Banner
HomeTOCPrevNextGlossSearchHelp

Table of Contents

Command Summary

Command Summary

Command Summary

This chapter provides a summary of the commands a system administrator uses to configure a router for its routing and bridging tasks. Use this chapter as a quick reference for command functions and syntax. The commands are listed in alphabetical order by command type within sections. The Table of Contents groups the related commands, and the Index lists individual commands. For more complete descriptions and examples of the commands, refer to the Router Products Configuration and Reference publication (not included).

This chapter contains the following sections:


Command Conventions

The command descriptions use these conventions:


Using the Setup Facility for Basic Configuration

The setup command facility enables you to start using your network server quickly and without extensive background knowledge. It does this by prompting you for the information required to perform basic configuration procedures.


Capabilities of the Setup Command Facility

Use the setup command facility to do the following:

Configure the following protocols with the setup command facility:


Getting Ready for First Time Startup

The setup command facility operates automatically the first time you power on your network server. To use setup on subsequent occasions, you must invoke it as you would any other command by entering setup at the EXEC prompt (described later in this chapter in the section "EXEC System Use").

Before you start using the setup command facility, you must do the following:

Step 1 Attach an RS-232 ASCII terminal to the router console port located on the rear of the router. (See Figure 2-2 and Figure 2-3.)

For details about cabling considerations and establishing electrical connections, refer to the section "Preparing to Make Connections" in Chapter 2.

Step 2 Configure the terminal to operate at 9600 baud, 8 data bits, no parity, 1 stop bit.

Step 3 Power ON the network server and execute the setup command.
Note Network connections are not required in order to effectively use the setup command facility.

In addition, you must know the following before you start using the setup command facility:


First-Time Router Startup

The setup command facility determines which interfaces are installed and prompts you for configuration information for each one. After you complete one interface, the facility automatically starts over for the next interface, continuing until each interface has been configured.

Note The first time that the setup command facility is used on a router, the router runs through the entire configuration process; you cannot quit out of it. If you want to make a change or to correct a mistake, press the Return key at each prompt, then restart the command. When running the setup command facility after the initial configuration of the router, use Ctrl-C to abort the configuration dialog at any prompt.

When you first power ON your console and network server, a script similar to the following will appear on the screen. The first section of the script displays the banner information, including the software version. 

System Bootstrap, Version 4.6(4.3), SOFTWARE        
Copyright (c) 1986-1993 by cisco Systems
IGS processor with 1024 Kbytes of memory
              Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
             Cisco Systems, Inc.
             1525 O'Brien Drive
             Menlo Park, California 94026
2000 Software (IGS-KR), Version 9.1(5) 
Copyright (c) 1986-1993 by cisco Systems, Inc.
Compiled Mon 26-Apr-93 15:22 by daveu

The next portion of the display is a list of the installed hardware. By reading the installed hardware, the system automatically presents the appropriate interfaces during the configuration process. 

cisco 2000 (68030) processor (revision 0xC0) with 512K/512K bytes of memory.        
Processor ID 5015265
DDN X.25 software, Version 2.0.
Bridging software.
1 Token Ring/IEEE 802.5 interface.
1 Serial network interface.
32K bytes of non-volatile configuration memory.
Press RETURN to get started!

The first two sections of the configuration script (the banner and the installed hardware) appear each time the router is started up.

At first-time router startup, the System Configuration Dialog automatically appears, prompting you for your system's configuration information as follows: 

         --- System Configuration Dialog ---        
At any point you may enter a question mark '?' for help.
Refer to the 'Getting Started' Guide for additional help. 

Use ctrl-c to abort configurations dialog at any prompt.
Default settings are in square brackets '[]'. 
Continue with configuration dialog? [yes]:

At this point, if you choose not to continue with the system configuration dialog, you can exit by answering no to the prompt.

Answer yes to continue with the setup configuration dialog. The remainder of the script is the actual configuration process, with each prompt appearing automatically. Press the Return key to accept the default settings.

There is no default for the final prompt that asks you if you want to use this configuration; you must answer either yes or no. Also note that the setup command only asks you to configure the protocols for each interface that you specified on a global basis. For instance, if you responded no for AppleTalk under the global parameters, the command does not prompt you to configure that protocol under the interface parameters.

A sample configuration follows. The server displays the system name (sandbox), followed by an angle bracket (>), which is the prompt of the system's command interpreter. 

Configuring global parameters:         
Enter host name [Router]: sandbox
   Enter enable password: shovel
   Enter virtual terminal password: pail
   Configure SNMP Network Management? [no]: yes
Configure IP? [yes]: 
      Configure IGRP routing? [yes]: 
         Your IGRP autonomous system number [1]: 
Configure Novell? [no]: yes
Configure AppleTalk? [no]: yes
      Multizone networks? [no]: yes
        Configure bridging? [no]: yes
Configuring interface parameters:
Configuring interface TokenRing0:
   Is this interface in use? [yes]: 
   Tokenring ring speed (4 or 16) ? [16]: 
   Configure IP on this interface? [no]: yes
      IP address for this interface: 131.108.92.67
      Number of bits in subnet field [0]:
      Class B network is 131.108.0.0, 0 subnet bits; mask is 255.255.0.0
   Configure Novell on this interface? [no]: yes
      Novell network number [1]:
   Configure AppleTalk on this interface? [no]: yes
      AppleTalk starting cable range [0]: 4172
      AppleTalk ending cable range [4172]:
      AppleTalk zone name [myzone]: twilight
      AppleTalk zone name: ozone
      AppleTalk zone name:
   Configure bridging on this interface? [yes]:
 
Configuring interface Serial0:
   Is this interface in use? [yes]:
   Configure IP on this interface? [yes]:

   Configure IP unnumbered on this interface? [yes]:
      IP address for this interface: 131.108.97.67
      Number of bits in subnet field [0]:
      Class B network is 131.108.0.0, 0 subnet bits; mask is 255.255.0.0
   Configure Novell on this interface? [yes]: no
   Configure AppleTalk on this interface? [yes]:
      Extended AppleTalk network? [no]:
      AppleTalk network number [1]: 
      AppleTalk zone name [twilight]:
   Configure bridging on this interface? [yes]:
 
The following configuration command script was created:
hostname sandbox
enable-password shovel
line vty 0 4
password pail
snmp-server community
!
ip routing
novell routing 
appletalk routing
router iso-igrp area_1 
net  49.0001.0000.0C01.0D1D.00
bridge 1 protocol dec
!
!
!
interface TokenRing0
ip address 131.108.92.67 255.255.255.0
novell network 1
appletalk address 0.0
appletalk discovery
appletalk cable-range 4172-4172
appletalk zone twilight
bridge-group 1
no mop enabled
!
interface Serial0
ip address 131.194.97.67 255.255.255.0
no mop enabled
appletalk address 50000.72
appletalk zone twilight
bridge-group 1
!
router igrp 109
network 131.108.0.0
!
end
 
Use this configuration? [yes/no]: yes
[OK]
Use the enabled mode 'configure' command to modify this configuration.
 
 
Press RETURN to get started!


EXEC System Use

Execute commands by entering their names at the EXEC prompt and pressing the Return key.

There are two EXEC prompt levels. The user-level prompt is the server name followed by an angle bracket (>), as follows: 

Router>

There is also a privileged-level prompt available to the system administrator after the password is entered. It is the server name followed by a pound sign (#), as follows: 

Router#

Use the EXEC editing commands in Table 4-1 when entering commands at the EXEC prompt:

Table 4-1 EXEC Editing Commands

Command Function
Delete or Backspace Erase characters
Ctrl-U Delete line

As a shortcut, you can abbreviate commands to the fewest letters that make them unique. For example, enter just the letters sho for the show command.

Certain EXEC commands display multiple screens with this prompt at the bottom of the screen: 

--More--

To continue the output, press the space bar, or to return to the prompt, press any other key.


System Help

For system help, enter ? or the letter h (for help) to display a list of which commands are available at either the user-level or the privileged-level EXEC prompt.

To get more information about certain commands, enter ? after the command. For more information, see the lists of commands that are displayed after entering ?.

At any time during an active Telnet session, you can list the Telnet commands by entering this command at the system prompt:

Ctrl ^ ?

Simultaneously, press the Ctrl-Shift-6 keys. Then press and release ?.


Configure Command

Use the privileged EXEC command configure to begin configuration of the router, as follows:

Step 1 Enter the enable command at the EXEC prompt: 
Router> enable

The EXEC then prompts you for the privileged-level password: 
Password:

Step 2 Enter the password, taking care to match uppercase and lowercase letters. For security purposes, the password does not appear. When you enter the correct password, the system displays the privileged-level prompt: 
Router#

Step 3 To begin configuration mode, enter the configure command at the privileged-level prompt: 
Router# configure

When you enter the configure command, the EXEC prompts you for the source of the configuration subcommands---the terminal, system memory, or the network---as follows: 
Configuring from terminal, memory, or network [terminal]?

Pressing the Return key defaults to configuring from the terminal.

The EXEC provides a simple editor for entering configuration commands and explains the editing functions as follows: 
Enter configuration commands, one per line.        
Edit with DELETE, CTRL/W, and CTRL/U; end with CTRL/Z

Table 4-2 lists the edit key functions and their meanings:

Table 4-2 Edit Key Functions

Key Function
Delete or Backspace Erases one character
Ctrl-W Erases a word
Ctrl-U Erases a line
Ctrl-R Redisplays a line
Return Executes single-line commands
Ctrl-Z Ends configuration mode and returns to the EXEC

Step 4 To exit the configuration mode, enter Ctrl-Z.

Step 5 To return to the user-level EXEC prompt, execute the disable EXEC command.


Configuration Command Types

Configuration commands are categorized by these functions:

Observe the following guidelines when you execute configuration commands:


System Use Commands

The system use commands include EXEC terminal use commands and EXEC terminal parameter setting commands. The EXEC terminal use commands support user functions. The EXEC terminal parameter commands are used to configure the parameters of the terminal lines.


EXEC Terminal Use Commands

{connect | telnet} connection

Connects to a remote host using the Telnet protocol.

For example: 

connect router

disconnect [connection]

Closes a connection.

For example: 

disconnect 2

{exit | quit | logout}

Any of these commands terminates the EXEC command processor and closes any active session.

name-connection

Assigns a logical name to a connection. The EXEC prompts for the connection number and name to assign.

resume [connection]

Resumes a connection.

For example: 

resume 3

where

Displays information about open connections associated with the current terminal line and provides the connection number.


EXEC Terminal Parameter Setting Commands

terminal ?

Lists commands you can execute to temporarily change hardware and software parameters of the current line.

terminal data-character-bits {8 | 7}

Sets the number of ASCII characters sent over network connections to X.25 hosts.

terminal [no] escape-character decimal-number

Sets or removes the escape character for the current terminal line. Default is Ctrl ^.

For example: 

terminal escape-character 17

terminal exec-character-bits {7 | 8}

Sets the number of characters read by the command parser, including those entered in configuration mode.

terminal [no] length screen-length

Sets the terminal screen length. A screen length of 0 or the no keyword disables pausing between screens of output. The screen length specified can be learned by hosts. Default is 24.

For example: 

terminal length 0

terminal [no] monitor

Copies debug command output and system error messages to the current terminal as well as to the console terminal.

terminal [no] notify

Establishes or removes message notification.

terminal [no] padding decimal-number count

Sets or cancels character padding on the current terminal line.

For example: 

terminal padding 25 20

terminal special-character-bits {7 | 8}

Sets a mode that compares entered-in characters with special key sequences such as flow control, escape, and disconnect functions.

terminal [no] terminal-type terminal-name

Records, removes, or changes the current terminal type.

For example: 

terminal terminal-type VT100

terminal [no] width columns

Sets the number of characters (columns) on a single line of the current terminal screen. Default is 80.

For example: 

terminal width 132


System Use Show Commands

Table 4-3 lists the system use show commands.

Table 4-3 System Use Show Commands

Command Display
show sessions Information about open Telnet connections.
show tcp [line-number] Status of all TCP connections, or, if the line-number argument is specified, the status of a single TCP connection.
show terminal [all] Information about the terminal configuration parameter settings for the current terminal line and the active ports of the server, or about inactive as well as active ports when the all keyword is included.
show users [all] systat [all] Information about active lines. Include the all keyword to view information about inactive as well as active ports.
show version Configuration of the system hardware, the software version, the names and sources of configuration files, and the boot images.


