lease through renew dhcp

lease

To configure the duration of the lease for an IP address that is assigned from a Cisco IOS Dynamic Host Configuration Protocol (DHCP) server to a DHCP client, use the lease command in DHCP pool configuration mode. To restore the default value, use the no form of this command.

lease {days [hours [minutes] ] | infinite}

no lease

Syntax Description

days

Specifies the duration of the lease in numbers of days.

hours

(Optional) Specifies the number of hours in the lease. A days value must be supplied before you can configure an hours value.

minutes

(Optional) Specifies the number of minutes in the lease. A days value and an hours value must be supplied before you can configure a minutes value.

infinite

Specifies that the duration of the lease is unlimited.

Command Default

1 day

Command Modes

DHCP pool configuration

Command History

Release

Modification

12.0(1)T

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples

The following example shows a 1-day lease:


lease 1

The following example shows a 1-hour lease:


lease 0 1

The following example shows a 1-minute lease:


lease 0 0 1

The following example shows an infinite (unlimited) lease:


lease infinite

local-ip (IPC transport-SCTP local)

To define at least one local IP address that is used to communicate with the local peer, use the local-ip command in IPC transport-SCTP local configuration mode. To remove one or all IP addresses from your configuration, use the no form of this command.

local-ip device-real-ip-address [device-real-ip-address2]

no local-ip device-real-ip-address [device-real-ip-address2]

Syntax Description

device-real-ip-address

IP address of the local device.

The local IP addresses must match the remote IP addresses on the peer router. There can be either one or two IP addresses, which must be in global Virtual Private Network (VPN) routing and forwarding (VRF). A virtual IP (VIP) address cannot be used.

device-real-ip-address2

(Optional) IP address of the local device.

Command Default

No IP addresses are defined; thus, peers cannot communicate with the local peer.

Command Modes

IPC transport-SCTP local configuration

Command History

Release

Modification

12.3(8)T

This command was introduced.

Usage Guidelines

Use the local-ip command to help associate Stream Control Transmission Protocol (SCTP) as the transport protocol between the local and remote peer.

This command is part of a suite of commands used to configure the Stateful Switchover (SSO) protocol. SSO is necessary for IP Security (IPSec) and Internet Key Exchange (IKE) to learn about the redundancy state of the network and to synchronize their internal application state with their redundant peers.

Examples

The following example shows how to enable SSO:


!
redundancy inter-device
 scheme standby HA-in
!
!
ipc zone default
 association 1
  no shutdown
  protocol sctp
   local-port 5000
    local-ip 10.0.0.1
   remote-port 5000
    remote-ip 10.0.0.2

local-port

To define the local Stream Control Transmission Protocol (SCTP) port that is used to communicate with the redundant peer, use the local-port command in SCTP protocol configuration mode.

local-port local-port-number

Syntax Description

local-port-number

Local port number, which should be the same as the remote port number on the peer router (which is specified via the remote-port command).

Command Default

A local SCTP port is not defined.

Command Modes

SCTP protocol configuration

Command History

Release

Modification

12.3(8)T

This command was introduced.

Usage Guidelines

The local-port command enters IPC transport-SCTP local configuration mode, which allows you to specify at least one local IP address (via the local-ip command) that is used to communicate with the redundant peer.

Examples

The following example shows how to enable Stateful Switchover (SSO):


!
redundancy inter-device
 scheme standby HA-in
!
!
ipc zone default
 association 1
  no shutdown
  protocol sctp
   local-port 5000
    local-ip 10.0.0.1
   remote-port 5000
    remote-ip 10.0.0.2

logging (cfg-dns-view)

To enable logging of a system message logging (syslog) message each time the Domain Name System (DNS) view is used, use the logging command in DNS view configuration mode. To disable logging of a syslog message each time the DNS view is used, use the no form of this command.

logging

no logging

Syntax Description

This command has no arguments or keywords.

Command Default

No syslog message is logged when the DNS view is used.

Command Modes

DNS view configuration

Command History

Release

Modification

12.4(9)T

This command was introduced.

Usage Guidelines

This command enables the logging of syslog messages for the DNS view.

To display the logging setting for a DNS view, use the show ip dns view command.

Examples

The following example shows how to enable logging of a syslog message each time the DNS view named user3 that is associated with the VRF vpn32 is used:


Router(config)# ip dns view vrf vpn32 user3
 
Router(cfg-dns-view)# logging
 

logging (DNS)

To enable logging of a system message logging (syslog) message each time the Domain Name System (DNS) view is used, use the logging command in DNS view configuration mode. To disable logging of a syslog message each time the DNS view is used, use the no form of this command.

logging

no logging

Syntax Description

This command has no arguments or keywords.

Command Default

No syslog message is logged when the DNS view is used.

Command Modes

DNS view configuration

Command History

Release

Modification

12.4(9)T

This command was introduced.

Usage Guidelines

This command enables the logging of syslog messages for the DNS view.

To display the logging setting for a DNS view, use the show ip dns view command.

Examples

The following example shows how to enable logging of a syslog message each time the DNS view named user3 that is associated with the VRF vpn32 is used:


Router(config)# ip dns view vrf vpn32 user3
 
Router(cfg-dns-view)# logging
 

logging server-arp

To enable the sending of Address Resolution Protocol (ARP) requests for syslog server address during system initialization bootup, use the logging server-arp command in global configuration mode. To disable the sending of ARP requests for syslog server addresses, use the no form of this command.

logging server-arp

no logging server-arp

Syntax Description

This command has no arguments or keywords.

Command Default

This command is disabled by default.

Command Modes

Global configuration.

Command History

Release

Modification

12.3

This command was introduced.

12.3(4)T

This command was integrated into Cisco IOS Release 12.3(4)T.

12.3(5)B

This command was integrated into Cisco IOS Release 12.3(5)B.

Usage Guidelines

The logging server-arp global configuration command allows the sending of ARP requests for syslog server addresses during system initialization bootup.

When this CLI command is configured and saved to the startup configuration file, the system will send an ARP request for remote syslog server address before sending out the first syslog message.

The command should only be used when the remote syslog server is in the same subnet as the system router sending the ARP request.


Note


Use this command even if a static ARP has been configured with the remote syslog server address.


Examples

The following example shows how to enable an ARP request for syslog server addresses:


Router# configure terminal
Router(config)# logging server-arp
Router(config)# exit

The following example shows how to disable an ARP request for syslog server addresses:


Router# configure terminal
Router(config)# no
 logging server-arp
Router(config)# exit

mac packet-classify

To classify Layer 3 packets as Layer 2 packets, use the mac packet-classify command in interface configuration mode. To return to the default settings, use the no form of this command.

mac packet-classify [bpdu]

no mac packet-classify [bpdu]

Syntax Description

bpdu

(Optional) Specifies Layer 2 policy enforcement for BPDU packets.

Command Default

Layer 3 packets are not classified as Layer 2 packets.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

12.2(18)SXD

Support for this command was introduced on the Supervisor Engine 720.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(50)SY

Added support for MAC ACLs on BPDU packets.

Usage Guidelines

This command is not supported on Cisco 7600 series routers that are configured with a Supervisor Engine 2.

You can configure these interface types for multilayer MAC access control list (ACL) quality of service (QoS) filtering:

  • VLAN interfaces without Layer 3 addresses

  • Physical LAN ports that are configured to support Ethernet over Multiprotocol Label Switching (EoMPLS)

  • Logical LAN subinterfaces that are configured to support EoMPLS

The ingress traffic that is permitted or denied by a MAC ACL on an interface configured for multilayer MAC ACL QoS filtering is processed by egress interfaces as MAC-layer traffic. You cannot apply egress IP ACLs to traffic that was permitted or denied by a MAC ACL on an interface configured for multilayer MAC ACL QoS filtering.

Microflow policing does not work on interfaces that have the mac packet-classify command enabled.

The mac packet-classify command causes the Layer 3 packets to be classified as Layer 2 packets and disables IP classification.

Traffic is classified based on 802.1Q class of service (CoS), trunk VLAN, EtherType, and MAC addresses.

Examples

This example shows how to classify incoming and outgoing Layer 3 packets as Layer 2 packets:


Router(config-if)# mac packet-classify
Router(config-if)# 

This example shows how to disable the classification of incoming and outgoing Layer 3 packets as Layer 2 packets:


Router(config-if)# no mac packet-classify
Router(config-if)# 

This example shows how to enforce Layer 2 policies on BPDU packets:


Router(config-if)# mac packet-classify bpdu
Router(config-if)# 

This example shows how to disable Layer 2 policies on BPDU packets:


Router(config-if)# no mac packet-classify bpdu
Router(config-if)# 

mac packet-classify use vlan

To enable VLAN-based quality of service (QoS) filtering in the MAC access control lists (ACLs), use the mac packet-classify use vlan command in global configuration mode. To return to the default settings, use the no form of this command.

mac packet-classify use vlan

no mac packet-classify use vlan

Syntax Description

This command has no arguments or keywords.

Command Default

VLAN-based QoS filtering in the MAC ACLs is disabled.

Command Modes

Global configuration (config)

Command History

Release

Modification

12.2(18)SXD

Support for this command was introduced on the Supervisor Engine 720 and the Supervisor Engine 2.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

Usage Guidelines

This command is supported in PFC3BXL or PFC3B mode only.

This command is not supported on Cisco 7600 series routers that are configured with a Supervisor Engine 2.

You must use the no mac packet-classify use vlan command to disable the VLAN field in the Layer 2 key if you want to apply QoS to the Layer 2 Service Advertising Protocol (SAP)-encoded packets (for example, Intermediate System-to-Intermediate System [IS-IS] and Internet Packet Exchange [IPX]).

QoS does not allow policing of non-Advanced Research Protocol Agency (ARPA) Layer 2 packets (for example, IS-IS and IPX) if the VLAN field is enabled.

Examples

This example shows how to enable Layer 2 classification of IP packets:


Router(config)# mac packet-classify use vlan
Router(config)

This example shows how to disable Layer 2 classification of IP packets:


Router(config)# no mac packet-classify use vlan
Router(config)

match learnt-interface

To filter services that are available on an interface and associate the filtered data to a specific service-list, use the match learnt-interface command in multicast Domain Name System (mDNS) service discovery service-list mode. To disable the association between the filtered services on an interface with a specific service-list, use the no form of this command.

match learnt-interface interface number

no match learnt-interface

Syntax Description

interface number

Interface type and number. For more information on the type of available interfaces, use the question mark (?) online help function.

Note

 

The services on the interface will be filtered and associated with a service-list. These services can then be permitted or prohibited across subnets by applying the service-list on an interface.

