|
|
This chapter describes the commands you use to configure Internet Protocol (IP) routing, such as IP static routes, Routing Information Protocol (RIP), and IP filters.
To delete an existing IP filter, use the reset ip filter command.
Syntax Description
| filter id | (Optional) Clears the IP filter with this identification number, which was assigned by the router when the filter was created. |
| all | (Optional) Clears all IP filters. |
Default
None
Command Mode
Profile mode
Usage Guidelines
Use this command to delete IP filters that have been entered with the set ip filter command.
Examples
The following example deletes an IP filter with the identification number of 8 for profile 2503:
Host:2503> reset ip filter 8
The following example deletes all IP filters for profile 2503:
Host:2503> reset ip filter all
To delete an IP static route, use the reset ip route command.
Syntax Description
| all | Deletes all static routes. |
| destination | IP address of the network or host to which the packet is being sent in four-part dotted decimal format. |
| bits | (Optional) Number of network bits in the destination network's IP address, counting from the left. |
| next hop | IP address of the static route default gateway in four-part dotted decimal format. |
Default
None
Command Mode
Profile mode
Examples
The following example deletes a static route for profile 2503:
Host:2503> reset ip route destination 250.250.250.1 gateway 150.150.150.1
The following example deletes all static routes for profile 2503:
Host:2503> reset ip route all
Related Command
set ip route
Use the set gateway command to set a static default route pointing at the internal router profile's connection interface.
Syntax Description
| ip address | IP address of the internal profile's interface in four-part dotted decimal format. |
Default
The default address is 0.0.0.0
Command Mode
System level
Example
The following example configures a default static route to the internal profile's connection:
Host> set gateway 150.150.10.10
To set the IP address for any connection, use the set ip address command. To delete the IP address for a connection, use this command with 0.0.0.0 as the IP address.
Syntax Description
| ip address | IP address for the interface in four-part dotted decimal format. |
Default
The default IP address is 0.0.0.0
Command Mode
Profile mode
Example
The following example configures the profile 2503 connection with an IP address:
Host:2503> set ip address 150.150.10.17
To set the cost metric to the next destination, use the set ip cost command.
Syntax Description
| value | Number of routers between this router and the destination network. |
Default
The default cost value is 1.
Command Mode
System level or profile mode
Usage Guidelines
Entering this command while in profile mode applies the cost to that profile's connection. Entering this command at the system level applies the cost to the internal profile.
Example
The following example configures profile 2503 with a cost parameter of 2:
Host:2503> set ip cost 2
To create an IP filter, use the set ip filter command.
Syntax Description
| type | (Optional) One of the following keywords corresponding to an IP packet type:
· icmp---Internet Control Message Protocol (ICMP) packets. · icmpxrd---ICMP packets, except redirect packets. · icmprd---ICMP redirect packets. · tcp---Transmission Control Protocol (TCP) packets. · tcpsyn---TCP SYN (connection establishment) packets. · tcpxsyn---TCP packets, except SYN. · udp---User Datagram Protocol (UDP) packets. If no packet type is specified, the filter is applied to packets of any type. |
| in | Filters on incoming packets. |
| out | Filters on outgoing packets. |
| source address | (Optional) Filters all packets from this address.
Using the source not address keyword applies the filter to any packet that is not from the IP address specified in the command. |
| destination address | (Optional) Filters all packets destined for this address.
Using the destination not address keyword applies the filter to any packet that is not destined for the IP address specified in the command. |
| address | IP address must be entered in the following format:
ip_address [/<bits>] [<loport>] [+ | --] [<hiport>] · ip-address---The source or destination IP address. Use a 32-bit quantity in four-part dotted decimal format. · /bits---The number of significant bits in the IP address, counting from the left. · low-port---The lowest port number that will be matched by the filter. If followed by a+ , all ports greater than this port will be matched by the filter. If followed by a-- , all ports between this port and the high port will be matched by the filter. · high-port---The highest port number that will be matched by the filter. Low port and high port arguments can only be used if the packet type is set to tcp or udp. |
| block | Prevents the packets defined in the filter from being sent on to the connection. |
| accept | Allows the packets defined in the filter to be sent on to the connection. |
Default
No IP filters are configured.
Command Mode
System level or profile mode
Usage Guidelines
Entering this command while in profile mode applies the IP filter to that profile's connection. Entering this command at the system level applies the IP filter to the internal profile.
