Полезная информация

cc/td/doc/product/software/ios120/12cgcr/np1_r
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table of Contents

IP Routing Protocol-Independent Commands

IP Routing Protocol-Independent Commands

Use the commands in this chapter to configure and monitor the features that are routing protocol-independent. For configuration information and examples on IP routing protocol-independent features, refer to the "Configuring IP Routing Protocol-Independent Features" chapter of the Network Protocols Configuration Guide, Part 1.

accept-lifetime

To set the time period during which the authentication key on a key chain is received as valid, use the accept-lifetime key chain key configuration command. To revert to the default value, use the no form of this command.

accept-lifetime start-time {infinite | end-time | duration seconds}
no accept-lifetime [start-time {infinite | end-time | duration seconds}]

Syntax Description

start-time

Beginning time that the key specified by the key command is valid to be received. The syntax can be either of the following:

               hh:mm:ss Month date year

               hh:mm:ss date Month year

hh---hours

mm---minutes

ss---seconds

date---date (1-31)

Month---first three letters of the month

year---year (four digits)

The default start time and the earliest acceptable date is January 1, 1993.

infinite

Key is valid to be received from the start-time on.

end-time

Key is valid to be received from the start-time until end-time. The end-time must be after the start-time. The syntax is the same as that for start-time. The default end time is an infinite time period.

duration seconds

Length of time (in seconds) that the key is valid to be received.

Default

Forever (Starting time is January 1, 1993, and ending time is infinite.)

Command Mode

Key chain key configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 11.1.

Only DRP Agent, IP Enhanced IGRP, and RIP Version 2 use key chains.

Specify a start-time and one of the following: infinite, end-time, or duration seconds.

We recommend running NTP or some other time synchronization method if you assign a lifetime to a key.

If the last key expires, authentication will continue and an error message will be generated. To disable authentication, you must manually delete the last valid key.

Example

In the following example, the key named chestnut will be accepted from 1:30 p.m. to 3:30 p.m. and be sent from 2:00 p.m. to 3:00 p.m. The key named birch will be accepted from 2:30 p.m. to 4:40 p.m. and be sent from 3:00 p.m. to 4:00 p.m. The overlap allows for migration of keys or discrepancies in the router's set time. There is a half-hour leeway on each side to handle time differences.

interface ethernet 0
 ip rip authentication key-chain trees
 ip rip authentication mode md5
!
router rip
 network 172.19.0.0
 version 2
!
key chain trees
 key 1
 key-string chestnut
 accept-lifetime 13:30:00 Jan 25 1996 duration 7200
 send-lifetime 14:00:00 Jan 25 1996 duration 3600
 key 2
 key-string birch
 accept-lifetime 14:30:00 Jan 25 1996 duration 7200
 send-lifetime 15:00:00 Jan 25 1996 duration 3600

Related Commands

You can use the master indexes or search online to find documentation of related commands.

key
key chain
key-string
send-lifetime
show key chain

clear ip route

To remove one or more routes from the IP routing table, use the clear ip route EXEC command.

clear ip route {network [mask] | *}

Syntax Description

network

Network or subnet address to remove.

mask

(Optional) Network mask associated with the IP address you wish to remove.

*

Removes all entries.

Command Mode

EXEC

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

Example

The following example removes a route to network 132.5.0.0 from the IP routing table:

clear ip route 132.5.0.0

Related Commands

You can use the master indexes or search online to find documentation of related commands.

show ip route

distance

To define an administrative distance, use the distance router configuration command. To remove a distance definition, use the no form of this command.

distance weight [address mask [access-list-number | name]] [ip]
no distance weight [address mask [access-list-number]] [ip]

Syntax Description

weight

Administrative distance. This can be an integer from 10 to 255. (The values 0 to 9 are reserved for internal use.) Used alone, the argument weight specifies a default administrative distance that the Cisco IOS software uses when no other specification exists for a routing information source. Routes with a distance of 255 are not installed in the routing table.

address

(Optional) IP address in four-part, dotted notation.

mask

(Optional) IP address mask in four-part, dotted-decimal format. A bit set to 1 in the mask argument instructs the software to ignore the corresponding bit in the address value.

access-list-number | name

(Optional) Number or name of a standard IP access list to be applied to incoming routing updates.

ip

(Optional) IP-derived routes for IS-IS. It can be applied independently for IP routes and ISO CLNS routes.

Default

Table 56 lists default administrative distances.


Table 56: Default Administrative Distances
Route Source Default Distance

Connected interface

0

Static route

1

Enhanced IGRP summary route

5

External BGP

20

Internal Enhanced IGRP

90

IGRP

100

OSPF

110

IS-IS

115

RIP

120

EGP

140

Internal BGP

200

Unknown

255

Command Mode

Router configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0. The access-list-name argument first appeared in Cisco IOS Release 11.2.

Numerically, an administrative distance is an integer between 0 and 255. In general, the higher the value, the lower the trust rating. An administrative distance of 255 means the routing information source cannot be trusted at all and should be ignored.

When the optional access list number is used with this command, it is applied when a network is being inserted into the routing table. This behavior allows filtering of networks according to the IP address of the router supplying the routing information. This could be used, as an example, to filter out possibly incorrect routing information from routers not under your administrative control.

The order in which you enter distance commands can affect the assigned administrative distances in unexpected ways (see the "Example" section for further clarification).

Weight values are also subjective; there is no quantitative method for choosing weight values.

For BGP, the distance command sets the administrative distance of the External BGP route.

The show ip protocols EXEC command displays the default administrative distance for a specified routing process.

Example

In the following example, the router igrp global configuration command sets up IGRP routing in autonomous system number 109. The network router configuration commands specify IGRP routing on networks 192.31.7.0 and 128.88.0.0. The first distance router configuration command sets the default administrative distance to 255, which instructs the Cisco IOS software to ignore all routing updates from routers for which an explicit distance has not been set. The second distance command sets the administrative distance for all routers on the Class C network 192.31.7.0 to 90. The third distance command sets the administrative distance for the router with the address 128.88.1.3 to 120.

router igrp 109
 network 192.31.7.0
 network 128.88.0.0
 distance 255
 distance 90 192.31.7.0 0.0.0.255
 distance 120 128.88.1.3 0.0.0.0

Related Commands

You can use the master indexes or search online to find documentation of related commands.

distance bgp

distribute-list in

To filter networks received in updates, use the distribute-list in router configuration command. To change or cancel the filter, use the no form of this command.

distribute-list {access-list-number | name} in [type number]
no distribute-list
{access-list-number | name} in [type number]

Syntax Description

access-list-number | name

Standard IP access list number or name. The list defines which networks are to be received and which are to be suppressed in routing updates.

in

Applies the access list to incoming routing updates.

type

(Optional) Interface type.

number

(Optional) Interface number on which the access list should be applied to incoming updates. If no interface is specified, the access list will be applied to all incoming updates.

Default

Disabled

Command Mode

Router configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0. The access-list-name, type, and number arguments first appeared in Cisco IOS Release 11.2.

This command is not supported in IS-IS or OSPF.

Example

In the following example, the Enhanced IGRP routing process accepts only two networks---network 0.0.0.0 and network 131.108.0.0:

access-list 1 permit 0.0.0.0
access-list 1 permit 131.108.0.0
access-list 1 deny 0.0.0.0 255.255.255.255
router eigrp
 network 131.108.0.0
 distribute-list 1 in

Related Commands

You can use the master indexes or search online to find documentation of related commands.

access-list (extended)
access-list (standard)
distribute-list out
redistribute

distribute-list out

To suppress networks from being advertised in updates, use the distribute-list out router configuration command. To cancel this function, use the no form of this command.

distribute-list {access-list-number | name} out [interface-name | routing-process |
autonomous-system-number]
no distribute-list {access-list-number | name} out [interface-name | routing-process |
autonomous-system-number]

Syntax Description

access-list-number | name

Standard IP access list number or name. The list defines which networks are to be sent and which are to be suppressed in routing updates.

out

Applies the access list to outgoing routing updates.

interface-name

(Optional) Name of a particular interface.

routing-process

(Optional) Name of a particular routing process, or the keyword static or connected.

autonomous-system-number

(Optional) Autonomous system number.

Default

Disabled

Command Mode

Router configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0. The access-list-name argument first appeared in Cisco IOS Release 11.2.

When redistributing networks, a routing process name can be specified as an optional trailing argument to the distribute-list command. This causes the access list to be applied to only those routes derived from the specified routing process. After the process-specific access list is applied, any access list specified by a distribute-list command without a process name argument will be applied. Addresses not specified in the distribute-list command will not be advertised in outgoing routing updates.


Note To filter networks received in updates, use the distribute-list in command.

Examples

The following example would cause only one network to be advertised by a RIP routing process: network 131.108.0.0.

access-list 1 permit 131.108.0.0
access-list 1 deny 0.0.0.0 255.255.255.255
router rip
 network 131.108.0.0
 distribute-list 1 out
 

The following example applies access list 1 to outgoing routing updates and enables IS-IS on Ethernet interface 0. Only network 131.131.101.0 will be advertised in outgoing IS-IS routing updates.

router isis
 redistribute ospf 109
 distribute-list 1 out
interface Ethernet 0
 ip router isis
access-list 1 permit 131.131.101.0 0.0.0.255

Related Commands

You can use the master indexes or search online to find documentation of related commands.

access-list (extended)
access-list (standard)
distribute-list in
redistribute

ip default-network

To select a network as a candidate route for computing the gateway of last resort, use the ip  default-network global configuration command. To remove a route, use the no form of this command.

ip default-network network-number
no ip default-network network-number

Syntax Description

network-number

Number of the network.

Default

If the router has a directly connected interface onto the specified network, the dynamic routing protocols running on that router will generate (or source) a default route. For RIP, this is flagged as the pseudonetwork 0.0.0.0; for IGRP, it is the network itself, flagged as an exterior route.

Command Mode

Global configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

The Cisco IOS software uses both administrative distance and metric information to determine the default route. Multiple ip default-network commands can be given. All candidate default routes, both static (that is, flagged by ip default-network) and dynamic, appear in the routing table preceded by an asterisk.