System Management Commands

System management commands include the EXEC system management commands.


EXEC System Management Commands

clear line line-number

Aborts connections and processes and resets a terminal line.

For example: 

clear line 3

debug ?

Lists and briefly describes all the debug command options.

fig_1.gif

Caution Enabling the debugging commands can adversely affect system operation. Use these commands only under the direction of qualified technical support personnel.

ping

Invokes a diagnostic tool for testing connectivity. Results are helpful for evaluating path-to-host connectivity, delays over the path, and whether the host is functioning.

show ?

Lists show command options for the user-level prompt or privileged-level prompt, whichever is active.

test interfaces

Intended for use by qualified technical support personnel only; not for diagnosing problems with an operational router.

test memory

Intended for use by qualified technical support personnel only; not for diagnosing problems with an operational router.

trace [destination]

Allows the network administrator to discover the routes that packets will actually take when traveling to their destinations. Supports IP route tracing. To terminate the trace command operation, enter the escape sequence.

undebug option

Disables diagnostic output enabled by the debug command option.

For example: 

debug packet        
undebug packet

write erase

Erases the configuration information in nonvolatile memory. This command does not affect the configuration in use.

write memory

Copies the current configuration information in RAM to a file in nonvolatile memory.

write network

Sends a copy of the current configuration information to a server host. The system prompts for a destination host and a filename. The write network command allows a user to edit the configuration file on a separate workstation using a full-screen editor.

write terminal

Displays the current configuration information.


System Management Show Commands

Table 4-4 lists the system management show commands.

Table 4-4 System Management Show Commands

Command Display
show buffers [interface] Statistics for the buffer pools on the network server. The interface argument specifies a search of only those buffers that have been associated with the interface for longer than one minute.
show configuration Contents of nonvolatile memory.
show debugging Current settings of the debug command options.
show line Line status.
show logging State of syslog error and event logging, including host addresses and whether console logging is enabled. Also displays SNMP configuration parameters and protocol activity.
show memory Memory-free-pool statistics, including summary information about the activities of the system memory allocator and a block-by-block listing of memory use.
show processes Information about all active processes.
show processes memory Information about memory utilization.
show protocol Global and interface-specific status of any configured Level 3 protocol.
show stacks Monitors the stack utilization of processes and interrupt routines and displays the reason for the last system reboot. Useful for analyzing system crashes.


System Configuration Commands

System configuration commands include system global configuration commands and line configuration subcommands. Use the global configuration commands to define global router configuration parameters, and use line configuration subcommands to configure individual lines.


System Global Configuration Commands

[no] banner {motd | exec | incoming} c text c

Shows or removes the message that the EXEC command interpreter displays whenever a user starts any EXEC process or activates a line.

For example: 

banner motd #        
Building power will be off from 7:00 AM to 9:00 AM this Tuesday.#

[no] boot buffersize bytes

Specifies the size of the buffer to be used for netbooting a host or a network configuration file. The no form restores the default, which is the size of nonvolatile memory, or 32 kilobytes if you do not have nonvolatile memory.

For example: 

boot buffersize 64

[no] boot {host | network | system} filename [address]

Configures the system image boot files. The no form with the appropriate keyword and filename removes the name. The command can be executed multiple times to build ordered lists.

For example: 

boot host config1        
boot network config2
boot system opsoft

[no] boot system rom

Configures the system to auto-boot from the ROM system image. This command is usually used as a backup to other boot system commands that specify system images existing on the network.

[no] buffers {small | middle | big | large | huge} {permanent | max-free | min-free | initial} number

Allows a network administrator to adjust initial buffer pool settings and set limits at which temporary buffers are created and destroyed. The no form with appropriate keywords and arguments restores the default buffer values. Use this command only if instructed to by qualified technical support personnel.

For example: 

buffers small min-free 50

[no] buffers huge size number

Dynamically resizes all huge buffers to the value that you supply. The buffer size cannot be lowered below the default. The no version with the argument restores the default buffer values. Use this command only when instructed to by qualified technical support personnel.

For example: 

buffers huge size 20000

config-register value

Upon system restart, changes software configuration register settings.

Use with the boot system command to enable the system to boot from the ROM monitor.

default-value data-character-bits {8 | 7}

Sets the number of ASCII characters sent over network connections to X.25 hosts.

default-value exec-character-bits {7 | 8}

Sets the number of characters read by the command parser, including those entered in configuration mode.

default-value special-character-bits {7 | 8}

Sets a mode that compares entered-in characters with special key sequences such as flow control, escape, and disconnect functions.

[no] dialer-list dialer-group list list-number
[no] dialer-list dialer-group protocol protocol-name {permit | deny}

Controls automatic dialing of DDR using standard IP or bridging access lists. Applies to dial-on-demand only.

For example: 

dialer-list 1 list 101        
dialer-list 2 protocol appletalk deny

[no] enable last-resort {succeed | password}

Allows you to specify what happens if the TACACS servers used by the enable command do not respond. The default action is to fail to enable.

enable password password

Assigns a password for the privileged command level.

For example: 

enable password         yourpassword

[no] enable use-tacacs

Enables or disables use of TACACS to check the user ID and password supplied to the EXEC enable command.

hostname name

Specifies the name for the network server. Default is Router.

For example: 

hostname HAL

interface dialer number

Designates a dialer group number, indicated by the number argument.

For example: 

interface dialer 1

encapsulation ppp

dialer map ip 131.108.2.5 username zebra 14155553434

interface type unit

Specifies an interface and begins interface configuration.

For example: 

interface serial 0        
interface eth 0

line [type-keyword] first-line [last-line]

Identifies a specific line for configuration and starts line configuration.

For example: 

line vty 0 4

[no] logging buffered

Copies logging messages to an internal buffer instead of writing them to the console.

[no] logging console level

Limits the logging of messages displayed on the console terminal to messages at or above the specified level. Default is debugging.

emergencies---System unusable

alerts---Immediate action needed

critical---Critical conditions

errors---Error conditions

warnings---Warning conditions

notifications---Normal but significant conditions

informational---Informational messages only

debugging---Debugging messages

For example: 

logging console emergencies

[no] logging IP-address

Identifies a syslog server host to receive logging messages.

For example: 

logging 131.108.2.125

[no] logging monitor level

Limits the logging messages displayed on terminal lines other than the console line to messages with a level at or above level.

For example: 

logging monitor notifications

[no] logging on

Enables or disables message logging to all supported destinations except the console. Default is enabled.

[no] logging trap level

Limits the logging messages sent to syslog servers to messages with a level at or above level.

For example: 

logging trap errors

[no] priority-list list default queue-keyword

Assigns a priority queue for those datagrams that did not match any other rule in the priority list. If no default or the no form is specified, the normal queue is assumed.

For example: 

priority list 2 default medium

[no] priority-list list interface interface-name queue-keyword

Sets up priority queuing on the specified interface. The no form removes the item from the list.

For example: 

priority list 1 interface ethernet 2 medium

[no] priority-list list protocol protocol-name queue-keyword [args]

Sets up priority queuing by protocol type. The no form removes the item from the list.

gt byte-count---Specifies a greater-than count. The priority level assigned goes into effect when a packet exceeds the value entered for the argument byte-count.

lt byte-count---Specifies a less-than count. The priority level assigned goes into effect when a packet size is less than the value entered for byte-count.

bridge list list-number---Assigns the priority level to bridged traffic according to the list-number, which is the Ethernet-type code access list number assigned using the access-list command.

list list-number---Assigns traffic priorities according to the list-number, which is the IP access list number assigned by the access-group list interface subcommand.

tcp port---Assigns the priority level defined to TCP packets originating from or destined to a specified port.

udp port---Assigns the priority level defined to UDP packets originating from or destined to the specified port.

For example: 

priority-list 1 protocol appletalk high        
priority-list 4 protocol appletalk medium lt 200
priority-list 4 protocol ip medium tcp 23

[no] priority-list list queue-limit high-limit medium-limit normal-limit low-limit

Specifies the maximum number of packets that can wait in a single priority queue. If a priority queue overflows, the router discards excess datagrams and may send quench messages. The no form resets all four queue sizes to their defaults: high-limit = 20; medium-limit = 40; normal-limit = 60; low-limit = 80.

For example: 

priority-list 1 queue-limit 20 20 20 10

[no] priority-list list queue-keyword address group-number address-number

Sets up priority queuing based on the address of the serial link. The no form removes the item from the list.

[no] scheduler-interval milliseconds

Sets the maximum amount of time that can elapse without the router running the lowest-priority system processes. The minimum interval that can be specified is 500 milliseconds; there is no maximum value. The no form restores the no maximum default.

For example: 

scheduler-interval 750

[no] service keyword

Tailors use of network-based services by the network server.

config---Specifies TFTP autoloading of configuration files; disabled by default on systems with nonvolatile memory.

decimal-tty---Specifies that line numbers be displayed and interpreted as decimal numbers rather than octal numbers; disabled by default.

finger---Allows Finger protocol requests (defined in RFC 742) to be made of the network server; enabled by default.

password-encryption---Enables encrypted passwords.

tcp-keepalives-{in | out}---Generates keepalive packets on idle network connections. The in keyword generates them on incoming connections; the out keyword generates them on outgoing connections.

timestamps---Precedes system error message output with system uptime.

[no] snmp-server

Enables the SNMP operations. The no version disables the SNMP operations.

[no] snmp-server access-list list

Sets up an access list that determines which hosts can send requests to the network server. Applies only to the global read-only SNMP agent configured by the snmp-server community command.

For example: 

snmp-server access-list 20

snmp-server community [string [RO | RW] [list]]
no snmp-server [community [string]]

Enables or disables SNMP server operation on the network server.

For example: 

snmp-server community         yourstring RO 4

[no] snmp-server host IP-address community-string [snmp | tty]

Specifies which host or hosts should receive TRAP messages.

snmp---Sends all SNMP-type TRAP messages and starts the router-specific RELOAD TRAP message.

tty---Includes TCP connection TRAP messages.

For example: 

snmp-server host 131.108.2.160         yourstring

[no] snmp-server packetsize bytes

Sets or removes control over the largest SNMP packet size permitted when the SNMP server is receiving a request or generating a reply.

For example: 

snmp-server packetsize 8192

[no] snmp-server queue-length length

Defines the length of the message queue for each TRAP host. Default is 10.

For example: 

snmp-server queue-length 4

[no] snmp-server system-shutdown

Allows or restricts use of the SNMP message reload feature. Prevents an SNMP system-shutdown request from resetting the router agent.

[no] snmp-server trap-authentication

Allows the network server to send a TRAP message when it receives a packet with an incorrect community string. The no form restricts the sending of TRAP messages.

[no] snmp-server trap-timeout seconds

Defines how often the router attempts to resend TRAP messages in the retransmission queue. The no form restores the default of 30 seconds.

For example: 

snmp-server trap-timeout 20

[no] tacacs-server attempts count

Controls the number of login attempts that can be made on a line set up for TACACS verification. The no form allows no attempts. Default is 3.

For example: 

tacacs-server attempts 6

[no] tacacs-server authenticate {connect | enable}

Specifies that a response is required from the network or communication server before a user can perform a specific action. The no form removes the response requirement. Select the action that requires a response:

[no] tacacs-server extended

Enables or disables an extended TACACS mode.

[no] tacacs-server host name

Specifies a TACACS host.

For example: 

tacacs-server host host1

[no] tacacs-server last-resort {password | succeed}

Causes the network server to request the privileged password as verification or permits successful login without further input from the user. The no form removes the specification. Select one keyword to configure the desired action.

tacacs-server notify {connect | enable | logout}

Causes a message to be transmitted to the TACACS server; the message is retransmitted in the background for up to 5 minutes. The no form removes the specification.

Select one keyword to specify when the TACACS server is notified:

tacacs-server optional-passwords

Specifies that the first TACACS request to a TACACS server is made without password verification.

[no] tacacs-server retransmit retries

Specifies the number of times the server will search the list of TACACS server hosts before abandoning the attempt. The no form restores the default of 2.

For example: 

tacacs-server retransmit 4

[no] tacacs-server timeout seconds

Sets the interval the server waits for a server host to reply. The no form restores the default of
5 seconds.

For example: 

tacacs-server timeout 10

[no] tftp-server system filename ip-access-list

Specifies or removes TFTP server operation for a communication server.