Command Default

Services associated with an interface are not filtered and associated with a service-list.

Command Modes

mdns service discovery service-list (config-mdns-sd-sl)

Command History

Release

Modification

15.2(3)E

This command was introduced.

Cisco IOS XE 3.7E

This command was integrated into the Cisco IOS XE 3.7E release.

15.5(2)S

This command was integrated into Cisco IOS Release 15.5(2)S.

Cisco IOS XE Release 3.15S

This command was integrated into the Cisco IOS XE Release 3.15S

Usage Guidelines

The match learnt-interface command must be used after a service-list is created and the permit or deny option is exercised.

Examples

The following example shows how to filter services available on an interface and associate the filtered data with a specific service-list:


Device> enable
Device# configure terminal
Device(config)# service-list mdns-sd sl7 permit 30
Device(config-mdns-sd-sl)# match learnt-interface ethernet 0/1
Device(config-mdns-sd-sl)# exit

 

match location

To configure parameters for a service-list based on a civic location, use the match location command in multicast Domain Name System (mDNS) service discovery service-list mode. To disable configuration of parameters for a service-list based on a civic location, use the no form of this command.

match location civic civic-location-name

no match location civic

Syntax Description

civic civic-location-name

Specifies the civic location name.

Command Default

A service-list is not filtered for a civic location name.

Command Modes

Multicast DNS service discovery service-list (config-mdns-sd-sl)

Command History

Release

Modification

15.2(2)E

This command was introduced.

Cisco IOS XE 3.6E

This command was integrated into the Cisco IOS XE 3.6E release.

15.2(1)SY

This command was integrated into Cisco IOS Release 15.2(1)SY.

15.5(2)S

This command was integrated into Cisco IOS Release 15.5(2)S.

Cisco IOS XE Release 3.15S

This command was integrated into the Cisco IOS XE Release 3.15S

Usage Guidelines

The match location command must be used after a service-list is created, and the permit or deny option is exercised.

If the civic location is available and the civic location criteria are set, then the match operation can be performed. If the civic location is not available, then the match operation cannot retrieve the location.

Examples

The following example shows how to filter a service-list by a civic location:


Device> enable
Device# configure terminal
Device(config)# service-list mdns-sd sl1 permit 3
Device(config-mdns-sd-sl)# match location civic location3
Device(config-mdns-sd-sl)# exit

 

match message-type

To configure parameters for a service-list based on a message type, use the match message-type command in multicast Domain Name System (mDNS) service discovery service-list mode. To disable configuration of parameters for a service-list based on a message type, use the no form of this command.

match message-type {announcement | any | query}

no match message-type

Syntax Description

announcement

Filters a service-list according to periodic mDNS announcements sent out by a device.

any

Filters a service-list for queries and announcements.

query

Filters a service-list according to associated queries.

Command Default

A service-list is not filtered for a query or announcement.

Command Modes

mdns service discovery service-list (config-mdns-sd-sl)

Command History

Release

Modification

15.2(1)E

This command was introduced.

Usage Guidelines

The match message-type command must be used after a service-list is created, and the permit or deny option is exercised.

Examples

The following example shows how to filter a service-list for the announcement message type.:


Device> enable
Device# configure terminal
Device(config)# service-list mdns-sd sl1 permit 3
Device(config-mdns-sd-sl)# match message-type announcement
Device(config-mdns-sd-sl)# exit

 

match reply prefix-list

To enable verification of the advertised prefixes in the Dynamic Host Configuration Protocol (DHCP) reply messages from the configured authorized prefix list, use the match reply prefix-list command in DHCPv6 guard configuration mode. To disable verification of the advertised prefixes in the DHCP reply messages from the configured authorized prefix list, use the no form of this command.

match reply prefix-list ipv6 prefix-list name

no match reply prefix-list ipv6 prefix-list name

Syntax Description

ipv6 prefix-list name

The name of the prefix list.

Command Default

The advertised prefixes in DHCP reply messages from the configured authorized prefix list are not verified.

Command Modes

DHCPv6 guard configuration (config-dhcp-guard)

Command History

Release

Modification

15.2(4)S

This command was introduced.

Usage Guidelines

This command enables verification of the advertised prefixes in DHCP reply messages from the configured authorized prefix list. If not configured, this check will be bypassed. A prefix list is configured using the ipv6 prefix-list command. An empty prefix list is treated as a permit.

Examples

The following example defines a DHCPv6 guard policy name as policy1, places the router in DHCPv6 guard configuration mode, and enables verification of the advertised prefixes in DHCP reply messages from the configured authorized prefix list:


Router(config)# ipv6 dhcp guard policy policy1
Router(config-dhcp-guard)# match reply prefix-list ipv6pre1

match server access-list

To enable verification of the advertised Dynamic Host Configuration Protocol (DHCP) server or relay address in inspected messages from the configured authorized server access list, use the match server access-list command in DHCPv6 guard configuration mode. To disable verification of the advertised DHCP server or relay address in inspected messages from the configured authorized server access list, use the no form of this command.

match server access-list ipv6 access-list-name

no match server access-list ipv6 access-list-name

Syntax Description

ipv6 access-list-name

The name of the access list.

Command Default

The advertised DHCP server or relay address in inspected messages from the configured authorized server access list are not verified.

Command Modes

DHCPv6 guard configuration (config-dhcp-guard)

Command History

Release

Modification

15.2(4)S

This command was introduced.

Usage Guidelines

Enables verification of the advertised DHCP server or relay address in inspected messages from the configured authorized server access list. If not configured, this check will be bypassed. An access list is configured using the ipv6 access-list command. An empty access list is treated as a permit. The access list is configured using the ipv6 access-list command.

Examples

The following example defines a DHCPv6 guard policy name as policy1, places the router in DHCPv6 guard configuration mode, and enables verification of the advertised DHCP server or relay address in inspected messages from the configured authorized server access list:


Router(config)# ipv6 dhcp guard policy policy1
Router(config-dhcp-guard)# match server access-list ipv6acl1

match service-instance

To configure parameters for a service-list based on a service-instance, use the match service-instance command in multicast Domain Name System (mDNS) service discovery service-list mode. To disable configuration of parameters for a service-list based on a service-instance, use the no form of this command.

match service-instance instance-name

no match service-instance

Syntax Description

instance-name

Service instance name. The service-list is filtered according to the specified service-list.

Command Default

A service-list is not filtered for a service-instance name.

Command Modes

mdns service discovery service-list (config-mdns-sd-sl)

Command History

Release

Modification

15.2(1)E

This command was introduced.

Usage Guidelines

The match service-instance command must be used after a service-list is created, and the permit or deny option is exercised.

Examples

The following example shows how to filter a service-list by a service instance:


Device> enable
Device# configure terminal
Device(config)# service-list mdns-sd sl1 permit 3
Device(config-mdns-sd-sl)# match service-instance service1
Device(config-mdns-sd-sl)# exit

 

match service-type

To configure parameters for a service-list based on a service-type, use the match service-type command in multicast Domain Name System (mDNS) service discovery service-list mode. To disable configuration of parameters for a service-list based on a service-type, use the no form of this command.

match service-type mDNS-service-type-string

no match service-type

Syntax Description

mDNS-service-type-string

Service type string. The service-list is filtered for the specified service-type.

Command Default

A service-list is not filtered for a service-type.

Command Modes

mdns service discovery service-list (config-mdns-sd-sl)

Command History

Release

Modification

15.2(1)E

This command was introduced.

Usage Guidelines

The match service-type command must be used after a service-list is created, and the permit or deny option is exercised.

Examples

The following example shows how to filter a service-list for a TXT service-type:


Device> enable
Device# configure terminal
Device(config)# service-list mdns-sd sl1 permit 3
Device(config-mdns-sd-sl)# match service-type TXT
Device(config-mdns-sd-sl)# exit

 

mode (nat64)

To configure the Network Address Translation 64 (NAT64) mapping of addresses and ports (MAP-T) mode, use the mode command in NAT64 MAP-T configuration mode. To exit from the NAT64 MAP-T mode, use the no form of this command.

mode {divi | map-t}

no mode

Syntax Description

divi

Configures the stateless dual translation mode.

map-t

Configures the MAP-T mode. This mode is the default.

Command Default

MAP-T is the default mode.

Command Modes

NAT64 MAP-T configuration (config-nat64-mapt)

Command History

Release

Modification

Cisco IOS XE Release 3.8S

This command was introduced.

Cisco IOS Release 15.5(2)T

This command was integrated into Cisco IOS Release 15.5(2)T.

Usage Guidelines

MAP-T or Mapping of address and port (MAP) double stateless translation-based solution (MAP-T) provides IPv4 hosts connectivity to and across an IPv6 domain. MAP-T builds on existing stateless IPv4/IPv6 address translation techniques that are specified in RFC 6052, RFC 6144, and RFC 6145.

In dual translation mode, IPv4 is translated into IPv6 and vice versa.

Examples

The following example shows how to configure the dual translation mode for stateless NAT64:

Device(config)# nat64 map-t domain 89
Device(config-nat64-mapt)# mode divi    

name

To configure the redundancy group with a name, use the name command in redundancy application group configuration mode. To remove the name of a redundancy group, use the no form of this command.

name group-name

no name group-name

Syntax Description

group-name

Name of the redundancy group.

Command Default

The redundancy group is not configured with a name.

Command Modes

Redundancy application group configuration (config-red-app-grp)

Command History

Release

Modification

Cisco IOS XE Release 3.1S

This command was introduced.

Examples

The following example shows how to configure the redundancy group name as group1:


Router# configure terminal
Router(config)# redundancy
Router(config-red)# application redundancy
Router(config-red-app)# group 1
Router(config-red-app-grp)# name group1

nat64 enable

To enable Network Address Translation 64 (NAT64) on an interface, use the nat64 enable command in interface configuration mode. To disable the NAT64 configuration on an interface, use the no form of this command.

nat64 enable

no nat64 enable

Syntax Description

This command has no arguments or keywords.

Command Default

NAT64 is not enabled on an interface.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Release 3.2S

This command was introduced.

15.4(1)T

This command was integrated into Cisco IOS Release 15.4(1)T.