If the IP routing table indicates that the specified network number is subnetted and a non-zero subnet number is specified, then the system will automatically configure a static summary route. This static summary route is configured instead of a default network. The effect of the static summary route is to cause traffic destined for subnets that are not explicitly listed in the IP routing table to be routed using the specified subnet.

Examples

The following example defines a static route to network 10.0.0.0 as the static default route:

ip route 10.0.0.0 255.0.0.0 131.108.3.4
ip default-network 10.0.0.0

If the following command was issued on a router not connected to network 129.140.0.0, the software might choose the path to that network as a default route when the network appeared in the routing table:

ip default-network 129.140.0.0

Related Commands

You can use the master indexes or search online to find documentation of related commands.

show ip route

ip local policy route-map

To identify a route map to use for local policy routing, use the ip local policy route-map global configuration command. To disable local policy routing, use the no form of this command.

ip local policy route-map map-tag
no ip local policy route-map map-tag

Syntax Description

map-tag

Name of the route map to use for local policy routing. The name must match a map-tag specified by a route-map command.

Default

Packets that are generated by the router are not policy routed.

Command Mode

Global configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 11.1

Packets that are generated by the router are not normally policy routed. However, you can use this command to policy route such packets. You might enable local policy routing if you want packets originated at the router to take a route other than the obvious shortest path.

The ip local policy route-map command identifies a route map to use for local policy routing. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which packets should be policy routed. The set commands specify the set actions---the particular policy routing actions to perform if the criteria enforced by the match commands are met. The no ip local policy route-map command deletes the reference to the route map and disables local policy routing.

Example

The following example sends packets with a destination IP address matching that allowed by extended access list 131 to the router at IP address 174.21.3.20:

ip local policy route-map xyz
!
route-map xyz
 match ip address 131
 set ip next-hop 174.21.3.20

Related Commands

You can use the master indexes or search online to find documentation of related commands.

match ip address
match length
route-map
set default interface
set interface
set ip default next-hop
set ip next-hop
show ip local policy

ip policy route-map

To identify a route map to use for policy routing on an interface, use the ip policy route-map interface configuration command. To disable policy routing on the interface, use the no form of this command.

ip policy route-map map-tag
no ip policy route-map map-tag

Syntax Description

map-tag

Name of the route map to use for policy routing. Must match a map-tag specified by a route-map command.

Default

No policy routing occurs on the interface.

Command Mode

Interface configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 11.0.

You might enable policy routing if you want your packets to take a route other than the obvious shortest path.

The ip policy route-map command identifies a route map to use for policy routing. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which policy routing is allowed for the interface. The set commands specify the set actions---the particular policy routing actions to perform if the criteria enforced by the match commands are met. The no ip policy route-map command deletes the pointer to the route map.

Example

The following example sends packets with the destination IP address of 174.95.16.18 to a router at IP address 174.21.3.20:

interface serial 0
 ip policy route-map wethersfield
!
route-map wethersfield
 match ip address 174.95.16.18
 set ip next-hop 174.21.3.20

Related Commands

You can use the master indexes or search online to find documentation of related commands.

match ip address
match length
route-map
set default interface
set interface
set ip default next-hop
set ip next-hop

ip route

To establish static routes, use the ip route global configuration command. To remove static routes, use the no form of this command.

ip route prefix mask {address | interface} [distance] [tag tag] [permanent]
no ip route prefix mask

Syntax Description

prefix

IP route prefix for the destination.

mask

Prefix mask for the destination.

address

IP address of the next hop that can be used to reach that network.

interface

Network interface to use.

distance

(Optional) An administrative distance.

tag tag

(Optional) Tag value that can be used as a "match" value for controlling redistribution via route maps.

permanent

(Optional) Specifies that the route will not be removed, even if the interface shuts down.

Default

No static routes are established.

Command Mode

Global configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

A static route is appropriate when the Cisco IOS software cannot dynamically build a route to the destination.

If you specify an administrative distance, you are flagging a static route that can be overridden by dynamic information. For example, IGRP-derived routes have a default administrative distance of 100. To have a static route that would be overridden by an IGRP dynamic route, specify an administrative distance greater than 100. Static routes have a default administrative distance of 1.

Static routes that point to an interface will be advertised via RIP, IGRP, and other dynamic routing protocols, regardless of whether redistribute static commands were specified for those routing protocols. This is because static routes that point to an interface are considered in the routing table to be connected and hence lose their static nature. However, if you define a static route to an interface that is not one of the networks defined in a network command, no dynamic routing protocols will advertise the route unless a redistribute static command is specified for these protocols.

Examples

The following example chooses an administrative distance of 110. In this case, packets for network 10.0.0.0 will be routed through to a router at 131.108.3.4 if dynamic information with administrative distance less than 110 is not available.

ip route 10.0.0.0 255.0.0.0 131.108.3.4 110

The following example routes packets for network 131.108.0.0 to a router at 131.108.6.6:

ip route 131.108.0.0 255.255.0.0 131.108.6.6 

key

To identify an authentication key on a key chain, use the key key chain configuration command. To remove the key from the key chain, use the no form of this command.

key number
no key number

Syntax Description

number

Identification number of an authentication key on a key chain. The range of keys is 0 to 2147483647. The key identification numbers need not be consecutive.

Default

No key exists on the key chain.

Command Mode

Key chain configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 11.1.

Only DRP Agent, IP Enhanced IGRP, and RIP Version 2 use key chains.

It is useful to have multiple keys on a key chain so that the software can sequence through the keys as they become invalid after time, based on the accept-lifetime and send-lifetime settings.

Each key has its own key identifier, which is stored locally. The combination of the key identifier and the interface associated with the message uniquely identifies the authentication algorithm and MD5 authentication key in use. Only one authentication packet is sent, regardless of the number of valid keys. The software starts looking at the lowest key identifier number and uses the first valid key.

If the last key expires, authentication will continue and an error message will be generated. To disable authentication, you must manually delete the last valid key.

To remove all keys, remove the key chain by using the no key chain command.

Example

The following example configures a key chain named trees. The key named chestnut will be accepted from 1:30 p.m. to 3:30 p.m. and be sent from 2:00 p.m. to 3:00 p.m. The key named birch will be accepted from 2:30 p.m. to 4:40 p.m. and be sent from 3:00 p.m. to 4:00 p.m. The overlap allows for migration of keys or a discrepancy in the router's set time. There is a half-hour leeway on each side to handle time-of-day differences.

interface ethernet 0
 ip rip authentication key-chain trees
 ip rip authentication mode md5
!
router rip
 network 172.19.0.0
 version 2
!
key chain trees
 key 1
 key-string chestnut
 accept-lifetime 13:30:00 Jan 25 1996 duration 7200
 send-lifetime 14:00:00 Jan 25 1996 duration 3600
 key 2
 key-string birch
 accept-lifetime 14:30:00 Jan 25 1996 duration 7200
 send-lifetime 15:00:00 Jan 25 1996 duration 3600

Related Commands

You can use the master indexes or search online to find documentation of related commands.

accept-lifetime
key chain
key-string
send-lifetime
show key chain

key chain

To enable authentication for routing protocols, identify a group of authentication keys by using the key chain global configuration command. To remove the key chain, use the no form of this command.

key chain name-of-chain
no key chain name-of-chain

Syntax Description

name-of-chain

Name of a key chain. A key chain must have at least one key and can have up to 2147483647 keys.

Default

No key chain exists.

Command Mode

Global configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 11.1.

Only DRP Agent, IP Enhanced IGRP, and RIP Version 2 use key chains.

You must configure a key chain with keys to enable authentication.

You can identify multiple key chains, but it makes sense to use one key chain per interface per routing protocol. Upon specifying the key chain command, you enter key chain mode.

Example

The following example configures a key chain named trees. The key named chestnut will be accepted from 1:30 p.m. to 3:30 p.m. and be sent from 2:00 p.m. to 3:00 p.m. The key named birch will be accepted from 2:30 p.m. to 4:40 p.m. and be sent from 3:00 p.m. to 4:00 p.m. The overlap allows for migration of keys or a discrepancy in the router's set time. There is a half-hour leeway on each side to handle time-of-day differences.

interface ethernet 0
 ip rip authentication key-chain trees
 ip rip authentication mode md5
!
router rip
 network 172.19.0.0
 version 2
!
key chain trees
 key 1
 key-string chestnut
 accept-lifetime 13:30:00 Jan 25 1996 duration 7200
 send-lifetime 14:00:00 Jan 25 1996 duration 3600
  key 2
  key-string birch
  accept-lifetime 14:30:00 Jan 25 1996 duration 7200
  send-lifetime 15:00:00 Jan 25 1996 duration 3600

Related Commands

You can use the master indexes or search online to find documentation of related commands.

accept-lifetime
ip rip authentication key-chain
key
key-string
send-lifetime
show key chain

key-string

To specify the authentication string for a key, use the key-string key chain key configuration command. To remove the authentication string, use the no form of this command.

key-string text
no key-string [text]

Syntax Description

text

Authentication string that must be sent and received in the packets using the routing protocol being authenticated. The string can contain from 1 to 80 uppercase and lowercase alphanumeric characters, except that the first character cannot be a number.

Default

No key exists.

Command Mode

Key chain key configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 11.1.

Only DRP Agent, IP Enhanced IGRP, and RIP Version 2 use key chains. Each key can have only one key string.

If password encryption is configured (with the service password-encryption command), the software saves the key string as encrypted text. When you write to the terminal with the more  system:running-config command, the software displays key-string 7 encrypted text.

Example

The following example configures a key chain named trees. The key named chestnut will be accepted from 1:30 p.m. to 3:30 p.m. and be sent from 2:00 p.m. to 3:00 p.m. The key named birch will be accepted from 2:30 p.m. to 4:40 p.m. and be sent from 3:00 p.m. to 4:00 p.m. The overlap allows for migration of keys or a discrepancy in the router's set time. There is a half-hour leeway on each side to handle time-of-day differences.

interface ethernet 0
 ip rip authentication key-chain trees
 ip rip authentication mode md5
!
router rip
 network 172.19.0.0
 version 2
!
key chain trees
 key 1
 key-string chestnut
 accept-lifetime 13:30:00 Jan 25 1996 duration 7200
 send-lifetime 14:00:00 Jan 25 1996 duration 3600
 key 2
 key-string birch
 accept-lifetime 14:30:00 Jan 25 1996 duration 7200
 send-lifetime 15:00:00 Jan 25 1996 duration 3600

Related Commands

You can use the master indexes or search online to find documentation of related commands.

accept-lifetime
key
key chain
send-lifetime
service password-encryption
show key chain

match interface

To distribute any routes that have their next hop out one of the interfaces specified, use the match interface route-map configuration command. To remove the match interface entry, use the no form of this command.

match interface type number [...type number]
no match interface type number [...type number]

Syntax Description

type

Interface type.

number

Interface number.

