class whose policy you want to create or change, and the default class (commonly known as the class-default class) before you configure its policy.

interface

Configures an interface type and enters interface configuration mode.

policy-map

Creates a policy map that can be attached to one or more interfaces to specify a service policy.

random-detect aggregate

Enables aggregate WRED and optionally specifies default WRED parameter values for a default aggregate class. This default class will be used for all subclasses that have not been explicitly configured.

service-policy

Attaches a policy map to an input interface or VC, or an output interface or VC, to be used as the service policy for that interface or VC.

show policy-map interface

Displays the configuration of all classes configured for all service policies on the specified interface or displays the classes for the service policy for a specific PVC on the interface.


random-detect precedence (aggregate)

To configure aggregate Weighted Random Early Detection (WRED) parameters for specific IP precedence value(s), use the random-detect precedence (aggregate) command in policy-map class configuration mode. To disable configuration of aggregate WRED precedence values, use the no form of this command.

random-detect precedence values sub-class-val1 [...[sub-class-val8]] minimum-thresh min-thresh maximum-thresh max-thresh mark-probability mark-prob

no random-detect {precedence | dscp} values sub-class-val1 [...[sub-class-val8]]

Syntax Description

sub-class-val1 [...[subclass-val8]]

IP precedence value(s) to which the following WRED profile parameter specifications are to apply. A maximum of 8 subclasses (IP precedence values) can be specified per CLI entry. The value range is from 0 to 7.

minimum-thresh min-thresh

Minimum threshold (in number of packets) for the subclass(es). Valid values are from 1 to 12288.

maximum-thresh max-thresh

Specifies the maximum threshold (in number of packets) for the subclass(es). Valid values are from the minimum threshold argument to 12288.

mark-probability mark-prob

Specifies the denominator for the fraction of packets dropped when the average queue depth is at the maximum threshold for the subclass(es). Valid values are from 1 to 255.


Defaults

No default behavior or values.

Command Modes

Policy-map class configuration

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

For ATM interfaces,the Aggregate WRED feature requires that the ATM SPA cards are installed in a Cisco 7600 SIP-200 carrier card or a Cisco 7600 SIP-400 carrier card.

To configure WRED on an ATM interface, you must use the random-detect aggregate commands; the standard random-detect commands are no longer supported on ATM interfaces

Use this command with a random-detect aggregate command within a policy map configuration.

Repeat this command for each set of IP precedence values that share WRED parameters.

After the policy map is defined, the policy map must be attached at the VC level.

The set of subclass (IP precedence) values defined on a random-detect precedence (aggregate) CLI will be aggregated into a single hardware WRED resource. The statistics for these subclasses will also be aggregated.

Use the show policy-map interface command to display the statistics for aggregated subclasses.

Examples

The following example shows a precedence-based aggregate WRED configuration for an ATM interface. Note that first a policy map named prec-aggr-wred is defined for the default class, then precedence-based aggregate WRED is enabled with the random-detect aggregate command, then subclasses and WRED parameter values are assigned in a series of random-detect precedence (aggregate) commands, and, finally, the policy map is attached at the ATM VC level using the interface and service-policy commands.

Router (config)# policy-map prec-aggr-wred
Router (config-pmap)# class class-default
Router (config-pmap-c)# random-detect aggregate
Router (config-pmap-c)# random-detect precedence values 0 1 2 3 minimum thresh 10 
maximum-thresh 100 mark-prob 10
Router (config-pmap-c)# random-detect precedence values 4 5 minimum-thresh 40 
maximum-thresh 400 mark-prob 10
Router (config-pmap-c)# random-detect precedence values 6 minimum-thresh 60 maximum-thresh 
600 mark-prob 10
Router (config-pmap-c)# random-detect precedence values 7 minimum-thresh 70 maximum-thresh 
700 mark-prob 10
Router (config-pmap-c)# interface ATM4/1/0.10 point-to-point
Router (config-subif)# ip address 10.0.0.2 255.255.255.0
Router (config-subif)# pvc 10/110

Router (config-subif)# service-policy output prec-aggr-wred

Related Commands

Command
Description

class (policy-map)

Specifies the name of the class whose policy you want to create or change, and the default class (commonly known as the class-default class) before you configure its policy.

interface

Configures an interface type and enters interface configuration mode.

policy-map

Creates a policy map that can be attached to one or more interfaces to specify a service policy.

random-detect aggregate

Enables aggregate WRED and optionally specifies default WRED parameter values for a default aggregate class. This default class will be used for all subclasses that have not been explicitly configured.

service-policy

Attaches a policy map to an input interface or VC, or an output interface or VC, to be used as the service policy for that interface or VC.

show policy-map interface

Displays the configuration of all classes configured for all service policies on the specified interface or displays the classes for the service policy for a specific PVC on the interface.


redundancy

To enter redundancy configuration mode, use the redundancy command in global configuration mode.

redundancy

Syntax Description

This command has no arguments or keywords.

Defaults

No default behaviors or values.

Command Modes

Global configuration

Command History

Release
Modification

12.1(5)XV1

This command was introduced on the Cisco AS5800 universal access server.

12.2(11)T

This command was integrated into Cisco IOS 12.2(11)T.

12.0(9)SL

This command was integrated into Cisco IOS Release 12.0(9)SL.

12.0(16)ST

This command was implemented on the Cisco 7500 series Internet routers.

12.2(14)S

This command was integrated into Cisco IOS Release 12.2(14)S.

12.2(18)S

This command was implemented on the Cisco 7500 series Internet routers.

12.2(20)S

This command was implemented on the Cisco 7304 router.

12.3(7)T

This command was implemented on the Cisco 7500 series Internet routers.

12.2(8)MC2

This command was implemented on the MWR 1900 Mobile Wireless Edge Router (MWR).

12.3(11)T

This command was implemented on the MWR 1900 Mobile Wireless Edge Router.

12.0(22)S

This command was implemented on the Cisco 10000 series Internet routers.

12.2(18)SXE2

This command was integrated into Cisco IOS Release 12.2(18)SXE2.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Use the redundancy command to enter redundancy configuration mode, where you can define aspects of redundancy such as shelf redundancy for the Cisco AS5800 universal access server.

Examples

The following example enables redundancy mode on the Cisco MWR 1941-DC router:

Router(config)# redundancy
Router(config-red)#

The following example assigns the configured router shelf to the redundancy pair designated as 25. This command must be issued on both router shelves in the redundant router-shelf pair.

Router(config)# redundancy
Router(config-red)# failover group-number 25

Related Commands

Command
Description

clear redundancy history

Clears the redundancy event history log.

mode (redundancy)

Configures the redundancy mode of operation.

redundancy force-switchover

Switches control of a router from the active to the standby RP.

show redundancy

Displays information about the current redundant configuration and recent changes in states or displays current or historical status and related information on planned or logged handovers.


set cos-inner

To mark the inner class of service field in a bridged frame, use the set cos-inner command in policy-map class configuration mode. To remove marking of the inner CoS field, use the no form of this command.

set cos-inner cos-value

no set cos-inner cos-value

Syntax Description

cos-value

IEEE 802.1q CoS value from 0-7.


Defaults

No default behavior or values.

Command Modes

Policy-map class configuration mode

Command History

Release
Modification

12.2(33)SRA

This command was introduced.


Usage Guidelines

This command was introduced in Cisco IOS Release 12.2(33)SRA to support marking of the inner CoS value when using multipoint bridging (MPB) features on the Enhanced FlexWAN module, and when using MPB features on SPAs with the Cisco 7600 SIP-200 and Cisco 7600 SIP-400 on the Cisco 7600 series router.

This command is not supported on the Cisco 7600 SIP-600.

On the Cisco 7600 SIP-200, this command is not supported with the set cos command on the same interface.

For more information about QoS and the forms of marking commands supported by the SIPs on the Cisco 7600 series router, refer to the Cisco 7600 Series SIP, SSC, and SPA Software Configuration Guide.

Examples

The following example shows configuration of a QoS class that filters all traffic matching on VLAN 100 into a class named "vlan-inner-100." The configuration shows the definition of a policy-map (also named "vlan-inner-100") that marks the inner CoS with a value of 3 for traffic in the vlan-inner-100 class. Since marking of the inner CoS value is only supported with bridging features, the configuration also shows the service policy being applied as an output policy to a serial SPA interface that bridges traffic into VLAN 100 using the bridge-domain command:

Router(config)# class-map match-all vlan-inner-100
Router(config-cmap)# match vlan inner 100
Router(config-cmap)# exit
Router(config)# policy-map vlan-inner-100
Router(config-pmap)# class vlan-inner-100
Router(config-pmap-c)# set cos-inner 3
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface serial3/0/0
Router(config-if)# no ip address
Router(config_if)# encapsulation ppp
Router(config-if)# bridge-domain 100 dot1q
Router(config-if)# service-policy output vlan-inner-100
Router(config-if)# shutdown
Router(config-if)# no shutdown
Router(config-if)# end

Related Commands

Command
Description

bridge-domain

Enables RFC 1483 ATM bridging or RFC 1490 Frame Relay bridging to map a bridged virtual LAN (VLAN) to an ATM permanent virtual circuit (PVC) or Frame Relay data-link connection identifier (DLCI).

class-map

Creates a class map to be used for matching packets to a specified class.

policy-map

Creates or modifies a policy map that can be attached to one or more interfaces to specify a service policy.

class (policy-map)

Specifies the name of the class whose policy you want to create or change, and the default class (commonly known as the class-default class) before you configure its policy.

service-policy

Attaches a policy map to an input interface or virtual circuit (VC) or an output interface or VC, to be used as the service policy for that interface or VC.


show controllers pos

To display information about the Packet over SONET (POS) controllers, use the show controllers pos command in privileged EXEC mode.

Cisco 7500 Series Routers

show controllers pos [slot/port-adapter/port] [details | pm [time-interval]]

Cisco 12000 Series Routers

show controllers pos [slot/port] [details | pm [time-interval]]

POS Shared Port Adapters

show controllers pos [slot/subslot/port[/sub_int]] [alarm | details | pm [time-interval]]

Syntax Description

slot/port-adapter/port

(Optional) Cisco 7500 Series Routers

Number of the chassis slot that contains the POS interface (for example, 2/0/0), where:

slot—Chassis slot number.

/port-adapter—Port adapter number.

/port—Port or interface number.

Refer to the appropriate hardware manual for slot and port information, and port adapter compatibility.

slot/port

(Optional) Cisco 12000 Series Routers

Number of the chassis slot that contains the POS interface (for example, 4/0), where:

slot—Chassis slot number.

/port—Port or interface number.

Refer to the appropriate hardware manual for slot and port information.

slot/subslot/port[/sub_int]

(Optional) POS Shared Port Adapters

Number of the chassis slot that contains the POS interface (for example 4/3/0), where:

slot—Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot—Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

/port—Port or interface number.

For SPAs, refer to the corresponding "Specifying the Interface Address on a SPA" topics in the platform-specific SPA software configuration guide.

/sub_int(Optional) Subinterface number.

alarm

(Optional) Displays SONET/SDH alarm event counters.

details

(Optional) In addition to the normal information displayed by the show controllers pos command, the details keyword provides a hexadecimal and ASCII "dump" of the path trace buffer.

pm

(Optional) Displays SONET performance monitoring statistics accumulated for a 24-hour period in 15-minute intervals.

time-interval

(Optional) Number of the SONET MIB 15-minute time interval in the range from 1 to 96. If the time-interval argument is not specified, the performance monitoring statistics for the current time interval are displayed.


Defaults

If you do not specify any slot addressing, information for all installed POS interfaces is displayed.

Command Modes

Privileged EXEC

Command History

Release
Modification

11.1CC

This command was introduced.

12.2S

This command was integrated into Cisco IOS Release 12.2S.

12.2(25)S3

This command was integrated into Cisco IOS Release 12.2(25)S3 to support SPAs on the Cisco 7304 router. The command was modified to support a new addressing format for SPAs on the Cisco 7304 router.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE to support SPAs on the Cisco 7600 series routers and Catalyst 6500 series switches.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S to support SPAs on the Cisco 12000 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The show controllers pos command with the pm keyword displays SONET performance monitoring statistics accumulated at 15-minute intervals, and these statistics can be queried using Simple Network Management Protocol (SNMP) tools. The performance monitoring statistics are collected according to the RFC 1595 specification.

The information that this command displays is generally useful only for diagnostic tasks performed by Cisco Systems technical support personnel.

Examples

Example of the show controllers pos Command on the Cisco 7500 Series Router

The following is sample output from the show controllers pos command on a Cisco 7500 series router:

Router# show controllers pos

POS2/0/0
SECTION
  LOF = 0          LOS = 2335                         BIP(B1) = 77937133
LINE
  AIS = 2335       RDI = 20         FEBE = 3387950089 BIP(B2) = 1622825387
PATH
  AIS = 2340       RDI = 66090      FEBE = 248886263  BIP(B3) = 103862953
  LOP = 246806     NEWPTR = 11428072   PSE = 5067357     NSE = 4645

Active Defects: B2-TCA B3-TCA
Active Alarms:  None
Alarm reporting enabled for: B1-TCA

APS
  COAPS = 12612784   PSBF = 8339
  State: PSBF_state = False
  Rx(K1/K2): 00/CC  Tx(K1/K2): 00/00
  S1S0 = 03, C2 = 96
CLOCK RECOVERY
  RDOOL = 64322060
  State: RDOOL_state = True
PATH TRACE BUFFER: UNSTABLE
  Remote hostname :
  Remote interface:
  Remote IP addr  :
  Remote Rx(K1/K2): ../..  Tx(K1/K2): ../..
BER thresholds:  SF = 10e-3  SD = 10e-8
TCA thresholds:  B1 = 10e-7  B2 = 10e-3  B3 = 10e-6

Table 40-2 describes the fields shown in this display.

Table 40-2 show controllers pos Field Descriptions 

Field
Description

POSx/y/z

Slot number of the POS interface.

LOF

Section loss of frame is detected when a severely error framing (SEF) defect on the incoming SONET signal persist for 3 milliseconds.

LOS

Section loss of signal is detected when an all-zeros pattern on the incoming SONET signal lasts 19 plus or minus 3 microseconds or longer. This defect might also be reported if the received signal level drops below the specified threshold.

BIP(B1)/BIP(B2)/BIP(B3)

Bit interleaved parity (BIP).

For B1, the BIP error report is calculated by comparing the BIP-8 code with the BIP-8 code extracted from the B1 byte of the following frame. Differences indicate that section-level bit errors have occurred.

For B2, the BIP error report is calculated by comparing the BIP-8/24 code with the BIP-8 code extracted from the B2 byte of the following frame. Differences indicate that line-level bit errors have occurred.

For B3, the BIP error report is calculated by comparing the BIP-8 code with the BIP-8 code extracted from the B3 byte of the following frame. Differences indicate that path-level bit errors have occurred.

AIS

Alarm indication signal.

A line alarm indication signal is sent by the section terminating equipment (STE) to alert the downstream line terminating equipment (LTE) that a loss of signal (LOS) or loss of frame (LOF) defect has been detected on the incoming SONET section.

A path alarm indication signal is sent by the LTE to alert the downstream path terminating equipment (PTE) that it has detected a defect on its incoming line signal.

RDI

Remote defect indication.

A line remote defect indication is reported by the downstream LTE when it detects LOF, LOS, or AIS.

A path remote defect indication is reported by the downstream PTE when it detects a defect on the incoming signal.

FEBE

Far end block errors.

Line FEBE (accumulated from the M0 or M1 byte) is reported when the downstream LTE detects BIP(B2) errors.

Path FEBE (accumulated from the G1 byte) is reported when the downstream PTE detects BIP(B3) errors.

LOP

Path loss of pointer is reported as a result of an invalid pointer (H1, H2) or an excess number of new data flag (NDF)-enabled indications.

NEWPTR

Inexact count of the number of times that the SONET framer has validated a new SONET pointer value (H1, H2).

PSE

Inexact count of the number of times that the SONET framer has detected a positive stuff event in the received pointer (H1, H2).

NSE

Inexact count of the number of times that the SONET framer has detected a negative stuff event in the received pointer (H1, H2).

Active Defects

List of all currently active SONET defects.

Active Alarms

List of current alarms as enforced by Sonet Alarm Hierarchy.

Alarm reporting enabled for

List of alarms for which you enabled reporting with the pos report interface command.

APS

Automatic protection switching.

COAPS

An inexact count of the number of times that a new APS value has been detected in the K1, K2 bytes.

PSBF

An inexact count of the number of times that a protection switching byte failure has been detected (no three consecutive SONET frames contain identical K1 bytes).

PSBF_state

Protection switching byte failure state.

Rx(K1/K2)/Tx(K1/K2)

Contents of the received and transmitted K1 and K2 bytes.

S1S0

The two S bits received in the last H1 byte.

C2

The value extracted from the SONET path signal label byte (C2).

CLOCK RECOVERY

The SONET clock is recovered using information in the SONET overhead. RDOOL is an inexact count of the number of times that Receive Data Out Of Lock has been detected, which indicates that the clock recovery phased lock loop is unable to lock to the receive stream.

PATH TRACE BUFFER

SONET path trace buffer is used to communicate information regarding the remote host name, interface name and number, and IP address. This is a Cisco-proprietary use of the J1 (path trace) byte.

BER thresholds

List of the bit error rate (BER) thresholds that you configured with the pos threshold interface command.

TCA thresholds

List of the threshold crossing alarms (TCAs) that you configured with the pos threshold interface command.


Example of the show controllers pos Command on a POS Shared Port Adapter

The following is sample output from the show controllers pos command on a Cisco 7600 series router for POS interface 4/3/0 (which is the interface for port 0 of the SPA in subslot 3 of the SIP in chassis slot 4):

Router# show controllers pos 4/3/0 
POS4/3/0
SECTION
  LOF = 0          LOS    = 0                            BIP(B1) = 65535
LINE
  AIS = 0          RDI    = 0          FEBE = 65535      BIP(B2) = 16777215
PATH
  AIS = 0          RDI    = 0          FEBE = 65535      BIP(B3) = 65535
  PLM = 0          UNEQ   = 0          TIM  = 0          TIU     = 0
  LOP = 0          NEWPTR = 3          PSE  = 0          NSE     = 0

Active Defects: None
Active Alarms:  None
Alarm reporting enabled for: SF SLOS SLOF B1-TCA B2-TCA PLOP B3-TCA 

Framing: SONET
APS

  COAPS = 1          PSBF = 0         
  State: PSBF_state = False
  Rx(K1/K2): 00/00  Tx(K1/K2): 00/00
  Rx Synchronization Status S1 = 00
  S1S0 = 00, C2 = CF
  Remote aps status (none); Reflected local aps status (none)
CLOCK RECOVERY
  RDOOL = 0         
  State: RDOOL_state = False
PATH TRACE BUFFER: STABLE
  Remote hostname : woodson
  Remote interface: POS3/0/0
  Remote IP addr  : 0.0.0.0
  Remote Rx(K1/K2): 00/00  Tx(K1/K2): 00/00

BER thresholds:  SF = 10e-3  SD = 10e-6
TCA thresholds:  B1 = 10e-6  B2 = 10e-6  B3 = 10e-6

  Clock source:  internal

Table 40-2 describes the fields shown in this display.