For example: 

tftp-server system configfile 22

username name [nopassword | password encryptiontype password]
username name password secret
username name [accesslist number]
username name [autocommand command]
username name [noescape] [nohangup]

Implements a username-based authentication system for networks that cannot support a TACACS service. Also defines usernames that get special treatment.

For example: 

username who nopassword nohangup autocommand show users        
username superuser password yourpassword


Line Configuration Subcommands

data-character-bits {8 | 7}

Sets the number of ASCII characters sent over network connections to X.25 hosts.

[no] escape-character decimal-number

Sets or removes the escape character on the specified line. Default escape character: Ctrl ^ X.

For example: 

escape-character 13

[no] exec-banner

Enables or disables a banner. Default is enabled.

exec-character-bits {7 | 8}

Sets the number of characters read by the command parser, including those entered in configuration mode.

[no] exec-timeout minutes [seconds]

Sets the interval the EXEC waits for user input before resuming the current connection, or if no connections exist, before returning the terminal to the idle state and disconnecting the incoming session. The no form is the same as specifying a timeout of 0.

For example: 

exec-timeout 15 30

[no] length screen-length

Sets the terminal screen length. A screen length of 0 disables pausing between screens of output. Default is 24.

For example: 

length 32

[no] location text

Enters or removes textual description concerning the terminal location and status.

For example: 

location In the hall

[no] login

Enables or disables checking for the password specified by the password command.

[no] login tacacs

Invokes use of the TACACS user ID and password-checking mechanism instead of regular password checking. The no form disables this mechanism.

[no] notify

Enables or disables line notification when a user running multiple, concurrent Telnet connections has output pending on a connection other than the current line.

[no] padding decimal-number count

Sets or cancels character padding for a specified output character.

For example: 

padding 13 25

[no] password password

Specifies a password.

For example: 

password         yourpassword

special-character-bits {7 | 8}

Sets a mode that compares entered-in characters with special key sequences such as flow control, escape, and disconnect functions.

[no] vacant-message [c message c]

Controls whether or not a banner is displayed on the screen of an idle terminal. The command without any arguments causes the default message to be displayed. The no vacant-message command suppresses a banner message.

For example: 

vacant-message #        
    Welcome to Cisco Systems, Inc.
#


Interface and Media Configuration

The interface and media features include interface configuration subcommands, EXEC interface management commands, frame relay interface subcommands, the X.25 EXEC command, and LAPB and X.25 interface subcommands.


Interface Configuration Subcommands

[no] bandwidth kilobits

Sets a bandwidth value for an interface. This is a routing parameter only; it does not affect the physical interface. The no form restores the default, which is set during startup.

[no] delay tens-of-microseconds

Sets the delay that higher-level protocols can use to make operating decisions. The no form restores the default, which is no delay.

For example: 

delay 20

[no] description name-string

Adds a descriptive name to an interface.

For example: 

description 3174 Controller for test lab

[no] dialer enable-timeout number-of-seconds

Sets the length of time an interface stays down before it is available for dialing. The no form restores the default of 15 seconds.

For example: 

dialer enable-timeout 10

[no] dialer fast-idle number-of-seconds

Specifies the idle time before the line is disconnected on interfaces for which there is an unusually high level of contention. The no form restores the default of 20 seconds.

For example: 


dialer fast-idle 30

[no] dialer-group group-number

Assigns an interface to a set of access list expressions. These access list expressions define which packets cause a connection to be established and which keep an interface from being idle. Applies to dial-on-demand connections only. The no form removes an interface from the specified dialer-group.

For example: 

dialer-group 3

[no] dialer idle-timeout number-of-seconds

Specifies the idle time before the line is disconnected. Applies to dial-on-demand connections only. The no form restores the default of 120 seconds.

For example: 

dialer idle-timeout 180

[no] dialer in-band

Sets or removes V.25bis dialing for the specified serial interface.

[no] dialer map protocol next-hop-address [username name] dial-string

Defines multiple dial-on-demand numbers for a particular interface. Applies to dial-on-demand connections only. The no form deletes a particular dialer map entry.

For example: 

dialer map ip 131.108.2.5 14155553434        
dialer map ip 131.108.2.5 username ZZZ 14155553434

dialer rotary-group number

Places associated interface in the dialer rotary group indicated by the number argument.

For example: 

interface dialer 1        
interface serial 0
dialer rotary-group 1

[no] dialer string dial-string

Specifies or deletes a telephone number to be passed to a DCE device, typically a V.25bis modem.

For example: 

dialer string 14155553434

[no] dialer wait-for-carrier-time number-of-seconds

Specifies how long the router will wait for a carrier. The no form restores the default of 30 seconds.

[no] early-token-release

Enables or disables the ability of Token Ring interfaces to release the token to the ring immediately after transmitting. Default is disabled.

encapsulation encapsulation-type

Assigns an encapsulation method.

arpa---Ethernet version 2.0 encapsulation

bfex25---Blacker Front End Encryption X.25 operation

ddnx25---DDN X.25 DTE operation

ddnx25-dce---DDN X.25 DCE operation

frame-relay [ietf]---Frame Relay and optional IETF encapsulation

hdh---HDH protocol

hdlc---HDLC protocol

iso1---IEEE 802.3 encapsulation

lapb---X.25 LAPB DTE operation

lapb-dce---X.25 LAPB DCE operation

multi-lapb---X.25 LAPB multiprotocol DTE operation

multi-lapb-dce---X.25 LAPB multiprotocol DCE operation

ppp---Point-to-Point Protocol (PPP)

snap---IEEE 802.2 Ethernet media

x25---X.25 DTE operation

[no] hold-queue length {in | out}

Specifies the hold-queue limit of an interface. The no form restores the default values for the interface.

[no] keepalive [seconds]

Adjusts the keepalive timer for a specific interface. Default is 10 seconds.

For example: 

keepalive 3

[no] mtu bytes

Adjusts the default maximum transmission unit (MTU) size. The no form restores the default for the interface.

For example: 

mtu 576

[no] ppp authentication chap

Enables or disables Challenge Handshake Authentication Protocol (CHAP) on the associated interface.

priority-group list

Assigns a priority group to an interface.

For example: 

priority-group 1

[no] pulse-time seconds

Enables or disables pulsing DTR signals on the MCI and SCI serial interfaces for a minimum interval.

For example: 

pulse-time 3

ring-speed speed

Sets operational ring speed for Token Ring interface. Default is 16.

For example: 

ring-speed 4

[no] shutdown interface

Disables or enables an interface.


EXEC Interface Management Commands

clear counters [type unit]

Clears all the current interface counters from the interface or clears those counters described by the optional arguments.

For example: 

clear counters serial 1

clear interface [type unit]

Resets the hardware logic on an interface.

For example: 

clear interface serial 0        
clear interface tokenring 0


Interface Management Show Commands

Table 4-5 lists the interface management show commands.

Table 4-5 Interface Management Show Commands

Command Display
show controllers serial
tokenring		 Current internal status information for different interface types.
show dialer interface [interface unit] Information about dialer interfaces or a specific interface when optional interface type is specified.
show interfaces ethernet [unit]
serial [unit]
tokenring [unit]		 Network interface statistics. Argument unit is the interface unit or card number.
show interfaces [interface unit] [accounting] Number of packets of each protocol type that have been transmitted through the interface.


Frame Relay Interface Subcommands

[no] frame-relay keepalive seconds

Enables and disables the LMI mechanism for serial lines using the Frame Relay encapsulation. Default is 10 seconds.

For example: 

frame-relay keepalive 15

[no] frame-relay lmi-type ANSI

Specifies the exchange of local management interface messages as defined by ANSI standard T1.617. The no form restores the LMI type to the default as defined by the specification.

frame-relay local-dlci number

Used for testing. Sets the source data link connection identifier (DLCI) for use when the local management interface (LMI) is not supported. If LMI is supported, and the multicast information element is present, the network server sets its local DLCI based on information provided via the LMI.

For example: 

frame-relay local-dlci 100

frame-relay map protocol protocol-address DLCI [broadcast] [ietf]
frame-relay map bridge DLCI broadcast
no frame-relay map

Defines the mapping between an address and the DLCI used to connect to the address.The Frame Relay map tells the network server how to get from a specific protocol and address pair to the correct DLCI. The no form deletes the mapping entry.

For example: 

frame-relay map IP 131.108.123.1 100        
frame-relay map bridge 144 broadcast

frame-relay multicast-dlci number

Defines a DLCI to be used for multicasts. Use this command only when the multicast facility is not supported. Network transmissions (packets) sent to a multicast DLCI are delivered to all network servers defined as members of the multicast group.

For example: 

frame-relay multicast-dlci 1022

[no] frame-relay short-status

Instructs the network server to request the short status message from the switch. (See Version 2.3 of the joint Frame Relay Interface specification.) Default is disabled (full status message).


Frame Relay Show Commands

Table 4-6 lists the Frame Relay show commands.

Table 4-6 Frame Relay Show Commands

Command Display
show frame-relay map Information about the current Frame Relay map.
show frame-relay traffic Frame Relay statistics.


X.25 EXEC Command

bfe {enter | leave} interface unit

Implements Blacker Front End Emergency (BFE) mode when the x25 bfe-decision ask configuration command is set.

For example: 

bfe leave serial 1


LAPB and X.25 Interface Subcommands

hdh {packet | message}

Enables the packet or message mode of the HDH protocol.

lapb k window-size

Defines the maximum permissible number of outstanding LAPB frames.

For example: 

lapb k 4

lapb n1 bits

Defines the maximum number of bits a LAPB frame can hold. Default is 12000 bits (1500 bytes).

For example: 

lapb n1 6000

lapb n2 retries

Defines the maximum number of times a LAPB acknowledgment frame can be retransmitted. Default is 20.

For example: 

lapb n2 100

lapb t1 milliseconds

Defines the length of time a LAPB transmitted frame can remain unacknowledged before the router polls for an acknowledgment. Default is 3000.

For example: 

lapb t1 32000

[no] x25 accept-reverse

Instructs the router to accept all reverse charge calls by default. This behavior also can be configured on a peer-to-peer basis using the x25 map subcommand. The no form disables this feature.

x25 address X.121-address

Sets the X.121 address of a particular network interface. The address is assigned by the X.25 network supplier.

For example: 

x25 address 31370054065

x25 bfe-decision {no | yes | ask}

Indicates decision criteria for x25 bfe-emergency decision command.

For example: 

x25 bfe-decision ask

x25 bfe-emergency {never | always | decision}

Specifies the circumstances under which the router enters Blacker Front End Emergency (BFE) mode.

For example: 

x25 bfe-emergency always

[no] x25 default {ip | pad}

Specifies or removes a protocol by which the router interprets calls with unknown call user data. The protocol is either ip or pad.

[no] x25 facility keyword argument

Overrides interface settings on a per-call basis. This enables X.25 facilities that are sent between DTE and DCE devices to negotiate certain link parameters. The no form of the command, with keyword and argument, removes the facility.

cug number---Specifies a Closed User Group number from 1 through 99 to provide an extra measure of network security.

packetsize in-size out-size---Sets the size in bytes of input packets (in-size) and output packets (out-size). Both values should be the same.

reverse---Reverses charges on all Call Request packets from the interface.

windowsize in-size out-size---Sets the packet count for input windows (in-size) and output windows (out-size). Both values should be the same.

throughput in out---Sets the requested throughput values for input and output throughput across the network.

rpoa name---Specifies the list of transit recognized private operating agencies (RPOAs) to use in outgoing Call Request packets.

transit-delay number---Specifies the transit delay value in milliseconds (0 through 65334) for the mapping in of outgoing calls.

For example: 

x25 facility cug 1        
x25 facility transit-delay 10

x25 hic circuit-number

Sets the highest incoming-only virtual circuit number. Default is 0.

For example: 

x25 hic 10

x25 hoc circuit-number

Sets the highest outgoing-only virtual circuit number. Default is 0.

For example: 

x25 hoc 2048

[no] x25 hold-queue queue-size

Defines the number of packets the router can hold until a virtual circuit is established. The no form restores the default of 0.

For example: 

x25 hold-queue 3

[no] x25 hold-vc-timer minutes

Prevents overruns on X.25 switches for traffic through the virtual circuits (VCs) for a specified period. When this command is activated, incoming calls are still accepted. The no form restores the default of 0.

For example: 

x25 hold-vc-timer 1

x25 htc circuit-number

Sets the highest two-way virtual circuit number. Default is 1024 for X.25.