Examples

The following example shows how to enable NAT64 on a Gigabit Ethernet interface:


Device# configure terminal
Device(config)# interface gigabitethernet0/0/0
Device(config-if)# nat64 enable
Device(config-if)# end

nat64 logging

To enable Network Address Translation 64 (NAT64) high-speed logging (HSL), use the nat64 logging command in global configuration mode. To disable NAT64 logging, use the no form of this command.

nat64 logging translations flow-export v9 udp destination hostname port

no nat64 logging translations

Syntax Description

translations

Enables NAT64 translation logging.

flow-export

Enables NAT64 logging through flow export.

v9

Enables Version 9 NetFlow export format logging.

udp

Enables logging of UDP packets.

destination

Specifies the NAT64 external logging destination.

hostname

Hostname or the IPv4 address of the external collector for logging records.

port

Port number of the IPv4 host of the external collector for logging records. Valid values are from 1 to 65535.

Command Default

NAT64 logging is not enabled.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Release 3.4S

This command was introduced.

15.4(2)T

This command was integrated into Cisco IOS Release 15.4(2)T.

Usage Guidelines

The nat64 logging command allows you to specify remote logging for NAT64 objects.

The nat64 logging command is based on the NetFlow Version 9 export format.

In Cisco IOS XE Release 3.4S and later releases, NAT supports HSL. When HSL is configured, NAT provides a log of the packets that are flowing through the routing devices (similar to the Version 9 NetFlow-like records) to an external collector.

Examples

The following example shows how to enable NAT64 HSL logging:


Device(config)# nat64 logging translations flow-export v9 udp destination 10.1.1.1 2000
      

nat64 logging translations flow-export

To enable the high-speed logging of NAT64 translations by using a flow exporter, use the nat64 logging translations flow-export command in global configuration mode. To disable the logging of NAT64 translations by using a flow exporter, use the no form of this command.

nat64 logging translations flow-export v9 udp {destination IPv4address-port | ipv6-destination ipv6address-port} [vrf vrf-name | source interface-name interface-number]

no nat64 logging translations flow-export

Syntax Description

v9

Specifies the flow exporter Version 9 format.

udp

Specifies the UDP protocol.

destination

Specifies the destination IPv4 address for which translations will be logged.

ipv6-destination

Specifies the destination address for which translations will be logged.

hostname

Name or IPv4 address of the destination.

local-udp-port

Local UDP port number. Valid values are from 1 to 65335.

source interface-type interface-number

(Optional) Specifies the source interface for which translations will be logged.

vrf vrf-name

(Optional) Specifies the destination VRF for which translations will be logged.

Command Default

Logging is disabled for all NAT64 translations.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Release 3.1S

This command was introduced.

Cisco IOS XE Release 3.7S

This command was modified. The bind-only keyword was added.

Cisco IOS XE Fuji Release 16.7.1

This command was modified. The following keywords were added:
  • ipv6-destination
  • vrf

Examples

The following example shows how to enable translation logging for a specific destination and source interface:

Device(config)# nat64 logging translations flow-export v9 udp destination 10.10.0.1 1020 source gigabithethernet 0/0/1

Examples

This example shows how to enable high-speed logging using an IPv6 address
Device(config)# nat64 logging translations flow-export v9 udp ipv6-destination 2001::06 5050 source GigabitEthernet 0/0/0

Examples

This example shows how to enable high-speed logging using an IPv6 address for a VRF
Device(config)# nat64 logging translations flow-export v9 udp ipv6-destination 2001::06 5050 vrf hslvrf source GigabitEthernet 0/0/0

nat64 map-t

To configure the Network Address Translation 64 (NAT64) mapping of addresses and ports translation (MAP-T) settings, use the nat64 map-t command in global configuration mode. To remove the NAT64 MAP-T settings, use the no form of this command.

nat64 map-t domain number

no nat64 map-t domain number

Syntax Description

domain number

Specifies the NAT64 MAP-T domain. Valid values for the number argument are from 1 to 128.

Command Default

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Release 3.8S

This command was introduced.

Cisco IOS Release 15.5(2)T

This command was integrated into Cisco IOS Release 15.5(2)T.

Usage Guidelines

MAP-T or Mapping of address and port (MAP) double stateless translation-based solution (MAP-T) provides IPv4 hosts connectivity to and across an IPv6 domain. MAP-T builds on existing stateless IPv4/IPv6 address translation techniques that are specified in RFC 6052, RFC 6144, and RFC 6145.

After you configure the nat64 map-t command, the command mode changes to NAT64 MAP-T configuration mode.

Examples

The following example shows how to configure NAT64 MAP-T settings:

Device(config)# nat64 map-t domain 89
Device(config-nat64-map-t)#
      

nat64 prefix stateful

To configure a prefix and a prefix length for stateful Network Address Translation 64 (NAT64), use the nat64 prefix stateful command in global configuration or interface configuration mode. To disable the configuration, use the no form of this command.

nat64 prefix stateful ipv6-prefix/prefix-length

no nat64 prefix stateful ipv6-prefix/ prefix-length

Syntax Description

ipv6-prefix

IPv6 network number to include in router advertisements. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons.

/prefix-length

Length of the IPv6 prefix. A decimal value that indicates how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). A slash mark must precede the decimal value.

Command Default

NAT64 stateful prefixes are not configured.

Command Modes

Global configuration (config)  

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Release3.4 S

This command was introduced.

15.4(2)T

This command was integrated into Cisco IOS Release 15.4(2)T.

Usage Guidelines

Use the nat64 prefix stateful command in global configuration mode to assign a global NAT64 stateful prefix, or use it in interface configuration mode to assign a unique NAT64 stateful prefix for an interface. A maximum of one global stateful prefix and one stateful prefix per interface is supported. If a global stateful prefix or an interface stateful prefix is not configured, the Well Known Prefix (WKP) of 64:ff9b::/96 is used to translate the IPv4 address of the IPv4 host.

Examples

The following example shows how to configure a global NAT64 stateful prefix:


Device(config)# nat64 prefix stateful 2001:DB8:0:1::/96 
      

The following example shows how to configure a NAT64 stateful prefix for a Gigabit Ethernet interface:

Device(config)# interface gigabitethernet0/0/0 
Device(config-if)# nat64 prefix stateful 2001:DB8:0:1::/96  

nat64 prefix stateless

To assign a global or interface-specific Network Address Translation 64 (NAT64) stateless prefix, use the nat64 prefix stateless command in global configuration or interface configuration mode. To disable the configuration, use the no form of this command.

nat64 prefix stateless ipv6-prefix/ prefix-length

no nat64 prefix stateless

Syntax Description

ipv6-prefix

IPv6 network number to include in router advertisements. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons.

/ prefix-length

Length of the IPv6 prefix. A decimal value that indicates how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). A slash mark must precede the decimal value.

Command Default

No NAT64 translation is performed.

Command Modes

Global configuration (config)

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Release 3.2S

This command was introduced.

15.4(1)T

This command was integrated into Cisco IOS Release 15.4(1)T.

Usage Guidelines

The nat64 prefix stateless command uses a prefix and prefix length for IPv4-translatable IPv6 addresses. Use the nat64 prefix stateless command in global configuration mode to assign a global NAT64 stateless prefix or in interface configuration mode to assign an unique NAT64 stateless prefix for each interface. In interface configuration mode, a stateless prefix should be configured on an IPv6-facing interface.

All packets coming to an IPv6 interface are matched against the configured prefix, and the matched packets are translated to IPv4. Similarly, the packets that the IPv6 interface sends use the stateless prefix to construct the source and destination IPv6 address.


Note


A maximum of one global stateless prefix and one stateless prefix per interface is supported.


If NAT64 is enabled on an interface that does not have a stateless prefix configured, then the global stateless prefix is used. However, if a global prefix and an interface prefix are configured, then the interface prefix is used for stateless NAT64 translation. The use of a stateless prefix on an interface has priority over the configured global stateless prefix.

Examples

The following example shows how to configure a global NAT64 stateless prefix:


Device# configure terminal
Device(config)# nat64 prefix stateless 2001::DB8::1/96
Device(config)# end

The following example shows how to assign a NAT64 stateless prefix for a Gigabit Ethernet interface:


Device# configure terminal
Device(config)# interface gigabitethernet0/0/0
Device(config-if)# nat64 prefix stateless 2001:0DB8:0:1::/96
Device(config-if# end

nat64 route

To specify the Network Address Translation 64 (NAT64) prefix to which an IPv4 prefix should be translated, use the nat64 route command in global configuration mode. To disable the configuration, use the no form of this command.

nat64 route ipv4-prefix/ mask interface-type interface-number

no nat64 route ipv4-prefix/ mask

Syntax Description

ipv4-prefix / mask

Length of the IPv4 prefix and the mask.

interface-type

Interface type. For more information, use the question mark (?) online help function.

interface-number

Interface or subinterface number. For more information about the numbering syntax for your networking device, use the question mark (?) online help function.

Command Default

No NAT64 routing is performed.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Release 3.2S

This command was introduced.

15.4(1)T

This command was integrated into Cisco IOS Release 15.4(1)T.

Usage Guidelines

A prefix that is configured on an interface is used as the stateless prefix on that interface. If no interface-specific prefix is configured, the configured global prefix is used for NAT64 translation.

Examples

The following example shows how to assign an IPv4 prefix and mask to an interface:


Device# configure terminal
Device(config)# nat64 route 192.168.0.0/24 gigabitethernet0/0/1
Device(config)# exit

nat64 service ftp

To enable the Network Address Translation 64 (NAT64) FTP service, use the nat64 service ftp command in global configuration mode. To disable the NAT64 FTP service, use the no form of this command.

nat64 service ftp

no nat64 service ftp

Syntax Description

This command has no arguments or keywords.

Command Default

The NAT64 FTP service is enabled by default.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Release 3.4S

This command was introduced.

Usage Guidelines

Service FTP is an application-level gateway (ALG) that helps NAT64 operate on Layer 7 data.

Examples

The following example shows how to disable the NAT64 FTP service:


Router(config)# no nat64 service ftp
      

nat64 settings

To configure Network Address Translation 64 (NAT64) settings, use the nat64 settings command in global configuration mode. To disable NAT64 settings, use the no form of this command.

nat64 settings {fragmentation header disable | v4 tos ignore}

no nat64 settings {fragmentation header disable | v4 tos ignore}

Syntax Description

fragmentation header disable

Disables the NAT64 fragmentation header.

v4 tos ignore

Specifies not to copy the IPv4 type-of-service (ToS) header.

Command Default

NAT64 settings are disabled by default.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Release 3.5S

This command was introduced.

Usage Guidelines

By default, NAT64 adds a fragmentation header for all IPv4-to-IPv6 packets that do not have the Do Not Fragment (DF) bits set. Configure the nat64 settings fragmentation header disable command to disable the adding of a fragmentation header for packets that are not fragmented.

By default, NAT64 copies ToS bits from an IPv4 header to an IPv6 header. Configure the nat64 settings v4 tos ignore command to disable the copying of ToS bits from an IPv4 header to IPv6 header.