Example of the show controllers pos alarm Command on the Cisco 7600 Series Router

The following is sample output from the show controllers pos alarm command that displays SONET/SDH alarm event counters on a Cisco 7600 series router:

Router# show controllers pos3/2/0 alarm
POS3/2/0

Alarm Event Statistics:
SECTION
  LOF = 0          LOS    = 0          B1-TCA = 0         
LINE
  AIS = 0          RDI    = 0          RDOOL  = 0         
  SF  = 0          SD     = 0          B2-TCA = 0         
PATH
  AIS = 0          RDI    = 0          LOP    = 0          B3-TCA = 0         
  PLM = 0          UNEQ   = 0 

Example of the show controllers pos pm Command on the Cisco 12000 Series Router

The following is sample output from the show controllers pos pm command that displays performance monitoring statistics on a Cisco 12000 series router:

Router# show controllers pos 1/0 pm

POS1/0
Medium is SONET
Line coding is RZ, Line type is LONG SM
Data in current interval (516 seconds elapsed)
SECTION ( NO DEFECT )
    515 Errored Secs, 515 Severely Err Secs
    0 Coding Violations, 515 Sev Err Framing Secs
LINE ( NO DEFECT )
    0 Errored Secs, 0 Severely Err Secs
    0 Coding Violations, 0 Unavailable Secs
FAR END LINE
    0 Errored Secs, 0 Severely Err Secs
    0 Coding Violations, 0 Unavailable Secs
PATH ( NO DEFECT )
    0 Errored Secs, 0 Severely Err Secs
    0 Coding Violations, 0 Unavailable Secs
FAR END PATH
    0 Errored Secs, 0 Severely Err Secs
    0 Coding Violations, 0 Unavailable Secs

Table 40-3 describes the fields shown in the display.

Table 40-3 show controllers pos pm Field Descriptions 

Field
Description

POSx/y

Slot number of the POS interface.

Line coding

Shows the current line encoding type, either return to zero (RZ) or nonreturn to zero (NRZ).

Line type

Line type for this interface. Optical line types can be either long range (LONG) or short range (SHORT), and either single mode (SM) or multimode (MM).

Data in current interval

Shows the current accumulation period, which rolls into the 24-hour accumulation every 15 minutes. Accumulation period is from 1 to 900 seconds. The oldest 15-minute period falls off the back of the 24-hour accumulation buffer.

Errored Secs

An errored second is a second in which one of the following is detected:

One or more coding violations.

One or more incoming defects (for example, a severely errored frame (SEF) defect, an LOS defect, an AIS defect, or an LOP defect).

Severely Err Secs

A severely errored second (SES) is a second with one of the following errors:

A certain number of coding violations. The number is dependent on the line rate and the BER.

A certain number of incoming defects.

Coding Violations

Number of coding violations for the current interval. Coding violations are defined as BIP errors that are detected in the incoming signal. The coding violations counter is incremented for each BIP error detected.

Sev Err Framing Secs

Severely errored framing seconds (SEFS) are seconds with one or more SEF defects.

Unavailable Secs

Total number of seconds for which the interface is unavailable. The interface is considered to be unavailable after a series of ten consecutive SESs.


Related Commands

Command
Description

pos report

Permits selected SONET alarms to be logged to the console for a POS interface.

pos threshold

Sets the BER threshold values of specified alarms for a POS interface.


show controllers serial

To display serial controller statistics, use the show controllers serial command in privileged EXEC mode.

Standard Syntax

show controllers serial [slot/port]

Cisco 7000 Series Routers with the RSP7000 and RSP7000CI and Cisco 7500 Series Routers

show controllers serial [slot/port-adapter/port]

T3/E3 Shared Port Adapters and 2-Port and 4-Port Channelized T3 SPA in Unchannelized Mode

show controllers serial [slot/subslot/port]

Channelized T3 Shared Port Adapters

show controllers serial [slot/subslot/port/t1-number]

Syntax Description

slot

(Optional) Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

port-adapter

(Optional) On Cisco 7500 series routers and Cisco 7000 series routers with the RSP7000 and RSP7000CI, the location of the port adapter on a Versatile Interface Processor (VIP). The value can be 0 or 1.

/subslot

(Optional) Secondary slot number on a SIP where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

/port

(Optional) Port or interface number.

Refer to the appropriate hardware manual for port information. For SPAs, refer to the corresponding "Specifying the Interface Address on a SPA" topics in the platform-specific SPA software configuration guide.

t1-number

(Optional) Logical T1 number in channelized mode.

For SPAs, refer to the corresponding "Specifying the Interface Address on a SPA" topics in the platform-specific SPA software configuration guide.


Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

10.0

This command was introduced.

11.1CA

This command was modified to include support for the PA-E3 and PA-T3 port adapters.

12.2S

This command was integrated into Cisco IOS Release 12.2S.

12.2(25)S3

This command was integrated into Cisco IOS Release 12.2(25)S3.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE and introduced a new output for interfaces on the serial SPAs on the Cisco 7600 series routers and Catalyst 6500 series switches.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The output from the show controllers serial command provides error and alarm information that is useful in troubleshooting line problems.

The information displayed is generally useful for diagnostic tasks performed by Cisco Systems technical support personnel only. For the PA-E3 or PA-T3 port adapters, the show controllers serial command also displays configuration information such as the framing, clock source, bandwidth limit, whether scrambling is enabled, the national bit, the international bits, and DSU mode configured on the interface. Also displayed are the performance statistics for the current interval and last 15-minute interval and whether any alarms exist.

Examples

Example of the show controllers serial Command on the Cisco 4000 Series Router

The following is sample output from the show controllers serial command on the Cisco 4000:

Router# show controllers serial

MK5 unit 0, NIM slot 1, NIM type code 7, NIM version 1
idb = 0x6150, driver structure at 0x34A878, regaddr = 0x8100300
IB at 0x6045500: mode=0x0108, local_addr=0, remote_addr=0
N1=1524, N2=1, scaler=100, T1=1000, T3=2000, TP=1
buffer size 1524
DTE V.35 serial cable attached
RX ring with 32 entries at 0x45560 : RLEN=5, Rxhead 0
00 pak=0x6044D78  ds=0x6044ED4 status=80 max_size=1524 pak_size=0
01 pak=0x60445F0  ds=0x604474C status=80 max_size=1524 pak_size=0
02 pak=0x6043E68  ds=0x6043FC4 status=80 max_size=1524 pak_size=0
03 pak=0x60436E0  ds=0x604383C status=80 max_size=1524 pak_size=0
04 pak=0x6042F58  ds=0x60430B4 status=80 max_size=1524 pak_size=0
05 pak=0x60427D0  ds=0x604292C status=80 max_size=1524 pak_size=0
06 pak=0x6042048  ds=0x60421A4 status=80 max_size=1524 pak_size=0
07 pak=0x60418C0  ds=0x6041A1C status=80 max_size=1524 pak_size=0
08 pak=0x6041138  ds=0x6041294 status=80 max_size=1524 pak_size=0
09 pak=0x60409B0  ds=0x6040B0C status=80 max_size=1524 pak_size=0
10 pak=0x6040228  ds=0x6040384 status=80 max_size=1524 pak_size=0
11 pak=0x603FAA0  ds=0x603FBFC status=80 max_size=1524 pak_size=0
12 pak=0x603F318  ds=0x603F474 status=80 max_size=1524 pak_size=0
13 pak=0x603EB90  ds=0x603ECEC status=80 max_size=1524 pak_size=0
14 pak=0x603E408  ds=0x603E564 status=80 max_size=1524 pak_size=0
15 pak=0x603DC80  ds=0x603DDDC status=80 max_size=1524 pak_size=0
16 pak=0x603D4F8  ds=0x603D654 status=80 max_size=1524 pak_size=0
17 pak=0x603CD70  ds=0x603CECC status=80 max_size=1524 pak_size=0
18 pak=0x603C5E8  ds=0x603C744 status=80 max_size=1524 pak_size=0
19 pak=0x603BE60  ds=0x603BFBC status=80 max_size=1524 pak_size=0
20 pak=0x603B6D8  ds=0x603B834 status=80 max_size=1524 pak_size=0
21 pak=0x603AF50  ds=0x603B0AC status=80 max_size=1524 pak_size=0
22 pak=0x603A7C8  ds=0x603A924 status=80 max_size=1524 pak_size=0
23 pak=0x603A040  ds=0x603A19C status=80 max_size=1524 pak_size=0
24 pak=0x60398B8  ds=0x6039A14 status=80 max_size=1524 pak_size=0
25 pak=0x6039130  ds=0x603928C status=80 max_size=1524 pak_size=0
26 pak=0x60389A8  ds=0x6038B04 status=80 max_size=1524 pak_size=0
27 pak=0x6038220  ds=0x603837C status=80 max_size=1524 pak_size=0
28 pak=0x6037A98  ds=0x6037BF4 status=80 max_size=1524 pak_size=0
29 pak=0x6037310  ds=0x603746C status=80 max_size=1524 pak_size=0
30 pak=0x6036B88  ds=0x6036CE4 status=80 max_size=1524 pak_size=0
31 pak=0x6036400  ds=0x603655C status=80 max_size=1524 pak_size=0
TX ring with 8 entries at 0x45790 : TLEN=3, TWD=7
tx_count = 0, tx_head = 7, tx_tail = 7
00 pak=0x000000 ds=0x600D70C status=0x38 max_size=1524 pak_size=22
01 pak=0x000000 ds=0x600D70E status=0x38 max_size=1524 pak_size=2
02 pak=0x000000 ds=0x600D70E status=0x38 max_size=1524 pak_size=2
03 pak=0x000000 ds=0x600D70E status=0x38 max_size=1524 pak_size=2
04 pak=0x000000 ds=0x600D70E status=0x38 max_size=1524 pak_size=2
05 pak=0x000000 ds=0x600D70E status=0x38 max_size=1524 pak_size=2
06 pak=0x000000 ds=0x600D70E status=0x38 max_size=1524 pak_size=2
07 pak=0x000000 ds=0x6000000 status=0x38 max_size=1524 pak_size=0
XID/Test TX desc at 0xFFFFFF, status=0x30, max_buffer_size=0, packet_size=0
XID/Test RX desc at 0xFFFFFF, status=0x0, max_buffer_size=0, packet_size=0
Status Buffer at 0x60459C8: rcv=0, tcv=0, local_state=0, remote_state=0
phase=0, tac=0, currd=0x00000, curxd=0x00000
bad_frames=0, frmrs=0, T1_timeouts=0, rej_rxs=0, runts=0
0 missed datagrams, 0 overruns, 0 bad frame addresses
0 bad datagram encapsulations, 0 user primitive errors
0 provider primitives lost, 0 unexpected provider primitives
0 spurious primitive interrupts, 0 memory errors, 0 tr
%LINEPROTO-5-UPDOWN: Linansmitter underruns
mk5025 registers: csr0 = 0x0E00, csr1 = 0x0302, csr2 = 0x0704
                  csr3 = 0x5500, csr4 = 0x0214, csr5 = 0x0008

Example of the show controllers serial Command for a PA-E3 Serial Port Adapter

The following is sample output from the show controllers serial command for a PA-E3 serial port adapter installed in slot 2:

Router# show controllers serial 2/0

M1T-E3 pa: show controller:
PAS unit 0, subunit 0, f/w version 2-55, rev ID 0x2800001, version 2
idb = 0x6080D54C, ds = 0x6080F304, ssb=0x6080F4F4
Clock mux=0x30, ucmd_ctrl=0x0, port_status=0x1
Serial config=0x8, line config=0x1B0202
maxdgram=4474, bufpool=128Kb, 256 particles

   rxLOS inactive, rxLOF inactive, rxAIS inactive
   txAIS inactive, rxRAI inactive, txRAI inactive

line state: up
E3 DTE cable, received clockrate 50071882

base0 registers=0x3D000000, base1 registers=0x3D002000
mxt_ds=0x608BA654, rx ring entries=128, tx ring entries=256
rxring=0x4B01F480, rxr shadow=0x6081081C, rx_head=26
txring=0x4B01F960, txr shadow=0x60810E48, tx_head=192, tx_tail=192, tx_count=0
throttled=0, enabled=0, disabled=0
rx_no_eop_err=0, rx_no_stp_err=0, rx_no_eop_stp_err=0
rx_no_buf=0, rx_soft_overrun_err=0, dump_err= 1
tx_underrun_err=0, tx_soft_underrun_err=0, tx_limited=0
tx_fullring=0, tx_started=11504
   Framing is g751, Clock Source is Line, Bandwidth limit is 34010.
   Scrambling is enabled
   National Bit is 0, International Bits are: 0 0
   DSU mode 1
   Data in current interval (213 seconds elapsed):
     0 Line Code Violations, 0 P-bit Coding Violation
     0 C-bit Coding Violation
     0 P-bit Err Secs, 0 P-bit Severely Err Secs
     0 Severely Err Framing Secs, 0 Unavailable Secs
     0 Line Errored Secs, 0 C-bit Errored Secs, 0 C-bit Severely Errored Secs
   Total Data (last 24 hours)
     0 Line Code Violations, 0 P-bit Coding Violation,
     0 C-bit Coding Violation,
     0 P-bit Err Secs, 0 P-bit Severely Err Secs,
     0 Severely Err Framing Secs, 0 Unavailable Secs,
     0 Line Errored Secs, 0 C-bit Errored Secs, 0 C-bit Severely Errored Secs

   No alarms detected.

Example of the show controllers serial Command for a PA-T3 Serial Port Adapter

The following is sample output from the show controllers serial command that shows serial port 1/0/0 on a 1-port PA-T3 serial port adapter installed on a VIP2 in chassis slot 1:

Router# show controllers serial 2/0/1

Serial1/0/0 -
   Mx T3(1) HW Revision 0x3, FW Revision 2.55
   Framing is c-bit, Clock Source is Line
   Bandwidth limit is 35000, DSU mode 1, Cable length is 50

   Data in current interval (325 seconds elapsed):
     0 Line Code Violations, 0 P-bit Coding Violation
     0 C-bit Coding Violation
     0 P-bit Err Secs, 0 P-bit Sev Err Secs
     0 Sev Err Framing Secs, 0 Unavailable Secs
     0 Line Errored Secs, 0 C-bit Errored Secs, 0 C-bit Sev Err Secs
   Total Data (last 24 hours)
     0 Line Code Violations, 0 P-bit Coding Violation,
     0 C-bit Coding Violation,
     0 P-bit Err Secs, 0 P-bit Sev Err Secs,
     0 Sev Err Framing Secs, 0 Unavailable Secs,
     0 Line Errored Secs, 0 C-bit Errored Secs, 0 C-bit Sev Err Secs
No alarms detected.

Example of the show controllers serial Command for a Channelized T3 SPA

The following is sample output from the show controllers serial command for a 2-port or 4-Port CT3 SPA located in slot 3 of a Cisco 7304 router:

Router# show controllers serial
Serial3/1/0 - 
   Framing is c-bit, Clock Source is Internal
   Bandwidth limit is 44210, DSU mode 0, Cable length is 10
   rx FEBE since last clear counter 0, since reset 0
   Data in current interval (0 seconds elapsed):
     0 Line Code Violations, 0 P-bit Coding Violation
     0 C-bit Coding Violation
     0 P-bit Err Secs, 0 P-bit Sev Err Secs
     0 Sev Err Framing Secs, 0 Unavailable Secs
     0 Line Errored Secs, 0 C-bit Errored Secs, 0 C-bit Sev Err Secs
     0 Severely Errored Line Secs
     0 Far-End Errored Secs, 0 Far-End Severely Errored Secs
     0 CP-bit Far-end Unavailable Secs
     0 Near-end path failures, 0 Far-end path failures
     0 Far-end code violations, 0 FERF Defect Secs
     0 AIS Defect Secs, 0 LOS Defect Secs

   Transmitter is sending AIS.

   Receiver has loss of signal.
Serial3/1/3 - 
   Framing is c-bit, Clock Source is Line
   Bandwidth limit is 44210, DSU mode 0, Cable length is 10
   rx FEBE since last clear counter 0, since reset 0
   Data in current interval (757 seconds elapsed):
     0 Line Code Violations, 0 P-bit Coding Violation
     0 C-bit Coding Violation
     0 P-bit Err Secs, 0 P-bit Sev Err Secs
     0 Sev Err Framing Secs, 0 Unavailable Secs
     0 Line Errored Secs, 0 C-bit Errored Secs, 0 C-bit Sev Err Secs
     0 Severely Errored Line Secs
     0 Far-End Errored Secs, 0 Far-End Severely Errored Secs
     0 CP-bit Far-end Unavailable Secs
     0 Near-end path failures, 0 Far-end path failures
     0 Far-end code violations, 0 FERF Defect Secs
     0 AIS Defect Secs, 0 LOS Defect Secs

   No alarms detected.

Table 40-4 describes the fields shown in the show controllers serial output.


Note The fields appearing in the output will vary depending on card type, controller configuration, and the status of the controller line.


Table 40-4 show controllers serial Field Descriptions 

Field
Description

Serial

Name of the serial controller.

Framing

Framing type.

Clock source

Source of the synchronization signal (clock).

Bandwidth limit

The allowable bandwidth for the controller.

DSU mode

The Data Service Unit (DSU) interoperability mode.

Cable length

The distance to the first repeater.

rx FEBE since last clear counter

Number of received far-end block errors.

Note Line far-end block error (accumulated from the M0 or M1 byte) is reported when the downstream LTE detects BIP(B2) errors.
Path far-end block error (accumulated from the G1 byte) is reported when the downstream PTE detects BIP(B3) errors.

rx FEBE since last reset

Number of received far-end block errors.

Line Code Violations

Number of Bipolar Violation (BPV) errors or Excessive Zeros (EXZ) errors.

P-bit Coding Violations

Number of P-bit errors encountered between source and destination.

C-bit coding violations

Number of C-bit errors encountered between source and destination.

P-bit Err Secs (PES)

Number of seconds with P-bit errors.

Note A PES is a second with one or more PCVs or one or more Out of Frame defects or a detected incoming AIS. This gauge is not incremented when UASs are counted.

P-bit Sev Err Secs (PSES)

Number of seconds with P-bit severe errors.

Note A PSES is a second with 44 or more PCVs or one or more Out of Frame defects or a detected incoming AIS. This gauge is not incremented when UASs are counted.

Sev Err Framing Secs

The number of 1-second intervals in which either a Remote Alarm Indication was received or a Loss Of Frame condition occurred.

Unavailable Secs

The number of 1-second intervals in which the controller was down.

Line Errored Secs

The number of 1-second intervals in which a Line Code Violation occurred.

C-bit Errored Secs (CES)

Number of seconds with C-bit errors.

Note A CES is a second with one or more CCVs or one or more Out of Frame defects or a detected incoming AIS. This count is only for the SYNTRAN and C-bit Parity DS3 applications. This gauge is not incremented when UASs are counted.

C-bit Sev Err Secs (CSES)

Number of seconds with severe C-bit errors.

Note A CSES is a second with 44 or more CCVs or one or more Out of Frame defects or a detected incoming AIS. This count is only for the SYNTRAN and C-bit Parity DS3 applications. This gauge is not incremented when UASs are counted.

Severely Errored Line Secs

For ESF signals, this is a second in which one of the following defects is detected:

320 or more Path Code Violation errors.

One or more Out of Frame defects.

An AIS defect.

For E1-CRC signals, this is a second with one of the following errors:

832 or more Path Code Violation errors.

One or more Out of Frame defects.

For E1-nonCRC signals, this is a second with 2048 or more Line Code Violations.

Far-End Errored Secs

Number of seconds of far-end failures.

Far-End Severely Errored Secs

The number of 1-second intervals in which either a Remote Alarm Indication was received or a Loss Of Frame condition occurred.

P-bit Unavailable Secs

Number of seconds the interface is unavailable because of P-bit errors.

CP-bit Unavailable Secs

Number of seconds the interface is unavailable because of CP-bit errors.

CP-bit Far-end Unavailable Secs

Number of seconds the interface is unavailable because of CP-bit errors from the far-end device.

Near-end path failures

 

Far-end path failures

 

Far-end code violations

 

FERF Defect Secs

Number of far-end receive failures detected per second.

AIS Defect Secs

Number of alarm indication signals per second.

LOS Defect Secs

Number of loss of signal alarms per second.

Path Code Violations

Indicates a frame synchronization bit error in the D4 and E1-no CRC formats, or a CRC error in the Extended Superframe (ESF) and E1-CRC formats.

Slip Secs

Indicates the replication or deletion of the payload bits of a domestic trunk interface (DS1) frame. A slip might happen when there is a difference between the timing of a synchronous receiving terminal and the received signal.

Fr Loss Secs

Indicates the number of seconds an Out of Frame (OOF) error is detected.

Line Err Secs

Line Errored Seconds (LES) is a second in which one or more Line Code Violation errors are detected.