For example: 

x25 htc 512

[no] x25 idle minutes

Clears an SVC after a set period of inactivity. Affects calls both originated and terminated by the router. The no form restores the default of 0 minutes.

For example: 

x25 idle 1

[no] x25 ip-precedence

Enables or disables the router's ability to open a new virtual circuit based on the IP Type of Service (TOS) field. By default, the router opens one virtual circuit for each type of service.

x25 ips bytes

Sets the router input packet size to match those of the network. Default is 128 bytes.

For example: 

x25 ips 1024

x25 lic circuit-number

Sets the lowest incoming-only virtual circuit number. Default is 0.

For example: 

x25 lic 2

[no] x25 linkrestart

Forces a packet-level restart when the link level is restarted. Restarts X.25 Level 2 (LAPB) when errors occur. The no form turns off this behavior. Default is enabled.

x25 loc circuit-number

Sets the lowest outgoing-only virtual circuit number. Default is 0.

For example: 

x25 loc 2000

x25 ltc circuit-number

Sets the lowest two-way virtual circuit. Default is 1.

For example: 

x25 ltc 20

[no] x25 map protocol-keyword protocol-address X.121-address [option1... option6]

Specifies a protocol-to-X.121 address mapping, such as Internet-to-X.121 or AppleTalk-to-X.121.

accept-reverse---Instructs the router to accept incoming reverse-charged calls. If this option is not present, the router clears reverse-charged calls.

broadcast---Instructs the router to direct any broadcasts sent through this interface to the specified X.121 address. This option is needed when dynamic routing protocols are being used to access the X.25 network.

cug number---Specifies a Closed User Group number (from 1 through 99) for the mapping in the outgoing call.

modulo size---Specifies the maximum window size for this map. The argument size permits windows of 8 or 128 on the same interface.

nuid username password---Specifies that a network ID facility be sent in the outgoing call with the specified username and password.

nvc count---Sets the number of virtual circuits (VCs) for this protocol/host. The default count is the x25 nvc setting of the interface. A maximum number of eight VCs can be configured for a single protocol/host.

packetsize in-size out-size---Specifies input packet size (in-size) and output packet size (out-size) for the mapping in the outgoing call.

reverse---Specifies reverse charging for outgoing calls.

rpoa---Specifies the list of transit recognized private operating agencies to use in outgoing Call Request packets for this entry.

throughput in out---Requests the amount of bandwidth through the X.25 network.

transit-delay number---Specifies the transit delay value in milliseconds (0 through 65334) for the mapping in of outgoing calls. Used only for networks that support delay transit.

windowsize in-size out-size---Specifies input window size (in-size) and output window size (out-size) for the mapping in the outgoing call.

For example: 

x25 map ip 131.108.9.2 31370054065 reverse broadcast nvc 4

x25 map bridge X.121-address broadcast [options-keywords]

Specifies Internet-to-X.121 mapping.

For example: 

x25 map bridge 31370054065 broadcast

[no] x25 map NSAP {MAC-address | X.121-address}

Maps NSAP addresses to either MAC-layer addresses or X.121 addresses. Required after specifying X.25 encapsulation on a serial interface. The no form with address arguments cancels the mapping.

For example: 

x25 map cmns 38.8261.17 0800.4e02.1f9f

[no] x25 map compressedtcp IP-address X.121-address [options]

Specifies a network protocol-to-X.121 address mapping, such as Internet-to-X.121 or AppleTalk-to-X.121. This command is required to make the X.25 calls complete for compressed packets. The no form disables header compression for the link.

For example: 

x25 map compressed 131.108.9.2 31370054065

x25 modulo modulus

Sets the modulus. The value of the modulo parameter must agree with that of the device on the other end of the X.25 link. Default is 8.

For example: 

x25 modulo 128

x25 nvc count

Specifies the maximum number of switched virtual circuits that can be open to one host simultaneously. Default is 1.

For example: 

x25 nvc 3

x25 ops bytes

Sets the router output packet size to match that of the network. Default is 128 bytes.

For example: 

x25 ips 1024

[no] x25 pvc circuit protocol-keyword protocol-address

Establishes or deletes Permanent Virtual Circuits (PVCs). You must specify the required network protocol-to-X.121 address mapping with an x25 map subcommand before you can set up a PVC.

For example: 

x25 pvc 3 ip 131.108.1.4        
x25 pvc 2 novell 00c0.0123.4567

[no] x25 pvc pvc-number1 interface interface-name pvc pvc-number2 [options]

Configures a PVC for a given interface.

For example: 

x25 pvc 2 serial 0 2

[no] x25 pvc pvc-number1 tunnel IP-address interface serial unit pvc pvc-number2 [options]

Configures a PVC for remote X.25 switching (tunneling).

For example: 

x25 pvc 1 tunnel 131.108.1.2 interface serial 1 pvc 2

[no] x25 remote-red host-IP-address remote-black Blacker-IP-address

Sets up a table listing BFE nodes to which the router will send packets.

For example: 

x25 remote-red 21.0.0.12 remote-black 21.0.01

[no] x25 rpoa name number

Specifies a list of transit recognized private operating agencies (RPOAs) to use, referenced by name.

[no] x25 suppress-called-address

Omits the called (destination) X.121 address in Call Request packets. This option is required for networks that expect only subaddresses in the called address field. The no form resets the default, which is to send the calling address.

[no] x25 suppress-calling-address

Omits the calling (source) X.121 address in Call Request packets. This option is required for networks that expect only subaddresses in the calling address field. The no form resets the default, which is to send the calling address.

x25 t10 seconds

Sets the limit for the Restart Request retransmission timer (T10) on DCE devices. Default is 60 seconds.

For example: 

x25 t10 90

x25 t11 seconds

Sets the limit for the Call Request retransmission timer (T11) on DCE devices. Default is
180 seconds.

For example: 

x25 t11 90

x25 t12 seconds

Sets the limit for the Reset Request retransmission timer (T12) on DCE devices. Default is
60 seconds.

For example: 

x25 t12 90

x25 t13 seconds

Sets the limit for the Clear Request retransmission timer (T13) on DCE devices. Default is
60 seconds.

For example: 

x25 t13 90

x25 t20 seconds

Sets the limit for the Restart Request retransmission timer (T20) on DTE devices. Default is
180 seconds.

For example: 

x25 t20 90

x25 t21 seconds

Sets the limit for the Call Request retransmission timer (T21) on DTE devices. Default is
200 seconds.

For example: 

x25 t21 220

x25 t22 seconds

Sets the limit for the Reset Request retransmission timer (T22) on DTE devices. Default is
180 seconds.

For example: 

x25 t22 100

x25 t23 seconds

Sets the limit for the Clear Request retransmission timer (T23) on DTE devices. Default is 180 seconds.

For example: 

x25 t23 200

x25 th delay

Instructs the router to send acknowledgment packets when it is not busy sending other packets, even if the number of input packets has not reached the win count. The router sends acknowledgment packets when the number of input packets reaches the count you specify, providing there are no other packets to send. This command improves line responsiveness at the expense of bandwidth. Default is 0.

For example: 

x25 th 1

[no] x25 use-source-address

Updates the source address of outgoing calls forwarded over a specific interface. The no form prevents the update.

x25 {win | wout} packets

Sets the upper limits on the number of outstanding unacknowledged packets. Set win and wout to the same value unless your network supports asymmetry between input and output window sizes. Default is 2.

For example: 

x25 win 3        
x25 wout 3


X.25 Show Commands

Table 4-7 lists the X.25 show commands.

Table 4-7 X.25 Show Commands

Command Display
show imp-hosts Information about HDH transactions.
show x25 ma Network protocol-to-X.121 address mapping.
show x25 remote-reds One-to-one mapping of the host IP addresses and remote BFE IP addresses.
show x25 vc Virtual circuit parameters and statistics.


Protocol Configuration

Protocol configuration includes the following sections:


AppleTalk Global Configuration Commands

access-list list {permit | deny} additional-zones

Establishes an AppleTalk access control list (ACL) for zone-related checks to specify the default action for zones that were not enumerated. Default is deny additional zones.

For example: 

access-list 600 permit additional-zones

[no] access-list list {permit | deny} cable-range start-end

Establishes an ACL for an extended network. Affects extended networks with starting and ending numbers exactly matching those specified in the command.

For example: 

access-list 600 permit cable-range 1000-1010

[no] access-list list {permit | deny} includes start-end

Establishes an ACL for any network, extended or nonextended, which overlaps any part of the specified range.

For example: 

access-list 600 permit includes 1000-1010

[no] access-list list {permit | deny} network network

Establishes an AppleTalk access control list (ACL) for a single network number. The ACL affects matching nonextended networks and extended networks with the same starting and ending number.

For example: 

access-list 600 permit network 21

[no] access-list list {permit | deny} other-access

Establishes an ACL used as the default for any case not enumerated. Default is deny other access.

[no] access-list list {permit | deny} within start-end

Establishes an ACL for any network, extended or nonextended, bounded by the specified range. The start and end numbers are considered to be within the range.

For example: 

access-list 600 permit within 1000-1010

[no] access-list list {permit | deny} zone zone

Establishes an ACL that applies to any network that has the specified zone in its zone list.

For example: 

access-list 600 deny zone Twilight

no appletalk arp

Resets the arp interval and arp retransmit commands to their default values.

appletalk arp [probe | request] retransmit-count count

Specifies the number of times the router will retransmit an ARP packet before abandoning address negotiations and using the selected address. Default is 20.

For example: 

appletalk arp retransmit-count 25

[no] appletalk arp interval milliseconds

Specifies the interval between retransmission of ARP packets. Default is 33 milliseconds.

For example: 

appletalk arp interval 100

[no] appletalk checksum

Enables or disables the generation and verification of checksums for all AppleTalk packets except routed packets. Default is enabled.

[no] appletalk event-logging

Logs significant events using the logger facility. Logged events include routing changes, zone creation, port status, and address.

[no] appletalk lookup-type service-type

Specifies services listed in the show apple nbp and show apple name-cache EXEC command display. The no form with arguments removes the specified service type from the name cache. The no form without arguments removes all names except those relating to the router.

[no] appletalk macip dynamic IP-address [IP-address] zone server-zone

Allocates a single IP address or a range of IP addresses for assignment to dynamic MacIP clients by the MacIP server. The no form with arguments removes the specified dynamic address assignment statement from the configuration; without arguments, it shuts down all running MacIP services.

For example: 

appletalk macip dynamic 131.108.1.28 131.108.1.44 zone Engineering

[no] appletalk macip server IP-address zone server-zone

Establishes a new MacIP server. The no form with arguments removes a server statement from the configuration; without arguments, it shuts down all running MacIP services.

For example: 

appletalk macip server 131.108.1.27 zone Engineering

[no] appletalk macip static IP-address [IP-address] zone server-zone

Defines a range of addresses to be made available to MacIP clients that have reserved invariant IP addresses. The no form with arguments removes the specified static address assignment statement from the configuration; without arguments, it shuts down all running MacIP services.

For example: 

appletalk macip static 131.108.1.50 131.108.1.66 zone Engineering        
appletalk macip static 131.108.1.81 zone Engineering

[no] appletalk name-lookup-interval seconds

Sets or cancels the interval between service polls by the router on its AppleTalk interfaces. The value 0 or the no form disables name lookup. Default is 0.

For example: 

appletalk name-lookup-interval 1200

[no] appletalk permit-partial-zones

Permits partial zones. Even though a network of a zone is denied, the zone is permitted. Default is disabled.

[no] appletalk proxy-npb network-number zonename

Assigns a proxy. Required for each zone that has a nonextended-only AppleTalk router connected to a network in the zone.

For example: 

apple proxy-npb 60 Twilight

[no] appletalk require-route-zones

Prevents fake routes (possibly generated by a broken router or corrupt packet) from causing ZIP protocol storms. Requires the router to know the zone name for a route before including it in an update. Default is enabled.

[no] appletalk routing

Enables or disables AppleTalk protocol processing.

[no] appletalk strict-rtmp

Enforces maximum checking of routing packets to ensure their validity.

[no] appletalk timers update-interval valid-interval invalid-interval

Changes the intervals used in AppleTalk routing.

For example: 

appletalk timers 20 40 120


AppleTalk Interface Subcommands

[no] appletalk access-group access-list-number

Creates a packet filter, which prevents any packets from being sent out an interface if the destination network has access denied. Once assigned, any packet that fails the appletalk access-list command cannot go out on that interface.

