I Commands
This chapter describes the Cisco NX-OS Layer 3 interfaces commands that begin with I.
ip address
To set a primary or secondary IP address for an interface, use the ip address command. To remove an IP address or disable IP processing, use the no form of this command.
ip address ip-address mask [ secondary ]
no ip address ip-address mask [ secondary ]
Syntax Description
Command Default
Command Modes
Interface configuration mode
Subinterface configuration mode
Command History
|
|
---|---|
Usage Guidelines
Note Before you use this command, make sure that you use the no switchport command on the interface to use the Layer 3 features.
An interface can have one primary IP address and one secondary IP address.
You can disable IP processing on a particular interface by removing its IP address with the no ip address command.
The optional secondary keyword allows you to specify a secondary IP address. Secondary addresses are treated like primary addresses, except the system never generates datagrams other than routing updates with secondary source addresses. IP broadcasts, Address Resolution Protocol (ARP) requests, and interface routes are handled in the IP routing table.
Note When you are routing using the Open Shortest Path First (OSPF) algorithm, ensure that the secondary address of an interface falls into the same OSPF area as the primary addresses.
Examples
This example shows how to configure the IP address 192.168.0.27 as the primary address and 192.168.0.5 as the secondary address for Ethernet interface 1/5:
Related Commands
|
|
---|---|
Saves the configuration change to the startup configuration file. |
|
ip arp
To configure a static Address Resolution Protocol (ARP) entry, use the ip arp command. To remove a static ARP entry, use the no form of this command.
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Use this command on Layer 3 interfaces and Layer 3 subinterfaces.
Examples
This example shows how to configure a static ARP entry on interface Ethernet 1/2:
This example shows how to configure a static ARP entry on a subinterface:
Related Commands
|
|
---|---|
ip arp gratuitous
To enable gratuitous Address Resolution Protocol (ARP), use the ip arp gratuitous command. To disable gratuitous ARP, use the no form of this command.
ip arp gratuitous { request | update }
no ip arp gratuitous { request | update }
Syntax Description
Enables sending gratuitous ARP requests when a duplicate address is detected. |
|
Command Default
Command Modes
Command History
|
|
---|---|
Examples
This example shows how to disable a gratuitous ARP request on interface Ethernet 1/2:
Related Commands
|
|
ip arp timeout
To configure an Address Resolution Protocol (ARP) timeout, use the ip arp timeout command. To revert to the default value, use the no form of this command.
Syntax Description
Time (in seconds) that an entry remains in the ARP cache. Valid values are from 60 to 28800, and the default is 1500. |
Command Default
Command Modes
Command History
|
|
---|---|
Examples
This example shows how to configure the ARP timeout value to 120 seconds:
This example shows how to revert to the default ARP timeout value of 1500 seconds:
Related Commands
|
|
---|---|
Displays the ARP configuration, including the default configurations. |
ip directed-broadcast
To enable the translation of a directed broadcast to physical broadcasts, use the ip directed-broadcast command. To disable this function, use the no form of this command.
Syntax Description
Command Default
Command Modes
Subinterface configuration mode
Command History
|
|
---|---|
Usage Guidelines
An IP directed broadcast is an IP packet whose destination address is a valid broadcast address for some IP subnet but which originates from a node that is not itself part of that destination subnet.
A device that is not directly connected to its destination subnet forwards an IP directed broadcast in the same way it would forward unicast IP packets destined to a host on that subnet. When a directed broadcast packet reaches a device that is directly connected to its destination subnet, that packet is broadcast on the destination subnet. The destination address in the IP header of the packet is rewritten to the configured IP broadcast address for the subnet, and the packet is sent as a link-layer broadcast.
If a directed broadcast is enabled for an interface, incoming IP packets whose addresses identify them as directed broadcasts that are intended for the subnet to which that interface is attached are broadcast on that subnet.
If the no ip directed-broadcast command has been configured for an interface, directed broadcasts that are destined for the subnet to which that interface is attached are dropped, rather than being broadcast.