Examples

The following example shows how to disable the NAT64 fragmentation header:

Router(config)# nat64 settings fragmentation header disable
      

nat64 settings eif

To enable the Network Address Translation 64 (NAT64) end-point independent filtering (EIF), use the nat64 settings eif command in global configuration mode. To disable the EIF settings, use the no form of this command.

nat64 settings eif enable

no nat64 settings eif enable

Syntax Description

enable

Enables EIF settings.

Command Default

NAT64 EIF settings are disabled by default.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Release 3.7S

This command was introduced.

Examples

The following example shows how to enable the NAT64 EIF:

Device(config)# nat64 settings eif enable
      

nat64 settings flow-entries disable

To disable flow cache entries in Network Address Translation 64 (NAT64) configurations, use the nat64 settings flow-entries disable command in global configuration mode. To enable flow cache entries in NAT64 configurations, use the no form of this command.

nat64 settings flow-entries disable

no nat64 settings flow-entries disable

Syntax Description

This command has no arguments or keywords.

Command Default

Flow cache entries are enabled.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Release 3.10S

This command was introduced.

Usage Guidelines


Note


Disabling flow cache entries will result in lesser performance as this functionality performs multiple database searches to find the most specific translation to use.

By default, Network Address Translation (NAT) creates a session (which is a 5-tuple entry) for every translation. A session is also called a flow cache entry.

NAT64 (stateful and stateless) translations support the disabling of flow cache entries. You can disable flow cache entries in dynamic and static NAT64 configurations. Instead of creating sessions, dynamic and static NAT64 translations can translate a packet off the binding (or bindings if both inside and outside bindings are available). A binding or a half entry is an association between a local IP address and a global IP address.

Disabling flow cache entries for dynamic and static translations saves memory usage and provides more scalability for your NAT64 translations.


Note


Port Address Translation (PAT) or interface overload does not support disabling of flow cache entries.


Examples

The following example shows how to enable flow cache entries in a static NAT64 configuration:

Device# configure terminal
Device(config)# ipv6 unicast-routing
Device(config)# nat64 prefix stateful 2001:DB8:1::1/96
Device(config)# nat64 v6v4 static 2001:DB8:1::FFFE 209.165.201.1
Device(config)# no nat64 settings flow-entries disable

nat64 settings mtu minimum

To set the minimum size for the Network Address Translation 64 (NAT64) maximum transmission units (MTU), use the nat64 settings mtu minimum command in interface configuration mode. To return to the default MTU size of 1280 bytes, use the no form of this command.

nat64 settings mtu minimum size

no nat64 settings mtu minimum

Syntax Description

size

Minimum MTU in bytes. The range is from 1281 to the MTU of the interface.

Command Default

The default value is 1280 bytes, which is the minimum MTU on an IPv6 link.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Release 3.5S

This command was introduced.

Usage Guidelines

Each interface has a default maximum packet size or MTU size. The MTU size of an interface defaults to the largest size possible for that interface type. To adjust the MTU size of an interface, configure the mtu command. Packets are fragmented based on the configured MTU size.

If the Do Not Fragment (DF) bits are not set, during the NAT64 translation and fragmentation of IPv4 packets to IPv6, NAT64 assumes that the IPv6 link minimum MTU size is 1280 bytes. However, the link MTU size could be greater than the minimum IPv6 link MTU size. To better utilize the network, network administrators can use the nat64 settings mtu minimum command to set a higher minimum MTU size. For example, if interfaces in a network are all Ethernet interfaces and the MTU size is 1500 bytes, fragmenting packets at 1280 bytes is not an effective utilization of the bandwidth. In this case, the network administrator can change the MTU size to 1500 bytes. When the nat64 settings mtu minimum command is configured, NAT64 ignores the implicit minimum MTU of 1280 bytes and fragments IPv6 packets based on the configured MTU size.


Note


The nat64 settings mtu minimum command works only on IPv6-facing interfaces.


Examples

The following example shows how to configure a minimum MTU size of 1450 bytes for Gigabit Ethernet interface 0/0/1:

Router(config)# interface gigabitethernet 0/0/1
Router(config-if)# nat64 settings mtu minimum 1450

nat64 switchover replicate http

To replicate the Network Address Translation 64 (NAT64) HTTP switchover settings, use the nat64 switchover replicate http command in global configuration mode. To disable the HTTP switchover replication settings, use the no form of this command.

nat64 switchover replicate http {enable | disable} port port-number

no nat64 switchover replicate http

Syntax Description

disable

Disables HTTP session replication.

enable

Enables HTTP session replication.

port

Specifies the HTTP port.

port-number

Port number. Valid values are from 1 to 65535.

Command Default

NAT64 HTTP sessions are not replicated.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Release 3.5S

This command was introduced.

Usage Guidelines

In stateful NAT64 intra-chassis redundancy, HTTP sessions are not backed up on the standby Forward Processor (FP). A typical HTTP application has short-lived, transient flows. Because of the transient nature of the HTTP flows, these flows are not replicated. With stateful NAT64 intra-chassis redundancy you have the ability to replicate HTTP sessions so that HTTP flows can be made to live longer. To replicate HTTP sessions on the standby FP during a switchover, you must configure the nat64 switchover replicate http enable command.

You can enable and disable the replication of HTTP sessions on ports. For example, you can configure the nat64 switchover replicate http port 80 command and replicate the switchover of HTTP sessions on port 80. Configure the nat64 switchover replicate http disable port 8080 command to disable the replication of HTTP sessions on port 8080. You can disable the replication of sessions on only one port at any given time; however, you can enable the replication of sessions on all ports.

Examples

The following example shows how to replicate switchover of NAT64 HTTP sessions:

Router(config)# nat64 switchover replicate http enable port 80
      

nat64 translation

To enable Network Address Translation 64 (NAT64) translation, use the nat64 translation command in global configuration mode. To disable NAT64 translation, use the no form of this command.

nat64 translation {max-entries limit | timeout {icmp | tcp | tcp-transient | udp} seconds}

nat64 translation {max-entries | timeout {icmp | tcp | tcp-transient | udp}}

Syntax Description

max-entries

Configures the maximum number of stateful NAT64 translations allowed on a router.

limit

NAT64 translation entry limit. Valid values are from 1 to 2147483647.

timeout

Specifies the NAT64 translation entry timeout.

icmp

Specifies the timeout for NAT64 Internet Control Message Protocol (ICMP) traffic flow.

tcp

Specifies the timeout for NAT64 established TCP traffic flow.

tcp-transient

Specifies the timeout for NAT64 transient TCP traffic flow.

udp

Specifies the timeout for NAT64 UDP traffic flow.

seconds

Traffic timeout, in seconds. Valid values are from 1 to 536870.

Command Default

NAT64 translation is not enabled.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Release 3.4S

This command was introduced.

15.4(2)T

This command was integrated into Cisco IOS Release 15.4(2)T.

Usage Guidelines

The nat64 translation timeout command overrides the default aging timeout for NAT64 translations.

A transient TCP session has three possible conditions: a synchronize (SYN) handshake is started, but it is not complete; a reset (RST) packet is received; or a finished (FIN) packet is received in both directions.

Examples

The following example shows how to set the NAT64 translation maximum entry limit to 500:


Device(config)# nat64 translation max-entries 500

The following example shows how to set the NAT64 translation timeout for TCP to 20,000 seconds:

Device(config)# nat64 translation timeout tcp 20000

nat64 v4

To enable Network Address Translation 64 (NAT64) IPv4 configuration, use the nat64 v4 command in global configuration mode. To disable the NAT64 IPv4 configuration, use the no form of this command.

nat64 v4 pool pool-name start-address-range end-address-range

no nat64 v4 pool pool-name [forced | start-address-range end-address-range [forced]]

Syntax Description

pool

Configures an IPv4 address pool.

pool-name

Name of the IPv4 address pool.

start-address-range

Starting address of the address pool range.

end-address-range

Ending address of the address pool range.

forced

(Optional) Removes the configuration even when the NAT64 translation exists for the configuration.

Command Default

The NAT64 IPv4 configuration is not enabled.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Release 3.4S

This command was introduced.

15.4(2)T

This command was integrated into Cisco IOS Release 15.4(2)T.

Usage Guidelines

In Cisco IOS XE Release 3.4S, the Stateful NAT64 feature supports only single range pools.

Examples

The following example shows how to enable the NAT64 IPv4 pool configuration:


Device(config)# nat64 v4 pool pool1 192.168.0.2 192.168.0.254 
      

nat64 v4v6

To translate an IPv4 source address to an IPv6 source address and an IPv6 destination address to an IPv4 destination address for Network Address Translation 64 (NAT64), use the nat64 v4v6 command in global configuration mode. To disable the translation, use the no form of this command.

nat64 v4v6 static {ipv4-address ipv6-address | tcp ipv4-address port ipv6-address port | udp ipv4-address port ipv6-address port} [redundancy group-id mapping-id id]

no nat64 v4v6 static {ipv4-address ipv6-address | [forced] | tcp ipv4-address port ipv6-address port | udp ipv4-address port ipv6-address port} [forced] [redundancy group-id mapping-id id]

Syntax Description

static

Associates an IPv6 address to an IPv4 host statically.

ipv4-address

Address of the IPv4 host.

ipv6-address

IPv6 address to which the IPv4 host is mapped to in the IPv6 network.

tcp

Applies static mapping to TCP protocol packets.

port

Port number of the IPv6 or IPv4 address. Valid values are from 1 to 65535.

udp

Applies static mapping to UDP protocol packets.

redundancy group-id

(Optional) Configures a redundancy group (RG) with the specified ID. Valid values are 1 and 2.

mapping-id id

(Optional) Configures a unique ID for mapping devices. The same ID should be configured on both active and standby devices. Valid values are from 1 to 20480.

forced

(Optional) Removes the configuration even when the NAT64 translation exists for the configuration.

Command Default

NAT64 IPv4-to-IPv6 translation is not enabled.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Release 3.4S

This command was introduced.

Cisco IOS XE Release 3.7S

This command was modified. The redundancy group-id and mapping-id id keyword-argument pairs were added.

15.4(2)T

This command was integrated into Cisco IOS Release 15.4(2)T.