Examples
The following example configures profile 2503 with an IP filter that accepts incoming packets addressed to TCP port 25:
Host:2503> set ip filter tcp in 198.95.216.1:25 accept
The following example configures profile 2503 with an IP filter that blocks the establishment of outgoing TCP connections:
Host:2503> set ip filter tcpsyn out block
Related Command
reset ip filter
Refer to the appendix "TCP Port Assignments" and the appendix "UDP Port Assignments" for further information.
To set the type of encapsulation used for IP packets, use the set ip framing command.
Syntax Description
| ethernet_II | Number of routers between this router and the destination network. Use this keyword when connecting to a remote bridge. |
| none | Sets packet framing to Internet Protocol Control Protocol (IPCP). Use this keyword when using Point-to-Point Protocol (PPP). |
Default
ethernet-II
Command Mode
Profile mode
Example
The following example configures profile 2503 for IPCP packet framing:
Host:2503> set ip framing none
To set the subnet mask for the internal interface, use the set ip netmask command. To delete the subnet mask for the internal interface, enter this command with 0.0.0.0 as the IP address. This command should only be used if IP routing is not going to be used.
Syntax Description
| mask | Subnet mask for the profile interface. Use a 32-bit quantity in four-part dotted decimal format. |
Default
0.0.0.0 (This IP address applies the default subnet mask for Class A, B, and C networks.)
Command Mode
System level or profile mode
Usage Guidelines
Entering this command while in profile mode applies the IP netmask to the connection created for that user. Entering this command at the system level applies the IP netmask to the internal profile.
Example
The following example configures the subnet mask for profile 2503:
Host:2503> set ip netmask 255.255.255.0
Related Command
set subnet mask
To set whether a route over the Ethernet interface is propagated in Routing Information Protocol (RIP) broadcast messages, use the set ip propagate command.
Syntax Description
| on | Routes over the profile's interface will be propagated in RIP broadcast messages whenever the connection is active. |
| off | Routes over the profile's interface will not be propagated in RIP broadcast messages. |
Default
on (disabled)
Command Mode
System level or profile mode
Usage Guidelines
Entering this command while in profile mode applies the IP propagate parameters to that profile's connection. Entering this command at the system level applies the IP propagate parameters to the internal profile.
Example
The following example configures any route over the profile 2503 connection to be propagated in RIP broadcast messages:
Host:2503> set ip propagate on
To set whether RIP packets are received, use the set ip rip receive command.
Syntax Description
| both | Both versions 1 and 2 packets will be received. |
| 1 | RIP version 1 packet will be received. |
| 2 | RIP version 2 packet will be received. |
| off | RIP packets will not be received on the profile's interface. |
Default
off
Command Mode
System level or profile mode
Usage Guidelines
Entering this command while in profile mode applies the RIP receive parameters to that profile's connection. Entering this command at the system level applies the RIP receive parameters to the internal profile.
Example
The following example configures the connection for profile 2503 to block RIP packets:
Host:2503> set ip rip receive off
To set up the snapshot client parameters for a given profile, use the set ip rip snapshot client command.
Syntax Description
| minutes | The duration in minutes for the active period when routing information is exchanged or the quiet period when no routing information is exchanged. Range is 1 - 70,000 minutes |
| update on | Update On configures the client to send routing information as soon as it enters the active period. |
| update off | Update Off configures the client to wait for the periodic update to send the routing information after it enters the active period. |
Default
None
Command Mode
Profile mode
Usage Guidelines
Entering this command sets up the client snapshot parameters for a given profile. These values will be used when the set ip rip update command is set to snapshot.
Sample Display
The following sample display shows the configuration of the profile user 1 as a snapshot client that has an active period of 10 minutes and a quiet period of 60 minutes and sends routing information as soon as it enters the active period.
Host> cd user1 Host> set ip rip snapshot client act 10 quiet 60 update on
Related Command
set ip rip update
To set up the snapshot server parameters for a given profile, use the set ip rip snapshot server command.
Syntax Description
| minutes | The duration in minutes for the active period when routing information is exchanged. Range is 1 - 70,000 minutes |
| update on | Update On configures the server to send routing information as soon as it enters the active period. |
| update off | Update Off configures the server to wait for the periodic update to send the routing information after it enters the active period. |
Default
None
Command Mode
Profile mode
Usage Guidelines
Entering this command sets up the server snapshot parameters for a given profile. These values will be used when the set ip rip update command is set to snapshot.
Sample Display
The following sample display shows the configuration of the profile user 1 as a snapshot server that has an active period of 10 minutes and a quiet period of 60 minutes and sends routing information as soon as it enters the active period.