For example: 

appletalk access-group 699

[no] appletalk address address

Assigns AppleTalk addresses on the interfaces that will be used for the AppleTalk protocol. Used to configure nonextended interfaces.

For example: 

appletalk address 1.129

[no] appletalk cable-range start-end [network.node]

Designates an interface as being on an extended AppleTalk network.

For example: 

appletalk cable-range 2-2

[no] appletalk discovery

Resets the discovery mode and allows a new cable range to be discovered.

appletalk distribute-list access-list-number in

Filters input from the networks so that AppleTalk network numbers specified by the access-list-number argument will not be inserted into the router's AppleTalk routing table when routing updates are received. The no form removes this filter.

For example: 

appletalk distribute-list 601 in

[no] appletalk distribute-list access-list-number out

Filters routing data generated from zones or networks. The no form removes the filter.

For example: 

appletalk distribute-list 655 out

[no] appletalk getzonelist-filter list

Modifies zone-list replies.

For example: 

appletalk getzonelist-filter 600

appletalk iptalk net.node zone

Encapsulates AppleTalk in IP packets in a manner compatible with the Columbia AppleTalk Package (CAP) IPtalk and the Kinetics IPtalk (KIP) implementation.

For example: 

appletalk iptalk 30.0 UDPzone

appletalk iptalk-baseport port-number

Specifies the UDP port number, which is the beginning of the range of UDP ports used in mapping AppleTalk well-known DDP socket numbers to UDP ports.

For example: 

appletalk iptalk-baseport 200

[no] appletalk send-rtmp

Allows a router to be placed on a network with AppleTalk so it is enabled but not seen. This allows disabling of routing updates.

[no] appletalk zone zonename

Sets the zone name for the connected AppleTalk network. Must be specified after the appletalk address or appletalk cable-range command if discovery is not enabled. This command can be issued multiple times if it follows the appletalk cable-range command.

For example: 

appletalk zone twilight


AppleTalk Show Commands

Table 4-8 lists the AppleTalk show commands.

Table 4-8 AppleTalk Show Commands

Command Display
show apple access-lists Conditions specified in AppleTalk access list configurations
show apple adjacent-routes Routes that are directly connected or one hop away
show apple arp AppleTalk ARP cache
show apple cache Current AppleTalk fast-switching cache
show apple global AppleTalk internetwork and router parameter information
show apple interface [interface] AppleTalk parameters that have been applied to the interface
show apple macip-clients Status of known MacIP clients
show apple macip-servers Status of MacIP servers
show apple name-cache List of NBP (Name Binding Protocol) services of nearby routers or other devices
show apple nbp NBP name registration table
show apple neighbor [address] AppleTalk routers directly connected to any network on which this router is connected
show apple route [network] Routing table for AppleTalk networks
show apple socket [socket] Process-level processing on all sockets in the AppleTalk interface
show apple traffic AppleTalk protocol statistics
show apple zone Zone information table


IP and SLIP Global Configuration Commands

[no] access-list list {permit | deny} IP-address wildcard-mask

Creates or removes an IP access list.

For example: 

access-list 1 permit 192.5.34.0 0.0.0.255

[no] access-list list {permit | deny} protocol source source-mask destination destination-mask [operator operand] [established]

Creates or removes an extended IP access list.

For example: 

access-list 189 permit tcp 128.88.0.0 0.0.255.255   0.0.0.0 255.255.255.255        
access-list 190 permit tcp  0.0.0.0 255.255.255.255   128.88.1.2  eq  25

[no] arp IP-address hardware-address type [alias]

Installs a permanent entry in the ARP cache. The router uses this entry to translate 32-bit Internet Protocol addresses into 48-bit hardware addresses.

For example: 

arp 192.31.7.19 0800.0900.1834 arpa

[no] async-bootp tag [:hostname] data

Specifies extended BootP requests defined in RFC 1084 when the router is configured for SLIP. If no extended BootP commands are executed, by default the software generates a gateway and subnet mask appropriate for the local network.

bootfile---Specifies use of a server boot file from which to download the boot program. Use the optional :hostname and data arguments to specify the filename.

subnet-mask mask---Dotted decimal address specifying the network and local subnetwork mask (as defined by RFC 950).

time-offset offset---A signed 32-bit integer specifying the time offset of the local subnetwork in seconds from Universal Time Coordinated (UTC).

gateway address---Dotted decimal address specifying the IP addresses of gateways for this subnetwork. A preferred gateway should be listed first.

time-server address---Dotted decimal address specifying the IP address of time servers (as defined by RFC 868).

IEN116-server address---Dotted decimal address specifying the IP address of name servers (as defined by IEN 116).

DNS-server address---Dotted decimal address specifying the IP address of Domain Name Servers (as defined by RFC 1034).

log-server address---Dotted decimal address specifying the IP address of an MIT-LCS UDP log server.

quote-server address---Dotted decimal address specifying the IP address of Quote of the Day servers (as defined in RFC 865).

lpr-server address---Dotted decimal address specifying the IP address of Berkeley UNIX Version 4 BSD servers.

impress-server address---Dotted decimal address specifying the IP address of Impress network image servers.

rlp-server address---Dotted decimal address specifying the IP address of Resource Location Protocol (RLP) servers (as defined in RFC 887).

hostname name---The name of the client (which may or may not be domain qualified, depending upon the site).

bootfile-size value---A 2-octet value specifying the number of 512-octet (byte) blocks in the default boot file.

For example: 

async-bootp bootfile :128.128.1.1 "pcboot"        
async-bootp bootfile :mac "macboot"
async-bootp subnet-mask 255.255.0.0

[no] ip accounting-list IP-address mask

Specifies a set of filters to control accounting information for hosts. The no form removes this filter.

For example: 

ip accounting-list 192.31.7.18 255.255.0.0

[no] ip accounting-threshold threshold

Sets the maximum number of accounting entries to be created. The no form removes this limit.

For example: 

ip accounting-threshold 500

[no] ip accounting-transits count

Controls the number of transit records that will be stored in the IP accounting database. Transit entries are those that do not match any of the filters specified by ip-accounting-list commands.

For example: 

ip accounting-transits 100

[no] ip domain-list name

Defines a list of default domain names to complete unqualified host names. The no form deletes a domain name from the list.

For example: 

ip domain-list cisco.com

[no] ip domain-lookup

Enables or disables IP Domain Name System-based hostname-to-address translation. The no form disables the feature. Default is enabled.

[no] ip domain-name name

Defines the default domain name, which is specified by the argument name. The router uses the default domain name to complete names without a dotted domain name. The no form deletes the default domain name.

For example: 

ip domain-name cisco.com

[no] ip forward-protocol {udp | nd} [port]

Specifies which protocols and ports are forwarded for an interface with an ip helper-address. The no form disables forwarding of the specified protocol.

For example: 

ip forward-protocol udp

[no] ip forward-protocol spanning-tree

Permits IP broadcasts to be flooded throughout the internetwork in a controlled fashion. The no form prevents flooding.

[no] ip host name [TCP-port-number] IP-address1 | [IP-address2...IP-address8]

Defines a static hostname-to-address mapping in the host cache.

For example: 

ip host croff 192.31.7.18

[no] ip hp-host hostname IP-address

Enables or disables the use of the proxy service.

For example: 

ip hp-host bl4zip 131.24.6.27

[no] ip ipname-lookup

Specifies or removes the IP IEN-116 Name Server hostname-to-address translation. Default is disabled.

[no] ip name-server server-address 1 [server-address 2...server-address 6]

Specifies the addresses of the name servers to use for name and address resolution. Default: all-ones broadcast address (255.255.255.255).

For example: 

ip name-server 131.108.1.111 131.108.1.2

[no] ip routing

Enables or disables IP routing. If the system has optional bridging-enabled software, use the no form to set up a system to bridge (not route) IP datagrams. Default is enabled.

[no] ip source-route

Controls the handling of IP datagrams with source routing header options. The no form instructs the system to discard IP datagrams containing a source-route option. Default is enabled.

[no] ip subnet-zero

Enables or disables the ability to configure and route to "subnet zero" subnets. Default is disabled.


IP Interface Subcommands

[no] arp {arpa | probe | snap}

Controls the interface-specific handling of IP address resolution into 48-bit Ethernet and Token Ring hardware addresses. Default is arpa.

For example: 

arp probe

[no] arp timeout seconds

Sets the number of seconds an ARP cache entry will stay in the cache. The no form restores the default of 14,400 seconds (4 hours).

For example: 

arp timeout 7200

[no] ip access-group list

Defines an IP access group.

For example: 

access-group 101

[no] ip accounting

Enables or disables IP accounting on an interface.

[no] ip address IP-address net-mask [secondary]

Sets an IP address for an interface.

For example: 

ip address 131.108.1.27 255.255.255.0        
ip address 192.31.7.17 255.255.255.0 secondary

[no] ip broadcast-address [IP-broadcast-address]

Defines a broadcast address. If you use the no form or do not specify a broadcast address, the system uses the default of all ones (255.255.255.255).

For example: 

ip broadcast-address 192.195.78.48

[no] ip directed-broadcast

Enables or disables forwarding of directed broadcasts on the interface. Default is enabled.

[no] ip helper-address address

Defines a helper address for a specified address. The helper address defines the selective forwarding of UDP broadcasts received on the interface. The no form deletes the helper address.

For example: 

ip helper-address 128.24.17.111

[no] ip mask-reply

Sets the interface to send ICMP Mask Reply messages. Default is disabled.

[no] ip mtu bytes

Sets the maximum transmission unit (MTU) or size of IP packets sent on an interface. The no form restores the default, which depends on the interface medium.

For example: 

ip mtu 300

[no] ip probe proxy

Enables or disables HP Probe support, which allows a router to respond to HP Probe Proxy Name requests. Default is disabled.

[no] ip proxy arp

Enables or disables proxy ARP on the interface. Default is enabled.

[no] ip redirects

Enables or disables the sending of ICMP redirects on this interface. Default is enabled.

[no] ip route-cache

Controls the use of outgoing packets on a high-speed switching cache for IP routing. The cache is enabled by default and allows load-balancing for individual destinations; autonomous switching is disabled by default. The no form disables fast-switching, enabling load-balancing on a per-packet basis.

[no] ip security

Restores an interface to its default state, dedicated, unclassified Genser, with no extended state allowed.

[no] ip security add

Adds a basic security option to all datagrams leaving the router on the specified interface. The no form disables this function.

ip security dedicated level authority [authority...]

Sets or removes the requested level of classification and authority on the interface.

For example: 

ip security dedicated confidential Genser

[no] ip security extended-allowed

Allows or rejects datagrams with an extended security option on the specified interface.

[no] ip security first

Prioritizes the presence of security options on a datagram.

[no] ip security ignore-authorities

Sets an interface to ignore the authority fields of all incoming datagrams. The no form removes the setting.

[no] ip security implicit-labelling [level authority [authority [authority...]]]

Sets the interface to accept datagrams, even if the packets do not include a security option. The no form removes the setting.

For example: 

ip security implicit-labelling confidential Genser

ip security multilevel level1 [authority...] to level2 authority2 [authority3...]

Sets the requested range of classification and authority on the interface. Traffic entering or leaving the system must have a security option that belongs in the specified range. The no form removes the setting.

For example: 

ip security multilevel Confidential Genser to TopSecret Genser

[no] ip security strip

Removes any basic security option on all datagrams leaving the router on the specified interface. The no form disables the function.

[no] ip split-horizon

Enables or disables the split horizon mechanism. The default for interfaces without Frame Relay or SMDS encapsulation is enabled. The default for all other interfaces is disabled.

[no] ip tcp compression-connections number

Sets the maximum number of connections per interface that the compression cache can support. Default is 16.

For example: 

ip tcp compression-connections 256

[no] ip tcp header-compression [passive]

Enables TCP header compression. The no form disables the compression. Default is disabled.

For example: 

ip tcp header-compression passive

[no] ip unnumbered interface-name

Enables or disables IP processing on a serial interface, but does not assign an explicit IP address to the interface.

For example: 

ip unnumbered ethernet 0

[no] ip unreachables

Enables or disables the ability to send ICMP unreachable messages on an interface. Default is enabled.

transmit-interface interface-name

Assigns a transmit interface to a receive-only interface.

For example: 


transmit-interface ethernet 0


IP Line Subcommand

[no] access-class list {in | out}

Restricts incoming and outgoing connections between a particular virtual terminal line and the addresses in an access list.