Degraded Mins

A degraded minute is one in which the estimated error rate exceeds 1E-6 but does not exceed 1E-3.

Errored Secs

In ESF and E1-CRC links, an errored second is a second in which one of the following defects is detected:

One or more Path Code Violations.

One or more Controlled Slip events.

Note For SF and E1 no-CRC links, the presence of Bipolar Violations also triggers an errored second.

Bursty Err Secs

A second with more than one but fewer than 320 Path Coding Violation errors, no Severely Errored Frame defects, and no detected incoming AIS defects. Controlled slips are not included in this parameter.


show controllers T1-E1 errors

To show the last nineteen alarms on a controller, use the show controllers command in privileged EXEC mode.

show controllers {t1 | e1} slot subslot port errors

Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

port

Interface number on a SPA.

t1

Clear-channel T1 with integrated data service units (DSUs).

e1

Clear-channel E1 with integrated data service units (DSUs).


Command Modes

Privileged EXEC mode

Command History

Release
Modification

12.2(18)SXE

This command was introduced in Cisco IOS Release 12.2(18)SXE to support SPAs on the Cisco 7600 series router and Catalyst 6500 series switch.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Use the show controllers command to show the last nineteen alarms on a controller on a 8-Port T1/E1 SPA.

Examples

The following example displays the alarms on an E1 interface.

Router# #show controllers e1 10/2/4 errors 
  E1 10/2/4:Alarm Log Information
  present alarm:NONE
  Alarm:OOF 03:54:17 - 03:54:22
  Alarm:OOF 03:53:34 - 03:54:07

Related Commands

Command
Description

controller

Configures a T1, E1, or T3 controller and enters controller configuration mode.

show controller

Displays controller configuration.


show crypto ace redundancy

To display information about a Blade Failure Group, use the show crypto ace redundancy command in privileged EXEC mode.

show crypto ace redundancy

Defaults

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE2

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Examples

The following example shows information about a Blade Failure Group that has a group ID of 1 and consists of two IPSec VPN SPAs—one IPSec VPN SPA is in slot 3, subslot 0 and one IPSec VPN SPA is in slot 5, subslot 0:

Router# show crypto ace redundancy
--------------------------------------
LC Redundancy Group ID            :1
Pending Configuration Transactions:0
Current State                     :OPERATIONAL
Number of blades in the group     :2
Slots
--------------------------------------
Slot:3 Subslot:0
Slot state:0x36
Booted
Received partner config
Completed Bulk Synchronization
Crypto Engine in Service
Rebooted 22 times
Initialization Timer not running
Slot:5 Subslot:0
Slot state:0x36
Booted
Received partner config
Completed Bulk Synchronization
Crypto Engine in Service
Rebooted 24 times
Initialization Timer not running

ACE B2B Group State:OPERATIONAL Event:BULK DONE
ACE B2B Group State:CREATED Event:CONFIG_DOWNLOAD_DONE
ACE B2B Group State:DELETED Event:CONFIG_DELETE
ACE B2B Group State:OPERATIONAL Event:BULK DONE
ACE B2B Group State:CREATED Event:CONFIG_DOWNLOAD_DONE
ACE B2B Group State:DELETED Event:CONFIG_DELETE
ACE B2B Group State:OPERATIONAL Event:CONFIG_DOWNLOAD_DONE
ACE B2B Group State:DELETED Event:CONFIG_ADD
ACE B2B Group State:CREATED Event:UNDEFINED B2B HA EVENT
ACE B2B Group State:CREATED Event:CONFIG_DOWNLOAD_DONE

Related Commands

Command
Description

linecard-group feature card

Assigns a group ID to a Blade Failure Group.

redundancy

Enters redundancy configuration mode.

show redundancy linecard-group

Displays the components of a Blade Failure Group.


show crypto eli

To display how many IKE-SAs and IPSec sessions are active and how many Diffie-Hellman keys are in use for each hardware crypto engine, use the show crypto eli in user EXEC or privileged EXEC mode.

show crypto eli

Syntax Description

This command has no arguments or keywords.

Command Modes

user EXEC or privileged EXEC

Command History

Release
Modification

12.1(5)E

This command was introduced.

12.2(14)S

This command was integrated into Cisco IOS Release 12.2(14)S.

12.2(33)SRA

This command was integrated into Cisco IOS release 12.2(33)SRA.


Usage Guidelines

Use this command to obtain a snapshot of how many Internet Key Exchange (IKE) and IP Security (IPSec) sessions are active and how many Diffie-Hellman keys are in use for each hardware crypto engine. The show crypto eli command also allows you to see how far an ISA is from reaching its maximum limit.


Note IKE is a key management protocol standard that is used in conjunction with the IPSec standard. IPSec can be configured without IKE. However, IKE enhances IPSec by providing additional features, flexibility, and ease of configuration for the IPSec standard. When IKE is used with IPSec, IKE automatically negotiates the IPSec security associations (SAs).


(The eli component of the command calls the Encyption Layer Interface.)

Examples

The following is sample output for the show crypto eli command:

Router# show crypto eli 

Encryption Layer :  ACTIVE 
 Number of crypto engines = 2. 

 Slot-3 crypto engine details. 
 Capability-IPSec :No-IPPCP, 3DES, NoRSA 

 IKE-Session   :    0 active,  2029 max, 0 failed 
 DH-Key        :    0 active,  1014 max, 0 failed 
 IPSec-Session :    0 active,  4059 max, 0 failed 

 Slot-5 crypto engine details. 
 Capability-IPSec :No-IPPCP, 3DES, NoRSA 

 IKE-Session   :    0 active,  2029 max, 0 failed 
 DH-Key        :    0 active,  1014 max, 0 failed 
 IPSec-Session :    0 active,  4059 max, 0 failed 

The following is sample output for the show crypto eli command for the IPSec VPN SPA:

Router# show crypto eli

>>Hardware Encryption : ACTIVE
>> Number of hardware crypto engines = 2
>> 
>> CryptoEngine SPA-IPSEC-2G[3/0] details: state = Active
>> Capability      : 
>>     IPSEC: DES, 3DES, AES, RSA
>> 
>> IKE-Session   :     0 active, 16383 max, 0 failed
>> DH            :     0 active,  9999 max, 0 failed
>> IPSec-Session :     0 active, 65534 max, 0 failed
>> 
>> CryptoEngine SPA-IPSEC-2G[3/1] details: state = Active
>> Capability      : 
>>     IPSEC: DES, 3DES, AES, RSA
>> 
>> IKE-Session   :     1 active, 16383 max, 0 failed
>> DH            :     0 active,  9999 max, 0 failed
>> IPSec-Session :     2 active, 65534 max, 0 failed

Table 40-5 describes significant fields shown in the display.

Table 40-5 show crypto eli summary Field Descriptions

Field
Description

active

The number of sessions that are active on a given hardware crypto engine.

max

The maximum number of sessions allowed for any given IKE, DH, or IPSec entry.

failed

The number of times that Cisco IOS software attempted to create more sessions than the number specified in "max."


show crypto engine accelerator statistic

To display IP Security (IPsec) encryption statistics and error counters for the onboard hardware accelerator of the router or the IPsec Virtual Private Network (VPN) Shared Port Adapter (SPA), use the show crypto engine accelerator statistic command in privileged EXEC mode.

show crypto engine accelerator statistic

IPsec VPN SPA

show crypto engine accelerator statistic [slot slot/subslot | all] [detail]

Syntax Description

slot slot/subslot

(IPsec VPN SPA only—Optional) Chassis slot number and secondary slot number on the SPA Interface Processor (SIP) where the SPA is installed. Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

Displays platform statistics for the corresponding IPsec VPN SPA. This output will not include network interface controller statistics.

all

(IPsec VPN SPA only—Optional) Displays platform statistics for all IPsec VPN SPAs on the router. This output will not include network interface controller statistics.

detail

(IPsec VPN SPA only—Optional) Displays platform statistics for the IPsec VPN SPA and network interface controller statistics. Note that the controller statistics contain Layer 2 (L2) counters.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(1)XC

This command was introduced for the Cisco 1700 series router and other Cisco routers that support hardware accelerators for IPsec encryption.

12.1(3)XL

This command was implemented on the Cisco uBR905 cable access router.

12.2(2)XA

Support was added for the Cisco uBR925 cable access router.

12.2(13)T

This command was integrated into Cisco IOS Release 12.2(13)T and implemented for the AIM-VPN/EPII and AIM-VPN/HPII on the following platforms: Cisco 2691, Cisco 3660, Cisco 3725, and Cisco 3745. In addition, the output for this show command was enhanced to display compression statistics.

12.2(15)ZJ

This command was implemented for the AIM-VPN/BPII on the following platforms: Cisco 2610XM, Cisco 2611XM, Cisco 2620XM, Cisco 2621XM, Cisco 2650XM, and Cisco 2651XM.

12.3(4)T

The AIM-VPN/BPII was integrated into Cisco IOS Release 12.3(4)T on the following platforms: Cisco 2610XM, Cisco 2611XM, Cisco 2620XM, Cisco 2621XM, Cisco 2650XM, and Cisco 2651XM.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA to support the IPsec VPN SPA on Cisco 7600 series routers and Catalyst 6500 series switches.

12.4(9)T

Output was added for the AIM-VPN Secure Sockets Layer (SSL) encryption module.


Usage Guidelines

No specific usage guidelines apply to the hardware accelerators.

IPsec VPN SPA

Enter the slot keyword to display platform statistics for the corresponding IPSec VPN SPA. This output will not include network interface controller statistics.

Enter the all keyword to display platform statistics for all IPSec VPN SPAs on the router. This output will not include network interface controller statistics.

Enter the detail keyword to display platform statistics for the IPSec VPN SPA and network interface controller statistics. Note that the controller statistics contain L2 counters.

Examples

Hardware VPN Module

The following example displays compression statistics for a hardware VPN module:

Router# show crypto engine accelerator statistic 

Device:   AIM-VPN/SSL-3
Location: AIM Slot: 0
Virtual Private Network (VPN) Module in slot : 0
	Statistics for Hardware VPN Module since the last clear
	 of counters 85319 seconds ago
	            560 packets in                         560 packets out           
	          95600 bytes in                        124720 bytes out             
	              0 paks/sec in                          0 paks/sec out          
	              0 Kbits/sec in                         0 Kbits/sec out         
	              0 packets decrypted                  560 packets encrypted     
	              0 bytes before decrypt            124720 bytes encrypted       
	              0 bytes decrypted                  95600 bytes after encrypt   
	              0 packets decompressed                 0 packets compressed    
	              0 bytes before decomp                  0 bytes before comp     
	              0 bytes after decomp                   0 bytes after comp      
	              0 packets bypass decompr               0 packets bypass compres
	              0 bytes bypass decompres               0 bytes bypass compressi
	              0 packets not decompress               0 packets not compressed
	              0 bytes not decompressed               0 bytes not compressed  
                  1.0:1 compression ratio                1.0:1 overall
	          10426 commands out                     10426 commands acknowledged 
		Last 5 minutes: 
	              0 packets in                           0 packets out           
	              0 paks/sec in                          0 paks/sec out          
	              0 bits/sec in                          0 bits/sec out          
	              0 bytes decrypted                      0 bytes encrypted       
	              0 Kbits/sec decrypted                  0 Kbits/sec encrypted   
                  1.0:1 compression ratio                1.0:1 overall

	Errors:
	   ppq full errors         :        0   ppq rx errors           :        0
	   cmdq full errors        :        0   cmdq rx errors          :        0
	   ppq down errors         :        0   cmdq down errors        :        0
	   no buffer               :        0   replay errors           :        0
	   dest overflow           :        0   authentication errors   :        0
	   Other error             :        0   Raw Input Underrun      :        0
	   IPSEC Unsupported Option:        0   IPV4 Header Length      :        0
	   ESP Pad Length          :        0   IPSEC Decompression     :        0
	   AH ESP seq mismatch     :        0   AH Header Length        :        0
	   AH ICV Incorrect        :        0   IPCOMP CPI Mismatch     :        0
	   IPSEC ESP Modulo        :        0   Unexpected IPV6 Extensio:        0
	   Unexpected Protocol     :        0   Dest Buf overflow       :        0
	   IPSEC Pkt is fragment   :        0   IPSEC Pkt src count     :        0
	   Invalid IP Version      :        0   Unwrappable             :        0
	   SSL Output overrun      :        0   SSL Decompress failure  :        0
	   SSL BAD Decomp History  :        0   SSL Version Mismatch    :        0
	   SSL Input overrun       :        0   SSL Conn Modulo         :        0
	   SSL Input Underrun      :        0   SSL Connection closed   :        0
	   SSL Unrecognised content:        0   SSL record header length:        0
	   PPTP Duplicate packet   :        0   PPTP Exceed max missed p:        0
	   RNG self test fail      :        0   DF Bit set              :        0
	   Hash Miscompare         :        0   Unwrappable object      :        0
	   Missing attribute       :        0   Invalid attrribute value:        0
	   Bad Attribute           :        0   Verification Fail       :        0
	   Decrypt Failure         :        0   Invalid Packet          :        0
	   Invalid Key             :        0   Input Overrun           :        0
	   Input Underrun          :        0   Output buffer overrun   :        0
	   Bad handle value        :        0   Invalid parameter       :        0
	   Bad function code       :        0   Out of handles          :        0
	   Access denied           :        0   Out of memory           :        0
	   NR overflow             :        0   pkts dropped            :        0

	Warnings:
	   sessions_expired        :        0   packets_fragmented      :        0
	   general:                :        0

	HSP details:
	   hsp_operations          :    10441   hsp_sessions            :        1


Tip In Cisco IOS Release 12.2(8)T and later releases, you can add a time stamp to show commands using the exec prompt timestamp command in line configuration mode.


Table 40-6 show crypto engine accelerator statistic Compression Statistics Descriptions 

Counter
Description

packets decompressed

Number of packets that were decompressed by the interface.

packets compressed

Number of packets that were compressed by the interface.

bytes before decomp

Number of compressed bytes that were presented to the compression algorithm from the input interface on decrypt.

bytes before comp

Number of uncompressed bytes (payload) that were presented to the compression algorithm from Cisco IOS on encrypt.

bytes after decomp

Number of decompressed bytes that were sent to Cisco IOS by the compression algorithm on decrypt.

bytes after comp

Number of compressed bytes that were forwarded to Cisco IOS by the algorithm on encrypt.

packets bypass compres

Number of packets that were not compressed because they were too small (<128 bytes).

packets not compressed

Number of packets that were not compressed because the packets are expanded rather than compressed.

compression ratio

Ratio of compression and decompression of packets presented to the compression algorithm that were successfully compressed or decompressed. This statistic measures the efficiency of the algorithm for all packets that were compressed or decompressed.

overall

Ratio of compression and decompression of packets presented to the compression algorithm, including those that were not compressed due to expansion, too small. This ratio indicates whether the data traffic on this interface is suitable for compression. A ratio of 1:1 would imply that no successful compression is being performed on this data traffic.


IPsec VPN SPA

The following example shows the platform statistics for the IPSec VPN SPA in slot 1 subslot 0 and also displays the network interface controller statistics:

Router# show crypto engine accelerator statistic slot 1/0 detail

VPN module in slot 1/0


Decryption Side Data Path Statistics
====================================
Packets RX...............: 454260
Packets TX...............: 452480

IPSec Transport Mode.....: 0
IPSec Tunnel Mode........: 452470
AH Packets...............: 0
ESP Packets..............: 452470
GRE Decapsulations.......: 0
NAT-T Decapsulations.....: 0
Clear....................: 8
ICMP.....................: 0

Packets Drop.............: 193
Authentication Errors....: 0
Decryption Errors........: 0
Replay Check Failed......: 0
Policy Check Failed......: 0
Illegal CLear Packet.....: 0
GRE Errors...............: 0
SPD Errors...............: 0
HA Standby Drop..........: 0

Hard Life Drop...........: 0
Invalid SA...............: 191
SPI No Match.............: 0
Destination No Match.....: 0
Protocol No Match........: 0

Reassembly Frag RX.......: 0
IPSec Fragments..........: 0
IPSec Reasm Done.........: 0
Clear Fragments..........: 0
Clear Reasm Done.........: 0
Datagrams Drop...........: 0
Fragments Drop...........: 0


Decryption Side Controller Statistics 

=====================================
Frames RX................: 756088
Bytes RX.................: 63535848
Mcast/Bcast Frames RX....: 2341
RX Less 128Bytes.........: 756025
RX Less 512Bytes.........: 58
RX Less 1KBytes..........: 2
RX Less 9KBytes..........: 3
RX Frames Drop...........: 0

Frames TX................: 452365
Bytes TX.................: 38001544
Mcast/Bcast Frames TX....: 9
TX Less 128Bytes.........: 452343
TX Less 512Bytes.........: 22
TX Less 1KBytes..........: 0
TX Less 9KBytes..........: 0


Encryption Side Data Path Statistics
====================================
Packets RX...............: 756344
Packets TX...............: 753880
IPSec Transport Mode.....: 0
IPSec Tunnel Mode........: 753869
GRE Encapsulations.......: 0
NAT-T Encapsulations.....: 0
LAF prefragmented........: 0

Fragmented...............: 0
Clear....................: 753904
ICMP.....................: 0

Packets Drop.............: 123
IKE/TED Drop.............: 27
Authentication Errors....: 0
Encryption Errors........: 0
HA Standby Drop..........: 0

Hard Life Drop...........: 0
Invalid SA...............: 191

Reassembly Frag RX.......: 0
Clear Fragments..........: 0
Clear Reasm Done.........: 0
Datagrams Drop...........: 0
Fragments Drop...........: 0


Encryption Side Controller Statistics
=====================================
Frames RX................: 454065
Bytes RX.................: 6168274/
Mcast/Bcast Frames RX....: 1586
RX Less 128Bytes.........: 1562
RX Less 512Bytes.........: 452503
RX Less 1KBytes..........: 0
RX Less 9KBytes..........: 0
RX Frames Drop...........: 0

Frames TX................: 753558
Bytes TX.................: 100977246
Mcast/Bcast Frames TX....: 2
TX Less 128Bytes.........: 3
TX Less 512Bytes.........: 753555
TX Less 1KBytes..........: 0
TX Less 9KBytes..........: 0

Table 40-7 describes significant fields shown in the display.

Table 40-7 show crypto engine accelerator statistic IPsec VPN SPA
Statistics Descriptions 

Field
Description

Decryption Data Side Path Statistics

Packets RX

Number of packets received on the decryption side of the IPSec VPN SPA.

Packets TX

Number of packets transmitted by IPSec VPN SPA in the decryption direction.

IPSec Transport Mode

Number of packets in IPSec Transport Mode.

IPSec Tunnel Mode

Number of packets in IPSec Tunnel Mode.

AH Packets

Number of packets with authentication headers (AHs).

ESP Packets

Number of packets with Encapsulating Security Payload (ESP) headers.

GRE Decapsulations

Number of packets that were generic routing encapsulating (GRE) decapsulated.

NAT-T Decapsulations

Number of packets that were Network Address Translation-Traversal (NAT-T) decapsulated.

Clear

Number of clear packets received.

ICMP

Number of Internet Control Message Protocol (ICMP) packets received.

Packets Drop

Number of packet drops.

Authentication Errors

Number of authentication errors.

Decryption Errors

Number of decryption errors.

Replay Check Failed

Number of replay check errors.

Policy Check Failed

Number of policy check errors.

Illegal Clear Packet

Number of illegal clear packets.

GRE Errors

Number of GRE errors due to invalid packets or invalid security associations (SAs).

SPD Errors

Number of Security Policy Database (SPD) errors.

HA Standby Drop

Number of packet drops on a High Availability (HA) standby IPSec VPN SPA.

Note The standby IPSec VPN SPA is not supposed to receive packets.

Hard Life Drop

Number of packet drops due to SA hard life expiration.

Invalid SA

Number of packet drops due to invalid SA.

SPI No Match

Number of packet drops due to SPI mismatch.

Destination No Match

Number of packet drops due to destination no match.