>cd user1 >set ip rip snapshot server active 10 update on
Related Command
set ip rip update
To specify when RIP packets will be sent, use the set ip rip update command.
Syntax Description
| off | RIP packets are not sent. |
| periodic | RIP packets are sent both periodically and whenever there is a change in the RIP table. Use this keyword for the LAN profile so that RIP information is passed to the LAN at regular intervals. |
| demand | RIP packets are sent both when the ISDN line first connects and when a change occurs in the RIP table. Use this keyword for WAN connections to avoid bringing up the Integrated Services Digital Network (ISDN) line unnecessarily. |
| snapshot | The two periods for routing updates are quiet and active. During the active period routing updates or exchanges are in a normal process, over a particular interface. Once the active period expires, the quiet period begins and the routing table is frozen in that state. There is no activity until the quiet period expires. |
Default
off (disabled)
Command Mode
System level or profile mode
Usage Guidelines
Entering this command while in profile mode applies the IP update parameters to that profile's connection. Entering this command at the system level applies the IP update parameters to the internal profile.
Example
The following example configures profile 2503 for sending RIP packets on demand:
Host:2503> set ip rip update demand
To specify which version of IP RIP (1 or 2) packets are used when sending RIP packets, use the set ip rip version command.
Syntax Description
| 1 | Sends RIP version 1 packets. |
| 2 | Sends RIP version 2 packets. |
| both | Sends Both version 1 and 2 packets. |
Default
Rip version 1 packets.
Command Mode
Profile mode
Example
The following example configures profile 2503 to send RIP version 2 packets:
Host:2503> set ip rip version 2
Related Command
set ip route
To define a static IP route, use the command set ip route.
Syntax Description
| destination network | Static route's destination network address. |
| bits | (Optional) Number of network bits in the destination address, counting from the left. This information will be propagated only if RIP Version 2 is being used for RIP broadcasts. |
| gateway nexthop | IP address of the router that receives the packet for this network or host. This address must be in the same network as the IP address for the interface. |
| propagate on | off | (Optional) Whether the static route defined by this command will be propagated in RIP packets. |
| cost value | (Optional) Cost metric for the route. |
Default
No static routes are defined.
Command Mode
Profile mode
Example
The following example configures a static IP route for profile 2503:
Host:2503> set ip route destination 198.95.217.0 gateway 198.95.216.2 propagate on cost 2
Related Command
reset ip route
To enable or disable IP routing, use the set ip routing command.
Syntax Description
| on | Enables IP routing on the profile's interface. |
| off | Disables IP routing on the profile's interface. |
Default
Off (disabled)
Command Mode
Profile mode
Usage Guidelines
Any profile that has IP routing enabled must have a network address assigned using the set ip address command.
Example
The following example enables IP routing for profile 2503:
Host:2503> set ip routing on
Related Command
set ip address
To set the subnet mask for an interface, use the set subnet mask command. To delete the subnet mask for an interface, use this command with 0.0.0.0 as the IP address.
Syntax Description
| ip address mask | Subnet mask for the profile's interface in the form of an IP address. |
Default
The default IP address is 0.0.0.0. This IP address applies the default subnet mask for Class A, B, and C networks.
Command Mode
System level or profile mode
Usage Guidelines
Entering this command while in profile mode applies the subnet mask to that profile's interface. Entering this command at the system level applies the subnet mask to the internal profile.
Example
The following example configures the subnet mask for profile 2503:
Host:2503> set ip netmask 255.255.255.0
Related Command
set ip netmask
To display the IP configuration for one or all profiles, use the show ip configuration command.
Syntax Description
| all | (Optional) Displays the IP configuration for all profiles. |
Command Mode
System level or profile mode
Usage Guidelines
Use this command while in profile mode to display the IP configuration for that profile. Use this command at the system level or with the keyword all to display the IP configurations for all profiles.
Sample Display
The following sample display shows the output of the show ip configuration command for profile 2503:
2865_66> sh ip config Profile Routing Frame IP Address Netmask RIP TX RX Prop Cost Internal ON ETH2 192.168.100.56 255.255.255.0 V1 PER V1 ON 1 6544 ON IPCP 198.1.2.10 255.255.255.0 V1 DEM V1 ON 1 dms16045 ON IPCP 198.1.2.3 255.255.255.0 V1 DEM V1 ON
Table 7-1 describes the fields shown in the display.