Default

No match interfaces are defined.

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The match route-map configuration command has multiple formats. The match commands may be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.

A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure a second route-map section with an explicit match specified.

Example

In the following example, routes that have their next hop out Ethernet interface 0 will be distributed:

route-map name
 match interface ethernet 0

Related Commands

You can use the master indexes or search online to find documentation of related commands.

match as-path
match community-list
match ip address
match ip next-hop
match ip route-source
match metric
match route-type
match tag
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set origin
set tag
set weight

match ip address

To distribute any routes that have a destination network number address that is permitted by a standard or extended access list, or to perform policy routing on packets, use the match ip address route-map configuration command. To remove the match ip address entry, use the no form of this command.

match ip address {access-list-number | name} [...access-list-number | name]
no match ip address {access-list-number | name} [...access-list-number | name]

Syntax Description

access-list-number | name

Number or name of a standard or extended access list. It can be an integer from 1 to 199.

Default

No access list numbers are specified.

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

Use route maps to redistribute routes or to subject packets to policy routing. Both purposes are described in this section.

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution is allowed for the current route-map. The set commands specify the set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The related match commands are listed in the section "Related Commands for Redistribution." The match commands can be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
When you are passing routes through a route map, a route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure a second route-map section with an explicit match specified.
Another purpose of route maps is to enable policy routing. Use the ip policy route-map interface configuration command, in addition to the route-map global configuration command, and the match and set route-map configuration commands to define the conditions for policy routing packets. Each route-map command has a list of match and set commands associated with it. The related match and set commands are listed in the section "Related Commands for Policy Routing." The match commands specify the match criteria---the conditions under which policy routing occurs. The set commands specify the set actions---the particular routing actions to perform if the criteria enforced by the match commands are met. You might want to policy route packets based on their source, for example, using an access list.

Examples

In the following example, routes that have addresses specified by access list numbers 5 or 80 will be matched:

route-map name
 match ip address 5 80
 

In the following policy routing example, packets that have addresses specified by access list numbers 6 or 25 will be routed to Ethernet interface 0:

interface serial 0
 ip policy route-map chicago
!
route-map chicago
 match ip address 6 25 
 set interface ethernet 0

Related Commands for Redistribution

You can use the master indexes or search online to find documentation of related commands.

match as-path
match community-list
match interface
match ip next-hop
match ip route-source
match metric
match route-type
match tag
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set origin
set tag
set weight

Related Commands for Policy Routing

You can use the master indexes or search online to find documentation of related commands.

ip policy route-map
match length
route-map
set default interface
set interface
set ip default next-hop
set ip next-hop

match ip next-hop

To redistribute any routes that have a next-hop router address passed by one of the access lists specified, use the match ip next-hop route-map configuration command. To remove the next-hop entry, use the no form of this command.

match ip next-hop {access-list-number | name}[...access-list-number | name]
no match ip next-hop {access-list-number | name}[...access-list-number | name]

Syntax Description

access-list-number | name

Number or name of a standard or extended access list. It can be an integer from 1 to 199.

Default

Routes are distributed freely, without being required to match a next-hop address.

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The match route-map configuration command has multiple formats. The match commands may be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.

A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure a second route-map section with an explicit match specified.

Example

The following example distributes routes that have a next-hop router address passed by access list 5 or 80 will be distributed:

route-map name
 match ip next-hop 5 80

Related Commands

You can use the master indexes or search online to find documentation of related commands.

match as-path
match community-list
match interface
match ip address
match ip route-source
match metric
match route-type
match tag
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set origin
set tag
set weight

match ip route-source

To redistribute routes that have been advertised by routers and access servers at the address specified by the access lists, use the match ip route-source route-map configuration command. To remove the route-source entry, use the no form of this command.

match ip route-source {access-list-number | name}[...access-list-number | name]
no match ip route-source {access-list-number | name}[...access-list-number | name]

Syntax Description

access-list-number | name

Number or name of a standard or extended access list. It can be an integer from 1 to 199.

Default

No filtering on route source.

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution is allowed for the current route-map. The set commands specify the set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The match route-map configuration command has multiple formats. The match commands may be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.

A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure second route-map section with an explicit match specified.

There are situations in which a route's next hop and source router address are not the same.

Example

The following example distributes routes that have been advertised by routers and access servers at the addresses specified by access lists 5 and 80:

route-map name
 match ip route-source 5 80

Related Commands

You can use the master indexes or search online to find documentation of related commands.

match as-path
match community-list
match interface
match ip address
match ip next-hop
match metric
match route-type
match tag
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set origin
set tag
set weight

match length

To base policy routing on the Level 3 length of a packet, use the match length route-map configuration command. To remove the entry, use the no form of this command.

match length min max
no match length min max

Syntax Description

min

Minimum Level 3 length of the packet, inclusive, allowed for a match. Range is 0 to 0x7FFFFFFF.

max

Maximum Level 3 length of the packet, inclusive, allowed for a match. Range is 0 to 0x7FFFFFFF.

Default

No policy routing on the length of a packet.

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 11.0.

Use the ip policy route-map interface configuration command, the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for policy routing packets. The ip policy route-map command identifies a route map by name. Each route-map has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which policy routing occurs. The set commands specify the set actions---the particular routing actions to perform if the criteria enforced by the match commands are met.

The match route-map configuration command has multiple formats. The match commands can be given in any order, and all match commands must "pass" to cause the packet to be routed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.

You might want to base your policy routing on the length of packets so that your interactive traffic and bulk traffic are directed to different routers.

Example

In the following example, packets 3 to 200 bytes long, inclusive, will be routed to FDDI interface 0:

interface serial 0
 ip policy route-map interactive
!
route-map interactive
 match length 3 200
 set interface fddi 0

Related Commands

You can use the master indexes or search online to find documentation of related commands.

ip policy route-map
match ip address
route-map
set default interface
set interface
set ip default next-hop
set ip next-hop

match metric

To redistribute routes with the metric specified, use the match metric route-map configuration command. To remove the entry, use the no form of this command.

match metric metric-value
no match metric metric-value

Syntax Description

metric-value

Route metric, which can be an IGRP five-part metric. It is a metric value from 0 to 4294967295.

Default

No filtering on a metric value.

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 11.2.

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The match route-map configuration command has multiple formats. The match commands may be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.

A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure second route-map section with an explicit match specified.

Example

In the following example, routes with the metric 5 will be redistributed:

route-map name
 match metric 5

Related Commands

You can use the master indexes or search online to find documentation of related commands.

match as-path
match community-list
match interface
match ip address
match ip next-hop
match ip route-source
match route-type
match tag
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set origin
set tag
set weight

match route-type

To redistribute routes of the specified type, use the match route-type route-map configuration command. To remove the route-type entry, use the no form of this command.

match route-type {local | internal | external [type-1 | type-2] | level-1 | level-2}
no match route-type {local
| internal | external [type-1 | type-2] | level-1 | level-2}

Syntax Description

local

Locally generated BGP routes.

internal

OSPF intra-area and interarea routes or enhanced IGRP internal routes.

external [type-1 | type-2]

OSPF external routes, or enhanced IGRP external routes. For OSPF, external type-1 matches only Type 1 external routes and external type-2 matches only Type 2 external routes.

level-1

IS-IS Level 1 routes.

level-2

IS-IS Level 2 routes.

Default

Disabled

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0. The following keywords first appeared in Cisco IOS Release 11.2: local and external [type-1 | type-2].

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The match route-map configuration command has multiple formats. The match commands may be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.

A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure second route-map section with an explicit match specified.

Example

The following example redistributes internal routes:

route-map name
 match route-type internal

Related Commands

You can use the master indexes or search online to find documentation of related commands.

match as-path
match community-list
match interface
match ip address
match ip next-hop
match ip route-source
match metric
match tag
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set origin
set tag
set weight

match tag

To redistribute routes in the routing table that match the specified tags, use the match tag route-map configuration command. To remove the tag entry, use the no form of this command.

match tag tag-value [...tag-value]
no match tag tag-value [...tag-value]

Syntax Description

tag-value

List of one or more route tag values. Each can be an integer from 0 to 4294967295.

Default

No match tag values are defined.

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The match route-map configuration command has multiple formats. The match commands may be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.

A route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure second route-map section with an explicit match specified.

Example

The following example redistributes routes stored in the routing table with tag 5:

route-map name
 match tag 5

Related Commands

You can use the master indexes or search online to find documentation of related commands.

match as-path
match community-list
match interface
match ip address
match ip next-hop
match ip route-source
match metric
match route-type
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set origin
set tag
set weight

maximum-paths

To control the maximum number of parallel routes an IP routing protocol can support, use the maximum-paths router configuration command. To restore the default value, use the no form of this command.

maximum-paths maximum
no maximum-paths

Syntax Description

maximum

Maximum number of parallel routes an IP routing protocol installs in a routing table, in the range 1 to 6.

Defaults

The default for BGP is 1 path. The default for all other IP routing protocols is 4 paths.

Command Mode

Router configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 11.2.

Example

The following example allows a maximum of 2 paths to a destination:

maximum-paths 2

passive-interface

To disable sending routing updates on an interface, use the passive-interface router configuration command. To reenable the sending of routing updates, use the no form of this command.

passive-interface type number
no passive-interface type number

Syntax Description

type

Interface type.

number

Interface number.

Default

Routing updates are sent on the interface.

Command Mode

Router configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

If you disable the sending of routing updates on an interface, the particular subnet will continue to be advertised to other interfaces, and updates from other routers on that interface continue to be received and processed.

For OSPF, OSPF routing information is neither sent nor received through the specified router interface. The specified interface address appears as a stub network in the OSPF domain.