Examples

The following example shows how to enable static mapping of an IPv4 address to an IPv6 address:


Device(config)# nat64 v4v6 static 192.168.0.1 2001:DB8:0::1 

The following example shows how to configure a redundancy group to a static IPv4-to-IPv6 address configuration:


Device(config)# nat64 v4v6 static 192.168.0.1 2001:DB8:0::1 redundancy 1 mapping-id 101 

nat64 v6v4

To translate an IPv6 source address to an IPv4 source address and an IPv4 destination address to an IPv6 destination address for Network Address Translation 64 (NAT64), use the nat64 v6v4 command in global configuration mode. To disable the translation, use the no form of this command.

nat64 v6v4 {list access-list-name pool pool-name [overload] | static {ipv6-address ipv4-address | tcp ipv6-address port ipv4-address port | udp ipv6-address port ipv4-address port}} [redundancy group-id mapping-id id]

no nat64 v6v4 {list access-list-name pool pool-name [overload] | static {ipv6-address ipv4-address | tcp ipv6-address port ipv4-address port | udp ipv6-address port ipv4-address port}} [forced] [redundancy group-id mapping-id id]

Syntax Description

list

Associates an IPv4 pool with the filtering mechanism that decides when to apply an IPv6 address mapping.

access-list-name

Name of the IPv6 access list.

pool

Specifies the NAT64 pool for dynamic mapping of addresses.

pool-name

Name of the NAT64 pool.

overload

(Optional) Enables NAT64 overload address translation.

static

Enables NAT64 static mapping of addresses.

ipv6-address

IPv6 address of the IPv6 host to which static mapping is applied.

ipv4-address

IPv4 address that represents the IPv6 host for static mapping in the IPv4 network.

tcp

Applies static mapping to TCP protocol packets.

port

Port number of the IPv6 or IPv4 address. Valid values are from 1 to 65535.

udp

Applies static mapping to UDP protocol packets.

redundancy group-id

(Optional) Configures a redundancy group (RG). Valid values are 1 and 2.

mapping-id id

(Optional) Configures a unique ID for mapping devices. The same ID should be configured on both active and standby devices. Valid values are from 1 to 20480.

forced

(Optional) Removes the configuration even when the NAT64 translation exists for the configuration.

Command Default

NAT64 IPv6-to-IPv4 translation is not enabled.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Release 3.4S

This command was introduced.

Cisco IOS XE Release 3.7S

This command was modified. The redundancy group-id and mapping-id id keyword-argument pairs were added.

15.4(2)T

This command was integrated into Cisco IOS Release 15.4(2)T.

Examples

The following example shows how to enable dynamic mapping of an IPv6 address to an IPv4 address pool:

Device(config)# nat64 v6v4 list list1 pool pool1

The following example shows how to configure an RG for a dynamic IPv6-to-IPv4 address pool:

Device(config)# nat64 v6v4 list list1 pool pool1 redundancy 1 mapping-id 203

nat66 inside

To configure NPTv6 inside network interface, use the nat66 inside command in interface configuration mode. To remove the nat66 inside network address prefix, use the no form of this command.

nat66 inside

no nat66 inside

Syntax Description

This command has no arguments or keywords.

Command Default

The NPTv6 inside network address prefix is not configured.

Command Modes

Interface configuration (config-if)

Command History

Release Modification

Cisco IOS XE Denali 16.2

This command was introduced.

Usage Guidelines

In Cisco IOS XE Denali 16.2 release, ASR1K NPTv6 feature does not support VRF and Multicast.

Examples

The following example shows how to configure NPTv6 inside network interface:

Device(config-if)# nat66 inside

nat66 outside

To configure NPTv6 outside network interface, use the nat66 outside command in interface configuration mode. To remove the nat66 outside network address prefix, use the no form of this command.

nat66 outside

no nat66 outside

Syntax Description

This command has no arguments or keywords.

Command Default

The NPTv6 outside network interface is not configured.

Command Modes

Interface configuration (config-if)

Command History

Release Modification

Cisco IOS XE Denali 16.2

This command was introduced.

Usage Guidelines

In Cisco IOS XE Denali 16.2 release, ASR1K NPTv6 feature does not support VRF and Multicast.

Examples

The following example shows how to configure NPTv6 outside network interface:

Device(config-if)# nat66 outside

nat66 prefix

To configure NPTv6 inside network address prefix and outside network address prefix for NPTv6 translation, use the nat66 prefix command in global configuration mode. To remove the IPv6 prefix to IPv6 prefix translation, use the no form of this command.

nat66 prefix inside prefix/prefix-length outside prefix/prefix-length

no nat66 prefix inside prefix/prefix-length outside prefix/prefix-length

Syntax Description

inside

Specifies the IPv6 inside network.

outside

Specifies the IPv6 outside network.

prefix

Specifies the IPv6 network prefix.

prefix-length

Specifies the length of the IPv6 address prefix.

Command Default

The IPv6 address prefixes for NPTv6 translation is not configured.

Command Modes

Global configuration (config)

Command History

Release Modification

Cisco IOS XE Denali 16.2

This command was introduced.

Usage Guidelines

Configure IPv6 inside and outside network in interface configuration mode before configuring NPTv6 translation.

Examples

The following example shows how to configure IPv6 to IPv6 network address prefix translation:

Device(config)# nat66 prefix inside 2002:AB01::/64 outside 2002:AB02::/64

netbios-name-server

To configure NetBIOS Windows Internet Naming Service (WINS) name servers that are available to Microsoft Dynamic Host Configuration Protocol (DHCP) clients, use the netbios-name-server command in DHCP pool configuration. To remove the NetBIOS name server list, use the no form of this command.

netbios-name-server address [address2 . . . address8]

no netbios-name-server

Syntax Description

address

Specifies the IP address of the NetBIOS WINS name server. One IP address is required, although you can specify up to eight addresses in one command line.

address2 ...address8

(Optional) Specifies up to eight addresses in the command line.

Command Modes

DHCP pool configuration

Command History

Release

Modification

12.0(1)T

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

One IP address is required, although you can specify up to eight addresses in one command line. Servers are listed in order of preference (address1 is the most preferred server, address2 is the next most preferred server, and so on).

Examples

The following example specifies the IP address of a NetBIOS name server available to the client:


netbios-name-server 10.12.1.90

netbios-node-type

To configure the NetBIOS node type for Microsoft Dynamic Host Configuration Protocol (DHCP) clients, use the netbios-node-type command in DHCP pool configuration mode. To remove the NetBIOS node type, use the no form of this command.

netbios-node-type type

no netbios-node-type

Syntax Description

type

Specifies the NetBIOS node type. Valid types are:

  • b-node --Broadcast

  • p-node --Peer-to-peer

  • m-node --Mixed

  • h-node --Hybrid (recommended)

Command Modes

DHCP pool configuration

Command History

Release

Modification

12.0(1)T

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

The recommended type is h-node (hybrid).

Examples

The following example specifies the client’s NetBIOS type as hybrid:


netbios node-type h-node

network (DHCP)

To configure the network number and mask for a Dynamic Host Configuration Protocol (DHCP) address pool primary or secondary subnet on a Cisco IOS DHCP server, use the network command in DHCP pool configuration mode. To remove the subnet number and mask, use the no form of this command.

(explicit id )

(explicit id )

Syntax Description

network-number

The IP address of the primary DHCP address pool.

mask

(Optional) The bit combination that renders which portion of the address of the DHCP address pool refers to the network or subnet and which part refers to the host.

/ prefix-length

(Optional) The number of bits that comprise the address prefix. The prefix is an alternative way of specifying the network mask of the client. The prefix length must be preceded by a forward slash (/).

secondary

(Optional) The network address specifies a secondary subnet in the DHCP address pool, and the router enters DHCP pool secondary subnet configuration mode.

Note

 

To configure a secondary subnet, you must also specify the mask argument or the prefix-length argument.

Command Default

This command is disabled by default.

Command Modes

DHCP pool configuration (dhcp-config)

Command History

Release

Modification

12.0(1)T

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(33)SRB

This command was modified. The secondary keyword was added.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Cisco IOS XE Release 3.1S

This command was integrated into Cisco IOS XE Release 3.1S and implemented on the Cisco ASR 1000 Series Aggregation Services Routers.

15.0(1)S

This command was integrated into Cisco IOS Release 15.0(1)S.

Usage Guidelines

This command is valid for DHCP subnetwork address pools only.

The DHCP server assumes that all host addresses are available. The system administrator can exclude subsets of the address space by using the ip dhcp excluded-address global configuration command. However, the ip dhcp excluded-address command cannot be used to exclude addresses from virtual routing and forwarding (VRF)-associated pools.

You cannot configure manual bindings within the same pool that is configured with the network command.

If a default router list is configured for the pool or subnet from which the address was allocated, the DHCP server selects an IP address from that default router list and provides it to the client. The DHCP client uses that router as the first hop for forwarding messages.

Removing a secondary subnet also removes the default router list for that subnet. Removing the primary subnet removes only the primary subnet definition but not the network-wide default router list.

To display the DHCP address pool information configured by the network command, use the show ip dhcp pool command.

Examples

The following example shows how to configure 172.16.0.0/12 as the subnetwork number and mask of the DHCP pool named pool1. The IP addresses in pool1 range from 172.16.0.0 to 172.31.255.255.


Router(config)# 
ip dhcp pool pool1
 
Router(dhcp-config)# 
network 172.16.0.0 255.240.0.0

The following example shows how to configure 192.0.2.0/24 as the subnetwork number and mask of the DHCP pool named pool2 and then add the DHCP pool secondary subnet specified by the subnet number and mask 192.0.4.0/30. The IP addresses in pool2 consist of two unconnected subnets: the addresses from 192.0.2.1 to 192.0.2.254 and the addresses from 192.0.4.1 to 192.0.4.2.


Router(config)# 
ip dhcp pool pool2
 
Router(dhcp-config)# 
network 192.0.2.0 255.255.255.0
 
Router(dhcp-config)# 
network 192.0.4.0 255.255.255.252 secondary

next-server

To configure the next server in the boot process of a Dynamic Host Configuration Protocol (DHCP) client, use the next-server command in DHCP pool configuration. To remove the boot server list, use the no form of this command.

next-server address [address2 . . . address8]

no next-server address

Syntax Description

address

Specifies the IP address of the next server in the boot process, which is typically a Trivial File Transfer Protocol (TFTP) server. One IP address is required, but up to eight addresses can be specified in one command line.

address2 ...address8

(Optional) Specifies up to seven additional addresses in the command line.

Command Default

If the next-server command is not used to configure a boot server list, the DHCP Server uses inbound interface helper addresses as boot servers.

Command Modes

DHCP pool configuration

Command History

Release

Modification

12.0(1)T

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

You can specify up to eight servers in the list. Servers are listed in order of preference (address1 is the most preferred server, address2 is the next most preferred server, and so on).