Protocol No Match

Number of packet drops due to protocol no match.

Reassembly Frag RX

Number of packets that required reassembly processing.

IPSec Fragments

Number of IPSec fragments.

IPSec Reasm Done

Number of IPSec fragments reassembled.

Clear Fragments

Number of clear fragments.

Clear Reasm Done

Number of clear fragments reassembled.

Datagrams Drop

Number of reassembled datagrams dropped.

Fragments Drop

Number of fragments dropped.

Decryption Side Controller Statistics

Frames RX

Number of frames received.

Bytes RX

Number of bytes received.

Mcast/Bcast Frames RX

Number of multicast/broadcast frames received.

RX Less 128Bytes

Number of frames less than 128 bytes.

RX Less 512Bytes

Number of frames with size greater than or equal to 128 bytes and less than 512 bytes.

RX Less 1KBytes

Number of frames with size greater than or equal to 512 bytes and less than 1 kilobyte (KB).

RX Less 9KBytes

Number of frames with size greater than or equal to 1KB and less than 9 KBs.

RX Frames Drop

Number of frames dropped.

Frames TX

Number of frames transmitted.

Bytes TX

Number of bytes transmitted.

Mcast/Bcast Frames TX

Number of multicast/broadcast frames transmitted.

TX Less 128Bytes

Number of frames less than 128 bytes.

TX Less 512Bytes

Number of frames with size greater than or equal to 128 bytes and less than 512 bytes.

TX Less 1KBytes

Number of frames with size greater than or equal to 512 bytes and less than 1 KB.

TX Less 9KBytes

Number of frames with size greater than or equal to 1 KB and less than 9 KBs.

Encryption Side Data Path Statistics

Packets RX

Number of packets received on the encryption side of the IPSec VPN SPA.

Packets TX

Number of packets transmitted by the IPSec VPN SPA in the encryption direction.

IPSec Transport Mode

Number of packets in IPSec Transport Mode.

IPSec Tunnel Mode

Number of packets in IPSec Tunnel Mode.

GRE Encapsulations

Number of packets that were GRE encapsulated.

NAT-T Encapsulations

Number of packets that were NAT-T encapsulated.

LAF prefragmented

Number of packets with Look Ahead Fragmentation set and that were prefragmented.

Fragmented

Number of packets fragmented.

Clear

Number of clear packets.

ICMP

Number of ICMP packets.

Packets Drop

Number of packet drops.

IKE/TED Drop

Number of packet drops because SA has not been set up.

Authentication Errors

Number of authentication errors.

Encryption Errors

Number of Encryption errors.

HA Standby Drop

Number of packet drops on a HA standby IPSec VPN SPA.

Note The standby IPSec VPN SPA is not supposed to receive packets.

Hard Life Drop

Number of packet drops due to SA hard-life expiration.

Invalid SA

Number of packet drops due to invalid SA.

Reassembly Frag RX

Number of packets that required reassembly processing.

Clear Fragments

Number of clear fragments.

Clear Reasm Done

Number of clear fragments reassembled.

Datagrams Drop

Number of reassembled datagrams dropped.

Fragments Drop

Number of fragments dropped.

Encryption Side Controller Statistics

Frames RX

Number of frames received.

Bytes RX

Number of bytes received.

Mcast/Bcast Frames RX

Number of multicast/broadcast frames received.

RX Less 128Bytes

Number of frames less than 128 bytes.

RX Less 512Bytes

Number of frames with size greater than or equal to 128 bytes and less than 512 bytes.

RX Less 1KBytes

Number of frames with size greater than or equal to 512 bytes and less than 1 KB.

RX Less 9KBytes

Number of frames with size greater than or equal to 1 KB and less than 9 KBs.

RX Frames Drop

Number of frames dropped.

Frames TX

Number of frames transmitted.

Bytes TX

Number of bytes transmitted.

Mcast/Bcast Frames TX

Number of multicast/broadcast frames transmitted.

TX Less 128Bytes

Number of frames less than 128 bytes.

TX Less 512Bytes

Number of frames with size greater than or equal to 128 bytes and less than 512 bytes.

TX Less 1KBytes

Number of frames with size greater than or equal to 512 bytes and less than 1 KB.

TX Less 9KBytes

Number of frames with size greater than or equal to 1 KB and less than 9 KBs.


Related Commands

Command
Description

clear crypto engine accelerator counter

Resets the statistical and error counters for the hardware accelerator to zero.

crypto ca

Defines the parameters for the certification authority used for a session.

crypto cisco

Defines the encryption algorithms and other parameters for a session.

crypto dynamic-map

Creates a dynamic map crypto configuration for a session.

crypto engine accelerator

Enables the use of the onboard hardware accelerator of the Cisco uBR905 and Cisco uBR925 routers for IPSec encryption.

crypto ipsec

Defines the IPsec SAs and transformation sets.

crypto isakmp

Enables and defines the IKE protocol and its parameters.

crypto key

Generates and exchanges keys for a cryptographic session.

crypto map

Creates and modifies a crypto map for a session.

debug crypto engine accelerator control

Displays each control command as it is given to the crypto engine.

debug crypto engine accelerator packet

Displays information about each packet sent for encryption and decryption.

show crypto engine accelerator ring

Displays the contents of command and transmit rings for the crypto engine.

show crypto engine accelerator sa-database

Displays the active (in-use) entries in the crypto engine security association (SA) database.

show crypto engine brief

Displays a summary of the configuration information for the crypto engine.

show crypto engine configuration

Displays the version and configuration information for the crypto engine.

show crypto engine connections

Displays a list of the current connections maintained by the crypto engine.


show crypto vlan

To display the VPN running state for an IPSec VPN SPA, use the show crypto vlan command in privileged EXEC mode.

show crypto vlan

Defaults

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE2

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

When you show the configuration, the crypto engine subslot configuration state is expressed in the context of the associated interface VLAN. The interface VLAN is also shown as having been added to the appropriate inside trunk port. This is the case even if the configuration was loaded from a legacy (pre-crypto engine subslot) configuration file, or if VLANs were manually added instead of being added through the crypto engine subslot command.

Examples

In the following example, the interface VLAN belongs to the IPSec VPN SPA inside port:

Router# show crypto vlan
  Interface VLAN 2 on IPSec Service Module port 7/1/1 connected to Fa8/3

In the following example, VLAN 2 is the interface VLAN and VLAN 2022 is the hidden VLAN:

Router# show crypto vlan
Interface VLAN 2 on IPSec Service Module port 3/1/1 connected to VLAN 2022 with crypto map 
set coral2

In the following example, either the interface VLAN is missing on the IPSec VPN SPA inside port, the IPSec VPN SPA is removed from the chassis, or the IPSec VPN SPA was moved to a different subslot:

Router# show crypto vlan
  Interface VLAN 2 connected to VLAN 3 (no IPSec Service Module attached)

Related Commands

Command
Description

crypto connect vlan

Creates an interface VLAN for an IPSec VPN SPA and enters crypto-connect mode.

crypto engine subslot

Assigns an interface VLAN that requires encryption to the IPSec VPN SPA.


s

show diagbus

To display diagnostic information about a controller, interface processor, port adapter, or SPA interface processor (SIP) installed in a specified slot in the router, use the show diagbus command in EXEC or privileged EXEC configuration mode.

show diagbus [slot]

Syntax Description

slot

(Optional) Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.


Defaults

If no chassis slot is specified, the command displays hardware information for all chassis slots.

Command Modes

EXEC

Privileged EXEC

Command History

Release
Modification

11.2

This command was introduced.

12.2S

This command was integrated into Cisco IOS Release 12.2S.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE and added support for SPA Interface Processors (SIPs) and their shared port adapters (SPAs) on the Cisco 7600 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

When using the show diagbus command for a SIP, you will also obtain status information for any SPA installed in that SIP.

Examples

Cisco 7513 Router with a VIP2 Example

The following is sample output from the Cisco 7513 router with a VIP2 in slot 8. This card has two 4-port Token Ring port adapters located in port adapter bays 0 and 1.

Router# show diagbus 8
Slot 8:
        Physical slot 8, ~physical slot 0x7, logical slot 8, CBus 0
        Microcode Status 0x4
        Master Enable, LED, WCS Loaded
        Board is analyzed 
        Pending I/O Status: None
        EEPROM format version 1
        VIP2 controller, HW rev 2.2, board revision UNKNOWN
        Serial number: 03341418  Part number: 73-1684-02
        Test history: 0x00        RMA number: 00-00-00
        Flags: cisco 7000 board; 7500 compatible
        EEPROM contents (hex):
          0x20: 01 15 02 02 00 32 FC 6A 49 06 94 02 00 00 00 00
          0x30: 07 2B 00 2A 1A 00 00 00 00 00 00 00 00 00 00 00

        Slot database information:
        Flags: 0x4      Insertion time: 0x3188 (01:20:53 ago)

        Controller Memory Size: 8 MBytes

        PA Bay 0 Information:
                Token Ring PA, 4 ports
                EEPROM format version 1
                HW rev 1.1, Board revision 0
                Serial number: 02827613  Part number: 73-1390-04 
        PA Bay 1 Information:
                Token Ring PA, 4 ports
                EEPROM format version 1
                HW rev 1.1, Board revision 88
                Serial number: 02023786  Part number: 73-1390-04 

Cisco 7200 Series Router with an Ethernet Port Adapter Example

The following is sample output from the show diagbus command for the Ethernet interface in slot 2 on a Cisco 7200 series router:

Router# show diagbus 2 
Slot 2:
        Ethernet port adapter, 8 ports
        Port adapter is analyzed
        Port adapter insertion time 1d18h ago
        Hardware revision 1.0           Board revision K0
        Serial number     2023387       Part number    73-1391-03
        Test history      0x0           RMA number     00-00-00
        EEPROM format version 1
        EEPROM contents (hex):
          0x20: 01 01 01 00 00 1E DF DB 49 05 6F 03 00 00 00 00
          0x30: A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Cisco 7600 Series Router with a SIP Example

The following command displays information about the Cisco 7600 SIP-200 installed in chassis slot 2, and the POS SPA that is installed in subslot 3 of the SIP:

Router# show diagbus 2
Slot 2: Logical_index 4
        4-adapter SIP-200 controller
        Board is analyzed ipc ready
        HW rev 0.232, board revision 05
        Serial Number:  Part number: 73-8272-02

        Slot database information:
        Flags: 0x2004   Insertion time: 0x58C5584 (2w0d ago)

        Controller Memory Size:
                192 MBytes CPU Memory
                63 MBytes Packet Memory
                255 MBytes Total on Board SDRAM
        IOS (tm) cwlc Software (sip1-DW-M), Experimental Version 12.2(20040824:180829) 
[abcabc-pikespeak_3

        SPA Information:
        subslot 2/3: 4xOC3 POS SPA (0x440), status: ok

show hw-module all fpd

To display the current versions of all field-programmable devices (FPDs) for all of the supported card types on a router, enter the show hw-module all fpd command in privileged EXEC configuration mode.

show hw-module all fpd

Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Other than the FPD version information, the output for this command may also contain useful FPD-related notes.

For more information about FPD upgrades on SPA interface processors (SIPs) and shared port adapters (SPAs), refer to the Cisco 7600 Series Router SIP, SSC, and SPA Software Configuration Guide.

Examples

This example shows FPD image file versions for all SIPs and SPAs in the Cisco 7600 series router:

Router# show hw-module all fpd

==== ====================== ====== =============================================
                             H/W   Field Programmable   Current   Min. Required
Slot Card Type               Ver.  Device: "ID-Name"    Version      Version
==== ====================== ====== ================== =========== ==============
   4 7600-SIP-200            0.132 1-I/O FPGA             0.19        0.18     
                                   2-EOS FPGA             0.22        0.22     
                                   3-PEGASUS TX FPGA      0.121       0.121    
                                   4-PEGASUS RX FPGA      0.13        0.13     
                                   5-ROMMON               1.1         1.1      
---- ---------------------- ------ ------------------ ----------- --------------
 4/0 SPA-4XOC3-ATM           1.0   1-I/O FPGA             0.121       0.121    
---- ---------------------- ------ ------------------ ----------- --------------
 4/1 SPA-8XCHT1/E1           0.117 1-ROMMON               2.12        2.12     
                                   2-I/O FPGA             0.22        0.22     
---- ---------------------- ------ ------------------ ----------- --------------
 4/3 SPA-4XCT3/DS0           0.253 1-ROMMON               2.12        2.12     
                                   2-I/O FPGA             0.21        0.21     
                                   3-T3 SUBRATE FPGA      0.15        0.15     
==== ====================== ====== =============================================

This example shows FPD image file versions that require an upgrade (indicated by the asterisk) for two SIPs in the Cisco 7600 series router. The SIPs are disabled due to the version mismatch:

Router# show hw-module all fpd

==== ====================== ====== =============================================
                             H/W   Field Programmable   Current   Min. Required
Slot Card Type               Ver.  Device: "ID-Name"    Version      Version
==== ====================== ====== ================== =========== ==============
   1 7600-SIP... <DISABLED>  0.550 1-I/O FPGA             1.1         1.1     
                                   2-EOS FPGA             1.211       1.211   
                                   3-PEGASUS TX FPGA      1.129       1.129   
                                   4-PEGASUS RX FPGA      1.3         1.3     
                                   5-ROMMON               1.1         1.2     *
---- ---------------------- ------ ------------------ ----------- --------------
   4 7600-SIP... <DISABLED>  0.550 1-I/O FPGA             1.1         1.1     
                                   2-EOS FPGA             1.211       1.211   
                                   3-PEGASUS TX FPGA      1.129       1.129   
                                   4-PEGASUS RX FPGA      1.3         1.3     
                                   5-ROMMON               1.1         1.2     *
==== ====================== ====== =============================================
 NOTES:
       - FPD images that are required to be upgraded are indicated with a '*'
         character in the "Minimal Required Version" field.
       - The following FPD image package file is required for the upgrade:
         "c7600-fpd-pkg.122-18.SXE.pkg"

Related Commands

Command
Description

show hw-module slot fpd

Displays the current versions of all FPDs for a SIP in the specified slot location and for all of the SPAs installed in that SIP.

show hw-module subslot fpd

Displays the current versions of all FPDs for a particular SPA or all of the active SPAs on a router.


show hw-module slot align

To display alignment data for a SPA interface processor (SIP) or other module, use the show hw-module slot align command in privileged EXEC configuration mode. The command does not have a no form.

show hw-module slot slot align [cpu {0 | 1}]

Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

cpu { 0 | 1}

(Optional) Number of the CPU (0 or 1) for which you want to display data.


Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The number of CPUs available varies by the type of SIP. Although the Cisco 7600 SIP-200 has two CPUs, you can display alignment data for the first CPU (CPU 0) only.

Examples

The following example shows that there has not been any alignment data for the SIP installed in slot 2 of the router:

Router# show hw-module slot 2 align
No alignment data has been recorded.

No spurious memory references have been recorded.

show hw-module slot fpd

To display the current versions of all field-programmable devices (FPDs) for a SIP in the specified slot location and for all of the SPAs installed in that SIP, enter the show hw-module slot fpd command in privileged EXEC configuration mode. The command does not have a no form.

show hw-module slot slot fpd

Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.


Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Use the show hw-module slot fpd command to show the FPD image version information for a particular SIP and all of its installed SPAs. To display FPD information for all SIPs and SPAs in the system, use the show hw-module all fpd command.

Other than the FPD version information, the output for this command may also contain useful FPD-related notes.

For more information about FPD upgrades on SPA interface processors (SIPs) and shared port adapters (SPAs), refer to the Cisco 7600 Series Router SIP, SSC, and SPA Software Configuration Guide.

Examples

The output display in this example shows that the FPD versions on the SIP installed in chassis slot 4, and each of its installed SPAs, meet the minimum FPD requirements:

Router# show hw-module slot 4 fpd

==== ====================== ====== =============================================
                             H/W   Field Programmable   Current   Min. Required
Slot Card Type               Ver.  Device: "ID-Name"    Version      Version
==== ====================== ====== ================== =========== ==============
   4 7600-SIP-200            0.550 1-I/O FPGA             1.1         1.1     
                                   2-EOS FPGA             1.211       1.211   
                                   3-PEGASUS TX FPGA      1.129       1.129   
                                   4-PEGASUS RX FPGA      1.3         1.3     
                                   5-ROMMON               1.2         1.2     
---- ---------------------- ------ ------------------ ----------- --------------
 4/0 SPA-2XT3/E3             1.0   1-ROMMON               2.12        2.12    
                                   2-I/O FPGA             0.24        0.24    
                                   3-E3 FPGA              0.6         0.6     
                                   4-T3 FPGA              0.14        0.14    
---- ---------------------- ------ ------------------ ----------- --------------
 4/1 SPA-4XOC3-POS           0.209 1-I/O FPGA             3.4         3.4     
---- ---------------------- ------ ------------------ ----------- --------------
 4/2 SPA-8XCHT1/E1           0.117 1-ROMMON               2.12        2.12    
                                   2-I/O FPGA             1.2         1.2     
==== ====================== ====== =============================================

Related Commands

Command
Description

show hw-module all fpd

Displays the current versions of all FPDs for all of the supported card types on a router.

show hw-module subslot fpd

Displays the current versions of all FPDs for a particular SPA or all of the active SPAs on a router.


show hw-module slot logging

To display logging information for a SPA interface processor (SIP) or other module, use the show hw-module slot logging command in privileged EXEC configuration mode. The command does not have a no form.

show hw-module slot slot logging [cpu {0 | 1}]

Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

cpu {0 | 1}

(Optional) Number of the CPU (0 or 1) for which you want to display data.


Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The number of CPUs available varies by the type of SIP. Although the Cisco 7600 SIP-200 has two CPUs, you can display alignment data for the first CPU (CPU 0) only.

Examples

The following example shows logging information and messages for the SIP installed in slot 2 of the router:

Router# show hw-module slot 2 logging

Syslog logging: enabled (0 messages dropped, 2 messages rate-limited, 0 flushes,
 0 overruns)
    Console logging: level debugging, 90 messages logged
    Monitor logging: level debugging, 0 messages logged
    Buffer logging: level debugging, 92 messages logged
    Exception Logging: size (4096 bytes)
    Count and timestamp logging messages: disabled

Log Buffer (8192 bytes):

00:00:01:  hyp_dev_attach
00:00:01:  hyp_dev_init
00:00:01:  hyp_init
00:00:01:  hyp_dev_disable_intr
00:00:01:  hyp_mx_sub_core_reset
00:00:01:  hyp_mx_sub_core_unreset
00:00:01:  hyp_mx_slv_reset
00:00:01:  hyp_mx_slv_unreset
00:00:01:  hyp_reg_config
00:00:01:  hyp_fi_fr_reg_config
00:00:01:  hyp_set_oper_mode
00:00:01:  hyp_dev_enable_intr
00:00:03:  Initializing rate limit function ===!!!
00:00:04: Currently running ROMMON from ROM F2
SLOT 2/0: 00:00:04: %SYS-5-RESTART: System restarted --
Cisco Internetwork Operating System Software
IOS (tm) cwlc Software (sip1-DW-M), Experimental Version 12.2(20040824:180829) [
dperez-pikespeak_3 174]
Copyright (c) 1986-2004 by cisco Systems, Inc.
Compiled Wed 01-Sep-04 13:54 by dperez
00:00:05:  hyp_init
00:00:05:  hyp_dev_disable_intr
00:00:05:  hyp_mx_sub_core_reset
00:00:05:  hyp_mx_sub_core_unreset
00:00:05:  hyp_mx_slv_reset
00:00:05:  hyp_mx_slv_unreset
00:00:05:  hyp_reg_config
00:00:05:  hyp_fi_fr_reg_config
00:00:05:  hyp_set_oper_mode
00:00:05:  hyp_dev_enable_intr
SLOT 2/0: 00:00:05: %HYPERION-5-BUS_MODE_CHANGE: The System Switching Bus Mode c
hanged to Compact mode
00:00:05:
00:00:05:  hyp_fabric_intf_cnfg
00:00:05: Fabric Information
00:00:05: ==================
00:00:05:  Speed        = 8G
00:00:05:  Channel mode = Mode2-SSA/SSO
00:00:05:  Channel      = Secondary
00:00:05:  hyp_rbh_reg_clear
00:00:05:  Serial Secondary Channel SYNC SUCCESS!
SLOT 2/0: 00:00:05: %SCP-5-ENABLE: Module enabled
00:00:05:  hyp_fabric_intf_cnfg
00:00:05:  hyp_fpoe_chan_init
00:00:05: sip_hyp_check_sync_100ms:Opened SSA DDR
00:00:05: sip_hyp_check_sync_100ms:Opened n/w DDR
SLOT 2/0: 00:00:08: %SCP-5-ONLINE: Module online
00:00:09: % FPD_MGMT[65535]: Sending FPD version check request
00:00:09: % FPD_MGMT[65535]: Change FPD upgrade state to FPD_STATE_UPGRADE_IN_PR
OGRESS
00:00:09: % FPD_MGMT[65535]: Change FPD upgrade state to FPD_STATE_NO_UPGRADE_NE
EDED
SLOT 2/0: 00:00:09: %SIPSPA-6-OIR: Bay 3 SPA Power changed to On
SLOT 2/0: 00:00:10: %SIPSPA-6-OIR: Bay 3 SPA OK changed to On
00:00:10: % FPD_MGMT[3]: Sending FPD version check request
00:00:10: % FPD_MGMT[3]: Change FPD upgrade state to FPD_STATE_UPGRADE_IN_PROGRE
SS
00:00:10: % FPD_MGMT[3]: Change FPD upgrade state to FPD_STATE_NO_UPGRADE_NEEDED
SLOT 2/0: 00:00:13: %SCC-2-PROTO_HW: Module (2/3) is a registered proto-type for
 Cisco Lab use only, and not certified for live network operation.
SLOT 2/0: 00:00:15: %LINK-3-UPDOWN: Interface POS2/3/0, changed state to down

show hw-module slot proc cpu

To display CPU utilization for each process on a SPA interface processor (SIP) or other module, use the show hw-module slot proc cpu command in privileged EXEC configuration mode. The command does not have a no form.

show hw-module slot slot proc cpu [cpu {0 | 1}]

Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

cpu {0 | 1}

(Optional) Number of the CPU (0 or 1) for which you want to display data.


Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

The number of CPUs available varies by the type of SIP. Although the Cisco 7600 SIP-200 has two CPUs, you can display alignment data for the first CPU (CPU 0) only.

Examples

The following example shows CPU utilization per process for the SIP installed in slot 2 of the router:

Router# show hw-module slot 2 proc cpu

CPU utilization for five seconds: 0%/0%; one minute: 0%; five minutes: 0%
 PID Runtime(ms)   Invoked      uSecs   5Sec   1Min   5Min TTY Process
   1           0         1          0  0.00%  0.00%  0.00%   0 Chunk Manager
   2           0    255569          0  0.00%  0.00%  0.00%   0 Load Meter
   3           4   1884015          0  0.00%  0.00%  0.00%   0 CEF process
   4       86532    129737        666  0.08%  0.00%  0.00%   0 Check heaps
   5           0       743          0  0.00%  0.00%  0.00%   0 Pool Manager
   6           0         2          0  0.00%  0.00%  0.00%   0 Timers
   7           0         1          0  0.00%  0.00%  0.00%   0 AAA_SERVER_DEADT
   8           0         2          0  0.00%  0.00%  0.00%   0 AAA high-capacit
   9           0         2          0  0.00%  0.00%  0.00%   0 Serial Backgroun
  10           0    255598          0  0.00%  0.00%  0.00%   0 ENVM Background
  11           0     21298          0  0.00%  0.00%  0.00%   0 IPC Dynamic Cach
  12          56     21300          2  0.00%  0.00%  0.00%   0 PROCMIB LC Proce
  13           0         1          0  0.00%  0.00%  0.00%   0 IPC BackPressure
  14           0   1277836          0  0.00%  0.00%  0.00%   0 IPC Periodic Tim
  15           0   1277836          0  0.00%  0.00%  0.00%   0 IPC Deferred Por
  16           0        13          0  0.00%  0.00%  0.00%   0 IPC Seat Manager
  17           0         1          0  0.00%  0.00%  0.00%   0 SERIAL A'detect
  18        2820        39      72307  0.00%  0.00%  0.00%   0 SMART
  19           0         1          0  0.00%  0.00%  0.00%   0 Critical Bkgnd
  20           4    383354          0  0.00%  0.00%  0.00%   0 Net Background
  21           0        36          0  0.00%  0.00%  0.00%   0 Logger
  22           8   1277832          0  0.00%  0.00%  0.00%   0 TTY Background
  23           0   1277846          0  0.00%  0.00%  0.00%   0 Per-Second Jobs
  24           0     22041          0  0.00%  0.00%  0.00%   0 Per-minute Jobs
  25           0         2          0  0.00%  0.00%  0.00%   0 SCP Multicast
  26           0         1          0  0.00%  0.00%  0.00%   0 Inode Table Dest
  27           0         4          0  0.00%  0.00%  0.00%   0 LC to RP  defere
  28           8       428         18  0.00%  0.00%  0.00%   0 CWLC IFCOM Proce
  29           0         1          0  0.00%  0.00%  0.00%   0 IPC RTTYC Messag
  30           0         2          0  0.00%  0.00%  0.00%   0 INTR MGR PROCESS
  31           0         2          0  0.00%  0.00%  0.00%   0 EFC queue monito
  32           0         1          0  0.00%  0.00%  0.00%   0 LC interrupt, J1
  33           0         1          0  0.00%  0.00%  0.00%   0 SIP interrupt, P
  34           0         2          0  0.00%  0.00%  0.00%   0 SDCC Input
  35           0         1          0  0.00%  0.00%  0.00%   0 CWAN LTL manager
  36           0         8          0  0.00%  0.00%  0.00%   0 SIP SWBus Sync P
  37           0         1          0  0.00%  0.00%  0.00%   0 CWSLC Bus Stall
  38           0         1          0  0.00%  0.00%  0.00%   0 VIP Encap IPC Ba
  39           0         1          0  0.00%  0.00%  0.00%   0 CWPA Bridging Ra
  40           0    255568          0  0.00%  0.00%  0.00%   0 CPU Monitor
  41           0         1          0  0.00%  0.00%  0.00%   0 MLP Input
  42         592     42648         13  0.00%  0.00%  0.00%   0 SPA OIR 2/0
  43         644     42644         15  0.00%  0.00%  0.00%   0 SPA OIR 2/1
  44         572     42644         13  0.00%  0.00%  0.00%   0 SPA OIR 2/2
  45        1088     42697         25  0.00%  0.00%  0.00%   0 SPA OIR 2/3
  46           0         1          0  0.00%  0.00%  0.00%   0 LC FPD Upgrade P
  47           0         2          0  0.00%  0.00%  0.00%   0 AAA Dictionary R
  48           0         2          0  0.00%  0.00%  0.00%   0 AAA Server
  49           0         1          0  0.00%  0.00%  0.00%   0 AAA ACCT Proc
  50           0         1          0  0.00%  0.00%  0.00%   0 ACCT Periodic Pr
  51           0         2          0  0.00%  0.00%  0.00%   0 ATMLS task
  52           0    127785          0  0.00%  0.00%  0.00%   0 LC Process for u
  53           0         3          0  0.00%  0.00%  0.00%   0 IP Hdr Comp Proc
  54         140  12778349          0  0.00%  0.00%  0.00%   0 SSA FABLINK Proc
  55           0    255568          0  0.00%  0.00%  0.00%   0 HYP ACCU FAB COU
  56           0         1          0  0.00%  0.00%  0.00%   0 SCP async: CWAN-
  57           0         2          0  0.00%  0.00%  0.00%   0 CWTLC SSO Proces
  58        3272     85294         38  0.00%  0.00%  0.00%   0 SCP Hybrid proce
  59        1004  12717003          0  0.00%  0.00%  0.00%   0 CEF LC IPC Backg
  60           8   1653487          0  0.00%  0.00%  0.00%   0 CEF LC Stats
  61           0         1          0  0.00%  0.00%  0.00%   0 CEF MQC IPC Back
  62           0         1          0  0.00%  0.00%  0.00%   0 TFIB LC cleanup
  63           0         3          0  0.00%  0.00%  0.00%   0 Any Transport ov
  64           0         7          0  0.00%  0.00%  0.00%   0 HQF Shaper Backg
  65           8 319458609          0  0.00%  0.00%  0.00%   0 HQF Input Shaper
  66           0         2          0  0.00%  0.00%  0.00%   0 LOCAL AAA
  67           0         2          0  0.00%  0.00%  0.00%   0 AAA Cached Serve
  68           0     90366          0  0.00%  0.00%  0.00%   0 CEF Scanner
  69           0         3          0  0.00%  0.00%  0.00%   0 RADIUS TEST CMD
  70           0         2          0  0.00%  0.00%  0.00%   0 AAA SEND STOP EV
  71           0         4          0  0.00%  0.00%  0.00%   0 IPv6 CEF process
  72           0         1          0  0.00%  0.00%  0.00%   0 SONET alarm time
  73           0         1          0  0.00%  0.00%  0.00%   0 Net Input
  74           0    255571          0  0.00%  0.00%  0.00%   0 Compute load avg
  75          16        80        200  0.08%  0.00%  0.00%   1 console_rpc_serv

show hw-module slot tech-support

To display system information for a SPA interface processor (SIP) or other module to troubleshoot a problem, use the show hw-module slot tech-support command in privileged EXEC configuration mode. The command does not have a no form.

show hw-module slot slot tech-support [cpu {0 | 1}]

Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

cpu {0 | 1}

(Optional) Number of the CPU (0 or 1) for which you want to display data.


Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Use the show hw-module slot tech-support command to gather information about the SIP or other module to troubleshoot a problem. Certain error messages request that you gather this information and have it available when reporting a problem to Cisco Systems technical support personnel.

The show hw-module slot tech-support command runs a collection of different show commands to gather information about your system environment and configuration.

The number of CPUs available varies by the type of SIP. Although the Cisco 7600 SIP-200 has two CPUs, you can display alignment data for the first CPU (CPU 0) only.

Examples

The following example shows CPU utilization per process for the SIP installed in slot 5 of the router:

Router# show hw-module slot 5 tech-support

------------------ show version ------------------

Cisco Internetwork Operating System Software 
IOS (tm) cwlc Software (sip2-DW-M), Version 12.2(PIKESPEAK_INTEG_041013) INTERIM SOFTWARE
Synced to V122_18_S6, 12.2(18)S6 on v122_18_s_throttle, Weekly 12.2(18.6.4)SX
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2004 by cisco Systems, Inc.
Compiled Wed 13-Oct-04 06:55 by kchristi
Image text-base: 0x40010FC0, data-base: 0x40680000

ROM: System Bootstrap, Version 12.2(20040716:151531) [tawei-pike1 1.1dev(0.1)] DEVELOPMENT 
SOFTWARE
ROM: cwlc Software (sip2-DW-M), Version 12.2(PIKESPEAK_INTEG_041013) INTERIM SOFTWARE

SIP-400-5 uptime is 19 hours, 38 minutes
System returned to ROM by power-on
Running default software

cisco CWAN Modular Service Card (SIP-400) (SB-1) processor with 245760K/16383K bytes of 
memory.
SB-1 CPU at 400Mhz, Implementation 0x401, Rev 0.3, 256KB L2 Cache
Last reset from power-on
4 ATM network interface(s)

Configuration register is 0x0


------------------ show running-config ------------------


Building configuration...

Current configuration : 13 bytes
!
!
!
!
end


------------------ show stacks ------------------


Minimum process stacks:
 Free/Size   Name
 5080/6000   SCP Find Master process
 8448/12000  Init
 5528/6000   IPC Zone Manager
 5264/6000   SCP Hybrid Registration process
 4616/6000   IPC delayed init
 5056/6000   SIP2 FPD Process
 8120/12000  Exec
 6920/12000  console_rpc_server_action
 7536/12000  RFSS_server_action

Interrupt level stacks:
Level    Called Unused/Size  Name
  1           1   7896/9000  Level 1 Interrupt
  2      116555   6136/9000  Level 2 Interrupt
  3         289   7760/9000  Level 3 Interrupt
  4       24915   8392/9000  Level 4 Interrupt
  5          67   8424/9000  Level 5 Interrupt
  7    17683668   8568/9000  NMI Interrupt Handler

------------------ show interfaces ------------------


ATM5/0/0 is administratively down, line protocol is down 
  Hardware is SPA-4XOC3-ATM, address is 0000.0000.0000 (bia 0000.0000.0000)
  MTU 4470 bytes, sub MTU 0, BW 149760 Kbit, DLY 0 usec, 
     reliability 0/255, txload 1/255, rxload 1/255
  Encapsulation ATM, loopback not set
  Last input never, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts (0 IP multicast)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     0 packets output, 0 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 output buffer failures, 0 output buffers swapped out
ATM5/0/1 is administratively down, line protocol is down 
  Hardware is SPA-4XOC3-ATM, address is 0000.0000.0000 (bia 0000.0000.0000)
  MTU 4470 bytes, sub MTU 0, BW 149760 Kbit, DLY 0 usec, 
     reliability 0/255, txload 1/255, rxload 1/255
  Encapsulation ATM, loopback not set
  Last input never, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts (0 IP multicast)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     0 packets output, 0 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 output buffer failures, 0 output buffers swapped out
ATM5/0/2 is administratively down, line protocol is down 
  Hardware is SPA-4XOC3-ATM, address is 0000.0000.0000 (bia 0000.0000.0000)
  MTU 4470 bytes, sub MTU 0, BW 149760 Kbit, DLY 0 usec, 
     reliability 0/255, txload 1/255, rxload 1/255
  Encapsulation ATM, loopback not set
  Last input never, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts (0 IP multicast)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     0 packets output, 0 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 output buffer failures, 0 output buffers swapped out
ATM5/0/3 is administratively down, line protocol is down 
  Hardware is SPA-4XOC3-ATM, address is 0000.0000.0000 (bia 0000.0000.0000)
  MTU 4470 bytes, sub MTU 0, BW 149760 Kbit, DLY 0 usec, 
     reliability 0/255, txload 1/255, rxload 1/255
  Encapsulation ATM, loopback not set
  Last input never, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts (0 IP multicast)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     0 packets output, 0 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 output buffer failures, 0 output buffers swapped out

------------------ show controllers ------------------

Shared Port Adapter SPA-4XOC3-ATM[5/0]
 4xOC3 ATM SPA revision 1
SAR is Azanda Katana SAR/TM, rev B, manf_id 0x1B2, base 0xB8300000
 object     0x43D9DF90, port      0x43A332E8, list_elems 0x43A3C7D0
 hash_tbl   0x41EEF0A0, vc_tbl    0x4276C2F0, fid_tbl    0x441145A0
 shp_prof   0x42996990
 vc_count 0/16384 (curr/max), fid_count 12/65536 (curr/max), max_bids 1048576 
 Device level stats:
  s4p3_abort                 0  s4p3_pty_errs              0
  cor_ecc_errs               0  lut_pty_errs               0
  uncor_ecc_errs             0  hdrap_pty_errs             0
  mem_bad_errs               0
  pfq2mem_rels               0  null_rel                   0
  mem2pfq_rels               0  null_dq                    0
  mem_nq                     0  pre_pfq_drops              0
  dbs_dq_cnt                 0  post_pfq_drops             0
  no_fid_drops               0  tot_free_bufs        1048575
  bid_nulls                  0  bufs_inuse                 0
  sch_cells                  0  sch_cells_out              0
  sch_blocked                0  sch_eop                    0
  sch_empty                  0  cbwfq_merge_in             0
  cbwfq_merge_out            0
Backpressure status:
 SEG input FIFO: not full
             LUT    RAS    PFQ    DBS
            lo hi  lo hi  lo hi  lo hi
 Port 0 RX  -  -   -  -   -  -   -  -
 Port 0 TX  -  -   -  -   -  -   -  -
 Port 1 RX  -  -   -  -   -  -   -  -
 Port 1 TX  -  -   -  -   -  -   -  -
 Port 2 RX  -  -   -  -   -  -   -  -
 Port 2 TX  1  1   -  -   -  -   -  -
 Port 3 RX  -  -   -  -   -  -   -  -
 Port 3 TX  1  1   -  -   -  -   -  -
 Port 0 Stats:
  rx_paks                    0  tx_paks                    0
  rx_cells                   0  tx_cells                   0
  rx_bytes                   0  tx_bytes                   0
  pm_rx_paks                 0  pm_tx_paks                 0
  pm_rx_bytes                0  pm_tx_bytes                0
  rx_wred_tail_dr            0  tx_wred_tail_dr            0
  rx_wred_prob_dr            0  tx_wred_prob_dr            0
  rx_buf_thr_lo          62260  tx_buf_thr_lo         186778
  rx_bufs_inuse_l            0  tx_bufs_inuse_l            0
  rx_buf_thr_hi           3276  tx_buf_thr_hi           9830
  rx_bufs_inuse_h            0  tx_bufs_inuse_h            0
  rx_crc32_errs              0  rx_crc10_errs              0
  rx_no_vcd                  0
 Port 1 Stats:
  rx_paks                    0  tx_paks                    0
  rx_cells                   0  tx_cells                   0
  rx_bytes                   0  tx_bytes                   0
  pm_rx_paks                 0  pm_tx_paks                 0
  pm_rx_bytes                0  pm_tx_bytes                0
  rx_wred_tail_dr            0  tx_wred_tail_dr            0
  rx_wred_prob_dr            0  tx_wred_prob_dr            0
  rx_buf_thr_lo          62260  tx_buf_thr_lo         186778
  rx_bufs_inuse_l            0  tx_bufs_inuse_l            0
  rx_buf_thr_hi           3276  tx_buf_thr_hi           9830
  rx_bufs_inuse_h            0  tx_bufs_inuse_h            0
  rx_crc32_errs              0  rx_crc10_errs              0
  rx_no_vcd                  0
 Port 2 Stats:
  rx_paks                    0  tx_paks                    0
  rx_cells                   0  tx_cells                   0
  rx_bytes                   0  tx_bytes                   0
  pm_rx_paks                 0  pm_tx_paks                 0
  pm_rx_bytes                0  pm_tx_bytes                0
  rx_wred_tail_dr            0  tx_wred_tail_dr            0
  rx_wred_prob_dr            0  tx_wred_prob_dr            0
  rx_buf_thr_lo          62260  tx_buf_thr_lo         186778
  rx_bufs_inuse_l            0  tx_bufs_inuse_l            0
  rx_buf_thr_hi           3276  tx_buf_thr_hi           9830
  rx_bufs_inuse_h            0  tx_bufs_inuse_h            0
  rx_crc32_errs              0  rx_crc10_errs              0
  rx_no_vcd                  0
 Port 3 Stats:
  rx_paks                    0  tx_paks                    0
  rx_cells                   0  tx_cells                   0
  rx_bytes                   0  tx_bytes                   0
  pm_rx_paks                 0  pm_tx_paks                 0
  pm_rx_bytes                0  pm_tx_bytes                0
  rx_wred_tail_dr            0  tx_wred_tail_dr            0
  rx_wred_prob_dr            0  tx_wred_prob_dr            0
  rx_buf_thr_lo          62260  tx_buf_thr_lo         186778
  rx_bufs_inuse_l            0  tx_bufs_inuse_l            0
  rx_buf_thr_hi           3276  tx_buf_thr_hi           9830
  rx_bufs_inuse_h            0  tx_bufs_inuse_h            0
  rx_crc32_errs              0  rx_crc10_errs              0
  rx_no_vcd                  0
 Flow utilization summary
           blks  unsh  t_rt  t_lb  t_lf  rt_lf  shap  root  drain | Total
  # free : 24568 0     1023  8184  0     8191  15355 8191   0     | 65512
flow                 int     red dfl    queue size         sent          packet drops
 id   vcd  gqid use  prt dir pro clr curr  avg     max     paks    bufm  giant to/ab 
pl/crc
0001     0 0000 shap  1  tx   18  4      0     1   35940        0      0     0     0     0
0002     0 0000 shap  3  tx   18  4      0     1   35940        0      0     0     0     0
0003     0 0000 shap  5  tx   18  4      0     1   35940        0      0     0     0     0
0004     0 0000 shap  7  tx   18  4      0     1   35940        0      0     0     0     0
FFF8     0 0000 unsh 11  rx   18  4      0     1   35940        0      0     0     0     0
FFF9     0 0000 unsh 13  rx   18  4      0     1   35940        0      0     0     0     0
FFFA     0 0000 unsh 15  rx   18  4      0     1   35940        0      0     0     0     0
FFFB     0 0000 unsh 17  rx   18  4      0     1   35940        0      0     0     0     0
FFFC     0 0000 unsh 10  rx   21  0      0     1       0        0      0     0     0     0
FFFD     0 0000 unsh 12  rx   21  0      0     1       0        0      0     0     0     0
FFFE     0 0000 unsh 14  rx   21  0      0     1       0        0      0     0     0     0
FFFF     0 0000 unsh 16  rx   21  0      0     1       0        0      0     0     0     0
KATM FPGA: rev 0.90, base 0xB8000000, obj 0x42994748
            packets                cells                errors
port     rx         tx         rx         tx         rx         tx
 0           0          0          0          0          0          0
 1           0          0          0          0          0          0
 2           0          0          0          0          0          0
 3           0          0          0          0          0          0
PM5379 ATM Framer: Type:0, Rev:1, base 0xB8100000, obj 0x41EEA2B0
                    Cells                   CRC errs
port          rx               tx              rx
0             0                0               0
1             0                0               0
2             0                0               0
3             0                0               0