For IS-IS, this command instructs IS-IS to advertise the IP addresses for the specified interface without actually running IS-IS on that interface. The no form of this command for IS-IS disables advertising IP addresses for the specified address.

Enhanced IGRP is disabled on an interface that is configured as passive although it advertises the route.

Examples

The following example sends IGRP updates to all interfaces on network 131.108.0.0 except Ethernet interface 1:

router igrp 109
 network 131.108.0.0
 passive-interface ethernet 1
 

The following configuration enables IS-IS on interfaces Ethernet 1 and serial 0 and advertises the IP addresses of Ethernet 0 in its Link State PDUs:

router isis Finance
 passive-interface Ethernet 0
interface Ethernet 1
 ip router isis Finance
interface serial 0
 ip router isis Finance

redistribute

To redistribute routes from one routing domain into another routing domain, use the redistribute router configuration command. To disable redistribution, use the no form of this command.

redistribute protocol [process-id] {level-1 | level-1-2 | level-2} [metric metric-value]
[metric-type type-value] [match {internal | external 1 | external 2}]
[tag tag-value] [route-map map-tag] [weight weight] [subnets]
no redistribute protocol [process-id] {level-1 | level-1-2 | level-2} [metric metric-value]
[metric-type type-value] [match {internal | external 1 | external 2}]
[tag tag-value] [route-map map-tag] [weight weight] [subnets]

Syntax Description

protocol

Source protocol from which routes are being redistributed. It can be one of the following keywords: bgp, egp, igrp, isis, ospf, static [ip], connected, and rip.

The keyword static [ip] is used to redistribute IP static routes. The optional ip keyword is used when redistributing into IS-IS.

The keyword connected refers to routes which are established automatically by virtue of having enabled IP on an interface. For routing protocols such as OSPF and IS-IS, these routes will be redistributed as external to the autonomous system.

process-id

(Optional) For bgp, egp, or igrp, this is an autonomous system number, which is a 16-bit decimal number.
For isis, this is an optional tag that defines a meaningful name for a routing process. You can specify only one IS-IS process per router. Creating a name for a routing process means that you use names when configuring routing.
For ospf, this is an appropriate OSPF process ID from which routes are to be redistributed. This identifies the routing process. This value takes the form of a nonzero decimal number.
For rip, no process-id value is needed.

level-1

For IS-IS, Level 1 routes are redistributed into other IP routing protocols independently.

level-1-2

For IS-IS, both Level 1 and Level 2 routes are redistributed into other IP routing protocols.

level-2

For IS-IS, Level 2 routes are redistributed into other IP routing protocols independently.

metric metric-value

(Optional) Metric used for the redistributed route. If a value is not specified for this option, and no value is specified using the default-metric command, the default metric value is 0. Use a value consistent with the destination protocol.

metric-type type-value

(Optional) For OSPF, the external link type associated with the default route advertised into the OSPF routing domain. It can be one of two values:

1---Type 1 external route

2---Type 2 external route

If a metric-type is not specified, the Cisco IOS software adopts a Type 2 external route.

For IS-IS, it can be one of two values:

internal---IS-IS metric which is < 63.

external---IS-IS metric which is > 64 < 128.

The default is internal.

match {internal | external 1 | external 2}

(Optional) For OPSF, the criteria by which OSPF routes are redistributed into other routing domains. It an be one of the following:

internal---Routes that are internal to a specific autonomous system.

external 1---Routes that are external to the autonomous system, but are imported into OSPF as type 1 external route.

external 2---Routes that are external to the autonomous system, but are imported into OSPF as type 2 external route.

tag tag-value

(Optional) 32-bit decimal value attached to each external route. This is not used by the OSPF protocol itself. It may be used to communicate information between Autonomous System Boundary Routers. If none is specified, then the remote autonomous system number is used for routes from BGP and EGP; for other protocols, zero (0) is used.

route-map

(Optional) Route map should be interrogated to filter the importation of routes from this source routing protocol to the current routing protocol. If not specified, all routes are redistributed. If this keyword is specified, but no route map tags are listed, no routes will be imported.

map-tag

(Optional) Identifier of a configured route map.

weight weight

(Optional) Network weight when redistributing into BGP. An integer from 0 to 65535.

subnets

(Optional) For redistributing routes into OSPF, the scope of redistribution for the specified protocol.

Defaults

Route redistribution is disabled.

protocol---No source protocol is defined.
process-id---No process ID is defined.
metric metric-value---0
metric-type type-value---Type 2 external route
match internal | external---internal, external 1, external 2
external type-value---internal
tag tag-value---If no value is specified, the remote autonomous system number is used for routes
         from BGP and EGP; for other protocols, the default is 0.
route-map map-tag---If the route-map argument is not entered, all routes are redistributed; if no
         map-tag value is entered, no routes are imported.
weight weight---No network weight is defined.
subnets---No subnets are defined.

Command Mode

Router configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

Changing or disabling any keyword will not affect the state of other keywords.

A router receiving a link-state protocol (LSP) with an internal metric will consider the cost of the route from itself to the redistributing router plus the advertised cost to reach the destination. An external metric only considers the advertised metric to reach the destination.

Routes learned from IP routing protocols can be redistributed at level-1 into an attached area or at level-2. The keyword level-1-2 allows both in a single command.

Redistributed routing information should always be filtered by the distribute-list out router configuration command. This ensures that only those routes intended by the administrator are passed along to the receiving routing protocol.

Whenever you use the redistribute or the default-information router configuration commands to redistribute routes into an OSPF routing domain, the router automatically becomes an Autonomous System Boundary Router (ASBR). However, an ASBR does not, by default, generate a default route into the OSPF routing domain.

When routes are redistributed between OSPF processes, no OSPF metrics are preserved.

When routes are redistributed into OSPF and no metric is specified in the metric keyword, the default metric that OSPF uses is 20 for routes from all protocols except BGP route, which gets a metric of 1. Furthermore, when the router redistributes from one OSPF process to another OSPF process on the same router, and if no default metric is specified, the metrics in one process are carried to the redistributing process.

When redistributing routes into OSPF, only routes that are not subnetted are redistributed if the subnets keyword is not specified.

The only connected routes affected by this redistribute command are the routes not specified by the network command.

You cannot use the default-metric command to affect the metric used to advertise connected routes.


Note The metric value specified in the redistribute command supersedes the metric value specified using the default-metric command.

Default redistribution of IGPs or EGP into BGP is not allowed unless default-information originate is specified.

Examples

The following example causes OSPF routes to be redistributed into a BGP domain:

router bgp 109
 redistribute ospf...
 

The following example causes IGRP routes to be redistributed into an OSPF domain:

router ospf 110
 redistribute igrp...
 

The following example causes the specified IGRP process routes to be redistributed into an OSPF domain. The IGRP-derived metric will be remapped to 100 and RIP routes to 200.

router ospf 109
 redistribute igrp 108 metric 100 subnets
 redistribute rip metric 200 subnets
 

The following example configures BGP routes to be redistributed into IS-IS. The link-state cost is specified as 5, and the metric type will be set to external, indicating that it has lower priority than internal metrics.

router isis
 redistribute bgp 120 metric 5 metric-type external
 

In the following example, network 20.0.0.0 will appear as an external LSA in OSPF 1 with a cost of 100 (the cost is preserved):

interface ethernet 0
 ip address 20.0.0.1 255.0.0.0
 ip ospf cost 100
interface ethernet 1
 ip address 10.0.0.1 255.0.0.0
!
router ospf 1
 network 10.0.0.0 0.255.255.255 area 0
 redistribute ospf 2 subnet
router ospf 2
 network 20.0.0.0 0.255.255.255 area 0

Related Commands

You can use the master indexes or search online to find documentation of related commands.

default-information originate (BGP)
default-information originate (IS-IS)
default-information originate (OSPF)
distribute-list out
route-map
show route-map

route-map

To define the conditions for redistributing routes from one routing protocol into another, or to enable policy routing, use the route-map global configuration command and the match and set route-map configuration commands. To delete an entry, use the no form of this command.

route-map map-tag [permit | deny] [sequence-number]
no route-map map-tag [permit | deny] [sequence-number]

Syntax Description

map-tag

Defines a meaningful name for the route map. The redistribute router configuration command uses this name to reference this route map. Multiple route maps may share the same map tag name.

permit

(Optional) If the match criteria are met for this route map, and permit is specified, the route is redistributed as controlled by the set actions. In the case of policy routing, the packet is policy routed.

If the match criteria are not met, and permit is specified, the next route map with the same map tag is tested. If a route passes none of the match criteria for the set of route maps sharing the same name, it is not redistributed by that set.

The permit keyword is the default.

deny

(Optional) If the match criteria are met for the route map, and deny is specified, the route is not redistributed or in the case of policy routing, the packet is not policy routed, and no further route maps sharing the same map tag name will be examined. If the packet is not policy-routed, it reverts to the normal forwarding algorithm.

sequence-number

(Optional) Number that indicates the position a new route map is to have in the list of route maps already configured with the same name. If given with the no form of this command, it specifies the position of the route map that should be deleted.

Default

No default is available.

Command Mode

Global configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

Use route maps to redistribute routes or to subject packets to policy routing. Both purposes are described in this section.

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The related match commands are listed in the section "Related Commands for Redistribution." The match commands can be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
Use route maps when you want detailed control over how routes are redistributed between routing processes. The destination routing protocol is the one you specify with the router global configuration command. The source routing protocol is the one you specify with the redistribute router configuration command. See the following example as an illustration of how route maps are configured.
When you are passing routes through a route map, a route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure a second route-map section with an explicit match specified.
Another purpose of route maps is to enable policy-routing. Use the ip policy route-map command, in addition to the route-map command, and the match and set commands to define the conditions for policy-routing packets. The related match and set commands are listed in the section "Related Commands for Policy Routing." The match commands specify the conditions under which policy routing occurs. The set commands specify the routing actions to perform if the criteria enforced by the match commands are met. You might want to policy-route packets some way other than the obvious shortest path.

The sequence-number works as follows:

    1. If no entry is defined with the supplied tag, an entry is created with sequence-number set to 10.

    2. If only one entry is defined with the supplied tag, that entry becomes the default entry for the following route-map command. The sequence-number of this entry is unchanged.