Examples

The following example specifies 10.12.1.99 as the IP address of the next server in the boot process:


next-server 10.12.1.99

nhrp cache limit

To configure the maximum number of entries that can be stored in the Next Hop Resolution Protocol (NHRP) cache on a device, issue the nhrp cache limit command in global configuration mode. To remove the maximum limit on the number of NHRP cache entries, use the no form of this command.

nhrp cache limit max-entries { fifo | lifo }

no nhrp cache limit max-entries { fifo | lifo }

Syntax Description

max-entries

The maximum number of entries that can be stored in the NHRP cache on the device. This limit is cumulative and is the maximum number of NHRP entries that can be cached on the device across all VRFs and NHRP instances.

Range: 1 - 2147483646

Default: No limit

fifo|lifo
  • fifo : The oldest cache entry is purged when the number of cache entries exceeds the configured limit.

    Note

     

    If you configure the fifo mode, you must delete all cache entries globally before the limit is applied in this mode. If you do not delete the cache entries, parser return code (PRC) failure occurs and the device reports the following error message: ‘Please delete all NHRP Cache entries before using FIFO for limiting Cache table.’

  • lifo : The newest cache entry is purged when the number of cache entries exceeds the configured limit. In this mode, if the number of cache entries exceeds the limit at the time of configuration, the limit is applied only after the number of cache entries falls below the configured limit.

Command Default

There is no limit on the number of cache entries if this command is not configured.

Command Modes

Global configuration (config)

Command History

Release Modification
Cisco IOS XE Gibraltar 16.12.4

Command introduced.

Examples

In this example, the number of NHRP cache entries is limited to 65, 536.

Device> enable
Device# configure terminal
Device(config)# nhrp cache limit 65536
Device(config)# end

nhrp group

To configure a Next Hop Resolution Protocol (NHRP) group on a spoke, use the nhrp group command in interface configuration mode. To remove an NHRP group, use the no form of this command.

nhrp group group-name

no nhrp group group-name

Syntax Description

group-name

Specifies an NHRP group name.

Command Default

No NHRP groups are created.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

15.4(1)T

This command was introduced.

Cisco IOS XE Release 3.11S

This command was integrated into Cisco IOS XE Release 3.11S.

Usage Guidelines

After you create an NHRP group on a spoke, you use the nhrp map group command to map the group to a QoS policy map.


Note


This command will replace the ip nhrp group command in a future release.

Examples

The following example shows how to create two NHRP groups named small and large.

Device> enable
Device# configure terminal
Device(config)# interface Tunnel 0
Device(config-if)# nhrp group small
Device(config-if)# nhrp group large

nhrp map group

To associate a Next Hop Resolution Protocol (NHRP) group to a QoS policy map, use the nhrp map group command in interface configuration mode. To remove an association, use the no form of this command.

nhrp map group group-name service-policy output qos-policy-map-name

no nhrp map group group-name service-policy output qos-policy-map-name

Syntax Description

service-policy

Specifies a QoS service policy

group-name

Specifies an NHRP group name.

qos-policy-map-name

Specifies a QoS policy map name.

Command Default

No mappings are created.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

15.4(1)T

This command was introduced.

Cisco IOS XE Release 3.11S

This command was integrated into Cisco IOS XE Release 3.11S.

Usage Guidelines

The command allows a QoS policy in the output direction only.


Note


This command will replace the ip nhrp map group command in a future release.

Examples

The following example shows how to map two NHRP groups named small and large to two QoS policy maps named qos-small and qos-large respectively.

Device> enable
Device# configure terminal
Device(config)# interface Tunnel 0
Device(config-if)# nhrp map group small service-policy output qos-small
Device(config-if)# nhrp map group large service-policy output qos-large

nis address

To specify the network information service (NIS) address of an IPv6 server to be sent to the client, use the nis address command in DHCP for IPv6 pool configuration mode. To remove the NIS address, use the no form of this command.

nis address ipv6-address

no nis address ipv6-address

Syntax Description

ipv6-address

The NIS address of an IPv6 server to be sent to the client.

Command Default

No NIS address is specified.

Command Modes


IPv6 DHCP pool configuration

Command History

Release

Modification

12.4(15)T

This command was introduced.

Cisco IOS XE Release 2.5

This command was modified. It was integrated into Cisco IOS XE Release 2.5.

12.2(33)XNE

This command was modified. It was integrated into Cisco IOS Release 12.2(33)XNE.

Usage Guidelines

The Dynamic Host Configuration Protocol (DHCP) for IPv6 for stateless configuration allows a DHCP for IPv6 client to export configuration parameters (that is, DHCP for IPv6 options) to a local DHCP for IPv6 server pool. The local DHCP for IPv6 server can then provide the imported configuration parameters to other DHCP for IPv6 clients.

The NIS server option provides a list of one or more IPv6 addresses of NIS servers available to send to the client. The client must view the list of NIS servers as an ordered list, and the server may list the NIS servers in the order of the server’s preference.

The NIS server option code is 27. For more information on DHCP options and suboptions, see the "DHCPv6 Options" appendix in the Network Registrar User's Guide , Release 6.2.

Examples

The following example shows how to specify the NIS address of an IPv6 server:


nis address 23::1

nis domain-name

To enable a server to convey a client’s network information service (NIS) domain name information to the client, use the nis domain-name command in DHCP for IPv6 pool configuration mode. To remove the domain name, use the no form of this command.

nis domain-name domain-name

no nis domain-name domain-name

Syntax Description

domain-name

The domain name of an IPv6 server to be sent to the client.

Command Default

No NIS domain name is specified.

Command Modes


IPv6 DHCP pool configuration

Command History

Release

Modification

12.4(15)T

This command was introduced.

Cisco IOS XE Release 2.5

This command was modified. It was integrated into Cisco IOS XE Release 2.5.

12.2(33)XNE

This command was modified. It was integrated into Cisco IOS Release 12.2(33)XNE.

Usage Guidelines

The Dynamic Host Configuration Protocol (DHCP) for IPv6 for stateless configuration allows a DHCP for IPv6 client to export configuration parameters (that is, DHCP for IPv6 options) to a local DHCP for IPv6 server pool. The local DHCP for IPv6 server can then provide the imported configuration parameters to other DHCP for IPv6 clients.

The NIS domain name option provides a NIS domain name for the client. Use the nis domain-name command to specify the client’s NIS domain name that the server sends to the client.

The NIS domain name option code is 29. For more information on DHCP options and suboptions, see the "DHCPv6 Options" appendix in the Network Registrar User's Guide , Release 6.2.

Examples

The following example shows how to enable the IPv6 server to specify the NIS domain name of a client:


nis domain-name cisco1.com

nisp domain-name

To enable an IPv6 server to convey a client’s network information service plus (NIS+) domain name information to the client, use the nisp domain-name command in DHCP for IPv6 pool configuration mode. To remove the domain name, use the no form of this command.

nisp domain-name domain-name

no nisp domain-name domain-name

Syntax Description

domain-name

The NIS+ domain name of an IPv6 server to be sent to the client.

Command Default

No NIS+ domain name is specified.

Command Modes


IPv6 DHCP pool configuration

Command History

Release

Modification

12.4(15)T

This command was introduced.

Cisco IOS XE Release 2.5

This command was modified. It was integrated into Cisco IOS XE Release 2.5.

12.2(33)XNE

This command was modified. It was integrated into Cisco IOS Release 12.2(33)XNE.

Usage Guidelines

The Dynamic Host Configuration Protocol (DHCP) for IPv6 for stateless configuration allows a DHCP for IPv6 client to export configuration parameters (that is, DHCP for IPv6 options) to a local DHCP for IPv6 server pool. The local DHCP for IPv6 server can then provide the imported configuration parameters to other DHCP for IPv6 clients.

The NIS+ domain name option provides a NIS+ domain name for the client. Use the nisp domain-name command to enable a server to send the client its NIS+ domain name information.

The NIS+ domain name option code is 30. For more information on DHCP options and suboptions, see the "DHCPv6 Options" appendix in the Network Registrar User's Guide , Release 6.2.

Examples

The following example shows how to enable the IPv6 server to specify the NIS+ domain name of a client:


nisp domain-name cisco1.com

nisp address

To specify the network information service plus (NIS+) address of an IPv6 server to be sent to the client, use the nisp address command in DHCP for IPv6 pool configuration mode. To remove the NIS+ address, use the no form of the command.

nisp address ipv6-address

no nisp address ipv6-address

Syntax Description

ipv6-address

The NIS+ address of an IPv6 server to be sent to the client.

Command Default

No NIS+ address is specified.

Command Modes


IPv6 DHCP pool configuration

Command History

Release

Modification

12.4(15)T

This command was introduced.

Cisco IOS XE Release 2.5

This command was modified. It was integrated into Cisco IOS XE Release 2.5.

12.2(33)XNE

This command was modified. It was integrated into Cisco IOS Release 12.2(33)XNE.

Usage Guidelines

The Dynamic Host Configuration Protocol (DHCP) for IPv6 for stateless configuration allows a DHCP for IPv6 client to export configuration parameters (that is, DHCP for IPv6 options) to a local DHCP for IPv6 server pool. The local DHCP for IPv6 server can then provide the imported configuration parameters to other DHCP for IPv6 clients.

The NIS+ servers option provides a list of one or more IPv6 addresses of NIS+ servers available to send to the client. The client must view the list of NIS+ servers as an ordered list, and the server may list the NIS+ servers in the order of the server’s preference.

The NIS+ servers option code is 28. For more information on DHCP options and suboptions, see the "DHCPv6 Options" appendix in the Network Registrar User's Guide , Release 6.2.

Examples

The following example shows how to specify the NIS+ address of an IPv6 server:


nisp address 33::1

odap client

To configure On–Demand Address Pooling (ODAP) client parameters, use the odap client command in DHCP pool configuration mode. To remove ODAP client parameters, use the no form of this command.

odap client {client-id id [interface type number] [target-server ip-address] | interface type number [client-id id] [target-server ip-address] | target-server ip-address [client-id id] [interface type number]}

no odap client {client-id id [interface type number] [target-server ip-address] | interface type number [client-id id] [target-server ip-address] | target-server ip-address [client-id id] [interface type number]}

Syntax Description

client-id id

Configures the client ID string.

interface type number

(Optional) Specifies the outgoing interface for sending subnet allocation request.

target-server ip-address

(Optional) Configures the target ODAP server's IP address.

Command Default

The outgoing interface for sending subnet allocation request is not configured.

The Cisco IOS DHCP ODAP client module prepares the client ID to be sent in the subnet allocation request by concatenating the router hostname with the subnet pool name.

The target ODAP server's IP address is not configured.