Note Because directed broadcasts, and particularly ICMP-directed broadcasts, have been abused by malicious persons, we recommend that you disable the ip directed-broadcast command on any interface where directed broadcasts are not needed. We also recommend that you use access lists to limit the number of broadcast packets.
Examples
This example shows how to enable forwarding of IP directed broadcasts on Ethernet interface 2/1:
Related Commands
|
|
---|---|
interface ethernet (Layer 3)
To configure a Layer 3 Ethernet IEEE 802.3 routed interface, use the interface ethernet command.
interface ethernet [ chassis_ID /] slot / port [. subintf-port-no ]
Syntax Description
Command Default
Command Modes
Global configuration mode
Interface configuration mode
Command History
|
|
---|---|
Usage Guidelines
You must use the no switchport command in the interface configuration mode to configure the interface as a Layer 3 routed interface. When you configure the interface as a Layer 3 interface, all
Layer 2-specific configurations on this interface are deleted.
Use the switchport command to convert a Layer 3 interface into a Layer 2 interface. When you configure the interface as a Layer 2 interface, all Layer 3-specific configurations on this interface are deleted.
Examples
This example shows how to enter interface configuration mode for a Layer 3 Ethernet interface 1/5:
switch(config)#
interface ethernet 1/5
switch(config-if)#
no switchport
switch(config-if)#
ip address 10.1.1.1/24
switch(config-if)#
This example shows how to enter interface configuration mode for a host interface on a Fabric Extender:
switch(config)#
interface ethernet 101/1/1
switch(config-if)#
no switchport
switch(config-if)#
ip address 10.1.1.1/24
switch(config-if)#
This example shows how to configure a Layer 3 subinterface for Ethernet interface 1/5 in the global configuration mode:
switch(config)#
interface ethernet 1/5.2
switch(config-if)#
no switchport
switch(config-subif)#
ip address 10.1.1.1/24
switch(config-subif)#
This example shows how to configure a Layer 3 subinterface in interface configuration mode:
switch(config)#
interface ethernet 1/5
switch(config-if)#
interface ethernet 1/5.1
switch(config-subif)#
ip address 10.1.1.1/24
switch(config-subif)#
This example shows how to convert a Layer 3 interface to a Layer 2 interface:
switch(config)#
interface ethernet 1/5
switch(config-if)#
no switchport
switch(config-if)#
ip address 10.1.1.1/24
switch(config-if)#
switchport
switch(config-if)#
Related Commands
|
|
---|---|
Displays all configured Fabric Extender chassis connected to the switch. |
|
Displays various parameters of an Ethernet IEEE 802.3 interface. |
ip local-proxy-arp
To enable the local proxy Address Resolution Protocol (ARP) feature, use the ip local-proxy-arp command. To disable this feature, use the no form of this command.
Syntax Description
Command Default
Command Modes
Interface configuration mode
Subinterface configuration mode
Command History
|
|
Usage Guidelines
Before the local proxy ARP feature can be used, you must enable the IP proxy ARP feature by using the ip proxy-arp command. The IP proxy ARP feature is disabled by default.
Note This command is not applicable to Layer 3 loopback interfaces.
Examples
This example shows how to enable the local proxy ARP:
Related Commands
|
|
---|---|
interface loopback
To create a loopback interface and enter interface configuration mode, use the interface loopback command. To remove a loopback interface, use the no form of this command.
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Use the interface loopback command to create or modify loopback interfaces.
From the loopback interface configuration mode, the following parameters are available:
- description —Provides a description of the purpose of the interface.
- ip —Configures IP features, such as the IP address for the interface, Address Resolution Protocol (ARP) attributes, load balancing, Unicast Reverse Path Forwarding (RPF), or IP Source Guard.
- logging —Configures logging of events.
- shutdown —Shuts down traffic on the interface.
