I Commands

ip access-list (session)

To create an IPv4 access control list (ACL) within a configuration session, use the ip access-list command. To remove an ACL from a configuration session, use the no form of this command.

ip access-list ACL-name

no ip access-list ACL-name

Syntax Description

ACL-name

Name of the IPv4 ACL. The name can be up to 64 alphanumeric characters and cannot contain a space or quotation mark.

Command Default

No IPv4 ACLs are defined by default.

Command Modes

Global session configuration mode

Command History

Release

Modification

6.0(2)N1(1)

This command was introduced.

Examples

This example shows how to create an IPv4 ACL for a configuration session: 


switch# configure session MySession1
switch(config-s)# ip access-list myACL
switch(config-s-acl)#

Related Commands

Command

Description

configure session

Creates a configuration session.

deny

Configures a deny rule in an IPv4 ACL.

permit

Configures a permit rule in an IPv4 ACL.

show configuration session

Displays the contents of the session.

ip dns source-interface

To configure the source interface for the Domain Name Server (DNS) domain lookup, use the ip dns source-interface command. To revert to the default settings, use the no form of this command.

ip dns source-interface {ethernet slot / [QSFP-module/ ] port | loopback intf-num} [vrf {vrf-name | default | management}]

no ip dns source-interface {ethernet slot / [QSFP-module/ ] port | loopback intf-num} [vrf {vrf-name | default | management}]

Syntax Description

ethernet slot/[QSFP-module/]port

Specifies the Ethernet interface to use as the destination SPAN port. The slot number is from 1 to 255. The QSFP-module number is from 1 to 199. The port number is from 1 to 128.

loopback intf-num

Specifies the loopback interface to use as the source interface. The range of values is from 0 to 1023.

vrf

(Optional) Specifies the virtual routing and forwarding (VRF) instance.

vrf-name

(Optional) VRF name. The name is case sensitive and can be a maximum of 32 characters.

default

(Optional) Specifies the default VRF.

management

(Optional) Specifies the management VRF.

Command Default

None

Command Modes

Global configuration mode

Command History

Release

Modification

6.0(2)N1(1)

This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure an Ethernet interface as the source interface for a DNS lookup: 


switch# configure terminal
switch(config)# ip dns source-interface ethernet 1/5
switch(config)#

Related Commands

Command

Description

ip domain-lookup

Enables the DNS lookup feature.

show ip dns source-interface

Displays information about the DNS source interfaces.

ip domain-list

To configure the IP domain list, use the ip domain-list command. To disable the IP domain list, use the no form of the command.

ip domain-list domain-name [use-vrf name]

no ip domain-list domain-name [use-vrf name]

Syntax Description

domain-list

Specifies the domain name for the IP domain list. The name can be any case-sensitive, alphanumeric string up to 63 characters.

use-vrf name

(Optional) Specifies the virtual routing and forwarding (VRF) to use to resolve the domain name for the IP domain list. The name can be any case-sensitive, alphanumeric string up to 32 characters.

Command Default

None

Command Modes

Global configuration mode

VRF context configuration mode

Command History

Release

Modification

6.0(2)N1(1)

This command was introduced.

Usage Guidelines

Use the ip domain-list command to configure additional domain names for the device. Use the vrf context command to enter the VRF context mode to configure additional domain names for a particular VRF.

Examples

This example shows how to configure the IP domain list for the default VRF: 


switch# config terminal
switch(config)# ip domain-list Mysite.com

This example shows how to configure the IP domain list for the management VRF: 


switch# config terminal
switch(config)# vrf context management
switch(config-vrf)# ip domain-list Mysite.com

This example shows how to configure the IP domain list for the default VRF to use the management VRF as a backup if the domain name cannot be resolved through the default VRF: 


switch# config terminal
switch(config)# vrf context management
switch(config-vrf)# exit 
switch(config)# ip domain-name Mysite.com use-vrf management
switch(config)# ip name-server 192.0.2.1
switch(config)# ip domain-list Mysite2.com

Related Commands

Command

Description

show hosts

Displays information about the IP domain name configuration.

ip domain-lookup

To enable the Domain Name Server (DNS) lookup feature, use the ip domain-lookup command. Use the no form of this command to disable this feature.

ip domain-lookup

no ip domain-lookup

Syntax Description

This command has no arguments or keywords.

Command Default

None

Command Modes

Global configuration mode

Command History

Release

Modification

6.0(2)N1(1)

This command was introduced.

Usage Guidelines

Use the ip domain-lookup command to enable DNS.

Examples

This example shows how to configure the DNS server lookup feature: 


switch# config terminal
switch(config)# vrf context management
switch(config-vrf)# exit 
switch(config)# ip domain-name Mysite.com use-vrf management
switch(config)# ip name-server 192.0.2.1
switch(config)# ip domain-lookup
switch(config)#

Related Commands

Command

Description

show hosts

Displays information about the DNS.

ip domain-name

To configure a domain name, use the ip domain-name command. To delete a domain name, use the no form of the command.

ip domain-name domain-name [use-vrf name]

no ip domain-name domain-name [use-vrf name]

Syntax Description

domain-name

Domain name. The name can be any case-sensitive, alphanumeric string up to 63 characters.

use-vrf name

(Optional) Specifies the virtual routing and forwarding (VRF) to use to resolve the domain name. The name can be any case-sensitive, alphanumeric string up to 32 characters.