    3. If more than one entry is defined with the supplied tag, an error message is printed to indicate that sequence-number is required.

If no route-map map-tag is specified (with no sequence-number), the whole route-map is deleted.

Example

The following example redistributes RIP routes with a hop count equal to 1 into OSPF. These routes will be redistributed into OSPF as external link state advertisements with a metric of 5, metric type of Type 1 and a tag equal to 1.

router ospf 109
 redistribute rip route-map rip-to-ospf
 
route-map rip-to-ospf permit
 match metric 1
 set metric 5
 set metric-type type1
 set tag 1 

Related Commands for Redistribution

You can use the master indexes or search online to find documentation of related commands.

match as-path
match community-list
match interface
match ip address
match ip next-hop
match ip route-source
match metric
match route-type
match tag
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set origin
set tag
set weight
show route-map

Related Commands for Policy Routing

You can use the master indexes or search online to find documentation of related commands.

ip policy route-map
match ip address
match length
set default interface
set interface
set ip default next-hop
set ip next-hop

send-lifetime

To set the time period during which an authentication key on a key chain is valid to be sent, use the send-lifetime key chain key configuration command. To revert to the default value, use the no form of this command.

send-lifetime start-time {infinite | end-time | duration seconds}
no send-lifetime [start-time {infinite | end-time | duration seconds}]

Syntax Description

start-time

Beginning time that the key specified by the key command is valid to be sent. The syntax can be either of the following:

               hh:mm:ss Month date year

               hh:mm:ss date Month year

hh---hours

mm---minutes

ss---seconds

date---date (1-31)

Month---first three letters of the month

year---year (four digits)

The default start time and the earliest acceptable date is January 1, 1993.

infinite

Key is valid to be sent from the start-time on.

end-time

Key is valid to be sent from the start-time until end-time. The syntax is the same as that for start-time. The end-time must be after the start-time. The default end time is an infinite time period.

duration seconds

Length of time in seconds that the key is valid to be sent.

Default

Forever (The starting time is January 1, 1993, and the ending time is infinite.)

Command Mode

Key chain key configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 11.1.

Specify a start-time and one of the following: infinite, end-time, or duration seconds.

We recommend running NTP or some other time synchronization method if you intend to set lifetimes on keys.

If the last key expires, authentication will continue and an error message will be generated. To disable authentication, you must manually delete the last valid key.

Example

The following example configures a key chain called trees. The key chestnut will be accepted from 1:30 p.m. to 3:30 p.m. and be sent from 2:00 p.m. to 3:00 p.m. The key birch will be accepted from 2:30 p.m. to 4:40 p.m. and be sent from 3:00 p.m. to 4:00 p.m. The overlap allows for migration of keys or a discrepancy in the router's set time. There is a half-hour leeway on each side to handle time-of-day differences.

interface ethernet 0
 ip rip authentication key-chain trees
 ip rip authentication mode md5
!
router rip
 network 172.19.0.0
 version 2
!
key chain trees
 key 1
 key-string chestnut
 accept-lifetime 13:30:00 Jan 25 1996 duration 7200
 send-lifetime 14:00:00 Jan 25 1996 duration 3600
 key 2
 key-string birch
 accept-lifetime 14:30:00 Jan 25 1996 duration 7200
 send-lifetime 15:00:00 Jan 25 1996 duration 3600

Related Commands

You can use the master indexes or search online to find documentation of related commands.

accept-lifetime
key
key chain
key-string
show key chain

set automatic-tag

To automatically compute the tag value, use the set automatic-tag route-map configuration command. To disable this function, use the no form of this command.

set automatic-tag
no set automatic-tag

Syntax Description

This command has no arguments or keywords.

Default

Disabled

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

You must have a match clause (even if it points to a "permit everything" list) if you want to set tags.

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The set route-map configuration commands specify the redistribution set actions to be performed when all of a route map's match criteria are met. When all match criteria are met, all set actions are performed.

Example

The following example configures the Cisco IOS software to automatically compute the tag value for the BGP learned routes:

route-map tag
 match as path 10
 set automatic-tag 
!
router bgp 100
 table-map tag

Related Commands

You can use the master indexes or search online to find documentation of related commands.

match as-path
match community-list
match interface
match ip address
match ip next-hop
match ip route-source
match metric
match route-type
match tag
route-map
set as-path
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set origin
set tag
set weight
show route-map

set default interface

To indicate where to output packets that pass a match clause of a route map for policy routing and have no explicit route to the destination, use the set default interface route-map configuration command. To delete an entry, use the no form of this command.

set default interface type number [... type number]
no set default interface type number [... type number]

Syntax Description

type

Interface type, used with the interface number, to which packets are output.

number

Interface number, used with the interface type, to which packets are output.

Default

Disabled

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 11.0.

Use this command to provide certain users a different default route. If the Cisco IOS software has no explicit route for the destination, then it routes the packet to this interface. The first interface specified with the set default interface command that is up is used. The optionally specified interfaces are tried in turn.

Use the ip policy route-map interface configuration command, the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for policy routing packets. The ip policy route-map command identifies a route map by name. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which policy routing occurs. The set commands specify the set actions---the particular routing actions to perform if the criteria enforced by the match commands are met.

The set clauses can be used in conjunction with one another. They are evaluated in the following order:

set ip next-hop
set interface
set ip default next-hop
set default interface

Example

In the following example, packets that have a Level 3 length of 3 to 50 bytes and for which the software has no explicit route to the destination are output to Ethernet interface 0:

interface serial 0
 ip policy route-map brighton
!
route-map brighton
 match length 3 50
 set default interface ethernet 0

Related Commands

You can use the master indexes or search online to find documentation of related commands.

ip policy route-map
match ip address
match length
route-map
set interface
set ip default next-hop
set ip next-hop

set interface

To indicate where to output packets that pass a match clause of route map for policy routing, use the set interface route-map configuration command. To delete an entry, use the no form of this command.

set interface type number [...type number]
no set interface type number [...type number]

Syntax Description

type

Interface type, used with the interface number, to which packets are output.

number

Interface number, used with the interface type, to which packets are output.

Default

Disabled

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 11.0.

Use the ip policy route-map interface configuration command, the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for policy routing packets. The ip policy route-map command identifies a route map by name. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which policy routing occurs. The set commands specify the set actions---the particular routing actions to perform if the criteria enforced by the match commands are met.

If the first interface specified with the set interface command is down, the optionally specified interfaces are tried in turn.

The set clauses can be used in conjunction with one another. They are evaluated in the following order:

set ip next-hop
set interface
set ip default next-hop
set default interface

A useful next hop implies an interface. As soon as a next hop and an interface are found, the packet is routed.

Specifying set interface null 0 is a way to write a policy that the packet be dropped and an "unreachable" message be generated.

Example

In the following example, packets with a Level 3 length of 3 to 50 bytes are output to Ethernet interface 0:

interface serial 0
 ip policy route-map testing
!
route-map testing
 match length 3 50
 set interface ethernet 0

Related Commands

You can use the master indexes or search online to find documentation of related commands.

ip policy route-map
match ip address
match length
route-map
set default interface
set ip default next-hop
set ip next-hop

set ip default next-hop

To indicate where to output packets that pass a match clause of a route map for policy routing and for which the Cisco IOS software has no explicit route to a destination, use the set ip default next-hop route-map configuration command. To delete an entry, use the no form of this command.

set ip default next-hop ip-address [...ip-address]
no set ip default next-hop ip-address [...ip-address]

Syntax Description

ip-address

IP address of the next hop to which packets are output. It must be an adjacent router.

Default

Disabled

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 11.0.

Use this command to provide certain users a different default route. If the software has no explicit route for the destination in the packet, then it routes the packet to this next hop. The first next hop specified with the set ip default next-hop command that appears to be adjacent to the router is used. The optional specified IP addresses are tried in turn.

Use the ip policy route-map interface configuration command, the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for policy routing packets. The ip policy route-map command identifies a route map by name. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which policy routing occurs. The set commands specify the set actions---the particular routing actions to perform if the criteria enforced by the match commands are met.

The set clauses can be used in conjunction with one another. They are evaluated in the following order:

set ip next-hop
set interface
set ip default next-hop
set default interface

Example

The following example provides two sources with equal access to two different service providers. Packets arriving on async interface 1 from the source 1.1.1.1 are sent to the router at 6.6.6.6 if the software has no explicit route for the packet's destination. Packets arriving from the source 2.2.2.2 are sent to the router at 7.7.7.7 if the software has no explicit route for the packet's destination. All other packets for which the software has no explicit route to the destination are discarded.

access-list 1 permit ip 1.1.1.1 0.0.0.0
access-list 2 permit ip 2.2.2.2 0.0.0.0
!
interface async 1
 ip policy route-map equal-access
!
route-map equal-access permit 10
 match ip address 1
 set ip default next-hop 6.6.6.6
route-map equal-access permit 20
 match ip address 2
 set ip default next-hop 7.7.7.7
 route-map equal-access permit 30
 set default interface null0

Related Commands

You can use the master indexes or search online to find documentation of related commands.

ip policy route-map
match ip address
match length
route-map
set default interface
set interface
set ip next-hop

set ip next-hop

To indicate where to output packets that pass a match clause of a route map for policy routing, use the set ip next-hop route-map configuration command. To delete an entry, use the no form of this command.

set ip next-hop ip-address [...ip-address]
no set ip next-hop ip-address [...ip-address]

Syntax Description

ip-address

IP address of the next hop to which packets are output. It must be the address of an adjacent router.

Default

Disabled

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 11.0.

Use the ip policy route-map interface configuration command, the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for policy routing packets. The ip policy route-map command identifies a route map by name. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which policy routing occurs. The set commands specify the set actions---the particular routing actions to perform if the criteria enforced by the match commands are met.

If the interface associated with the first next hop specified with the set ip next-hop command is down, the optionally specified IP addresses are tried in turn.