Examples
This example shows how to create a loopback interface:
Related Commands
|
|
---|---|
Displays information about the traffic on the specified loopback interface. |
interface port-channel
To create an EtherChannel interface and enter interface configuration mode, use the interface port-channel command. To remove an EtherChannel interface, use the no form of this command.
interface port-channel channel-number [. subintf-channel-no ]
no interface port-channel channel-number [. subintf-channel-no ]
Syntax Description
Channel number that is assigned to this EtherChannel logical interface. The range is from 1 to 4096. |
|
(Optional) Port number of the EtherChannel subinterface. The range is from 1 to 4093. |
Command Default
Command Modes
Global configuration mode
Interface configuration mode
Command History
|
|
---|---|
Usage Guidelines
A port can belong to only one channel group.
When you use the interface port-channel command for Layer 2 interfaces, follow these guidelines:
- If you are using Cisco Discovery Protocol (CDP), you must configure it only on the physical interface and not on the EtherChannel interface.
- If you do not assign a static MAC address on the EtherChannel interface, a MAC address is automatically assigned. If you assign a static MAC address and then later remove it, the MAC address is automatically assigned.
- The MAC address of the EtherChannel is the address of the first operational port added to the channel group. If this first-added port is removed from the channel, the MAC address comes from the next operational port added, if there is one.
You must use the no switchport command in interface configuration mode to configure the EtherChannel interface as a Layer 3 interface. When you configure the interface as a Layer 3 interface, all Layer 2-specific configurations on this interface are deleted.
Use the switchport command to convert a Layer 3 EtherChannel interface into a Layer 2 interface. When you configure the interface as a Layer 2 interface, all Layer 3-specific configurations on this interface are deleted.
You can configure one or more subinterfaces on a port channel made from routed interfaces.
Examples
This example shows how to create an EtherChannel group interface with channel-group number 50:
This example shows how to create a Layer 3 EtherChannel group interface with channel-group number 10:
This example shows how to configure a Layer 3 EtherChannel subinterface with channel-group number 1 in interface configuration mode:
This example shows how to configure a Layer 3 EtherChannel subinterface with channel-group number 20.1 in global configuration mode:
Related Commands
ip port-unreachable
To enable the generation of ICMP port unreachable messages, use the ip port-unreachable command. To disable this function, use the no form of this command.
Syntax Description
Command Default
Command Modes
Subinterface configuration mode
Command History
|
|
---|---|
Examples
This example shows how to enable the generation of ICMP port unreachable messages, as appropriate, on an interface:
Related Commands
|
|
---|---|
ip proxy-arp
To enable proxy Address Resolution Protocol (ARP) on an interface, use the ip proxy-arp command. To disable proxy ARP on the interface, use the no form of this command.
Syntax Description
Command Default
Command Modes
Subinterface configuration mode
Command History
|
|
---|---|
Examples
This example shows how to enable proxy ARP:
Related Commands
|
|
---|---|
ip tcp path-mtu-discovery
To enable path maximum transmission unit (MTU) discovery on an IPv4 interface, use the ip tcp path-mtu discovery command. To disable this feature, use the no form of this command.
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Examples
This example shows how to enable path MTU discovery for IPv4:
Related Commands
|
|
---|---|
ip tcp synwait-time
To set a period of time that the Cisco NX-OS software waits while attempting to establish a TCP connection before it times out, use the ip tcp synwait-time command. To restore the default time, use the no form of this command.
Syntax Description
Time, in seconds, that the software waits while attempting to establish a TCP connection. It can be an integer from 5 to 300 seconds. |
Command Default
Command Modes
Command History
|
|
Usage Guidelines
Examples
This example shows how to configure the switch software to continue attempting to establish a TCP connection for 10 seconds:
This example shows how to disable TCP synchronization on interfaces:
Related Commands
|
|
---|---|
ip unreachables
To enable the generation of ICMP unreachable messages, use the ip unreachables command. To disable this function, use the no form of this command.