Command Default

None

Command Modes

Global configuration mode

VRF context configuration mode

Command History

Release

Modification

6.0(2)N1(1)

This command was introduced.

Usage Guidelines

Use the ip domain-name command to configure the domain name for the device. Use the vrf context command to enter the VRF context mode to configure the domain monastery for a particular VRF.

Examples

This example shows how to configure the IP domain name for the default VRF: 


switch# config terminal
switch(config)# ip domain-name Mysite.com
switch(config)#

This example shows how to configure the IP domain name for the management VRF: 


switch# config terminal
switch(config)# vrf context management
switch(config-vrf)# ip domain-name Mysite.com
switch(config-vrf)#

This example shows how to configure the IP domain name for the default VRF to use the management VRF as a backup if the domain name cannot be resolved through the default VRF: 


switch# config terminal
switch(config)# vrf context management
switch(config-vrf)# exit 
switch(config)# ip domain-name Mysite.com use-vrf management

Related Commands

Command

Description

ip domain-list

Configures the IP domain list.

ip domain-lookup

Enables the Domain Name Server (DNS) lookup feature.

show hosts

Displays information about the IP domain name configuration.

ip dscp (ERSPAN)

To configure the differentiated devices code point (DSCP) value of the packets in the Encapsulated Remote Switched Port Analyzer (ERSPAN) traffic, use the ip dscp command. To revert to the default value, use the no form of this command.

ip dscp dscp_value

no ip dscp dscp_value

Syntax Description

dscp_value

DSCP value of the packets in the ERSPAN traffic. The range is from 0 to 63.

Command Default

None

Command Modes

ERSPAN source session configuration mode (config-erspan-src)

SPAN-on-Drop ERSPAN session configuration mode (config-span-on-drop-erspan)

SPAN-on-Latency ERSPAN session configuration mode (config-span-on-latency-erspan)

Command History

Release

Modification

7.0(0)N1(1)

This command was modified. This command was implemented in the following modes: SPAN-on-Drop ERSPAN session configuration mode, and SPAN-on-Latency ERSPAN session configuration mode.

6.0(2)N1(1)

This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure the DSCP value of the packets in the ESRSPAN traffic for an ERSPAN source session: 


switch# configure terminal
switch(config)# monitor session 1 type erspan-source
switch(config-erspan-src)# ip dscp 10
switch(config-erspan-src)#

This example shows how to configure the DSCP value of the packets in the ESRSPAN traffic for a SPAN-on-Drop ERSPAN session: 


switch# configure terminal
switch(config)# monitor session 1 type span-on-dropn-erspan
switch(config-span-on-drop-erspan)# ip dscp 20
switch(config-span-on-drop-erspan)#

This example shows how to configure the DSCP value of the packets in the ESRSPAN traffic for a SPAN-on-Latency ERSPAN session: 


switch# configure terminal
switch(config)# monitor session 1 type span-on-latency-erspan
switch(config-span-on-latency-erspan)# ip dscp 30
switch(config-span-on-latency-erspan)#

Related Commands

Command

Description

ip prec

Configures the IP precedence value of the ERSPAN traffic.

ip ttl

Configures the IP time-to-live (TTL) value of the ERSPAN traffic.

monitor-session

Enters the monitor configuration mode for configuring an ERSPAN or SPAN session for analyzing traffic between ports.

ip host

To define static hostname-to-address mappings in the Domain Name System (DNS) hostname cache, use the ip host command. To remove a hostname-to-address mapping, use the no form of this command.

ip host name address1 [address2 . . . address6]

no ip host name address1 [address2 . . . address6]

Syntax Description

name

Hostname. The name can be any case-sensitive, alphanumeric string up to 80 characters.

address1

IPv4 address in the x.x.x.x format.

address2 ...address6

(Optional) Up to five additional IPv4 addresses in the x.x.x.x format.

Command Default

None

Command Modes

Global configuration mode

Command History

Release

Modification

6.0(2)N1(1)

This command was introduced.

Usage Guidelines

Use the ip host command to add a static hostname to DNS.

Examples

This example shows how to configure a static hostname: 


switch(config)# ip host mycompany.com 192.0.2.1

Related Commands

Command

Description

ipv6 host

Configures a static host name in the DNS database.

show hosts

Displays information about the IP domain name configuration.

ip name-server

To configure a name server, use the ip name-server command. To disable this feature, use the no form of the command.

ip name-server ip-address [use-vrf name]

no ip name-server ip-address [use-vrf name]

Syntax Description

ip-address

IP address for the name server.

use-vrf name

(Optional) Specifies the virtual routing and forwarding (VRF) to use to reach the name-server. The name can be any case-sensitive, alphanumeric string up to 32 characters.