Command Modes

DHCP pool configuration (dhcp-config)

Command History

Release

Modification

15.2(1)T

This command was introduced.

Usage Guidelines

Use the odap client command to configure ODAP client parameters. You must configure one of the parameters. The parameters can be specified in any order.

Examples

The following example shows how to configure ODAP client parameters:


Router# configure terminal
Router(config)# ip dhcp pool pool1
Router(dhcp-config)# odap client client-id id1 interface gigabitethernet 0/0 target-server 192.168.10.1
Eouter(dhcp-config)# end
      

odap server

To configure On–Demand Address Pooling (ODAP) server parameters, use the odap server command in DHCP pool configuration mode. To remove the ODAP server parameter settings, use the no form of this command.

odap server {rebind-time percent-value [renew-time percent-value] | renew-time percent-value [rebind-time percent-value]}

no odap server {rebind-time percent-value [renew-time percent-value] | renew-time percent-value [rebind-time percent-value]}

Syntax Description

rebind-time

Specifies the rebind timer.

percent-value

Percentage value of total lease.

renew-time

Specifies the renew timer.

Command Default

ODAP server parameters are not configured.

Command Modes

DHCP pool configuration (dhcp-config)

Command History

Release

Modification

15.2(1)T

This command was introduced.

Usage Guidelines

Use the odap server command to configure ODAP server parameters. You must specify either the rebind time or the renew time. You can specify the rebind time and renew time in any order. The rebind time cannot be less than the renew time.

Examples

The following example shows how to configure ODAP server parameters:


Router# configure terminal
Router(config)# ip dhcp pool pool1
Router(dhcp-config)# odap server rebind-time 20 renew-time 10
Router(dhcp-config)# end
      

option

To configure DHCP server options, use the option command in DHCP pool configuration mode. To remove the options, use the no form of this command.

option code [instance number] {ascii string | hex {string | none} | ip {address | hostname}}

no option code [instance number]

Syntax Description

code

Specifies the DHCP option code. The range is from 0 to 254.

instance number

(Optional) Specifies an instance number. The range is from 0 to 255. The default is 0.

ascii string

Specifies a network virtual terminal (NVT) ASCII character string. ASCII character strings that contain white spaces must be delimited by quotation marks. The ASCII value is truncated to 255 characters entered.

hex

Specifies dotted hexadecimal data.

string

Hexadecimal value truncated to 180 characters entered. Each byte in hexadecimal character strings is two hexadecimal digits. Each byte can be separated by a period, colon, or white space.

none

Specifies the zero-length hexadecimal string.

ip address

Specifies an IP address. More than one IP address can be specified.

ip hostname

Specifies the hostname. More than one hostname can be specified.

Command Default

The default instance number is 0.

Command Modes

DHCP pool configuration (dhcp-config)

Command History

Release

Modification

12.0(1)T

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command was supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

12.4(24)T

This command was modified. The none keyword was added.

15.1(3)S

This command was modified. A maximum limit of 180 characters was set for the dotted hexadecimal data and 255 characters for the ASCII data.

Usage Guidelines

DHCP provides a framework for passing configuration information to hosts on a TCP/IP network. The configuration parameters and other control information are carried in tagged data items that are stored in the options field of the DHCP message. The data items themselves are also called options. The current set of DHCP options is documented in RFC 2131, Dynamic Host Configuration Protocol .

Examples

The following example shows how to configure DHCP option 19, which specifies whether the client should configure its IP layer for packet forwarding. A value of 0 means disable IP forwarding; a value of 1 means enable IP forwarding. IP forwarding is enabled in the following example.


Router(config)# ip dhcp pool red
Router(dhcp-config)# option 19 hex 01

The following example shows how to configure DHCP option 72, which specifies the World Wide Web servers for DHCP clients. World Wide Web servers 172.16.3.252 and 172.16.3.253 are configured in the following example.


Router(config)# ip dhcp pool red
Router(dhcp-config)# option 72 ip 172.16.3.252 172.16.3.253

option hex

To enable a relay agent to make forwarding decisions based on DHCP options inserted in the client-generated DHCP message, use the option hex command in DHCP class configuration mode. To disable this functionality, use the no form of this command.

option code hex hex-pattern [ *] [bit bit-mask-pattern]

no option code hex hex-pattern [ *] [mask bit-mask-pattern]

Syntax Description

code

Specifies the DHCP option code. Valid values are 60, 77, 124, and 125. All other values will be rejected with the appropriate error message.

hex-pattern

String of hexadecimal values. This string creates a pattern that is matched against the named DHCP class. The hex-pattern argument represents the data portion of the DHCP option format. See “Usage Guidelines” below for more information.

The hexadecimal value is truncated to 180 characters entered. Each byte in hexadecimal character strings is two hexadecimal digits. Each byte can be separated by a period, colon, or white space.

*

(Optional) Wildcard character.

mask bit-mask-pattern

(Optional) String of hexadecimal values. Specifies the bit mask to be applied to the hex-pattern argument.

Command Default

This command is disabled by default.

Command Modes

DHCP class configuration (config-dhcp-class)

Command History

Release

Modification

12.4(11)T

This command was introduced.

Usage Guidelines

The option hex command enhances DHCP class support to allow the relay agent to relay client-generated messages to different DHCP servers based on the content of the following four options:

  • Option 60: vendor class identifier

  • Option 77: user class

  • Option 124: vendor-identifying vendor class

  • Option 125: vendor-identifying vendor-specific information

Each option identifies the type of client sending the DHCP message.

The table below describes the CLI variations possible for the hex hex-pattern keyword and argument combination.

Table 1. option hex CLI Variations

Hex string format variations

CLI example

Description

Full option value as raw hex


option 60 hex 010203

This option has 3 bytes of data with 0x010203 hex as the content.

Bit-masked hex string


option 60 hex 010203 mask 0000FF

This option is the same as above except that only the first 2 bytes of data should be 0x0102.

Wild-carded hex string


option 60 hex 010203*

This option should have at least 3 bytes, with the first 3 bytes matching the specified hex pattern.

You must know the hexadecimal value of each byte location in the options to be able to configure the option hex command. The format may vary from product to product. Contact the relay agent vendor for this information.

Examples

In the following example, client-generated DHCP messages containing option 60 and belonging to class VOIP will be forwarded to the DHCP server located at 10.30.5.1:


!
ip dhcp class VOIP
 option 60 hex 010203
! 
! The following is the relay pool
ip dhcp pool red
 relay source 10.2.2.0 255.255.255.0
 class VOIP
  relay target 10.30.5.1

option ext

To configure DHCP extended server options, use the option ext command in DHCP pool configuration mode. To remove the options, use the no form of this command.

option ext code {ascii string | hex string}

no option ext code

Syntax Description

code

Specifies the DHCP option code. The range is from 0 to 254.

Note

 

Only option 43 is supported under extended options. If you select any other option code, you will get a message that it is not supported.

ascii string

Specifies a network virtual terminal (NVT) ASCII character string. ASCII character strings that contain white space must be delimited by quotation marks.

hex string

Specifies dotted hexadecimal data. Each byte in hexadecimal character strings is two hexadecimal digits—each byte can be separated by a period, colon, or white space.

Command Default

DHCP extended server options are not configured.

Command Modes

DHCP pool configuration (dhcp-config)

Command History

Release

Modification

Cisco IOS XE Release 3.2.1S

This command was introduced.

Usage Guidelines

Using the option ext command you can specify an ASCII string upto 255 characters or 255 bytes of hexadecimal data. To do this, you need to break the string into three sets and then execute the option ext command three times, specifying the three strings.

option ext 43 ascii <first 100 characters>
option ext 43 ascii <next 100 characters>
option ext 43 ascii <last 55 characters>

If you want to enter 220 characters of ASCII data, you need to break the string into three, for example, two containing 100 characters each and the other containing the remaining 20 characters.

option ext 43 ascii <first 100 characters>
option ext 43 ascii <next 100 characters>
option ext 43 ascii <last 20 characters>

At any time, you can append additional characters to the string if the maximum length (255 characters or bytes) is not reached.

Only single format can be used between consecutive extended commands; that is, you cannot enter the first 100 bytes in ASCII and the next 100 bytes in hexadecimal or vice versa. Also, only one type of option command can be used as consecutive commands. That is, you cannot enter the option command and then the option ext command.

Use the no option or no option ext command to remove the configured option and configure the new option using the option ext command.

Examples

The following example shows how to configure DHCP extended option 43 and an ASCII string with 25 characters. The ASCII string of 25 characters is configured using three option ext commands.


Router(config)# ip dhcp pool pool1
Router(dhcp-config)# option ext 43 ascii 1111111111 
Router(dhcp-config)# option ext 43 ascii 1111111111 
Router(dhcp-config)# option ext 43 ascii 11111 
      

origin

To configure an address pool as an on-demand address pool (ODAP) or static mapping pool, use the origin command in DHCP pool configuration mode. To disable the ODAP, use the no form of this command.

origin {dhcp [number number | subnet size initial size [autogrow size]] | aaa [subnet size initial size [autogrow size]] | file url [refresh [interval minutes]] | ipcp}

no origin {dhcp [number number | subnet size initial size [autogrow size]] | aaa [subnet size initial size [autogrow size]] | file url [refresh [interval minutes]] | ipcp}

Syntax Description

dhcp

Specifies Dynamic Host Configuration Protocol (DHCP) as the subnet allocation protocol.

number number

(Optional) Specifies the number of subnets to request. The range is from 1 to 5.

subnet size initial size

(Optional) Specifies the initial size of the first requested subnet. You can enter the value for the size argument as either the subnet mask (nnnn.nnnn.nnnn.nnnn) or prefix size (/nn). The valid values are /0 and /4 to /30.

autogrow size

(Optional) Specifies that the pool can grow incrementally. The value for the size argument is the size of the requested subnets when the pool requests additional subnets (upon detection of high utilization). You can enter the value for the size as either the subnet mask (nnnn.nnnn.nnnn.nnnn) or prefix size (/nn). The valid values are /0 and /4 to /30.

aaa

Specifies authentication, authorization, and accounting (AAA) as the subnet allocation protocol.

file url

Specifies the external database file that contains the static bindings assigned by the DHCP server. The url argument specifies the location of the external database file.

refresh

Specifies to refresh or reread the DHCP static mapping file.

interval minutes

Specifies the refresh or reread interval, in minutes, for DHCP static mapping file. The range is from 1 to 500.

ipcp

Specifies the IP Control Protocol (IPCP) as the subnet allocation protocol.

Command Default

The default value for the size argument is /0.