The set clauses can be used in conjunction with one another. They are evaluated in the following order:

set ip next-hop
set interface
set ip default next-hop
set default interface

Example

In the following example, packets with a Level 3 length of 3 to 50 bytes are output to the router at IP address 161.14.2.2:

interface serial 0
 ip policy route-map thataway
!
route-map thataway
 match length 3 50
 set ip next-hop 161.14.2.2

Related Commands

You can use the master indexes or search online to find documentation of related commands.

ip policy route-map
match ip address
match length
route-map
set default interface
set interface
set ip default next-hop

set ip precedence

To set the precedence value in the IP header, use the set ip precedence route-map configuration command. To instruct the router to leave the precedence value alone, use the no form of this command.

set ip precedence value
no set ip precedence

Syntax Description

value

Number or name that sets the precedence bits in the IP header. The number and its corresponding name are as follows, from least important to most important:

Number        Name

0                            routine
1                            priority
2                            immediate
3                            flash
4                            flash-override
5                            critical
6                            internet
7                            network

Default

The software leaves the value that was there.

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 11.0.

You can set the precedence using either a number or the corresponding name.


Note Setting the precedence bit affects weighted fair queuing (WFQ). It acts as a multipler on the WFQ weighting, using a formula of 4096 divided by the IP precedence value plus 1. For more information, see the fair-queue command (search online or use the master index).

The way the network gives priority (or some type of expedited handling) to the marked traffic is through the application of WFQ or WRED at points downstream in the network. Typically, you would set IP precedence at the edge of the network (or administrative domain) and have queuing act on it thereafter. WFQ can speed up handling for high precedence traffic at congestion points. WRED ensures high precedence traffic has lower loss rates than other traffic during times of congestion.

The mapping from keywords such as routine and priority to a precedence value is useful only in some instances. That is, the use of the precedence bit is evolving. The customer can define the meaning of a precedence value by enabling other features that use the value. In the case of our high- end Internet QoS, IP precedences can be used to establish classes of service that do not necessarily correspond numerically to better or worse handling in the network. For example, IP precedence 2 can be given 90% of the bandwidth on output links in the network, and IP precedence 6 can be given 5% using the DWFQ implementation on the VIPs.

Use the route-map global configuration command with match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another, or for policy routing. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution or policy routing is allowed for the current route-map command. The set commands specify the set actions---the particular redistribution or policy routing actions to perform if the criteria enforced by the match commands are met. The no  route-map command deletes the route map.

The set route-map configuration commands specify the redistribution set actions to be performed when all of a route map's match criteria are met. When all match criteria are met, all set actions are performed.

Example

The following example sets the IP precedence to 5 (critical) for packets that pass the route-map match:

interface serial 0
 ip policy route-map texas
!
route-map texas
 match length 68 128
 set ip precedence 5

Related Commands

You can use the master indexes or search online to find documentation of related commands.

fair-queue
ip policy route-map
route-map

set level

To indicate where to import routes, use the set level route-map configuration command. To delete an entry, use the no form of this command.

set level {level-1 | level-2 | level-1-2 | stub-area | backbone}
no set level {level-1 | level-2 | level-1-2 | stub-area | backbone}

Syntax Description

level-1

Imports routes into a Level-1 area.

level-2

Imports routes into Level-2 subdomain.

level-1-2

Imports routes into Level-1 and Level-2.

stub-area

Imports routes into OSPF NSSA area.

backbone

Imports routes into OSPF backbone area.

Defaults

Disabled

For IS-IS destinations, the default value is level-2. For OSPF destinations, the default value is backbone.

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The set route-map configuration commands specify the redistribution set actions to be performed when all of a route map's match criteria are met. When all match criteria are met, all set actions are performed.

Example

In the following example, routes will be imported into the Level 1 area:

route-map name
 set level level-l

Related Commands

You can use the master indexes or search online to find documentation of related commands.

match as-path
match community-list
match interface
match ip address
match ip next-hop
match ip route-source
match metric
match route-type
match tag
route-map
set as-path
set community
set local-preference
set local-preference
set metric
set metric-type
set next-hop
set origin
set tag
set weight
show route-map

set local-preference

To specify a preference value for the autonomous system path, use the set local-preference route-map configuration command. To delete an entry, use the no form of this command.

set local-preference value
no set local-preference value

Syntax Description

value

Preference value. An integer from 0 to 4294967295.

Default

Preference value of 100

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

The preference is sent only to all routers in the local autonomous system.

You must have a match clause (even if it points to a "permit everything" list) if you want to set tags.

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The set route-map configuration commands specify the redistribution set actions to be performed when all of a route map's match criteria are met. When all match criteria are met, all set actions are performed.

You can change the default preference value with the bgp default local-preference command.

Example

The following example sets the local preference to 100 for all routes that are included in access list 1:

route-map map-preference
 match as-path 1
 set local-preference 100

Related Commands

You can use the master indexes or search online to find documentation of related commands.

bgp default local-preference
match as-path
match community-list
match interface
match ip address
match ip next-hop
match ip route-source
match metric
match route-type
match tag
route-map
set as-path
set automatic-tag
set community
set level
set metric
set metric-type
set next-hop
set origin
set tag
set weight

set metric

To set the metric value for a routing protocol, use the set metric route-map configuration command. To return to the default metric value, use the no form of this command.

set metric metric-value
no set metric metric-value

Syntax Description

metric-value

Metric value; an integer from -294967295 to 294967295. This argument applies to all routing protocols except IGRP and IP Enhanced IGRP.

Default

The dynamically-learned metric value.

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.


Note We recommend you consult your Cisco technical support representative before changing the default value.

Use the route-map global configuration command, and the match and set route-map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The set route-map configuration commands specify the redistribution set actions to be performed when all of a route map's match criteria are met. When all match criteria are met, all set actions are performed.

Example

The following example sets the metric value for the routing protocol to 100:

route-map set-metric
 set metric 100

Related Commands

You can use the master indexes or search online to find documentation of related commands.

match as-path
match community-list
match interface
match ip address
match ip next-hop
match ip route-source
match metric
match route-type
match tag
route-map
set as-path
set community
set level
set local-preference
set metric-type
set next-hop
set origin
set tag
set weight
show route-map

set metric-type

To set the metric type for the destination routing protocol, use the set metric-type route-map configuration command. To return to the default, use the no form of this command.

set metric-type {internal | external | type-1 | type-2}
no set metric-type {internal | external | type-1 | type-2}

Syntax Description

internal

IS-IS internal metric.

external

IS-IS external metric.

type-1

OSPF external type 1 metric.

type-2

OSPF external type 2 metric.

Default

Disabled

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

Use the route-map global configuration command with match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The set route-map configuration commands specify the redistribution set actions to be performed when all of a route map's match criteria are met. When all match criteria are met, all set actions are performed.

Example

The following example sets the metric type of the destination protocol to OSPF external type 1:

route-map map-type
 set metric-type type-1

Related Commands

You can use the master indexes or search online to find documentation of related commands.

match as-path
match community-list
match interface
match ip address
match ip next-hop
match ip route-source
match metric
match route-type
match tag
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set next-hop
set origin
set tag
set weight
show route-map

set next-hop

To specify the address of the next hop, use the set next-hop route-map configuration command. To delete an entry, use the no form of this command.

set next-hop next-hop
no set next-hop next-hop

Syntax Description

next-hop

IP address of the next hop router.

Default

Default next-hop address.

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

You must have a match clause (even if it points to a "permit everything" list) if you want to set tags.

Use the route-map global configuration command with match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The set route-map configuration commands specify the redistribution set actions to be performed when all of a route map's match criteria are met. When all match criteria are met, all set actions are performed.

Example

In the following example, routes that pass the access list have the next hop set to 198.92.70.24:

route-map map_hop
 match address 5
 set next-hop 198.92.70.24

Related Commands

You can use the master indexes or search online to find documentation of related commands.

match as-path
match community-list
match interface
match ip address
match ip next-hop
match ip route-source
match metric
match route-type
match tag
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set origin
set tag
set weight
show route-map

set origin

To set the BGP origin code, use the set origin route-map configuration command. To delete an entry, use the no form of this command.

set origin {igp | egp autonomous-system | incomplete}

Syntax Description

igp

Remote IGP.

egp

Local EGP.

autonomous-system

Remote autonomous system. This is an integer from 0 to 65535.

incomplete

Unknown heritage.

Default

Default origin, based on route in main IP routing table.

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

You must have a match clause (even if it points to a "permit everything" list) if you want to set tags.

Use the route-map global configuration command with match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The set route-map configuration commands specify the redistribution set actions to be performed when all of a route map's match criteria are met. When all match criteria are met, all set actions are performed.

Example

The following example sets the origin of routes that pass the route map to IGP:

route-map set_origin
 match as-path 10
 set origin igp

Related Commands

You can use the master indexes or search online to find documentation of related commands.

match as-path
match community-list
match interface
match ip address
match ip next-hop
match ip route-source
match metric
match route-type
match tag
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set tag
set weight
show route-map

set tag

To set a tag value of the destination routing protocol, use the set tag route-map configuration command. To delete the entry, use the no form of this command.

set tag tag-value
no set tag tag-value

Syntax Description

tag-value

Name for the tag. Integer from 0 to 4294967295.

Default

If not specified, the default action is to forward the tag in the source routing protocol onto the new destination protocol.

Command Mode

Route-map configuration

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

Use the route-map global configuration command with match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria---the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.

The set route-map configuration commands specify the redistribution set actions to be performed when all of a route map's match criteria are met. When all match criteria are met, all set actions are performed.

Example

The following example sets the tag value of the destination routing protocol to 5:

route-map tag
 set tag 5

Related Commands

You can use the master indexes or search online to find documentation of related commands.

match as-path
match community-list
match interface
match ip address
match ip next-hop
match ip route-source
match metric
match route-type
match tag
route-map
set as-path
set automatic-tag
set community
set level
set local-preference
set metric
set metric-type
set next-hop
set origin
set weight
show route-map

show ip cache policy

To display the cache entries in the policy route-cache, use the show ip cache policy EXEC command.

show ip cache policy

Syntax Description

This command has no arguments or keywords.

Command Mode

EXEC

Usage Guidelines

This command first appeared in Cisco IOS Release 11.3.

Sample Display

The following is sample output from the show ip cache policy command:

Router# show ip cache policy
 
Total adds 10, total deletes 10
 
Type Routemap/sequence      Age       Interface       Next Hop
NH   george/10              00:04:31  Ethernet0       171.69.1.2
Int  george/30              00:01:23  Serial4         171.69.5.129
 
 

Table 57 describes the significant fields in the display.