ATM5/0/0: 
        ID: SFP
        Extended ID: 4
        Xcvr Type: OC3 SR-1/STM1 MM (1)
        Connector: LC
        Vendor name: OCP             
        Product Identifier (PID): TRP-03BCS       
        State: Enabled

ATM5/0/0: 
Phased Initialization
        Phase Reached: 4
        Phase Exit Code: Success 0
        Phase Read Offset: 256

Socket Verification
        Compatibility: Compatibility passed
        Security: Security passed


------------------ show memory statistics ------------------


                Head    Total(b)     Used(b)     Free(b)   Lowest(b)  Largest(b)
Processor   4145B860   230311840   118715296   111596544   106212312    48534600
      I/O    F000000    16776736     3090304    13686432    13686432    13685880

------------------ show process memory ------------------


Total: 247088544, Used: 121805424, Free: 125283120
 PID TTY  Allocated      Freed    Holding    Getbufs    Retbufs Process
   0   0   17899632      57040   17017720          0          0 *Init*          
   0   0       1256     145000       1256          0          0 *Sched*         
   0   0          0          0          0          0          0 *Neutrino*      
   0   0    5233000    4617848     589152     606508          0 *Dead*          
   1   0          0          0       6968          0          0 Chunk Manager   
   2   0        192        192       3960          0          0 Load Meter      
   3   0          0          0       6960          0          0 SCP async: CWAN-
   4   0          0          0       6960          0          0 Check heaps     
   5   0      25984     169280       9584      15748      51748 Pool Manager    
   6   0        192        192       6960          0          0 Timers          
   7   0          0          0       6976          0          0 AAA_SERVER_DEADT
   8   0        192        192       6968          0          0 AAA high-capacit
   9   0        192        192       6960          0          0 Serial Backgroun
  10   0          0          0       6960          0          0 ENVM Background 
  11   0          0          0       6960          0          0 IPC Dynamic Cach
  12   0     145256        384      23968      31200          0 PROCMIB LC Proce
  13   0          0          0       6960          0          0 IPC BackPressure
  14   0       7040          0       6960          0          0 IPC Periodic Tim
  15   0          0          0       6968          0          0 IPC Deferred Por
  16   0     123536        352      25416      12756          0 IPC Seat Manager
  17   0          0          0       6960          0          0 SERIAL A'detect 
  18   0     992944     993024       6960          0          0 SMART           
  19   0          0          0       6960          0          0 Critical Bkgnd  
  20   0      14080          0      13120          0          0 Net Background  
  21   0        192        192      12960          0          0 Logger          
  22   0      26384        448       9960          0          0 TTY Background  
  23   0          0          0       6960          0          0 Per-Second Jobs 
  24   0          0          0       6960          0          0 Per-minute Jobs 
  25   0          0        152       6960          0          0 SCP Multicast   
  26   0          0          0       3960          0          0 Inode Table Dest
  27   0          0          0       6976          0          0 LC to RP  defere
  28   0        192        192       6960          0          0 CWLC IFCOM Proce
  29   0          0          0       6968          0          0 IPC RTTYC Messag
  30   0        192        192      12960          0          0 INTR MGR PROCESS
  31   0          0          0       6960          0          0 ixp_exmem_reuse_
  32   0      14456      14296       7120          0          0 spnpc_dowork    
  33   0          0          0       6960          0          0 Spi4 Timer      
  34   0          0          0       6968          0          0 LC interrupt, J1
  35   0          0          0       6976          0          0 SIP interrupt, P
  36   0          0          0      12960          0          0 SDCC Input      
  37   0        192        192      12960          0          0 SDCC Periodic   
  38   0        192        192      12960          0          0 SDCC IO         
  39   0          0          0       6960          0          0 CWAN LTL manager
  40   0          0          0       6960          0          0 msg_handler_proc
  41   0    2620112    2620112       6960          0          0 Cardmgr Periodic
  42   0          0          0       6960          0          0 SIP SWBus Sync P
  43   0          0          0       6960          0          0 NP doorbell proc
  44   0      10432       5344       6960       2268          0 CardMgr Events  
  45   0    1905448       3592    1787560          0          0 INP Reload      
  46   0          0          0       6960          0          0 ipc_handler_proc
  47   0          0          0       6960          0          0 NP doorbell proc
  48   0    2270440       2328    2158576       2268          0 ENP Reload      
  49   0          0          0       6960          0          0 ipc_handler_proc
  50   0          0          0       6960          0          0 SIP2 Bus Stall  
  51   0 1504729392 1504768488     200528          0          0 ifnpc_dowork    
  52   0          0          0       6960          0          0 hmi_dowork      
  53   0       7000       7000       6960          0          0 cwanlc_npc_dowor
  54   0          0          0       6968          0          0 VIP Encap IPC Ba
  55   0  554366168  457784816   96580296      12756          0 SPA OIR 5/0     
  56   0          0          0      12960          0          0 SPA OIR 5/1     
  57   0          0          0      12960          0          0 SPA OIR 5/2     
  58   0          0          0      12960          0          0 SPA OIR 5/3     
  59   0   27281752   27281752       6960          0          0 LC FPD Upgrade P
  60   0          0          0       6960          0          0 spa_env_monitor 
  61   0        192        192       6960          0          0 AAA Dictionary R
  62   0        192        192       6960          0          0 AAA Server      
  63   0          0          0       6960          0          0 AAA ACCT Proc   
  64   0          0          0       6960          0          0 ACCT Periodic Pr
  65   0        192        192       6960          0          0 ATMLS task      
  66   0          0          0       6968          0          0 AToM NP CLIENT B
  67   0          0          0       6968          0          0 TTFIB NP CLIENT 
  68   0          0          0       6960          0          0 SSA FABLINK Proc
  69   0          0          0       6968          0          0 HYP ACCU FAB COU
  70   0     327264          0     327264          0          0 CEF process     
  71   0        192        192       6960          0          0 CWTLC SSO Proces
  72   0        192        192       6960          0          0 SCP Hybrid proce
  73   0          0          0      12960          0          0 ATM NP CLIENT PR
  74   0          0          0      12968          0          0 BRIDGING NP CLIE
  75   0          0          0       6960          0          0 fr_npc_dowork   
  76   0        192        192       6968          0          0 fastblk backgrou
  77   0          0          0       6960          0          0 hnpc_dowork     
  78   0          0          0      12968          0          0 SIP2 BRIDGE PROC
  79   0        192        192      12960          0          0 QoS NP Client   
  80   0    2355016    1220392    2338776      12756          0 CEF LC IPC Backg
  81   0  112519984  111381200      72720          0          0 CEF LC Stats    
  82   0          0          0       6960          0          0 CEF MQC IPC Back
  83   0          0          0       6960          0          0 TFIB LC cleanup 
  84   0        192        192       6984          0          0 Any Transport ov
  85   0        192        192       6960          0          0 LOCAL AAA       
  86   0        192        192       6960          0          0 AAA Cached Serve
  87   0        192        192       6960          0          0 RADIUS TEST CMD 
  88   0        192        192       6960          0          0 AAA SEND STOP EV
  89   0        168          0       7128          0          0 CEF Scanner     
  90   0          0          0       6968          0          0 SIP ATM cmd hand
  91   0          0          0       6968          0          0 SONET alarm time
  92   0          0          0       6960          0          0 Net Input       
  93   0        192        192       6960          0          0 Compute load avg
  94   1      90632      89968      18392          0          0 console_rpc_serv
                                121804560 Total

------------------ show process cpu ------------------


CPU utilization for five seconds: 2%/0%; one minute: 2%; five minutes: 2%
 PID Runtime(ms)   Invoked      uSecs   5Sec   1Min   5Min TTY Process 
   1           0         1          0  0.00%  0.00%  0.00%   0 Chunk Manager    
   2           4     14151          0  0.00%  0.00%  0.00%   0 Load Meter       
   3           0         1          0  0.00%  0.00%  0.00%   0 SCP async: CWAN- 
   4        9816      7180       1367  0.16%  0.01%  0.00%   0 Check heaps      
   5           0        23          0  0.00%  0.00%  0.00%   0 Pool Manager     
   6           0         2          0  0.00%  0.00%  0.00%   0 Timers           
   7           0         1          0  0.00%  0.00%  0.00%   0 AAA_SERVER_DEADT 
   8           0         2          0  0.00%  0.00%  0.00%   0 AAA high-capacit 
   9           0         2          0  0.00%  0.00%  0.00%   0 Serial Backgroun 
  10         840     14179         59  0.00%  0.00%  0.00%   0 ENVM Background  
  11           0      1180          0  0.00%  0.00%  0.00%   0 IPC Dynamic Cach 
  12          72      1182         60  0.00%  0.00%  0.00%   0 PROCMIB LC Proce 
  13           0         1          0  0.00%  0.00%  0.00%   0 IPC BackPressure 
  14          36     70728          0  0.00%  0.00%  0.00%   0 IPC Periodic Tim 
  15          44     70728          0  0.00%  0.00%  0.00%   0 IPC Deferred Por 
  16          12        19        631  0.00%  0.00%  0.00%   0 IPC Seat Manager 
  17           0         1          0  0.00%  0.00%  0.00%   0 SERIAL A'detect  
  18        2956        38      77789  0.00%  0.00%  0.00%   0 SMART            
  19           0         1          0  0.00%  0.00%  0.00%   0 Critical Bkgnd   
  20          36     14355          2  0.00%  0.00%  0.00%   0 Net Background   
  21           0        61          0  0.00%  0.00%  0.00%   0 Logger           
  22         240     70728          3  0.00%  0.00%  0.00%   0 TTY Background   
  23     1387988    138571      10016  2.04%  1.01%  1.04%   0 Per-Second Jobs  
  24        4808      1218       3947  0.00%  0.01%  0.00%   0 Per-minute Jobs  
  25           0         2          0  0.00%  0.00%  0.00%   0 SCP Multicast    
  26           0         1          0  0.00%  0.00%  0.00%   0 Inode Table Dest 
  27           0         3          0  0.00%  0.00%  0.00%   0 LC to RP  defere 
  28           0        26          0  0.00%  0.00%  0.00%   0 CWLC IFCOM Proce 
  29           0         1          0  0.00%  0.00%  0.00%   0 IPC RTTYC Messag 
  30           0         2          0  0.00%  0.00%  0.00%   0 INTR MGR PROCESS 
  31           0        11          0  0.00%  0.00%  0.00%   0 ixp_exmem_reuse_ 
  32           4        62         64  0.00%  0.00%  0.00%   0 spnpc_dowork     
  33           0         1          0  0.00%  0.00%  0.00%   0 Spi4 Timer       
  34           0         1          0  0.00%  0.00%  0.00%   0 LC interrupt, J1 
  35           0         1          0  0.00%  0.00%  0.00%   0 SIP interrupt, P 
  36           0         1          0  0.00%  0.00%  0.00%   0 SDCC Input       
  37           0         2          0  0.00%  0.00%  0.00%   0 SDCC Periodic    
  38           0         2          0  0.00%  0.00%  0.00%   0 SDCC IO          
  39           0         1          0  0.00%  0.00%  0.00%   0 CWAN LTL manager 
  40        1208     14154         85  0.00%  0.00%  0.00%   0 msg_handler_proc 
  41         148     70730          2  0.00%  0.00%  0.00%   0 Cardmgr Periodic 
  42           0         6          0  0.00%  0.00%  0.00%   0 SIP SWBus Sync P 
  43           0         5          0  0.00%  0.00%  0.00%   0 NP doorbell proc 
  44           0         5          0  0.00%  0.00%  0.00%   0 CardMgr Events   
  45        1400        26      53846  0.00%  0.00%  0.00%   0 INP Reload       
  46           0       379          0  0.00%  0.00%  0.00%   0 ipc_handler_proc 
  47           0         5          0  0.00%  0.00%  0.00%   0 NP doorbell proc 
  48        2224        25      88960  0.00%  0.00%  0.00%   0 ENP Reload       
  49          16      1200         13  0.00%  0.00%  0.00%   0 ipc_handler_proc 
  50           0         1          0  0.00%  0.00%  0.00%   0 SIP2 Bus Stall   
  51      214912     53129       4045  0.00%  0.00%  0.00%   0 ifnpc_dowork     
  52           0         4          0  0.00%  0.00%  0.00%   0 hmi_dowork       
  53           0        31          0  0.00%  0.00%  0.00%   0 cwanlc_npc_dowor 
  54           0         1          0  0.00%  0.00%  0.00%   0 VIP Encap IPC Ba 
  55       18532    487255         38  0.00%  0.00%  0.00%   0 SPA OIR 5/0      
  56          84      2372         35  0.00%  0.00%  0.00%   0 SPA OIR 5/1      
  57          80      2368         33  0.00%  0.00%  0.00%   0 SPA OIR 5/2      
  58          84      2368         35  0.00%  0.00%  0.00%   0 SPA OIR 5/3      
  59        2432        32      76000  0.00%  0.00%  0.00%   0 LC FPD Upgrade P 
  60        3112    138447         22  0.00%  0.00%  0.00%   0 spa_env_monitor  
  61           0         2          0  0.00%  0.00%  0.00%   0 AAA Dictionary R 
  62           0         2          0  0.00%  0.00%  0.00%   0 AAA Server       
  63           0         1          0  0.00%  0.00%  0.00%   0 AAA ACCT Proc    
  64           0         1          0  0.00%  0.00%  0.00%   0 ACCT Periodic Pr 
  65           0         2          0  0.00%  0.00%  0.00%   0 ATMLS task       
  66           0      7185          0  0.00%  0.00%  0.00%   0 AToM NP CLIENT B 
  67          16      7185          2  0.00%  0.00%  0.00%   0 TTFIB NP CLIENT  
  68           8    707134          0  0.00%  0.00%  0.00%   0 SSA FABLINK Proc 
  69           0     14150          0  0.00%  0.00%  0.00%   0 HYP ACCU FAB COU 
  70        7140    103916         68  0.00%  0.00%  0.00%   0 CEF process      
  71           0         2          0  0.00%  0.00%  0.00%   0 CWTLC SSO Proces 
  72         328      4423         74  0.00%  0.00%  0.00%   0 SCP Hybrid proce 
  73           4     77777          0  0.00%  0.00%  0.00%   0 ATM NP CLIENT PR 
  74         324     70733          4  0.00%  0.00%  0.00%   0 BRIDGING NP CLIE 
  75          12      7182          1  0.00%  0.00%  0.00%   0 fr_npc_dowork    
  76           4    707140          0  0.00%  0.00%  0.00%   0 fastblk backgrou 
  77          40         2      20000  0.00%  0.00%  0.00%   0 hnpc_dowork      
  78           0         1          0  0.00%  0.00%  0.00%   0 SIP2 BRIDGE PROC 
  79         416      7079         58  0.00%  0.00%  0.00%   0 QoS NP Client    
  80        3300    726380          4  0.00%  0.00%  0.00%   0 CEF LC IPC Backg 
  81         628     93426          6  0.00%  0.00%  0.00%   0 CEF LC Stats     
  82           0         1          0  0.00%  0.00%  0.00%   0 CEF MQC IPC Back 
  83           0         1          0  0.00%  0.00%  0.00%   0 TFIB LC cleanup  
  84           0         2          0  0.00%  0.00%  0.00%   0 Any Transport ov 
  85           0         2          0  0.00%  0.00%  0.00%   0 LOCAL AAA        
  86           0         2          0  0.00%  0.00%  0.00%   0 AAA Cached Serve 
  87           0         3          0  0.00%  0.00%  0.00%   0 RADIUS TEST CMD  
  88           0         2          0  0.00%  0.00%  0.00%   0 AAA SEND STOP EV 
  89         128      5003         25  0.00%  0.00%  0.00%   0 CEF Scanner      
  90           0         1          0  0.00%  0.00%  0.00%   0 SIP ATM cmd hand 
  91           0         1          0  0.00%  0.00%  0.00%   0 SONET alarm time 
  92           0         1          0  0.00%  0.00%  0.00%   0 Net Input        
  93          16     14775          1  0.00%  0.00%  0.00%   0 Compute load avg 
  94          92       502        183  0.00%  0.09%  0.02%   1 console_rpc_serv

------------------ show process cpu history ------------------

     2222222223333322222222222222222222111112222222222222222222
100                                                            
 90                                                            
 80                                                            
 70                                                            
 60                                                            
 50                                                            
 40                                                            
 30                                                            
 20                                                            
 10                                                            
    0....5....1....1....2....2....3....3....4....4....5....5....
              0    5    0    5    0    5    0    5    0    5    

               CPU% per second (last 60 seconds)

                1           1 1  1                             
     2222222222332222222222242432432222222222222222222222222222
100                                                            
 90                                                            
 80                                                            
 70                                                            
 60                                                            
 50                                                            
 40                                                            
 30                                                            
 20                                                            
 10             *           * *  *                             
    0....5....1....1....2....2....3....3....4....4....5....5....
              0    5    0    5    0    5    0    5    0    5    

               CPU% per minute (last 60 minutes)
              * = maximum CPU%   # = average CPU%

     1                 9                                                   
     4222222222222222229                                                   
100                    *                                                   
 90                    *                                                   
 80                    *                                                   
 70                    *                                                   
 60                    *                                                   
 50                    *                                                   
 40                    *                                                   
 30                    *                                                   
 20                    *                                                   
 10  *                 *                                                   
    0....5....1....1....2....2....3....3....4....4....5....5....6....6....7.
              0    5    0    5    0    5    0    5    0    5    0    5    0 

                   CPU% per hour (last 72 hours)
                  * = maximum CPU%   # = average CPU%



------------------ show file systems ------------------


File Systems:

     Size(b)     Free(b)      Type  Flags  Prefixes
           -           -    opaque     rw   system:
           -           -    opaque     rw   null:
           -           -    opaque     ro   tar:
*   64097280    40606720      disk     rw   disk0:


------------------ show disk0: all ------------------

-#- --length-- -----date/time------ path

 number of file 8

 inode path is 1 idprom-oc12-atm-superspa 

 fullpath is disk0:/idprom-oc12-atm-superspa 
1         1152 Jun 09 2004 13:03:38 idprom-oc12-atm-superspa

 inode path is 2 idprom-4oc3-atm-superspa 

 fullpath is disk0:/idprom-4oc3-atm-superspa 
2         1152 Jun 09 2004 05:51:34 idprom-4oc3-atm-superspa

 inode path is 3 bonham_brd_rev2_rev19.hex 

 fullpath is disk0:/bonham_brd_rev2_rev19.hex 
3      2626407 Aug 24 2004 11:04:42 bonham_brd_rev2_rev19.hex

 inode path is 4 sip2-dw-mz.b2-testt 

 fullpath is disk0:/sip2-dw-mz.b2-testt 
4      5895640 Aug 26 2004 05:09:08 sip2-dw-mz.b2-testt

 inode path is 5 sip2-dw-mz.hp-depth 

 fullpath is disk0:/sip2-dw-mz.hp-depth 
5      5897476 Aug 12 2004 04:40:38 sip2-dw-mz.hp-depth

 inode path is 6 viking1.jbc 

 fullpath is disk0:/viking1.jbc 
6      2678150 Jun 09 2004 12:48:32 viking1.jbc

 inode path is 7 sip2-dw-mz.hpd 

 fullpath is disk0:/sip2-dw-mz.hpd 
7      5916716 Aug 25 2004 10:25:14 sip2-dw-mz.hpd

 inode path is 8 sip2iofpga_promlatest_rev78.hex 

 fullpath is disk0:/sip2iofpga_promlatest_rev78.hex 
8       468975 Aug 24 2004 10:56:54 sip2iofpga_promlatest_rev78.hex

40606720 bytes available (23490560 bytes used)

******** ATA Flash Card Geometry/Format Info ********

ATA CARD GEOMETRY
   Number of Heads:       4     
   Number of Cylinders    984   
   Sectors per Cylinder   32    
   Sector Size            512   
   Total Sectors          125952

ATA CARD FORMAT
   Number of FAT Sectors  246   
   Sectors Per Cluster    2     
   Number of Clusters     62595 
   Number of Data Sectors 125817
   Base Root Sector       595   
   Base FAT Sector        103   
   Base Data Sector       627   


------------------ show scp status ------------------


Rx 29169,  Tx 29165,  Sap 3  scp_my_addr 0x4
Id Sap      Channel name    current/peak/retry/dropped/total  time(queue/process/ack)
-- ---- ------------------- --------------------------------  ----------------------
0  0    SCP Unsolicited:0       0/    2/    0/      0/ 4421      0/   0/  76
1  23   SCP async: CWAN-NMP     0/    0/    0/      0/    0      0/   0/   0

------------------ show inventory ------------------



------------------ show region ------------------


Region Manager:

      Start         End     Size(b)  Class  Media  Name
 0x0F000000  0x0FFFFDFF    16776704  Iomem  R/W    iomem
 0x40000000  0x4EFFFFFF   251658240  Local  R/W    main
 0x40010FC0  0x4067FFE7     6746152  IText  R/O    main:text
 0x40680000  0x40CE977F     6723456  IData  R/W    main:data
 0x40CE9780  0x4145B85F     7807200  IBss   R/W    main:bss
 0x4145B860  0x4EFFFFFF   230311840  Local  R/W    main:heap
 0x80000000  0x8EFFFFFF   251658240  Local  R/W    main:(main_k0)
 0xA0000000  0xAEFFFFFF   251658240  Local  R/W    main:(main_k1)



------------------ show buffers ------------------


Buffer elements:
     500 in free list (500 max allowed)
     595460 hits, 0 misses, 0 created

Public buffer pools:
Small buffers, 104 bytes (total 37, permanent 25, peak 39 @ 19:39:17):
     35 in free list (20 min, 60 max allowed)
     310581 hits, 48 misses, 110 trims, 122 created
     0 failures (0 no memory)
Middle buffers, 600 bytes (total 15, permanent 15, peak 21 @ 19:39:19):
     14 in free list (10 min, 30 max allowed)
     20386 hits, 2 misses, 6 trims, 6 created
     0 failures (0 no memory)
Big buffers, 1536 bytes (total 6, permanent 5, peak 8 @ 19:39:21):
     6 in free list (5 min, 10 max allowed)
     16375 hits, 1 misses, 11 trims, 12 created
     0 failures (0 no memory)
VeryBig buffers, 4520 bytes (total 50, permanent 50):
     50 in free list (40 min, 300 max allowed)
     0 hits, 0 misses, 0 trims, 0 created
     0 failures (0 no memory)
Large buffers, 5024 bytes (total 0, permanent 0):
     0 in free list (0 min, 5 max allowed)
     0 hits, 0 misses, 0 trims, 0 created
     0 failures (0 no memory)
Huge buffers, 18024 bytes (total 1, permanent 1):
     1 in free list (0 min, 2 max allowed)
     0 hits, 0 misses, 0 trims, 0 created
     0 failures (0 no memory)

Interface buffer pools:
IPC buffers, 4096 bytes (total 85, permanent 16, peak 85 @ 00:00:36):
     12 in free list (10 min, 30 max allowed)
     251678 hits, 23 fallbacks, 0 trims, 69 created
     0 failures (0 no memory)

Header pools:
SDCC Packet Header buffers, 0 bytes (total 2048, permanent 2048):
     0 in free list (2048 min, 2048 max allowed)
     2048 hits, 0 misses
     2048 max cache size, 2048 in cache
     0 hits in cache, 0 misses in cache

Particle Clones:
     2048 clones, 0 hits, 0 misses

Public particle pools:
GLOBAL buffers, 512 bytes (total 862, permanent 862):
     0 in free list (0 min, 862 max allowed)
     862 hits, 0 misses
     862 max cache size, 862 in cache
     0 hits in cache, 0 misses in cache
COMM buffers, 512 bytes (total 32, permanent 32):
     0 in free list (0 min, 32 max allowed)
     32 hits, 0 misses
     32 max cache size, 32 in cache
     0 hits in cache, 0 misses in cache

Private particle pools:
SB-FIFO5/0/1 buffers, 512 bytes (total 1000, permanent 1000):
     0 in free list (0 min, 1000 max allowed)
     1000 hits, 0 fallbacks
     1000 max cache size, 744 in cache
     261 hits in cache, 0 misses in cache
     14 buffer threshold, 0 threshold transitions
EOBC0/0 buffers, 512 bytes (total 2000, permanent 2000):
     0 in free list (0 min, 2000 max allowed)
     2000 hits, 0 misses
     2000 max cache size, 1744 in cache
     79803 hits in cache, 0 misses in cache
     14 buffer threshold, 0 threshold transitions
Ingress ESF Engine buffers, 1028 bytes (total 21, permanent 21):
     0 in free list (21 min, 21 max allowed)
     21 hits, 0 misses
     21 max cache size, 0 in cache
     21 hits in cache, 0 misses in cache
Egress ESF Engine buffers, 1028 bytes (total 21, permanent 21):
     0 in free list (21 min, 21 max allowed)
     21 hits, 0 misses
     21 max cache size, 0 in cache
     21 hits in cache, 0 misses in cache



------------------ show platform hardware version ------------------


        Product Number: '7600-MSC-400'
        Baseboard Serial Number: 'SAD073101T6'
        Manufacturing Assembly Revision: 'A01'
        Baseboard Revision: 0.14
        Daughtercard Serial Number: ''
        CPU Manufacturer: 0x4 (Broadcom)
        CPU SOC Type: BCM1125H 400 Mhz rev 0x21 wafer 0x1
        CPU Revision: 0.3
        Super Santa Ana: 0x0
        PM PLD: 0x5
        IOFPGA version: 0x00051
               type:    0x0 format 0x2 loaded from Upgrade (C1) region
        ROMMON (major.minor.dev.build) = 1.1.0.1
        Bonham version: 0x019
               type:    rev2-or-higher-bb
        Gldfgr version: 0x10014
        Oddjob version: 0x10010
        Hyperion: 0x2
        Config PLD: 0x6
        Ingress ESF Engine          : Type 0.0 rev 0.2, 1400 MHz
                                      SRAM clocks: 140/200/200/200 MHz
                                      DRAM clock: 400 MHz
        Egress ESF Engine           : Type 0.0 rev 0.2, 1400 MHz
                                      SRAM clocks: 200/200/140/200 MHz
                                      DRAM clock: 400 MHz

------------------ show platform hardware iofpga ------------------


CPU base address:       0xB1000000
0000: type_and_version: 0x00000251
0004: global_intr_en:   0x100D1021
0008: global_intr_stat: 0x00000008
000C: reset_reason_reg: 0x00000001
0010: cpu_resets:       0x00000000
0014: device_reset:     0x00000040
0018: watchdog:         0x00003D96
001C: who_am_i:         0x00002200
0020: rommon_sel:       0x00000001
0024: led_reg:          0x0000001F
0028: iofpga_ctrl:      0x00000400
002C: earl_control:     0x0000000F
0030: iobus_intr_en:    0x0000000F
0034: iobus_intr_stat:  0x00000000
0038: iobus_deadman:    0x00000015
003C: iobus_last_addr:  0x00000000
0040: iobus_last_data:  0x00000000
0044: iobus_tran_stat:  0x00000000
0048: test_pins_reg:    0x00000000
0058: pld_jtag:         0xCAFEBABE

SIP2 base addr:   0xB1000400
0000: spa_ctrl:         0x00000923
0004: spa_intr_en:      0x7E07222F
0008: spa_intr_stat:    0x01000000
000C: spa_stat:         0x0000222C
0010: spabus_deadman:   0x0000002A
0014: spabus_tran_stat: 0x0800021C
0018: spabus_last_read: 0x00070001
001C: spabus_last_par:  0x00003531
0020: spa_test:         0xAB2B2B29
0024: spd_ctrl:         0x00000007
0028: scratchpad:       0x00000000
002C: ha_state:         0x00000001
0030: spa0_debounce:    0x0000000A
0034: spa1_debounce:    0x0000000A
0038: spa2_debounce:    0x0000000A
003C: spa3_debounce:    0x0000000A
0044: ha_sanity:        0x00000007
0040: spa_sonet_clk:    0x200AD500
0048: spa_sonet_clk_ie: 0x00000000
004C: spa_sonet_clk_is: 0x1FFFFFFC
0050: spa_sonet_clk_div[0]: 0x0000097E
0054: spa_sonet_clk_div[1]: 0x0000097E
0058: spa_sonet_clk_div[2]: 0x0000097E
005C: spa_sonet_clk_div[3]: 0x0000097E

show hw-module subslot fpd

To display the current versions of all field-programmable devices (FPDs) for a particular SPA or all of the active SPAs on a router, enter the show hw-module subslot fpd command in privileged EXEC configuration mode.

Cisco 7304 Router

show hw-module subslot [slot/subslot] fpd

Cisco 7600 Series Routers, Catalyst 6500 Series Switches, and Cisco 12000 Series Routers

show hw-module subslot {slot/subslot | all} fpd

Syntax Description

slot

Chassis slot number.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address" topic in the platform-specific SPA software configuration guide for subslot information.

all

Specifies display of FPD information for all SPAs in the system.

Note The all keyword is not supported for SPAs on the Cisco 7304 router.


Defaults

For the Cisco 7304 router, if no location is specified, the output for this command will show information for all supported card types on the router.

For the Cisco 7600 series routers, Catalyst 6500 series switches, and Cisco 12000 series routers, there is no default behavior or values.

For more information about FPD upgrades on shared port adapters (SPAs), refer to the Cisco 7600 Series Router SIP, SSC, and SPA Software Configuration Guide.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(20)S2

This command was introduced.

12.2(18)SXE

The all keyword was added in Cisco IOS Release 12.2(18)SXE on the Cisco 7600 series routers and Catalyst 6500 series switches.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S and introduced on Cisco 12000 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Other than the FPD version information, the output for this command may also contain useful FPD-related notes.

Cisco 7304 Router

The all keyword is not supported on the Cisco 7304 router. The slot/subslot arguments are optional, and if you do not specify them, the command displays FPD information for all supported card types on the router.

Cisco 7600 Series Routers, Catalyst 6500 Series Switches, and 12000 Series Routers

If you do not use the all keyword, then you must specify the slot/subslot arguments to select the location of a particular card. There is no default behavior for this command on the Cisco 7600 series routers.

Examples

Displaying FPD Information for a Particular SPA Example

This example shows the output when using the slot/subslot arguments to identify a particular SPA. This SPA meets the minimum FPD requirements with that particular Cisco IOS release:

Router# show hw-module subslot 4/0 fpd

==== ====================== ====== =============================================
                             H/W   Field Programmable   Current   Min. Required
Slot Card Description        Ver.  Device: "ID-Name"    Version      Version
==== ====================== ====== ================== =========== ==============
4/0 SPA-4XOC3-ATM           1.0   1-I/O FPGA             0.121       0.121    
==== ====================== ====== =============================================

Displaying FPD Information for all SPAs in the System Example

This example shows FPD image file versions for all SPAs in the system:

Router# show hw-module subslot all fpd

==== ====================== ====== =============================================
                             H/W   Field Programmable   Current   Min. Required
Slot Card Type               Ver.  Device: "ID-Name"    Version      Version
==== ====================== ====== ================== =========== ==============
 4/0 SPA-4XOC3-ATM           1.0   1-I/O FPGA             0.121       0.121    
---- ---------------------- ------ ------------------ ----------- --------------
 4/1 SPA-8XT1/E1             0.143 1-ROMMON               2.12        2.12     
                                   2-I/O FPGA             0.22        0.22     
---- ---------------------- ------ ------------------ ----------- --------------
 4/3 SPA-4XOC3-POS           0.100 1-I/O FPGA             3.4         3.4      
---- ---------------------- ------ ------------------ ----------- --------------
 7/0 SPA-8XCHT1/E1           0.117 1-ROMMON               2.12        2.12     
                                   2-I/O FPGA             0.22        0.22     
---- ---------------------- ------ ------------------ ----------- --------------
 7/1 SPA-4XOC3-ATM           0.205 1-I/O FPGA             0.121       0.121    
==== ====================== ====== =============================================

Displaying Information for all SPAs in the System Example (Cisco 7304 only)

The all keyword is not supported on the Cisco 7304 router.

To display all FPD image file versions for all SPAs on a Cisco 7304 router, enter the show hw-module subslot fpd command without specifying a slot and subslot. The following example shows all FPD image file versions on a Cisco 7304 router:

Router# show hw-module subslot fpd

==== ====================== ====== =============================================
                             H/W   Field Programmable   Current   Min. Required
Slot Card Description        Ver.  Device:"ID-Name"     Version      Version
==== ====================== ====== ================== =========== ==============
 2/0 SPA-4FE-7304            0.32  1-Data & I/O FPGA      4.13        4.13     
---- ---------------------- ------ ------------------ ----------- --------------
 2/1 SPA-2GE-7304            0.15  1-Data & I/O FPGA      4.13        4.13     

==== ====================== ====== =============================================

Related Commands

Command
Description

show hw-module all fpd

Displays the current versions of all FPDs for all of the supported card types on a router.

show hw-module slot fpd

Displays the current versions of all FPDs for a SIP in the specified slot location on a router, and for all of the SPAs installed in that SIP.


show hw-module subslot oir

To display the operational status of a shared port adapter (SPA), use the show hw-module subslot oir command in privileged EXEC configuration mode.

show hw-module subslot {slot/subslot | all} oir [internal]

Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

all

Displays OIR status for all supported card types in the system.

internal

(Optional) Displays detailed diagnostic information. This option is intended for internal diagnostic use with Cisco Systems technical support personnel.


Defaults

No default behavior or values

If no location is specified, the output for this command will show information for all SPAs in the router.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(25)S3

This command was introduced.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.


Usage Guidelines

Use the show hw-module subslot oir command to obtain operational status information about one or all SPAs. To display information for a specific SPA, specify the slot number of the SIP and the subslot number of the SPA about which you want information. To display information for all SPAs in the router, do not specify the slot/subslot arguments and use the all keyword.

The optional internal keyword displays detailed diagnostic information that is recommended only for use with Cisco Systems technical support personnel.


Note The following status descriptions are not applicable to every SPA and can be platform-specific.


Examples

The following example shows the operational status of all of the SPAs installed in a router where two of the SPAs are in an out-of-service condition:

Router# show hw-module subslot all oir
Module         Model              Operational Status
-------------- ------------------ -------------------------
subslot 4/0    SPA-4XOC3-POS      booting
subslot 4/1    SPA-4XOC3-ATM      out of service(FPD upgrade failed)
subslot 4/2    SPA-4XOC3-POS      ok
subslot 4/3    SPA-1XTENGE-XFP    out of service(SPA unrecognized)

Table 40-8 describes the possible values for the Operational Status field in the output.

Table 40-8 Operational Status Field Descriptions 

Operational Status
Description

admin down

SPA is administratively disabled by the hw-module subslot shutdown global configuration command.

booting

SPA is initializing.

missing

SPA is not present in the SIP subslot.

ok

SPA is operational.

out of service (reason)

The SPA is out of service for one of the following reasons:

Note The following reasons are not applicable to every SPA and can be platform-specific.

Analyze failed—Failed to create a SPA data structure, most likely due to a memory allocation problem.

Authentication failed—SPA has failed hardware validation.

Data structure create error—Failed to create a SPA data structure, most likely due to a memory allocation problem.

Event corrupt—A SPA online insertion and removal (OIR) event has been corrupted. This could be caused by a corrupted message between the SIP and the route processor (RP) or some other software or hardware problem.

Event sequence error—A SPA OIR event was received out of sequence. This could be caused by a corrupted message between the SIP and the route processor (RP) or some other software or hardware problem.

Fail code not set—Failure code could not be read from a SPA OIR event message. This could be caused by a corrupted message between the SIP and the RP or some other software or hardware problem.

Failed too many times—SPA is disabled because it has failed more than the allowable limit on the platform.

FPD upgrade failed—A field-programmable device, such as the Field-Programmable Gate Array (FPGA), failed to automatically upgrade.

H/W signal deasserted—The SPA_OK or PWR_OK hardware signal indicating that the SPA is accessible are no longer asserted.

Heartbeat failed—Occurs when intelligent SPAs encounter heartbeat failures.

Incompatible FPD—An FPGA version mismatch with the Cisco IOS software has been detected for the SPA.

out of service (reason)—CONTINUED

Init timeout—Time limit has been reached during initialization of a SPA.

Read SPA type failed—A read from the hardware for the SPA type failed.

Reload request—SPA reload is in progress from the hw-module subslot reload command.

SPA h/w error—The SPA software driver has detected a hardware error.

SPA ready timeout—A timeout ocurred on the RP while waiting for the SPA to become operational.

SPA type mismatch—Occurs when you have pre-configured a SPA of one type, but have inserted a SPA of a different type.

Note This reason code only applies to those platforms that support pre-configuration. This is not applicable to a Cisco 7600 series router or Catalyst 6500 series switch.

SPA unrecognized—SPA is not supported by the Cisco IOS software release.

Start failed—Failed to start interfaces on SPA.

Unexpected inserted event—The SPA OIR software has received a SPA insertion event when the OIR software considered the SPA already present.

Wait h/w ok timeout—A timeout occurred while waiting for the SPA_OK and PWR_OK hardware signals to be asserted.

Wait start timeout—A timeout occurred on the SIP while waiting for permission from the RP to bring up the SPA.

stopped

SPA has been gracefully deactivated using the hw-module subslot stop privileged EXEC command on the Cisco 7304 router.