For example: 

        access class 23 in


Serial Line IP (SLIP) EXEC Command

slip {default | address}

Begins a SLIP connection on the auxiliary (AUX) line.

For example: 

Router> slip 131.108.2.5        
Router> slip default


Serial Line IP (SLIP) Line Subcommands

no slip

Cancels SLIP support on the line.

slip access-class number {in | out}

Configures an access list to be used on packets to or from the SLIP host.

For example: 

slip access-class 3 in

slip address dynamic [IP-address]

When issued without an IP address, allows the IP address associated with a SLIP line to be assigned upon access. This feature is supported when a TACACS server is used. When issued with an IP address (IP-address), allows a default address to be specified upon access.

For example: 

slip address dynamic 124.201.14.3

slip address IP-address

Specifies the Internet address assigned to the SLIP client at the other end of the serial line connection.

For example: 

slip address 128.73.98.2

slip dedicated

Places the line in SLIP mode permanently. The router does not create an EXEC on this line, so the line is not available for normal interactive use.

slip hold-queue packets

Specifies the limit of the SLIP output queue, which stores packets received from the network waiting to be sent to the SLIP client. Default is 2.

For example: 

slip hold-queue 4

slip interactive

Allows the line to be used in either SLIP mode or interactive mode. Interactive mode is restored when the modem is disconnected or the line is cleared.

slip mtu bytes

Specifies the size of the largest Internet packet that the SLIP support can handle. Default is
1500 bytes.

For example: 

slip mtu 3000

speed baud

Sets the transmit and receive speeds for the line.

For example: 

speed 9600


IP Routing Protocol Global Configuration Commands

[no] autonomous-system local-AS

Specifies an autonomous system (AS) number. The no form removes the AS number.

For example: 

ip as-path access-list 4 permit ^109

[no] ip default-network network-number

Instructs a smart router to generate dynamic default information and pass it to other routers. The no form removes the instruction.

For example: 

ip default-network 128.99.0.0

[no] ip route network-address

Establishes static routes.

For example: 

ip route 131.161.7.12

[no] ip route IP-address mask {IP-address | interface} [distance]

Allows a static route to be overridden by dynamic routing information.

For example: 

ip route 131.161.7.12 255.0.0.0 131.108.3.4 110

[no] router protocol [autonomous-system]

Selects the IP routing process. Must be entered before the router subcommands that further define and tune the routing process.

For example: 

router igrp 120

[no] router ospf ospf-process-id

Enables OSPF for the router. You can specify multiple OSPF routing processes in each router.

For example: 

router ospf 109


IP Routing Protocol Interface Subcommands

[no] ip gdp

Enables or disables GDP routing with all default parameters.

[no] ip gdp holdtime seconds

Enables or disables GDP routing, keeping priority and reporting interval at their default settings.

For example: 

ip gdp holdtime 20

[no] ip gdp priority number

Enables or disables GDP routing, maintaining report time at 5 seconds and holdtime at 15 seconds for Ethernet networks.

For example: 

ip gdp priority 95

[no] ip gdp reporttime seconds

Enables or disables GDP routing maintaining a priority of 100 and hold time of 15 seconds.

For example: 

ip gdp reporttime 10

[no] ip irdp

Enables or disables ICMP Router Discovery Protocol (IRDP) processing on an interface. Default is disabled. When enabled, default values are used. Table 4-9 lists the default values.

Table 4-9 ICMP Router Discovery Protocol Default Function and Values

Function Default Value
router preference 100 (range 0--255)
maximum interval between advertisements 600 seconds
minimum interval between advertisements 400 seconds

You can change these values using the ip irdp preference, ip irdp maxadvertinterval, and ip irdp minadvertinterval commands.

[no] ip irdp address IP-address [number]

Specifies an address to proxy-advertise and its preference value when IRDP processing is enabled.

For example: 

ip irdp address 131.108.14.6 50

[no] ip irdp holdtime seconds

Determines how long the advertisements are valid when IRDP processing is enabled.

For example: 

ip irdp holdtime 6000

[no] ip irdp maxadvertinterval seconds

Changes the default maximum interval between advertisements when IRDP processing is enabled. Default is 600.

For example: 

ip irdp maxadvertinterval 400

[no] ip irdp minadvertinterval seconds

Changes the default minimum interval between advertisements when IRDP processing is enabled. Default is 400. If you change the maximum interval between advertisements, this value defaults to two-thirds of the new value.

For example: 


ip irdp minadvertinterval 100

[no] ip irdp preference number

Changes the default router preference level when IRDP processing is enabled. A lower value increases the preference level. Default is 100.

For example: 

ip irdp preference 50

[no] ip ospf authentication-key 8-bytes-of-password

Assigns or cancels a password to be used by neighboring routers on a wire that employs OSPF's simple password authentication.

For example: 

ip ospf authentication-key         yourpassword

[no] ip ospf cost cost

Specifies or removes the cost of sending a packet on an interface.

In general, the path cost is calculated as follows:

fig_4.gif

Table 4-10 lists the media types supported and their default costs.

Table 4-10 Media Types and Default Costs

Media Default Cost
56-kbps serial link 1785
64-kbps serial link 1562
T1 (1.544-Mbps serial link) 65
E1 (2.048-Mbps serial link) 48
4-Mbps Token Ring 25
Ethernet (10 Mbps) 10
16-Mbps Token Ring 6

[no] ip ospf dead-interval number-of-seconds

Sets or cancels the number of seconds that neighboring routers wait after seeing this router's Hello packets before declaring the router down. This value is advertised in the router's Hello packets in the DeadInt field and must be the same for all routers attached to a common network. Default is four times the Hello interval.

For example: 

is ospf dead-interval 60

[no] ip ospf hello-interval number-of-seconds

Sets or cancels the number of seconds between the Hello packets that the router sends on the interface. This value is advertised in the router's Hello packets and must be the same for all routers attached to a common network.

For example: 

is ospf hello-interval 15

[no] ip ospf priority 8-bit-number

Establishes or cancels a Router Priority, which helps determine the Designated Router for a network. Default is 0.

For example: 

ip ospf priority 4

[no] ip ospf retransmit-interval number-of-seconds

Sets the number of seconds between link state advertisement retransmissions for adjacencies belonging to the interface. Default is 5 seconds.

For example: 

ip ospf retransmit-interval 7

[no] ip ospf transmit-delay number-of-seconds

Sets or cancels the estimated number of seconds it takes to transmit a link state update packet on the interface. The value should include the transmission and propagation delays for the interface. Default is 1 second.

For example: 

ip ospf transmit-delay 2

[no] ip route network-address

Establishes static routes.

For example: 

ip route 131.161.7.12


IP Routing Protocol Router Subcommands

[no] area area-id authentication

Enables authentication for an area; for OSPF only. The authentication type (AuType0 or AuType1) must be the same for all routers in an area.

For example: 

area 12 authentication

[no] area area-id stub [no] area area-id default-cost cost

The two commands define an area as a stub area; for OSPF only. This command is used only on an area border router attached to a stub.

For example: 

area 12 stub        
area 12 default-cost 1001

[no] area area-id range IP-address mask

Advertises a single summary route to other areas; for OSPF only. This command is used only with area border routers.

For example: 

area 9 range 131.120.18.0 255.255.0.0

[no] area area-id virtual-link router-id [hello-interval number-of-seconds] [retransmit-interval number-of-seconds] [transmit-delay number-of-seconds] [dead-interval number-of-seconds] [authentication-key 8-bytes-of-password]

Defines virtual links; for OSPF only.

[no] default-information allowed {in | out}

Controls the handling of default information between multiple IGRP processes. Default is enabled.

For example: 

no default-information allowed out

[no] default-information originate metric metric-value metric-type type-value

Enables or disables the generation of a default route into an OSPF domain. Must be used with a redistribute command.

For example: 

default-information originate metric 100 metric-type 1

default-metric bandwidth delay reliability loading mtu

Sets metrics for IGRP only.

For example: 

default-metric 10000 2000 254 1 1500

default-metric number

Sets metrics for RIP, which use scalar, single-valued metrics.

For example: 

default-metric 10000

no default-metric

Instructs the current routing protocol to resume using the built-in automatic metric translations.

[no] distance weight [[IP-source-address IP-address-mask] [access-list-number]]

Defines or deletes an administrative distance.

For example: 

distribute-list 1 in Ethernet 0

[no] distribute-list access-list-number out [interface-name | routing-process]

Suppresses networks so that they are not sent in updates.

For example: 

distribute-list 3 out igrp 109

[no] metric holddown

For IGRP only. Disables or re-enables holddown. Use this command only if the entire autonomous system (AS) is running Version 8.2(5) or later.

[no] metric maximum-hops hops

For IGRP only. Causes the IP routing software to advertise as unreachable those routes with a hop count greater than the assigned value.

For example: 

metric maximum-hops 150

[no] metric weights TOS K1 K2 K3 K4 K5

Allows the tuning of the IGRP metric calculation for a particular Type of Service (TOS).

For example: 

neighbor any 2        
neighbor any third-party 10.1.1.1

fig_3.gif

Caution Enabling the metric weights command can adversely affect system operation in a mixed router-vendor environment.

[no] neighbor IP-address

Creates a list of neighbor routers. The no form removes the entry.

For example: 

neighbor 120.23.4.1 filter-as 20 permit 60

[no] neighbor IP-address interface interface [priority 8-bit-number] [poll-interval number-of-seconds]

Configures routers interconnecting to nonbroadcast networks; for OSPF only. The no form removes the neighbor with the specified IP address from the list.

For example: 

neighbor 131.104.27.2 version 2

[no] neighbor IP-address weight weight

Specifies a weight to assign to all routes learned from this neighbor. The router chooses as the preferred route the route with the highest weight.

[no] network IP-address

For IGRP and RIP, it specifies the interface on which to run the protocol and the networks to advertise. The no form removes an entry from the list.

For example: 

network 129.140.0.0

[no] network IP-address wildcard-mask area area-id

Specifies a range of IP addresses for any area in which OSPF is used as a routing protocol.

For example: 

network 192.31.7.0 backdoor

[no] offset-list list {in | out} offset

For IGRP and RIP only. Adds or removes a positive offset to incoming and outgoing metrics for networks matching an access list.

For example: 

offset-list 121 out 110

[no] passive-interface interface

Disables or enables the routing of updates on an interface.

For example: 

passive-interface serial 1

[no] redistribute process-name [AS-number]

Passes routing information among routing protocols.

For example: 

redistribute igrp 4        
redistribute static

[no] redistribute protocol [source-id] [metric metric-value] [metric-type type-value] [tag tag-value] [subnets]

Redistributes routes from other OSPF routing domains and non-OSPF routing domains into a specific OSPF routing domain.

[no] timers basic update invalid holddown flush sleeptime

Adjusts timers. Use the show ip protocols command to display defaults and current values. The no form restores the default.

Caution The timers basic commands should be used only if all the routers in a network are from the same vendor. Their use in a mixed router-vendor environment can adversely affect system operation.


IP and SLIP Show Commands

Table 4-11 lists the IP and SLIP show commands.

Table 4-11 IP and SLIP Show Commands

Command Display
show access-lists Contents of IP access lists.
show async-bootp Parameters that have been set for SLIP extended BootP requests.
show hosts Default domain name, style of name lookup service, list of name server hosts, and cached list of host names and addresses.
show ip accounting [checkpoint] Active IP accounting database.
show ip aliases Internet addresses mapped to TCP ports and SLIP addresses that are treated like aliases.
show ip arp Address Resolution Protocol (ARP) cache.
show ip cache Routing table cache used to fast switch Internet traffic.
show ip interface [interface] IP parameters configured on the interface.
show ip irdp IRDP values.
show ip masks [address] Masks used for network addresses.
show ip ospf [options] OSPF routing processes.
show ip ospf interface [interface] OSPF parameters configured on the interface.
show ip ospf neighbor [interface] OSPF neighbor information on a per-interface basis.
show ip protocols Parameters and current state of the active routing protocol process.
show ip route [options] IP routing table.
show ip tcp header-compression IP compression statistics.
show ip traffic IP protocol statistics.
show slip Status of all lines configured for SLIP.
show tcp [line-number] Status of TCP connections.


Novell Global Commands

[no] access-list number {deny | permit} novell-source-network [.source-address [source-mask]] novell-destination-network [.destination-address [destination-mask]]

Specifies standard Novell IPX access lists. The no form removes any access list in the current image with the specified number.