Syntax Description
Command Default
Command Modes
Subinterface configuration mode
Command History
|
|
---|---|
Examples
This example shows how to enable the generation of ICMP unreachable messages on an interface:
Related Commands
|
|
---|---|
ip wccp
To enable support of the specified Web Cache Communication Protocol (WCCP) service for participation in a service group, use the ip wccp command. To disable the service group, enter the no form of this command.
ip wccp { service-number | web-cache } [ service-list service-access-list ] [ mode { open | closed }] [ redirect-list access-list ] [ password [ 0-7 ] password
no ip wccp { service-number | web-cache } [ service-list service-access-list ] [ mode { open | closed }] [ redirect-list access-list ] [ password [ 0-7 ] password
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
The optional redirect-list access-list keyword and option instruct the router to use an access list to control the traffic that is redirected to the cache engines of the service group by the service name that you specify. The access-list argument specifies either a number from 1 to 99 to represent a standard or extended access-list number or a name to represent a named standard or extended access list. The access list itself specifies the traffic that is permitted to be redirected. The default is for no redirect-list to be configured (all traffic is redirected).
The service-list keyword can only be used for closed mode services. When a WCCP service is configured as closed, WCCP discards packets that do not have a client application registered to receive the traffic. Use the service-list keyword and service-access-list argument to register an application protocol type or port number.
The password can be up to seven characters. When user designates a password, the messages that are not accepted by the authentication are discarded. The password name is combined with the HMAC MD5 value to create security for the connection between the router and the cache engine.
Examples
This example shows how to configure a router to redirect web-related packets without a destination of 10.168.196.51 to the web cache:
switch(config)#
access-list 100 deny ip any host 10.168.196.51
The following example shows how to configure a closed WCCP service:
Related Commands
|
|
---|---|
ip wccp redirect
To enable packet redirection on an outbound or inbound interface using the Web Cache Communication Protocol (WCCP), use the ip wccp redirect command. To disable WCCP redirection, use the no form of this command.
ip wccp { service-number | web-cache } redirect { in }
no ip wccp { service-number | web-cache } redirect { in }
Syntax Description
Dynamic service identifier. The service definition is dictated by the cache. The dynamic service number can be from 0 to 254. The maximum number of services is 256. |
|
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Configure WCCP in the incoming direction on the inside interface by entering the ip wccp redirect in command on the router interface that faces the cache.
You can also include a redirect list when you configure a service group. The specified redirect list denies packets and prevents redirection. See the ip wccp command for configuration of the redirect list and service group.
The ip wccp redirect in command allows you to configure WCCP redirection on an interface that receives the inbound network traffic. When you apply this command to an interface, all packets that arrive at the interfaces are compared against the criteria that is defined by the specified. service. If the packets match the criteria, they are redirected.
Examples
This example shows how to configure a session in which HTTP traffic that arrives on Ethernet interface 0/1 is redirected to a Cisco cache engine:
Related Commands
|
|
---|---|
Displays the usability status of the interfaces that are configured for IP. |
|
ipv6 nd
To configure IPv6 neighbor discovery (ND), use the ipv6 nd command. To remove the IPv6 ND configuration, use the no form of this command.
ipv6 nd {hop-limit hop-limit | managed-config-flag | mtu | ns-interval ns-interval | other-config-flag | prefix {A:B::C:D/LEN | default {0-4294967295 | infinite {infinite [no-autoconfig | no-onlink | off-link]}| no-advertise}} | ra-interval ra-interval | ra-lifetime ra-lifetime | reachable-time reachable-time | redirects | retrans-timer retrans-timer | suppress-ra [mtu]}
no ipv6 nd {hop-limit hop-limit | managed-config-flag | mtu mtu-size | ns-interval ns-interval | other-config-flag | prefix {A:B::C:D/LEN | default {0-4294967295 | infinite {infinite [no-autoconfig | no-onlink | off-link]}| no-advertise}} | ra-interval ra-interval | ra-lifetime ra-lifetime | reachable-time reachable-time | redirects | retrans-timer retrans-timer | suppress-ra [mtu]}
Syntax Description
Defaults
hop-limit–64
mtu–1500
ns-interval–1000
ra-interval–600
reachable-time–0
retrans-timer–0
Command Modes
Command History
|
|
Usage Guidelines
Examples
This example shows how to configure IPv6 neighbor discovery:
This example shows how to remove IPv6 neighbor discovery:
Related Commands
|
|
---|---|