Command Modes

DHCP pool configuration

Command History

Release

Modification

12.2(8)T

This command was introduced.

12.3(11)T

This command was modified. The file keyword was added.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB.

15.2(1)T

This command was modified. The number, refresh, and interval keywords and the number and minutes arguments were added.

Usage Guidelines

If you do not configure the pool as an autogrow pool, the pool will not request additional subnets if one subnet is already in the pool.

Use the dhcp keyword to obtain subnets from DHCP, the aaa keyword to obtain subnets from the AAA server, and the ipcp keyword to obtain subnets from IPCP negotiation. If you expect that the utilization of the pool may grow over time, use the autogrow size option.

If a pool has been configured with the autogrow size option, ensure that the source server can provide more than one subnet to the same pool. Even though the Cisco IOS software specifies the requested subnet size, it can accept any offered subnet size from the source server.

Examples

The following example shows how to configure an address pool named pool1 to use DHCP as the subnet allocation protocol with an initial subnet size of 24 and an autogrow subnet size of 24:


ip dhcp pool pool1
  vrf pool1
  origin dhcp subnet size initial /24 autogrow /24
  utilization mark high 80
  utilization mark low 20

The following example shows how to configure the location of the external text file:


ip dhcp pool abcpool
 origin file tftp://10.1.0.1/staticbindingfile

override default-router

To define a default router list for the DHCP pool secondary subnet, use the override default-router command in DHCP pool secondary subnet configuration mode. To remove the default router list for this secondary subnet, use the no form of this command.

override default-router address [address2 . . . address8]

no override default-router

Syntax Description

address

IP address of the default router for the DHCP pool secondary subnet, preferably on the same subnet as the DHCP pool secondary client subnet.

address2 ... address8

(Optional) IP addresses of up to seven additional default routers, delimited by a single space.

Note

 

The ellipses in the syntax description are used to indicate a range of values. Do not use ellipses when entering IP addresses.

Command Default

No default router list is defined for the DHCP pool secondary subnet.

Command Modes

DHCP pool secondary subnet configuration

Command History

Release

Modification

12.2(33)SRB

This command was introduced.

12.4(15)T

This command was integrated into Cisco IOS Release 12.4(15)T.

Usage Guidelines

When an IP address is assigned to the DHCP client from a secondary subnet for which no subnet-specific default router list is defined, the default router list (configured by using the default-router command in DHCP pool configuration mode) will be used.

The IP address of every router in the list should be on the same subnet as the client subnet. You can specify up to eight routers in the list. Routers are listed in order of preference (address is the most preferred router, address2 is the next most preferred router, and so on).

To display the default router lists, use the show running-config command. If default router lists are configured for a DHCP pool, the commands used to configure those lists are displayed following the ip dhcp pool command that configures the DHCP pool.

Examples

The following example configures 10.1.1.1/29 as the subnetwork number and mask of the DHCP pool named pool1, adds the DHCP pool secondary subnet specified by the subnet number and mask 10.1.1.17/29, then configures a subnet-specific default router list for that subnet:


Router(config)# dhcp pool pool1
 
Router(config-dhcp)# network 10.1.1.1 255.255.255.248
 
Router(config-dhcp)# network 10.1.1.17 255.255.255.248 secondary
 
Router(config-dhcp-secondary-subnet)# override default-router 10.1.1.100 10.1.1.200
 

override utilization high

To configure the high utilization mark of the current secondary subnet size, use the override utilization high command in DHCP pool secondary subnet configuration mode. To remove the high utilization mark, use the no form of this command.

override utilization high percentage-number

no override utilization high percentage-number

Syntax Description

percentage-number

Percentage of the current subnet size. The range is from 1 to 100 percent.

Command Default

The default high utilization mark is 100 percent of the current subnet size.

Command Modes

DHCP pool secondary subnet configuration (config-dhcp-subnet-secondary)

Command History

Release

Modification

12.2(33)SRC

This command was introduced.

Usage Guidelines

If you use the utilization mark {high | low } log command, a system message can be generated for a DHCP secondary subnet when the subnet utilization exceeds the configured high utilization threshold. A system message can also be generated when the subnet’s utilization is detected to be below the configured low utilization threshold.

The override utilization high command overrides the value specified by the utilization mark high global configuration command.

Examples

The following example shows how to set the high utilization mark of the secondary subnet to 40 percent of the current subnet size:


Router(config)# ip dhcp pool pool2
 
Router(dhcp-config)# utilization mark high 80 log
 
Router(dhcp-config)# utilization mark low 70 log
 
Router(dhcp-config)# network 192.0.2.0 255.255.255.0
 
Router(dhcp-config)# network 192.0.4.0 255.255.255.252 secondary
 
Router(config-dhcp-subnet-secondary)# override utilization high 40
 
Router(config-dhcp-subnet-secondary)# override utilization low 30

override utilization low

To configure the low utilization mark of the current secondary subnet size, use the override utilization low command in DHCP pool secondary subnet configuration mode. To remove the low utilization mark, use the no form of this command.

override utilization low percentage-number

no override utilization low percentage-number

Syntax Description

percentage-number

Percentage of the current subnet size. The range is from 1 to 100.

Command Default

The default low utilization mark is 0 percent of the current subnet size.

Command Modes

DHCP pool secondary subnet configuration (config-dhcp-subnet-secondary)

Command History

Release

Modification

12.2(33)SRC

This command was introduced.

Usage Guidelines

If you use the utilization mark {high | low } log command, a system message can be generated for a DHCP secondary subnet when the subnet utilization falls below the configured low utilization threshold. A system message can also be generated when the subnet’s utilization exceeds the configured high utilization threshold.

The override utilization low command overrides the value specified by the utilization mark low global configuration command.

Examples

The following example shows how to set the low utilization mark of the secondary subnet to 30 percent of the current subnet size:


Router(config)# ip dhcp pool pool2
 
Router(dhcp-config)# utilization mark high 80 log
 
Router(dhcp-config)# utilization mark low 70 log
 
Router(dhcp-config)# network 192.0.2.0 255.255.255.0
 
Router(dhcp-config)# network 192.0.4.0 255.255.255.252 secondary
 
Router(config-dhcp-subnet-secondary)# override utilization high 40
 
Router(config-dhcp-subnet-secondary)# override utilization low 30

port-parameters

To configure port parameters for a Network Address Translation 64 (NAT64) mapping of addresses and ports (MAP-T) basic mapping rule (BMR), use the port-parameters command in NAT64 MAP-T BMR configuration mode. To remove the port parameters, use the no form of this command.

port-parameters share-ratio ratio [port-offset-bits port-offset-bits [start-port port-number] | start-port port-number] [no-eabits]

no port-parameters

Syntax Description

share-ratio ratio

Specifies the NAT64 MAP-T BMR port share ratio. Valid values for the ratio argument are from 1 to 4096.

port-offset-bits port-offset-bits

(Optional) Specifies the port offset bits. Valid values for the port-offset-bits argument are from 1 to 16.

start-port port -number

(Optional) Specifies the NAT64 MAP-T BMR starting port. Valid values for the port-number argument are from 1024 to 65535.

no-eabits

(Optional) Specifies the no embedded address bits.

Command Default

Command Modes

NAT64 MAP-T BMR configuration (config-nat64-mapt-bmr)

Command History

Release

Modification

Cisco IOS XE Release 3.8S

This command was introduced.

Cisco IOS Release 15.5(2)T

This command was integrated into Cisco IOS Release 15.5(2)T.

Usage Guidelines

MAP-T or Mapping of address and port (MAP) double stateless translation-based solution (MAP-T) provides IPv4 hosts connectivity to and across an IPv6 domain. MAP-T builds on existing stateless IPv4/IPv6 address translation techniques that are specified in RFC 6052, RFC 6144, and RFC 6145.

Examples

The following example shows how to configure port parameters for a NAT64 MAP-T basic mapping rule:

Device(config)# nat64 map-t domain 89
Device(config-nat64-mapt)# basic-mapping-rule
Device(config-nat4-mapt-bmr)# port-parameters share-ratio 234 start-port 2300

preempt

To enable preemption on the redundancy group, use the preempt command in redundancy application group configuration mode. To disable the group’s preemption, use the no form of this command.

preempt

no preempt

Syntax Description

This command has no arguments or keywords.

Command Default

Preemption is disabled on the redundancy group.

Command Modes


Redundancy application group configuration (config-red-app-grp)

Command History

Release

Modification

Cisco IOS XE Release 3.1S

This command was introduced.

Usage Guidelines

When the preemption is enabled, it means that a standby redundancy group should preempt an active redundancy group if its priority is higher than the active redundancy group.

Note


If you allocate a large amount of memory to the log buffer (e.g. 1 GB), then the CPU and memory utilization of the router increases. This issue is compounded if small intervals are set for the hellotime and the holdtime. If you want to allocate a large amount of memory to the log buffer, we recommend that you accept the default values for the hellotime and holdtime. For the same reason, we also recommend that you do not use the preempt command.


Examples

The following example shows how to enable preemption on the redundancy group:


Router# configure terminal
Router(config)# redundancy
Router(config-red)# application redundancy
Router(config-red-app)# group 1
Router(config-red-app-grp) preempt

preference (DHCPv6 Guard)

To enable verification that the advertised preference (in preference option) is greater than the minimum specified limit and less than the maximum specified limit, use the preference command in Dynamic Host Configuration Protocol version 6 (DHCPv6) guard configuration mode. To remove the preference, use the no form of this command.

preference {max | min} limit

no preference {max | min} limit

Syntax Description

limit

The maximum or minimum limit that the advertised preference must conform to. The acceptable range is from 0 to 255.

Command Default

No preference value is set.

Command Modes


DHCPv6 guard configuration (config-dhcp-guard)

Command History

Release

Modification

15.2(4)S

This command was introduced.

Usage Guidelines

This command enables verification that the advertised preference is not greater than the maximum specified limit or less than the minimum specified limit.

Examples

The following example defines an DHCPv6 guard policy name as policy1, places the router in DHCPv6 guard configuration mode, and enables verification that the advertised preference is not greater than 254 or less than 2:


Router(config)# ipv6 dhcp guard policy policy1
Router(config-dhcp-guard)# preference min 2
Router(config-dhcp-guard)# preference max 254

prefix-delegation

To specify a manually configured numeric prefix to be delegated to a specified client (and optionally a specified identity association for prefix delegation [IAPD] for that client), use the prefix-delegation command in DHCP for IPv6 pool configuration mode. To remove the prefix, use the no form of this command.

prefix-delegation ipv6-prefix/prefix-length client-DUID [iaid iaid] [lifetime]