Command Default

None

Command Modes

VRF context configuration mode

Global configuration mode

Command History

Release

Modification

6.0(2)N1(1)

This command was introduced.

Usage Guidelines

Use the ip name-server command to configure the name server for the device. Use the vrf context command to enter the VRF context mode to configure the domain names for a particular VRF.

Examples

This example shows how to configure the IP name server for the default VRF: 


switch# config terminal
switch(config)# vrf context management
switch(config-vrf)# exit 
switch(config)# ip domain-name Mysite.com use-vrf management
switch(config)# ip name-server 192.0.2.1

This example shows how to configure the IP name server for the management VRF: 


switch# config terminal
switch(config)# vrf context management
switch(config-vrf)# ip name-server 192.0.2.1

This example shows how to configure the IP name server for the default VRF to use the management VRF as a backup if the IP name server cannot be reached through the default VRF: 


switch# config terminal
switch(config)# vrf context management
switch(config-vrf)# exit 
switch(config)# ip domain-name Mysite.com use-vrf management
switch(config)# ip name-server 192.0.2.1 use-vrf management

Related Commands

Command

Description

ip domain-list

Defines a list of domains.

ip domain lookup

Enables DNS-based host name-to-address translation.

show hosts

Displays information about the IP domain name configuration.

vrf context

Creates a virtual routing and forwarding (VRF) instance.

ip port access-group (session)

To apply an IPv4 access control list (ACL) to an interface as a port ACL, use the ip port access-group command. To remove an IPv4 ACL from an interface, use the no form of this command.

ip port access-group access-list-name {in | out}

no ip port access-group access-list-name {in | out}

Syntax Description

access-list-name

Name of the IPv4 ACL. The name can be up to 64 alphanumeric, case-sensitive characters long.

in

Specifies that the ACL applies to inbound traffic.

out

Specifies that the ACL applies to outbound traffic.

Command Default

None

Command Modes

Session interface configuration mode

Command History

Release

Modification

6.0(2)N1(1)

This command was introduced.

Examples

This example shows how to apply an IPv4 ACL named ip-acl-01 to the Ethernet interface 1/2 as a port ACL: 


switch# configure session MySession1
 
switch(config-s)# interface ethernet 1/2
 
switch(config-s-if)# ip port access-group ip-acl-01 in
 
switch(config-s-if)#

This example shows how to remove an IPv4 ACL named ip-acl-01 from Ethernet interface 1/2: 


switch(config-s)# interface ethernet 1/2
 
switch(config-s-if)# no ip port access-group ip-acl-01 in
 
switch(config-s-if)#

Related Commands

Command

Description

show access-lists

Displays all ACLs.

show configuration session

Displays the contents of the session.

ip ttl (ERSPAN)

To configure the IP time-to-live (TTL) value of the Encapsulated Remote Switched Port Analyzer (ERSPAN) traffic, use the ip ttl command. To revert to the default configuration, use the no form of this command.

ip ttl ttl_value

no ip ttl ttl_value

Syntax Description

ttl_value

IP TTL value of the ERSPAN traffic. The range is from 1 to 255.

Command Default

255

Command Modes

ERSPAN source session configuration mode (config-erspan-src)

SPAN-on-Drop ERSPAN session configuration mode (config-span-on-drop-erspan)

SPAN-on-Latency ERSPAN session configuration mode (config-span-on-latency-erspan)

Command History

Release

Modification

7.0(0)N1(1)

This command was modified. This command was implemented in the following modes: SPAN-on-Drop ERSPAN session configuration mode, and SPAN-on-Latency ERSPAN session configuration mode.

6.0(2)N1(1)

This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure the IP TTL value of the ESRSPAN source: 


switch# configure terminal
switch(config)# monitor session 1 type erspan-source
switch(config-erspan-src)# ip ttl 30
switch(config-erspan-src)#
This example shows how to remove the IP TTL value from the ESRSPAN source:
switch# configure terminal
switch(config)# monitor session 1 type erspan-source
switch(config-erspan-src)# no ip ttl 30
switch(config-erspan-src)#

This example shows how to configure the IP TTL value in a SPAN-on-Drop ESRSPAN session: 


switch# configure terminal
switch(config)# monitor session 1 type span-on-drop-erspan
switch(config-span-on-drop-erspan)# ip ttl 30
switch(config-span-on-drop-erspan)#

This example shows how to remove the IP TTL value in a SPAN-on-Latency ESRSPAN session: 


switch# configure terminal
switch(config)# monitor session 1 type span-on-latency-erspan
switch(config-span-on-drop-latency)# no ip ttl 30
switch(config-span-on-drop-latency)#

Related Commands

Command

Description

ip dscp

Configures the DSCP value of the packets in the ERSPAN traffic.

monitor-session

Enters the monitor configuration mode for configuring an ERSPAN or SPAN session for analyzing traffic between ports.