Table 7-1 : Show IP Configuration Field Descriptions
| Field | Description |
|---|---|
| Profile | Profile that is being displayed. If you are in profile mode, this field displays the name of the profile. |
| Routing | Indicates if IP routing is enabled for the profile. |
| Frame | IP framing type used for the profile. |
| IP Address | IP address for the connection. |
| Netmask | IP netmask (subnet mask) used for the connection. |
| RIP | RIP version packets used for the profile. |
| TX | RIP update used for the profile---Off, Demand, or Periodic. |
| RX | RIP receive configuration for the profile---On or Off. |
| Prop | RIP propagate configuration for the profile---On or Off. |
| Cost | Cost metric of the route. |
Related Commands
set user
set ip routing
set ip framing
set ip address
set ip netmask
set subnet mask
set ip rip version
set ip rip update
set ip rip receive
set ip propagate
set ip cost
To display the IP filters for one or all profiles, use the show ip filter command.
Syntax Description
| all | (Optional) Displays IP filters for all profiles. |
Default
None
Command Mode
System level or profile mode
Usage Guidelines
Use this command while in profile mode to display IP filters for that profile. Use this command at the system level or with the keyword all to display IP filters for all profiles.
Sample Display
The following is a sample display t of the show ip filter command for profile 2503:
Host:2503> show ip filter Profile ID Dir Type Action Addresses 2503 2 IN ID ACCEPT DST 150.150.150.1/24
Table 7-2 describes the fields shown in the display.
Table 7-2 : Show IP Filter Field Descriptions
| Field | Description |
|---|---|
| Profile | Profile that is being displayed. If you are in profile mode, this field displays the name of the profile. |
| ID | The identification number assigned by the router when the filter is created. |
| Type | Packet type to which the filter applies. If no packet type is specified in the filter, IP is displayed. |
| Action | Indicates the action to be taken for packets that match the filter (block or accept). |
| Addresses | Destination and/or source addresses of the packets to which the filter applies. |
Related Command
set ip filter
To display the current snapshot parameters use the command show ip rip snapshot.
Syntax Description
| all | (Optional) Displays current snapshot parameters for all profiles. |
Default
None
Command Mode
Profile mode
Usage Guidelines
System level or profile mode
Sample Display
The following sample display shows the output from the show ip rip snapshot command:
Host> show ipx rip snapshot
Table 7-3 describes snapshot parameters field descriptions.
Table 7-3 : Snapshot Parameters Field Descriptions
| Field | Description |
|---|---|
| Profile | The profile that the parameters apply to. |
| Snapshot | Specifies whether snapshot is Off (none) or is acting as a client or a server for this connection. |
| Active | The active period in minutes. |
| Quiet | The quiet period in minutes. |
| Update | Could be On or Off. Update On configures the client or server to send routing information as soon as it enters the active period. Update Off configures the client or server to wait for the periodic update to send the routing information after it enters the active period. |
| State | There are four states: pre-active, active, post-active, and quiet. |
To display IP static routes for one or all profiles, use the show ip route command.
Syntax Description
| all | (Optional) Displays IP static routes for all profiles. |
Default
None
Command Mode
System level or profile mode
Usage Guidelines
Use this command while in profile mode to display IP static routes for that profile. Use this command at the system level or with the keyword all to display IP static routes for all profiles.
Sample Display
The following is a sample display of the show ip route all command:
Host> show ip route all Profile Type Destination Bits Gateway Prop Cost Source Age JohnS NET 150.150.217.0 24 1.1.1.5 ON 3 RIP 0 JohnS NET 150.150.219.0 24 1.1.1.5 ON 3 RIP 0 JohnS NET 150.150.216.0 24 1.1.1.5 ON 2 RIP 0 JohnS NET 177.3.0.016 1.1.1.5 ON 3 RIP0 Internal NET 149.7.0.0 16 DIRECT ON 1 DIRECT 0
Table 7-4 describes the fields shown in the display.
Table 7-4 : Show IP Route Field Descriptions
| Field | Description |
|---|---|
| Profile | Profile that is being displayed. If you are in profile mode, this field displays the name of the profile. |
| Type | Interface for the route; either NET or WAN. |
| Destination | Static route's destination address. |
| Bits | Number of bits in the destination address. |
| Gateway | Local-network gateway for the route. |
| Propagate | Indicates if the route is propagated in RIP packets. |
| Cost | Cost value for the route's destination address. |
| Source | Source of information about this route. |
| Age | Number of minutes the route remains in the table without being updated. |
Related Command
set ip route
|
Copyright 1988-1996 © Cisco Systems Inc.