For example: 

access list 800 deny -1 2 

access list 800 deny 1.0000.0c00.1111

access-list 800 permit 1.1111.1111.1111

0000.0000.0000 2.2222.2222.2222 0000.0000.0000

[no] access-list number {deny | permit} novell-protocol source-network [.source-address [source-mask]] source-socket destination-network [.destination-address [destination-mask]] destination-socket

Specifies extended Novell IPX access lists. The no form removes any access list in the current image with the specified number.

For example: 

access list 900 deny 1 1 1234 2 1234        
access list 900 deny 1 1.1111.1111.1111 0000.0000.

0000 1234 2.2222.2222.2222 0000.0000.0000 1234

[no] access-list number {permit | deny} network [.address] [service-type]

Defines an access list for filtering SAP-based messages generated by Novell servers and our routers as they broadcast their capabilities.

For example: 

access-list 1001 deny -1 4        
access-list 1001 permit -1

[no] novell maximum-paths paths

Follows the novell routing command to set the maximum number of multiple paths that the router will remember and use. The no form restores the default, which is 1.

For example: 

novell maximum-paths 3

[no] novell route network network.address

Specifies or removes static routes for a Novell network.

For example: 

novell route 5e 3abc.0000.0c00.1ac9

[no] novell routing [host-address]

Enables or disables Novell routing and Novell RIP routing and SAP services.

For example: 

novell routing 0000.0c00.23fe

[no] novell sap service-type name net.address socket hop-count

Specifies or removes static Novell SAP table entries.

For example: 

novell sap 107 MAILSERV 160.0000.0c01.2b72 8104 1


Novell Interface Subcommands

[no] novell access-group number

Assigns a Novell IPX access list group number to a specific interface. The no form removes the number.

For example: 

novell access-group 815

novell encapsulation {novell-ether | arpa}

Selects which data format or encapsulation is used on an Ethernet interface. Default is Novell IPX over Ethernet using Novell's variant of IEEE 802.2 encapsulation.

Choose one of these keywords:

For example: 

novell encapsulation arpa

[no] novell helper-address net.host

Forwards broadcast packets that match the access list specified by the novell helper-list subcommand. Useful for hosts that use a protocol other than SAP to advertise their availability.

For example: 

novell helper-address 3abc.0000.0c00.1ac9

[no] novell helper-list access-list-number

Forwards packets that pass the specified Novell access list to the Novell helper host. The no form disables the function.

For example: 

novell helper-list 801

[no] novell input-network-filter access-list-number

Interface subcommand that explicitly specifies the networks that are added to the Novell IPX routing table. The no form disables the function.

For example: 

novell input-network-filter 801

[no] novell input-sap-filter access-list-number

Explicitly specifies the services that are added to the Novell SAP table. The no form disables this function.

For example: 

novell input-sap-filter 1000

[no] novell network number

Enables and disables Novell routing on a particular interface.

For example: 

novell network 5e

[no] novell output-network-filter access-list-number

Explicitly specifies the list of networks that are sent in routing updates. The no form disables the function.

For example: 

novell output-network-filter 821

[no] novell output-sap-delay delay

Establishes a delay between SAP packets so that the router interface operates at the slower speed of the Novell server. The no form disables the mechanism.

For example: 

novell output-sap-delay 200

[no] novell output-sap-filter access-list-number

Explicitly specifies the list of services that are included in a SAP update. The no form disables this function.

For example: 

novell input-sap-filter 1000

[no] novell route-cache

Enables or disables Novell fast switching. Default is enabled.

[no] novell router-filter access-list-number

Interface subcommand that specifies or removes the list of routers from which data will be accepted.

For example: 

novell router-filter 823

[no] novell router-sap-filter access-list-number

Configures the routers to filter Novell SAP messages. The no form removes the filters.

For example: 

novell router-sap-filter 1000

novell sap-interval interval

Establishes less frequent SAP update interval for use over slow links. Default is 1 minute.

For example: 

novell sap-interval 5

[no] novell source-network-update

When enabled, repairs corrupted network numbers by setting the source network field of any packet with a hop count of 0 to the local network number.

[no] novell update-time seconds

Allows the Novell routing update timers to be set individually for each interface. This command can be used only in a homogenous router environment, and all timers should be the same for routers connected to the same network segment. The no form restores the default of 60 seconds.

For example: 

novell update-time 40


Novell Show Commands

Table 4-12 lists the Novell show commands.

Table 4-12 Novell Show Commands

Command Display
show novell cache List of fast-switching cache entries.
show novell interface [interface] Novell parameters configured on the interface.
show novell route Novell routing table.
show novell servers Servers discovered through SAP advertisements.
show novell traffic Information about Novell packets transmitted and received including number and type.


Bridging Configuration

Bridging configuration includes the following sections:


Transparent Bridging Global Configuration Commands

[no] access-list list {permit | deny} address mask

Prepares access control information for filtering of frames by canonical (Ethernet ordered) MAC address. The no form removes a single access list entry.

For example: 

access-list 700 deny 0800.2000.0000 0000.00FF. FFFF        
access-list 700 permit 0000.0000.0000 FFFF.FFFF. FFFF

[no] access-list list {permit | deny} type-code wild-mask

Prepares access control information for filtering frames by protocol type. The no form removes a single access list entry.

For example: 

access-list 201 permit 0x6005 0x0000        
access-list 201 deny 0x0000 0xFFFF

[no] access-list list {permit | deny} source-addr source-mask dest dest-mask offset-into-packet size:1-4 operation operand

Defines an extended access list for finer control of bridged traffic.

lt---less than

gt---greater than

eq---equal

neq---not equal

and---bitwise and

xor---bitwise exclusive or

For example: 

access-list 1102 permit 000c.1b00.0000 0000.00ff.

ffff 0000.0000.0000 ffff.ffff.ffff 0x1e 2 lt 0x55aa

[no] bridge group acquire

Enables or disables the dynamic learning process. Default is enabled.

For example: 

bridge 1 acquire

[no] bridge group address MAC-address [forward | discard] [interface]

Adds or removes an address from the forwarding database. The no form followed by the MAC address removes an address from the forwarding database.

For example: 

bridge 1 address 0800.cb00.45e9 forward ethernet 1

[no] bridge group domain domain-number

Enables or disables multiple domain spanning trees. Only those devices in the domain can share spanning tree information. This command works only when the bridge group is running the IEEE spanning tree protocol. Other suppliers' bridges might not work correctly on networks containing our bridges' domain numbers other than 0.

For example: 

bridge 1 domain 3

bridge group forward-time seconds

Sets the default of the forward delay interval; that is, the amount of time the bridge listens for topology change information after an interface has been activated for bridging and before forwarding actually begins. Default is 30 seconds.

For example: 

bridge 1 forward-time 60

bridge group hello-time seconds

Specifies the interval between Bridge Protocol Data Units (BPDUs). Default is 1 second.

For example: 

bridge 2 hello-time 5

[no] bridge group lat-service-filtering

Enables or disables LAT service filtering. The no form restores the default, which is disabled.

bridge group max-age seconds

Specifies the interval that the bridge waits to hear BPDUs from the root bridge before recomputing the bridge spanning tree topology. Default is 15 seconds.

For example: 

bridge 2 max-age 20

[no] bridge group multicast-source

Allows or disallows the forwarding of frames with multicast source addresses. This command does not affect the learning of frames.

For example: 

bridge 2 multicast-source

bridge group priority number

Sets the priority of an individual bridge for selection as the root bridge. A lower number increases the likelihood for selection. Minimum = 1, maximum = 65000, default = 128.

For example: 

bridge 2 priority 1000

[no] bridge group protocol {ieee}

Defines or removes a spanning tree protocol and spanning tree group.

For example: 

bridge 9 protocol ieee


Transparent Bridging Interface Subcommands

[no] bridge-group group

Assigns the network interface to the spanning tree group. The no form removes the network interface.

For example: 

bridge-group 2

[no] bridge-group group

Assigns each network interface to a spanning-tree group.

bridge-group group circuit number

Establishes load balancing, marking a serial interface as belonging to circuit group number. Parallel serial interfaces on both bridges all must be flagged as being members of the same circuit group.

For example: 

bridge-group 3 circuit 1

[no] bridge-group group input-address-list list

Assigns or removes an access list to or from a particular interface for filtering by the MAC source addresses.

For example: 

bridge-group 1 input-address-list 200

[no] bridge-group group input-lat-service-deny grouplist

Specifies the group codes with which to deny access upon input. Default is no filtering.

For example: 

bridge-group 1 input-lat-service-deny 1 5 12-14

[no] bridge-group group input-lat-service-permit grouplist

Specifies the group codes with which to permit access upon input. Default is no filtering.

For example: 

bridge-group 1 input-lat-service-permit 1 5 12-14

bridge-group group input-lsap-list list

Adds or removes a filter for IEEE 802-encapsulated packets on input. This access list is applied to all IEEE 802 frames received on that interface prior to the bridge-learning process.

For example: 

bridge-group 2 input-lsap-list 250

bridge-group group input-type-list list

Adds or removes a filter for Ethernet- and SNAP-encapsulated packets on input. The bridge applies the access list to all Ethernet frames received on that interface prior to the bridge learning process.

For example: 

bridge-group 4 input-type-list 200

[no] bridge-group group lat-compression

Reduces the amount of bandwidth that LAT traffic consumes on serial interfaces. LAT compression can be specified for serial compression only.

For example: 

bridge-group 2 lat-compression

[no] bridge-group group output-address-list list

Assigns or removes an access list to or from a particular interface for filtering by the MAC destination addresses.

For example: 

bridge-group output-address-list 204

bridge-group group output-lat-service-deny grouplist

Specifies the group codes with which to deny access upon output. Default is no filtering.

For example: 

bridge-group 1 output-lat-service-deny 1 5 12-14

bridge-group group output-lat-service-permit grouplist

Specifies the group codes with which to permit access upon output. Default is no filtering.

For example: 

bridge-group 1 output-lat-service-permit 1 5 12-14

bridge-group group output-lsap-list list

Adds or removes a filter for IEEE 802-encapsulated packets on output. This access list is applied just before sending out a frame to an interface.

For example: 

bridge-group 3 output-lsap-list 223

bridge-group group output-type-list list

Adds or removes a filter for Ethernet- and SNAP-encapsulated packets on output. The bridge applies the access list just before sending out a frame to an interface.

For example: 

bridge-group 5 output-type-list 299

[no] bridge-group group path-cost cost

Sets or removes a different path cost. Default is 100.

For example: 

bridge-group 2 path-cost 20

bridge-group group priority number

Assigns a priority to an interface. This priority is used in tie-breaking when computing a network topology. Default is 0.

For example: 

bridge-group 1 priority 10

[no] ethernet-transit-oui [90-compatible | standard | cisco]

Chooses the OUI Code to be used in the encapsulation of Ethernet Type II frames across Token Ring backbone networks.


Transparent Bridging Show Commands

Table 4-13 lists the transparent bridging show commands.

Table 4-13 Transparent Bridging Show Commands

Command Display
show bridge [options] Classes of entries in the bridge-forwarding database.
show span Current, known spanning-tree topology, including whether or not LAT group code filtering is in effect.


IBM Connectivity

IBM connectivity features are described in the following sections:


LLC2 Interface Subcommands

llc2 ack-delay-time milliseconds

Controls the maximum amount of time that the router allows incoming I-frames to stay unacknowledged. Minimum = 1, maximum = 60000, default = 3200.

For example: 

llc2 ack-delay-time 800

llc2 ack-max packet-count

Controls the maximum number of information frames (I-frames) received by the router before it must send an acknowledgment to these frames. Minimum = 1, maximum = 255, default = 3.

For example: 

llc2 ack-max 5

llc2 idle-time milliseconds

Controls the frequency of polls during periods of idle traffic. Minimum = 1, maximum = 60000, default = 10000.

For example: 

llc2 idle-time 1500

llc2 local-window packet-count

Controls the maximum number of information frames sent by the router before it waits for an acknowledgment to these frames. Minimum = 1, maximum = 127, default = 7.

For example: 

llc2 local-window 5

llc2 n2 retry-count

Controls the number of times the router retries operations such as sending an unacknowledged frame or polling a remote busy station. Minimum = 1, maximum = 255, default = 8.

For example: 

llc2 n2 5

llc2 t1-time milliseconds

Controls how long the router waits for an acknowledgment to transmitted I-frames. Minimum = 1, maximum = 60000, default = 1000.