The following example shows the operational status of all of the SPAs installed in a router where all SPAs are running successfully:

Router# show hw-module subslot all oir 
Module        Model                Operational Status
------------- -------------------- ------------------------
subslot 1/1   SPA-2XOC3-ATM        ok
subslot 4/0   SPA-2XT3/E3          ok
subslot 4/1   SPA-4XOC3-POS        ok
subslot 4/2   SPA-8XCHT1/E1        ok

The following example shows sample output when using the optional internal keyword:

Router# show hw-module subslot 4/0 oir internal
WARNING: This command is not intended for production use
and should only be used under the supervision of
Cisco Systems technical support personnel.

sm(spa_oir_tsm subslot 4/0 TSM), running yes, state ready
Admin Status: admin enabled,  Operational Status: ok(1)
Last reset Reason: manual
TSM Context:
    configured_spa_type 0x483
    soft remove fail code 0x0(none)
    last_fail_code 0x110E(SPA unrecognized)
    fail_count 0
    timed_fail_count 0, failed_spa_type 0x483
    recovery_action 6
    associated_fail_code 0x110E(SPA unrecognized)
    sequence numbers: next from tsm 4, last to tsm 2
    flags 0x0
Subslot:
    spa type 0x483, active spa type 0x483
    subslot flags 0x0, plugin flags 0x0
TSM Parameters:
    wait_psm_ready_timeout 360000 ms, init_timeout 240000 ms
    short_recovery_delay 5000 ms, long_recovery_delay 120000 ms
    ok_up_time 1200000 ms, bad_fail_count 10
    fail_time_period 600000 ms, max_fail_count 5
    does not support pre-configuration
SPA OIR state machine audit statistics
                In-sync poll-count  qry-fail resp-fail  restarts fail-count
subslot 4/0         yes          1         0         0         0          0

Related Commands

Command
Description

hw-module subslot reload

Restarts a SPA and its interfaces.

hw-module subslot shutdown

Shuts down a SPA with or without power.


show hw-module subslot transceiver

To display the information about an optical transceiver installed in a shared port adapter (SPA), use the show hw-module subslot transceiver command in privileged EXEC configuration mode. The command does not have a no form.

show hw-module subslot slot/subslot transceiver port {idprom [brief | detail | dump] | status}

Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

port

Port or interface number.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

idprom

Displays detailed hardware information for the specified transceiver.

brief

(Optional) Displays summary hardware information for the specified transceiver.

detail

(Optional) Displays detailed hardware information for the specified transceiver.

dump

(Optional) Displays register information for the specified transceiver.

status

Displays operational status for the specified transceiver.


Defaults

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(18)SXE

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Use the show hw-module subslot transceiver command to obtain hardware information or operational status for optical devices installed in a SPA.

Cisco Systems qualifies the small form-factor pluggable (SFP) optics that can be used with SPAs.


Note The SPAs will only accept the SFP modules listed as supported in this document. An SFP check is run every time an SFP is inserted into a SPA and only SFP modules that pass this check will be usable.


If a transceiver has not been qualified by Cisco Systems for use with a SPA, the show hw-module subslot transceiver status command reports the following message:

The transceiver in slot 4 subslot 0 port 2
  is not a Cisco supplied component. In the current configuration
  third party transceivers are not serviced.

If a transceiver has not been qualified by Cisco Systems for use with a SPA, the show hw-module subslot transceiver idprom command reports the following message:

Transceiver is not a Cisco supplied part: the system cannot read the IDPROM

Examples

Example of the show hw-module subslot transceiver idprom Command for an OC-3 Transceiver

The following example shows hardware IDPROM information for an OC-3, short reach, multimode transceiver installed in the first interface port (0) of the SPA located in subslot 2 of the SIP installed in chassis slot 7:

Router# show hw-module subslot 7/2 transceiver 0 idprom 
IDPROM for transceiver POS7/2/0:
  Description                               = SFP optics (type 3)
  Transceiver Type:                         = OC3 SR-1/STM1 MM (1)
  Product Indentifier (PID)                 = TRP-03BCS       
  Vendor Revision                           =   
  Serial Number (SN)                        = 2169298         
  Vendor Name                               = OCP             
  Vendor OUI (IEEE company ID)              = 00.00.00 (0)
  Device State                              = Enabled.
  CLEI code                                 = ^@^@^Cc#}0^Ll5
  Cisco part number                         = hc?z^B<@^E^R^@
  Date code (yy/mm/dd)                      = 03/04/21
  Connector type                            = LC.
  Encoding                                  = 8B10B
                                              4b5b
                                              NRZ
  Nominal bitrate                           = OC3/STM1 (200 Mbits/s)
  Minimum bit rate as % of nominal bit rate = 68 % of 200 Mbits/s
  Maximum bit rate as % of nominal bit rate = 71 % of 200 Mbits/s

Example of the show hw-module subslot transceiver idprom Command for an OC-12 Transceiver

The following example shows hardware IDPROM information for an OC-12, short reach, multimode transceiver installed in the first interface port (0) of the SPA located in subslot 0 of the SIP installed in chassis slot 7:

Router# show hw-module subslot 7/0 transceiver 0 idprom 
IDPROM for transceiver POS7/0/0:
  Description                               = SFP optics (type 3)
  Transceiver Type:                         = OC12 SR-1/STM4 MM (8)
  Product Indentifier (PID)                 = TRP-12BCS       
  Vendor Revision                           =   
  Serial Number (SN)                        = 2177091         
  Vendor Name                               = OCP             
  Vendor OUI (IEEE company ID)              = 00.00.00 (0)
  Device State                              = Enabled.
  CLEI code                                 = ^@^@^CdZ+{N^\^X
  Cisco part number                         = pk:c^F^K^@
  Date code (yy/mm/dd)                      = 03/05/07
  Connector type                            = LC.
  Encoding                                  = 8B10B
                                              4b5b
                                              NRZ
  Nominal bitrate                           = OC12/STM4 (600 Mbits/s)
  Minimum bit rate as % of nominal bit rate = 92 % of 600 Mbits/s
  Maximum bit rate as % of nominal bit rate = 13 % of 600 Mbits/s

Example of the show hw-module subslot transceiver idprom brief Command

The following example shows the operational status of the transceiver installed in the first interface port (0) of the SPA located in subslot 2 of the SIP installed in chassis slot 3:

Router# show hw-module subslot 3/2 transceiver 0 idprom brief
IDPROM for transceiver POS3/2/0:
  Description                               = SFP optics (type 3)
  Transceiver Type:                         = OC12 SR-1/STM4 MM (8)
  Product Indentifier (PID)                 = TRP-12BCS       
  Vendor Revision                           =   
  Serial Number (SN)                        = 2569567         
  Vendor Name                               = CISCO-OCP       
  Vendor OUI (IEEE company ID)              = 00.00.00 (0)
  Device State                              = Enabled.
  CLEI code                                 = ^@^@^C4]  ^@T(.
  Cisco part number                         = T^W;L^YkcQ7^@
  Date code (yy/mm/dd)                      = 04/03/24
  Connector type                            = LC.
  Encoding                                  = 8B10B
                                              4b5b
                                              NRZ
  Nominal bitrate                           = OC12/STM4 (600 Mbits/s)
  Minimum bit rate as % of nominal bit rate = 92 % of 600 Mbits/s
  Maximum bit rate as % of nominal bit rate = 13 % of 600 Mbits/s

Example of the show hw-module subslot transceiver idprom detail Command

The following example shows the detail form of the command for the transceiver installed in the sixth interface port (5) of the SPA located in subslot 0 of the SIP installed in chassis slot 4:

Router# show hw-module subslot 4/0 transceiver 5 idprom detail 
IDPROM for transceiver GigabitEthernet4/0/6:
  Description                               = SFP optics (type 3)
  Transceiver Type:                         = GE SX (19)
  Product Indentifier (PID)                 = FTRJ8519P1BNL-C3
  Vendor Revision                           = A1
  Serial Number (SN)                        = FNS0821K2J5     
  Vendor Name                               = CISCO-FINISAR   
  Vendor OUI (IEEE company ID)              = 00.90.65 (36965)
  CLEI code                                 = CNUIAAMAAA
  Cisco part number                         = 10-1954-01
  Device State                              = Enabled.
  Date code (yy/mm/dd)                      = 04/05/19
  Connector type                            = LC.
  Encoding                                  = 8B10B
                                              NRZ
  Nominal bitrate                           = 2xFC (2100 Mbits/s)
  Minimum bit rate as % of nominal bit rate = not specified
  Maximum bit rate as % of nominal bit rate = not specified
  Link reach for 9u fiber (km)              = SX(550/270m) (0)
                                              1xFC-MM(500/300m) (0)
                                              2xFC-MM(300/150m) (0)
                                              ESCON-MM(2km) (0)
  Link reach for 9u fiber (m)               = SX(550/270m) (0)
                                              1xFC-MM(500/300m) (0)
                                              2xFC-MM(300/150m) (0)
                                              ESCON-MM(2km) (0)
  Link reach for 50u fiber (m)              = 2xFC-MM(300/150m) (30)
  Link reach for 62.5u fiber (m)            = 2xFC-MM(300/150m) (15)
  Nominal laser wavelength                  = 850 nm.
  DWDM wavelength fraction                  = 850.0  nm.
  Supported options                         = Tx disable
                                              Tx fault signal
                                              Loss of signal (standard implementation)
  Supported enhanced options                = Alarms for monitored parameters
  Diagnostic monitoring                     = Digital diagnostics supported
                                              Diagnostics are externally calibrated
                                              Rx power measured is "Averagepower"
  Transceiver temperature operating range   = -5 C to 85 C (extended)
  Minimum operating temperature             = -20 C
  Maximum operating temperature             = 90 C
  High temperature alarm threshold          = +109.000 C
  High temperature warning threshold        = +103.000 C
  Low temperature warning threshold         =  -13.000 C
  Low temperature  alarm threshold          =  -29.000 C
  High voltage alarm threshold              = 3.9000 Volts
  High voltage warning threshold            = 3.7000 Volts
  Low voltage warning threshold             = 2.9000 Volts
  Low voltage alarm threshold               = 2.7000 Volts
  High laser bias current alarm threshold   = 15.000 mAmps
  High laser bias current warning threshold = 12.000 mAmps
  Low laser bias current warning threshold  = 2.000 mAmps
  Low laser bias current alarm threshold    = 1.000 mAmps
  High transmit power alarm threshold       = 0.7424 mWatts
  High transmit power warning threshold     = 0.7424 mWatts
  Low transmit power warning threshold      = 0.959 mWatts
  Low transmit power alarm threshold        = 0.619 mWatts
  High receive power alarm threshold        = 5.9324 mWatts
  High receive power warning threshold      = 3.7416 mWatts
  Low receive power warning threshold       = 0.751 mWatts
  Low receive power alarm threshold         = 0.478 mWatts
  External Calibration constant: Rx power4  = 0.000
  External Calibration constant: Rx power3  = 0.000
  External Calibration constant: Rx power2  = 0.000
  External Calibration constant: Rx power1  = 0.212
  External Calibration constant: Rx power0  = -1.4294966868
  External Calibration: bias current slope  = 1.000
  External Calibration: bias current offset = 0

Example of the show hw-module subslot transceiver status Command

The following example shows the operational status of the transceiver installed in the third interface port (2) of the SPA located in subslot 0 of the SIP installed in chassis slot 4:

Router# show hw-module subslot 4/0 transceiver 2 status 
The Transceiver in slot 4 subslot 0 port 2 is enabled.
  Module temperature                = +41.617 C
  Transceiver Tx supply voltage     = 3292.0 uVolts
  Transceiver Tx bias current       = 4840 uAmps
  Transceiver Tx power              = 349.2 uWatts
  Transceiver Rx optical power      = 0.5 uWatts

show idprom

To display the identification programmable read-only memory (IDPROM) information for field-replaceable units (FRUs), use the show idprom command in privileged EXEC configuration mode. The command does not have a no form.

show idprom {all | frutype} [detail]

Syntax Description

all

Displays the information for all FRU types.

frutype

Type of FRU for information to be displayed; see the "Usage Guidelines" section for valid values.

detail

(Optional) Displays the detailed display of IDPROM data (verbose).


Defaults

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.2(14)SX

This command was introduced on the Supervisor Engine 720.

12.2(17d)SXB

This command was extended to Cisco IOS release12.2SX on the Supervisor Engine 2.

12.2(18)SXE

This command was modified in Cisco IOS release 12.2(18)SXE. The module keyword is modified to support slot/subslot addressing for SIPs and SPAs, and adds the optional clei keyword. The interface keyword has been replaced by the transceiver keyword.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Usage Guidelines

Valid entries for frutype are as follows:

backplane

clock number—1 and 2.

earl slot—See the following paragraph for valid values.

module slot/port | {slot | slot/subslot [clei] }—See the following paragraph for valid values and description.

rp slot—See the following paragraph for valid values.

power-supply—1 and 2.

supervisor slot—See the following paragraph for valid values.

transceiver {slot/subslot/port | slot/subslot [GigabitEthernet | GigabitEthernetWAN]}

vtt number—1 to 3.

The module slot/port argument designates the module slot location and port number.

Valid values for slot depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48.

The module {slot | slot/subslot [clei]} syntax designates either the slot location alone of the SIP in the chassis ( to show information for the SIP only), or the slot location of the SIP and the subslot location of a SPA installed within the SIP ( to display information for a SPA only). Valid values for slot depend on the chassis model (2-13), and valid values for subslot depend on the SIP type (such as 0-3 for a Cisco 7600 SIP-200 and Cisco 7600 SIP-400). The optional clei keyword specifies display of the Common Language Equipment Identification (CLEI) information for the specified SIP or SPA.

Use the show idprom backplane command to display the chassis serial number.

Use the transceiver slot/subslot/port command to display information for transceivers installed in a SPA, where slot designates the location of the SIP, subslot designates the location of the SPA, and port designates the interface number.

The interface interface slot keyword and arguments supported on GBIC security-enabled interfaces has been replaced by the transceiver keyword option:

To specify LAN Gigabit Ethernet interfaces, use the show idprom transceiver slot/subslot GigabitEthernet form of the command.

To specify WAN Gigabit Ethernet interfaces, use the show idprom transceiver slot/subslot GigabitEthernetWAN form of the command.

Examples

The following example shows sample output for a Cisco 7600 SIP-400 installed in slot 3 of the router:

Router# show idprom module 2
IDPROM for module #3
  (FRU is '4-subslot SPA Interface Processor-400')
  OEM String = 'Cisco Systems'
  Product Number = '7600-SIP-400'
  Serial Number = 'JAB0851042X'
  Manufacturing Assembly Number = '73-8404-10'
  Manufacturing Assembly Revision = '09'
  Hardware Revision = 0.95
  Current supplied (+) or consumed (-) = -6.31A

The following example shows sample output for the clei form of the command on a Cisco 7600 SIP-200 installed in slot 2 of the router:

Router# show idprom module 2 clei
FRU             PID                  VID SN          CLEI
--------------- -------------------- --- ----------- ----------
module #2       7600-SIP-200         V01

The following example shows sample output for the detail form of the command on a Cisco 7600 SIP-400 installed in slot 3 of the router:

Router# show idprom module 3 detail
IDPROM for module #3
IDPROM image:

  (FRU is '4-subslot SPA Interface Processor-400')

IDPROM image block #0:

  block-signature = 0xABAB, block-version = 3,
  block-length = 160, block-checksum = 4600

  *** common-block ***
  IDPROM capacity (bytes) = 512  IDPROM block-count = 2 
  FRU type = (0x6003,1103)
  OEM String = 'Cisco Systems'
  Product Number = '7600-SIP-400'
  Serial Number = 'JAB0851042X'
  Manufacturing Assembly Number = '73-8404-10'
  Manufacturing Assembly Revision = '09'
  Manufacturing Assembly Deviation = '00'
  Hardware Revision = 0.95
  Manufacturing bits = 0x0  Engineering bits = 0x0
  SNMP OID = 9.5.1.3.1.1.2.1103
  Power Consumption = -631 centiamperes    RMA failure code = 0-0-0-0 
  CLEI =  
  VID =  
  *** end of common block ***

IDPROM image block #1:

  block-signature = 0x6003, block-version = 2,
  block-length = 103, block-checksum = 2556

  *** linecard specific block ***
  feature-bits =   00000000 00000000
  hardware-changes-bits =   00000000 00000000
  card index = 158
  mac base = 0012.4310.D840
  mac_len = 128
  num_processors = 1
  epld_num = 0
  epld_versions = 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 
0000 
  port numbers:
    pair #0: type=00, count=00
    pair #1: type=00, count=00
    pair #2: type=00, count=00
    pair #3: type=00, count=00
    pair #4: type=00, count=00
    pair #5: type=00, count=00
    pair #6: type=00, count=00
    pair #7: type=00, count=00
  sram_size = 0
  sensor_thresholds =  
    sensor #0: critical = 75 oC, warning = 60 oC
    sensor #1: critical = 70 oC, warning = 55 oC
    sensor #2: critical = 80 oC, warning = 65 oC
    sensor #3: critical = 75 oC, warning = 60 oC
    sensor #4: critical = -128 oC (sensor not present), warning = -128 oC (sensor not 
present)
    sensor #5: critical = -128 oC (sensor not present), warning = -128 oC (sensor not 
present)
    sensor #6: critical = -128 oC (sensor not present), warning = -128 oC (sensor not 
present)
    sensor #7: critical = -128 oC (sensor not present), warning = -128 oC (sensor not 
present)
  max_connector_power = 3600
  cooling_requirement = 35
  ambient_temp = 55
  *** end of linecard specific block ***
End of IDPROM image

The following example shows sample output for a 4-Port OC-3c/STM-1 ATM SPA installed in subslot 0 of the SIP installed in slot 5 of the router:

Router# show idprom module 5/0
IDPROM for SPA module #5/0
        (FRU is '4-port OC3/STM1 ATM Shared Port Adapter')
        Product Identifier (PID) : SPA-4XOC3-ATM
        Version Identifier (VID) : V01
        PCB Serial Number        : PRTA2604138
        Top Assy. Part Number    : 68-2177-01
        73/68 Board Revision     : 05
        73/68 Board Revision     : 01
        Hardware Revision        : 0.224
        CLEI Code                : UNASSIGNED

The following example shows sample output for the clei form of the command for a 4-Port OC-3c/STM-1 POS SPA installed in subslot 3 of the SIP installed in slot 2 of the router:

Router# show idprom module 2/3 clei
FRU             PID                  VID SN          CLEI
--------------- -------------------- --- ----------- ----------
SPA module #2/3 SPA-4XOC3-POS        V01 PRTA0304155 UNASSIGNED

The following example shows sample output for the detail form of the command for a 4-Port OC-3c/STM-1 POS SPA installed in subslot 3 of the SIP installed in slot 2 of the router:

Router# show idprom module 2/3 detail
IDPROM for SPA module #2/3
        (FRU is '4-port OC3/STM1 POS Shared Port Adapter')
        EEPROM version           : 4
        Compatible Type          : 0xFF
        Controller Type          : 1088
        Hardware Revision        : 0.230
        Boot Timeout             : 0 msecs
        PCB Serial Number        : PRTA0304155
        Part Number              : 73-9313-02
        73/68 Board Revision     : 04
        Fab Version              : 02
        RMA Test History         : 00
        RMA Number               : 0-0-0-0
        RMA History              : 00
        Deviation Number         : 0
        Product Identifier (PID) : SPA-4XOC3-POS
        Version Identifier (VID) : V01
        Top Assy. Part Number    : 68-2169-01
        73/68 Board Revision     : 10
        System Clock Frequency   : 00 00 00 00 00 00 00 00
                                   00 00 00 00 00
        CLEI Code                : UNASSIGNED
        Base MAC Address         : 00 00 00 00 00 00
        MAC Address block size   : 0
        Manufacturing Test Data  : 00 00 00 00 00 00 00 00
        Field Diagnostics Data   : 00 00 00 00 00 00 00 00
        Calibration Data         : Minimum: 0 dBmV, Maximum: 0 dBmV
              Calibration values :
        Power Consumption        : 16200 mWatts (Maximum)
        Environment Monitor Data : 01 08 F6 48 43 34 F6 48
                                   43 34 02 31 0C E4 46 32
                                   28 13 07 09 C4 46 32 28
                                   13 07 00 00 00 00 00 00
                                   00 05 DC 46 32 28 13 07
                                   00 00 00 00 00 00 00 00
                                   00 00 00 00 00 00 00 00
                                   00 00 00 00 00 FE 02 00
                                   00
        Asset ID                 :
        Asset Alias              :

show interfaces

To display statistics for all interfaces configured on the router or access server, use the show interfaces command in privileged EXEC mode. The resulting output varies, depending on the network for which an interface has been configured.

Cisco 2500 Series, Cisco 2600 Series, Cisco 4700 Series, and Cisco 7000 Series

show interfaces [type number] [first