Table 57: Show IP Cache Policy Field Descriptions
Field Description

Total adds

Number of times a cache entry was created.

total deletes

Number of times a cache entry or the entire cache was deleted.

Type

NH indicates set ip nexthop command.

Int indicates set interface command.

Routemap

Name of route-map that created the entry; in this example, "george."

sequence

Route-map sequence number.

Age

Age of cache entry.

Interface

Output interface type and number.

Next Hop

IP address of the next hop.

Related Commands

You can use the master indexes or search online to find documentation of related commands.

ip route-cache

show ip local policy

To display the route map used for local policy routing, if any, use the show ip local policy EXEC command.

show ip local policy

Syntax Description

This command has no arguments or keywords.

Command Mode

EXEC

Usage Guidelines

This command first appeared in Cisco IOS Release 11.1.

Sample Display

The following is sample output from the show ip local policy command:

Router# show ip local policy
 
Local policy routing is enabled, using route map equal
route-map equal, permit, sequence 10
  Match clauses:
    length 150 200
  Set clauses:
    ip next-hop 10.10.11.254
  Policy routing matches: 0 packets, 0 bytes
route-map equal, permit, sequence 20
  Match clauses:
    ip address (access-lists): 101 
  Set clauses:
    ip next-hop 10.10.11.14
  Policy routing matches: 2 packets, 172 bytes
 

Table 58 describes the fields in the display.


Table 58: Show IP Local Policy Field Descriptions
Field Description

route-map equal

The name of the route-map is "equal."

permit

The route-map contains permit statements.

sequence

The sequence number of the route map, which determines in what order it is processed among other route-maps.

Match clauses:

Clauses in the route-map that must be matched to satisfy the permit or deny action.

Set clauses:

Set clauses that will be put into place if the match clauses are met.

Policy routing matches: packets

Number of packet that meet the match clauses.

bytes

Number of bytes in the packets that meet the match clauses.

Related Commands

You can use the master indexes or search online to find documentation of related commands.

ip local policy route-map
match ip address
match length
route-map
set default interface
set interface
set ip default next-hop
set ip next-hop

show ip policy

To display the route map used for policy routing, use the show ip policy EXEC command.

show ip policy

Syntax Description

This command has no arguments or keywords.

Command Mode

EXEC

Usage Guidelines

This command first appeared in Cisco IOS Release 11.1.

Sample Displays

The following is sample output from the show ip policy command:

Router# show ip policy
 
Interface      Route map
local          equal
Ethernet0      equal
 

The following is sample output from the show route-map command, which relates to the preceding sample display:

Router# show route-map
 
route-map equal, permit, sequence 10
  Match clauses:
    length 150 200
  Set clauses:
    ip next-hop 10.10.11.254
  Policy routing matches: 0 packets, 0 bytes
route-map equal, permit, sequence 20
  Match clauses:
    ip address (access-lists): 101 
  Set clauses:
    ip next-hop 10.10.11.14
  Policy routing matches: 144 packets, 15190 bytes
 

Table 59 describes the fields in the display.


Table 59: Show IP Policy Field Descriptions
Field Description

route-map equal

The name of the route-map is "equal."

permit

The route-map contains permit statements.

sequence

Sequence number of the route-map, which determines in what order it is processed among other route-maps.

Match clauses:

Clauses in the route-map that must be matched to satisfy the permit or deny action.

Set clauses:

Set clauses that will be put into place if the match clauses are met.

Policy routing matches: packets

Number of packet that meet the match clauses.

bytes

Number of bytes in the packets that meet the match clauses.

Related Commands

You can use the master indexes or search online to find documentation of related commands.

match ip address
match length
route-map
set default interface
set interface
set ip default next-hop
set ip next-hop

show ip protocols

To display the parameters and current state of the active routing protocol process, use the show ip protocols EXEC command.

show ip protocols

Syntax Description

This command has no arguments or keywords.

Command Mode

EXEC

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

The information displayed by show ip protocols is useful in debugging routing operations. Information in the Routing Information Sources field of the show ip protocols output can help you identify a router suspected of delivering bad routing information.

Sample Displays

The following is sample output from the show ip protocols command, showing IGRP processes:

Router# show ip protocols
 
Routing Protocol is "igrp 109"
  Sending updates every 90 seconds, next due in 44 seconds
  Invalid after 270 seconds, hold down 280, flushed after 630
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
  Default networks flagged in outgoing updates
  Default networks accepted from incoming updates
  IGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
  IGRP maximum hopcount 100
  IGRP maximum metric variance 1
  Redistributing: igrp 109
  Routing for Networks:
    198.92.72.0
  Routing Information Sources:
    Gateway         Distance      Last Update
    198.92.72.18         100      0:56:41
    198.92.72.19         100      6d19
    198.92.72.22         100      0:55:41
    198.92.72.20         100      0:01:04
    198.92.72.30         100      0:01:29
  Distance: (default is 100)
 
Routing Protocol is "bgp 1878"
  Sending updates every 60 seconds, next due in 0 seconds
  Outgoing update filter list for all interfaces is 1
  Incoming update filter list for all interfaces is not set
  Redistributing: igrp 109
  IGP synchronization is disabled
  Automatic route summarization is enabled
  Neighbor(s):
    Address          FiltIn FiltOut DistIn DistOut Weight RouteMap
    192.108.211.17                1                      
    192.108.213.89                1                      
    198.6.255.13                  1                      
    198.92.72.18                  1                      
    198.92.72.19                                         
    198.92.84.17                  1                      
  Routing for Networks:
    192.108.209.0
    192.108.211.0
    198.6.254.0
  Routing Information Sources:
    Gateway         Distance      Last Update
    198.92.72.19          20      0:05:28
  Distance: external 20 internal 200 local 200
 

Table 60 describes significant fields shown in the display.


Table 60: Show IP Protocols Field Descriptions for IGRP Processes
Field Description

Routing Protocol is "igrp 109"

Specifies the routing protocol used.

Sending updates every 90 seconds

Specifies the time between sending updates.

next due in 44 seconds

Precisely when the next update is due to be sent.

Invalid after 270 seconds

Specifies the value of the invalid parameter.

hold down for 280

Specifies the current value of the hold-down parameter.

flushed after 630

Specifies the time in seconds after which the individual routing information will be thrown (flushed) out.

Outgoing update ...

Specifies whether the outgoing filtering list has been set.

Incoming update ...

Specifies whether the incoming filtering list has been set.

Default networks

Specifies how these networks will be handled in both incoming and outgoing updates.

IGRP metric

Specifies the value of the K0-K5 metrics, as well as the maximum hopcount.

Redistributing

Lists the protocol that is being redistributed.

Routing

Specifies the networks for which the routing process is currently injecting routes.

Routing Information Sources

Lists all the routing sources the Cisco IOS software is using to build its routing table. For each source, you will see the following displayed:

  • IP address

  • Administrative distance

  • Time the last update was received from this source.

The following is sample output from the show ip protocols command, showing Enhanced IGRP processes:

Router# show ip protocols
 
Routing Protocol is "eigrp 77"
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
  Redistributing: eigrp 77
  Automatic network summarization is in effect
  Routing for Networks:
    160.89.0.0
  Routing Information Sources:
    Gateway         Distance      Last Update
    160.89.81.28          90      0:02:36
    160.89.80.28          90      0:03:04
    160.89.80.31          90      0:03:04
  Distance: internal 90 external 170
 

Table 61 describes the fields that might be shown in the display.


Table 61: Show IP Protocols Field Descriptions for Enhanced IGRP Processes
Field Description

Routing Protocol is "eigrp 77"

Name and autonomous system number of the currently running routing protocol.

Outgoing update filter list for all interfaces...

Indicates whether a filter for outgoing routing updates has been specified with the distribute-list out command.

Incoming update filter list for all interfaces...

Indicates whether a filter for incoming routing updates has been specified with the distribute-list in command.

Redistributing: eigrp 77

Indicates whether route redistribution has been enabled with the redistribute command.

Automatic network summarization...

Indicates whether route summarization has been enabled with the auto-summary command.

Routing for Networks:

Networks for which the routing process is currently injecting routes.

Routing Information Sources:

Lists all the routing sources that the Cisco IOS software is using to build its routing table. The following is displayed for each source: IP address, administrative distance, and time the last update was received from this source.

Distance: internal 90 external 170

Internal and external distances of the router. Internal distance is the degree of preference given to Enhanced IGRP internal routes. External distance is the degree of preference given to Enhanced IGRP external routes.

The following is sample output from the show ip protocols command, showing IS-IS processes:

Router# show ip protocols
 
Routing Protocol is "isis"
  Sending updates every 0 seconds
  Invalid after 0 seconds, hold down 0, flushed after 0
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
  Redistributing: isis
  Address Summarization:
    None
  Routing for Networks:
    Serial0
  Routing Information Sources:
  Distance: (default is 115)
 

The following is sample output from the show ip protocols command, showing RIP processes:

Router# show ip protocols
 
Routing Protocol is "rip"
  Sending updates every 30 seconds, next due in 2 seconds
  Invalid after 180 seconds, hold down 180, flushed after 240
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
  Redistributing: rip
  Default version control: send version 2, receive version 2
    Interface        Send  Recv   Key-chain
    Ethernet0        2     2      trees 
    Fddi0            2     2                      
  Routing for Networks:
    172.19.0.0
    2.0.0.0
    3.0.0.0
  Routing Information Sources:
    Gateway         Distance      Last Update
  Distance: (default is 120)

show ip route

Use the show ip route EXEC command to display the current state of the routing table.

show ip route [address [mask] [longer-prefixes]] | [protocol [process-id]]

Syntax Description

address

(Optional) Address about which routing information should be displayed.

mask

(Optional) Argument for a subnet mask.

longer-prefixes

(Optional) The address and mask pair becomes a prefix and any routes that match that prefix are displayed.

protocol

(Optional) Name of a routing protocol; or the keyword connected, static, or summary. If you specify a routing protocol, use one of the following keywords: bgp, egp, eigrp, hello, igrp, isis, ospf, or rip.

process-id

(Optional) Number used to identify a process of the specified protocol.