For example: 

llc2 t1-time 10000

llc2 tbusy-time milliseconds

Controls the amount of time that the router waits while the other LLC2 station is in a busy state before attempting to poll the remote station again. Minimum = 1, maximum = 60000, default = 9600.

For example: 

llc2 tbusy-time 10000

llc2 tpf-time milliseconds

Controls the amount of time the router waits for a final response to a poll frame that it sent before the router resends the original poll frame. Minimum = 1, maximum = 60000, default = 1000.

For example: 

llc2 tpf-time 10000

llc2 trej-time milliseconds

Controls the amount of time the router waits for a resend of a rejected frame before sending the reject (REJ) command to the remote station. Minimum = 1, maximum = 60000, default = 3200.

For example: 

llc2 trej-time 30000

llc2 xid-neg-val-time milliseconds

Controls the frequency of exchange of identification (XID) frame transmissions by the router. It is recommended that you do not change this parameter unless asked to by technical personnel. Minimum = 1, maximum = 60000, default = 0.

For example: 

llc2 xid-neg-val-time 10

llc2 xid-retry-time milliseconds

Controls how long the router waits for a reply to the exchange of identification (XID) frames that it sends to remote stations. Minimum = 1, maximum = 60000, default = 60000.

For example: 

llc2 xid-retry-time 10000


LLC2 Show Command

Table 4-14 LLC2 Show Command

Command Display
show llc2 State of the LLC2 connections.


Source-Route Bridging Global Configuration Commands

[no] access-list list {permit | deny} type-code wild-mask

Configures the access list mechanism for filtering frames by protocol type.

For example: 

access-list 201 permit 0xE0E0 0x0101

[no] lnm snmp-only

Prevents any LNM stations from modifying parameters in the router. The no form allows modifications.

[no] locaddr-priority-list list address-number queue-keyword

Establishes queuing priorities based on the address of the logical unit (LU).

For example: 

locaddr-priority-list 1 02 high

[no] netbios access-list bytes name {permit | deny} offset pattern

Defines the offset and patterns with which to match byte offsets in NetBIOS packets.

For example: 

netbios access-list bytes marketing permit 3 0xabcd

[no] netbios access-list host name {permit | deny} pattern

Assigns the name of the access list to a station or set of stations on the network. The no form removes an entire list or the entry specified with the pattern argument.

For example: 

netbios access-list host marketing permit ABCD

[no] netbios name-cache mac-address netbios-name interface-name
[no] netbios name-cache mac-address netbios-name ring-group number
[no] netbios name-cache mac-address netbios-name

Defines a static NetBIOS name cache entry. The no form removes the entry.

For example: 

netbios name-cache 0110.2222.3333 DEF ring-group 2

[no] netbios name-cache query-timeout seconds

Specifies the dead time for NetBIOS name caching that starts when a host sends any ADD_NAME_QUERY, ADD_GROUP_NAME, or STATUS_QUERY frame. The router drops any repeat or duplicate frame sent by the same host during this time period. The no form restores the default of 6 seconds.

For example: 

 netbios name-cache query-timeout 15

[no] netbios name-cache recognized-timeout seconds

Specifies the dead time that starts when a host sends any NAME_RECOGNIZED frames. The router drops any duplicate frame sent by the same host during this time period. The no form restores the default of 1 second.

For example: 

 netbios name-cache recognized-timeout 3

[no] netbios name-cache timeout minutes

Enables NetBIOS name caching and specifies the timeout for entries. The no form restores the default of 15 minutes.

For example: 

netbios name-cache timeout 10

rif MAC-address [RIF-string] [interface-name | ring-group ring]
[no] rif MAC-address [interface-name | ring-group ring]

Inserts or removes an entry into the RIF cache.

For example: 

rif 1000.5A01.0203 0830.0155.100a.5550

[no] rif timeout minutes

Defines the period of inactivity allowed before unused RIF cache entries are removed. The no form resets the RIF timeout period to the default, which is 15 minutes.

For example: 

rif timeout 20

[no] source-bridge fst-peername local-interface-address

Sets up a Fast Sequenced Transport (FST) peer name; this is the first step in configuring a remote source-route bridge to use FST.

For example: 

source-bridge fst-peername 150.136.64.98

[no] source-bridge largest-frame ring-group size

Defines the largest frame size to communicate with all peers in the ring group.

For example: 

source-bridge 5 2052

[no] source-bridge old-oui

Causes the OUI code in Token Ring frames translated to and from Ethernet Type II to be 0x000000. If you want to transfer data between IBM 8209 Ethernet/Token Ring bridges and routers running the SR/TLB software, you must issue this global command on each router. The no form restores the default value of 0x0000F8.

[no] source-bridge passthrough ring-number

Specifies that frames destined to ring number should never be terminated with Local Acknowledgment. The no form removes this restriction.

For example: 

source-bridge passthrough 5

[no] source-bridge proxy-netbios-only

Allows using proxy explorers only for the NetBIOS name caching function and not for their general local response to explorers.

[no] source-bridge remote-peer ring-group interface [interface-name MAC-address] [lf size] [version number]

Defines or removes a serial interface over which to run bridged Token Ring traffic.

For example: 

source-bridge remote-peer 5 interface serial0

[no] source-bridge remote-peer ring-group tcp IP-address [lf size] [local-ack] [version number] [no] source-bridge remote-peer ring-group tcp IP-address [backup-group group-number]
[no] source-bridge remote-peer ring-group fst IP-address [lf size] [version number]

Defines or removes a remote peer for the specified ring group.

For example: 

source-bridge remote-peer 5 tcp 131.108.2.29

[no] source-bridge ring-group ring-number

Establishes or removes a ring group.

For example: 

source-bridge ring-group 5

[no] source-bridge sap-80d5 SAP

When used in conjunction with the source-bridge enable-80d5 command, enables or disables the translation of Token Ring LLC2 frames to Ethernet Type 2 80d5 format frames.

If the source-bridge enable-80d5 command is not issued, this command has no effect. You can issue multiple commands, one SAP per line.

For example: 

source-bridge sap80d5 lc

[no] source-bridge tcp-queue-max number

Sets the maximum output TCP queue length, in packets, that the router will accept for routing to remote source-route bridge peers. The no version restores the default of 100.

For example: 

source-bridge tcp-queue-max 125


Source-Route Bridging Interface Subcommands

[no] access-expression {in | out} expression

Defines an access expression for a given interface---for Token Ring only.

lsap(nnn)---LSAP access list nnn to be evaluated for this frame.

type(nnn)---SNAP type access list to be evaluated for this frame.

smac(nnn)---Access list to match the source MAC address of the frame.

dmac(nnn)---Access list to match the destination MAC address of the frame.

netbios-host(name)---NetBIOS-host access list to be applied on NetBIOS frames traversing the interface.

netbios-bytes(name)---NetBIOS-bytes access list to be applied on NetBIOS frames traversing the interface.

For example: 

access-expression in lsap(201 | (lsap(202) & dm ac(701))

[no] lnm alternate number

Enables an LRM other than the default LRM to change parameters. The no form restores the default of 0.

For example: 

lnm alternate 2

[no] lnm crs

Enables the Configuration Report Server (CRS), which keeps track of the current logical configuration of a Token Ring. Reports any changes to LNM. Also reports on various other activities such as the change of the Active Monitor on a Token Ring.

[no] lnm loss-threshold number

Configures the threshold of dropped frames when the router sends a message to all attached LNMs. Default is 10 (0.1%).

For example: 

lnm loss-threshold 2

[no] lnm password number password

Assigns a password to a reporting link to prevent unauthorized access from an LRM to a bridge and to control access to the different reporting links.

For example: 

lnm password 4         yourpassword

[no] lnm rem

Enables the Ring Error Monitor (REM), which monitors errors reported by any station on the ring. Also monitors whether the ring is in a functional state or in a failure state.

[no] lnm rps

Enables the Ring Parameter Server (RPS), which ensures that all stations on a ring are using a consistent set of reporting parameters. Reports to LNM when any new station joins a Token Ring.

[no] lnm softerr number

Controls the frequency of error reports sent from stations on a Token Ring to the Ring Error Monitor. The no form restores the timer value to its default of 200 (two seconds).

For example: 

lnm softerr 100

[no] locaddr-priority list

Assigns a priority group to an input interface.

For example: 

locaddr-priority 1

mac-address IEEE-address

Sets the MAC layer address. Forces the use of a different MAC address on the specified interface, thereby avoiding the TI MAC firmware problem. It is up to the network administrator to ensure that no other host on the network is using that MAC address.

For example: 

mac-address 79c1.39de.0003

[no] multiring {protocol-keyword | all | other}

Enables the ability of the specified interface to collect and use source-route (RIF) information for routable protocols.

For example: 

multiring novell

[no] netbios enable-name-cache

Enables the NetBIOS name cache on the specified interface. By default the name cache is disabled. The no form restores the default.

[no] netbios input-access-filter bytes name

Defines an access list filter on incoming messages. The no form removes an access list filter on incoming messages.

For example: 

netbios input-access-filter bytes marketing

[no] netbios input-access-filter host name

Defines an access list filter on incoming messages.

For example: 

netbios input-access-filter host marketing

[no] netbios output-access-filter bytes name

Defines an access list filter on outgoing messages.

For example: 

netbios output-access-filter bytes marketing

[no] netbios output-access-filter host name

Defines an access list filter on outgoing messages.

For example: 

netbios output-access-filter host marketing

[no] source-bridge local-ring bridge-number target-ring

Enables source bridging on a specific interface.

For example: 

source-bridge 129 1 130

[no] source-bridge input-address-list list

Interface subcommand that assigns an access list to a particular interface for filtering the Token Ring or IEEE 802 source addresses. The no version of this command removes the application of the access list.

For example: 

source-bridge input-address-list 201

source-bridge input-lsap-list list

Interface subcommand that alters IEEE 802-encapsulated packets on input. This access list is applied to all IEEE 802 frames received on that interface prior to the source-routing process. Specify the value 0 to disable the filter.

For example: 

source-bridge input-lsap-list 201

source-bridge input-type-list list

Interface subcommand that filters SNAP-encapsulated packets on input. This access list is then applied to all SNAP frames received on that interface prior to the source-routing process. Specify the value 0 to disable the filter.

For example: 

source-bridge input-type-list 201

[no] source-bridge max-hops count

Limits the maximum number of source-route bridge hops of your network. The no form restores the count to the maximum value.

For example: 

source-bridge max-hops 7

[no] source-bridge old-sna

Enables or disables a workaround for some source-route bridging behavior exhibited by older SNA nodes.

[no] source-bridge output-address-list list

Assigns or removes an access list to or from a particular interface for filtering the Token Ring or IEEE 802 destination addresses.

For example: 

source-bridge output-address-list 201

source-bridge output-lsap-list list

Filters IEEE 802-encapsulated packets on output. This access list is then applied just before sending out a frame to an interface. Specify 0 to disable the filter.

For example: 

source-bridge output-lsap-list 201

source-bridge output-type-list list

Filters SNAP-encapsulated packets on output. This access list is then applied just before sending out a frame to an interface. Specify 0 to disable the filter.

For example: 

source-bridge output-type-list 201

[no] source-bridge proxy-explorer

Enables or disables the proxy explorer function. Default is disabled.

[no] source-bridge route-cache

Enables fast switching to allow for faster implementations of local source-route bridging between the 4- or 16-megabit Token Ring card. By default, the system enables fast switching in the source-route bridging software. The no form restores the default, which is disabled.

[no] source-bridge spanning

Manually changes the forwarding state of spanning explorer packet. The no form disables forwarding.


Source-Route Bridging Show Commands

Table 4-15 lists the source-route bridging show commands.

Table 4-15 Source-Route Bridging Show Commands

Command Display
show lnm bridge All currently configured bridges and global bridging parameters.
show lnm config Logical configuration of all bridges configured on this router.
show lnm interface [interface] LNM parameters configured on the interface.
show lnm ring number LNM parameters configured on the interface.
show lnm station LNM-specific information about all known stations on the ring.
show local-ack Current state of Local Acknowledgment connections.
show netbios-cache Contents of the NetBIOS cache.
show rif Contents of the RIF cache.
show source-bridge Current source bridge configuration and statistics.

HomeTOCPrevNextGlossSearchHelp
-

Copyright 1988-1995 © Cisco Systems Inc.