Command Mode

EXEC

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0. The longer-prefixes keyword first appeared in Cisco IOS Release 11.0. The process-id argument first appeared in Cisco IOS Release  10.3.

Sample Displays

The following is sample output from the show ip route command when entered without an address:

Router# show ip route
 
Codes: I - IGRP derived, R - RIP derived, O - OSPF derived
       C - connected, S - static, E - EGP derived, B - BGP derived
       * - candidate default route, IA - OSPF inter area route
       E1 - OSPF external type 1 route, E2 - OSPF external type 2 route
 
Gateway of last resort is 131.119.254.240 to network 129.140.0.0
 
O E2 150.150.0.0 [160/5] via 131.119.254.6, 0:01:00, Ethernet2
E    192.67.131.0 [200/128] via 131.119.254.244, 0:02:22, Ethernet2
O E2 192.68.132.0 [160/5] via 131.119.254.6, 0:00:59, Ethernet2
O E2 130.130.0.0 [160/5] via 131.119.254.6, 0:00:59, Ethernet2
E    128.128.0.0 [200/128] via 131.119.254.244, 0:02:22, Ethernet2
E    129.129.0.0 [200/129] via 131.119.254.240, 0:02:22, Ethernet2
E    192.65.129.0 [200/128] via 131.119.254.244, 0:02:22, Ethernet2
E    131.131.0.0 [200/128] via 131.119.254.244, 0:02:22, Ethernet2
E    192.75.139.0 [200/129] via 131.119.254.240, 0:02:23, Ethernet2
E    192.16.208.0 [200/128] via 131.119.254.244, 0:02:22, Ethernet2
E    192.84.148.0 [200/129] via 131.119.254.240, 0:02:23, Ethernet2
E    192.31.223.0 [200/128] via 131.119.254.244, 0:02:22, Ethernet2
E    192.44.236.0 [200/129] via 131.119.254.240, 0:02:23, Ethernet2
E    140.141.0.0 [200/129] via 131.119.254.240, 0:02:22, Ethernet2
E    141.140.0.0 [200/129] via 131.119.254.240, 0:02:23, Ethernet2
 

The following is sample output that includes some IS-IS Level 2 routes learned:

Router# show ip route
 
Codes: I - IGRP derived, R - RIP derived, O - OSPF derived
       C - connected, S - static, E - EGP derived, B - BGP derived
       i - IS-IS derived
       * - candidate default route, IA - OSPF inter area route
	E1 - OSPF external type 1 route, E2 - OSPF external type 2 route
       L1 - IS-IS level-1 route, L2 - IS-IS level-2 route
 
Gateway of last resort is not set
 
     160.89.0.0 is subnetted (mask is 255.255.255.0), 3 subnets
C       160.89.64.0 255.255.255.0 is possibly down,
          routing via 0.0.0.0, Ethernet0
i L2    160.89.67.0 [115/20] via 160.89.64.240, 0:00:12, Ethernet0
i L2    160.89.66.0 [115/20] via 160.89.64.240, 0:00:12, Ethernet0
 

Table 62 describes significant fields shown in these two displays.


Table 62: Show IP Route Field Descriptions
Field Description

O

Indicates protocol that derived the route. Possible values include the following:

  • I---IGRP derived

  • R---RIP derived

  • O---OSPF derived

  • C---connected

  • S---static

  • E---EGP derived

  • B---BGP derived

  • i---IS-IS derived

E2

Type of route. Possible values include the following:

  • *---Indicates the last path used when a packet was forwarded. It pertains only to the non-fast-switched packets. However, it does not indicate what path will be used next when forwarding a non-fast-switched packet, except when the paths are equal cost.

  • IA---OSPF interarea route.

  • E1---OSPF external type 1 route.

  • E2---OSPF external type 2 route.

  • L1---IS-IS Level 1 route.

  • L2---IS-IS Level 2 route.

150.150.0.0

Indicates the address of the remote network.

[160/5]

The first number in the brackets is the administrative distance of the information source; the second number is the metric for the route.

via 131.119.254.6

Specifies the address of the next router to the remote network.

0:01:00

Specifies the last time the route was updated in hours:minutes:seconds.

Ethernet2

Specifies the interface through which the specified network can be reached.

When you specify that you want information about a specific network displayed, more detailed statistics are shown. The following is sample output from the show ip route command when entered with the address 131.119.0.0.

Router# show ip route 131.119.0.0
 
Routing entry for 131.119.0.0 (mask 255.255.0.0)
   Known via "igrp 109", distance 100, metric 10989
   Tag 0
   Redistributing via igrp 109
   Last update from 131.108.35.13 on TokenRing0, 0:00:58 ago
   Routing Descriptor Blocks:
   * 131.108.35.13, from 131.108.35.13, 0:00:58 ago, via TokenRing0
      Route metric is 10989, traffic share count is 1
      Total delay is 45130 microseconds, minimum bandwidth is 1544 Kbit
      Reliability 255/255, minimum MTU 1500 bytes
      Loading 2/255, Hops 4
 

Table 63 describes significant fields shown in the display.


Table 63: Show IP Route with Address Field Descriptions
Field Description

Routing entry for 131.119.0.0 (mask 255.255.0.0)

Network number and mask.

Known via "igrp 109"

Indicates how the route was derived.

distance

Administrative distance of the information source.

Tag

Integer that is used to implement the route.

Redistributing via igrp

Indicates redistribution protocol.

Last update from 131.108.35.13 on TokenRing0

Indicates the IP address of a router that is the next hop to the remote network and the router interface on which the last update arrived.

0:00:58 ago

Specifies the last time the route was updated in hours:minutes:seconds.

131.108.35.13, from 131.108.35.13, 0:00:58 ago

Indicates the next hop address, the address of the gateway that sent the update, and the time that has elapsed since this update was received in hours:minutes:seconds.

via TokenRing0

Interface for this route.

Route metric

This value is the best metric for this routing descriptor block.

traffic share count

Number of uses for this routing descriptor block.

Total delay

Total propagation delay in microseconds.

minimum bandwidth

Minimum bandwidth encountered when transmitting data along this route.

Reliability 255/255

Likelihood of successful packet transmission expressed as a number between 0 and 255 (255 is 100 percent reliability).

minimum MTU

Smallest MTU along the path.

Loading 2/255

Effective bandwidth of the route in kilobits per second/255 is saturation.

Hops

Hops to the destination or to the router where the route first enters IGRP.

The following is sample output using the longer-prefixes keyword. When the longer-prefixes keyword is included, the address and mask pair becomes the prefix, and any address that matches that prefix is displayed. Therefore, multiple addresses are displayed.

In the following example, the logical AND operation is performed on the source address 128.0.0.0 and the mask 128.0.0.0, resulting in 128.0.0.0. Each destination in the routing table is also logically ANDed with the mask and compared to that result of 128.0.0.0. Any destinations that fall into that range are displayed in the output.

Router# show ip route 128.0.0.0 128.0.0.0 longer-prefixes 
 
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
 
Gateway of last resort is not set
 
S    134.134.0.0 is directly connected, Ethernet0
S    131.131.0.0 is directly connected, Ethernet0
S    129.129.0.0 is directly connected, Ethernet0
S    128.128.0.0 is directly connected, Ethernet0
S    198.49.246.0 is directly connected, Ethernet0
S    192.160.97.0 is directly connected, Ethernet0
S    192.153.88.0 is directly connected, Ethernet0
S    192.76.141.0 is directly connected, Ethernet0
S    192.75.138.0 is directly connected, Ethernet0
S    192.44.237.0 is directly connected, Ethernet0
S    192.31.222.0 is directly connected, Ethernet0
S    192.16.209.0 is directly connected, Ethernet0
S    144.145.0.0 is directly connected, Ethernet0
S    140.141.0.0 is directly connected, Ethernet0
S    139.138.0.0 is directly connected, Ethernet0
S    129.128.0.0 is directly connected, Ethernet0
     172.19.0.0 255.255.255.0 is subnetted, 1 subnets
C       172.19.64.0 is directly connected, Ethernet0
     171.69.0.0 is variably subnetted, 2 subnets, 2 masks
C       171.69.232.32 255.255.255.240 is directly connected, Ethernet0
S       171.69.0.0 255.255.0.0 is directly connected, Ethernet0
Router#

Related Commands

You can use the master indexes or search online to find documentation of related commands.

show interfaces tunnel
show ip route summary

show ip route summary

To display the current state of the routing table, use the show ip route summary EXEC command.

show ip route summary

Syntax Description

This command has no arguments or keywords.

Command Mode

EXEC

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

Sample Display

The following is sample output from the show ip route summary command:

Router# show ip route summary
 
Route Source    Networks    Subnets     Overhead    Memory (bytes)
connected       0           3           126         360
static          1           2           126         360
igrp 109        747         12          31878       91080
internal        3                                   360
Total           751         17          32130       92160
Router#
 

Table 64 describes the fields shown in the display:


Table 64: Show IP Route Summary Field Descriptions
Field Description

Route Source

Routing protocol name, or the keyword connected, static or internal. Internal indicates those routes that are in the routing table that are not owned by any routing protocol.

Networks

Number of prefixes that are present in the routing table for each route source.

Subnets

Number of subnets that are present in the routing table for each route source, including host routes.

Overhead

Any additional memory involved in allocating the routes for the particular route source other than the memory specified in the Memory field.

Memory

Number of bytes allocated to maintain all the routes for the particular route source.

Related Commands

You can use the master indexes or search online to find documentation of related commands.

show ip route

show ip route supernets-only

To display information about supernets, use the show ip route supernets-only privileged EXEC command.

show ip route supernets-only

Syntax Description

This command has no arguments or keywords.

Command Mode

Privileged EXEC

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

Sample Display

The following is sample output from the show ip route supernets-only command. This display shows supernets only; it does not show subnets.

Router# show ip route supernets-only
 
Codes: I - IGRP derived, R - RIP derived, O - OSPF derived
       C - connected, S - static, E - EGP derived, B - BGP derived
       i - IS-IS derived, D - EIGRP derived
       * - candidate default route, IA - OSPF inter area route
       E1 - OSPF external type 1 route, E2 - OSPF external type 2 route
       L1 - IS-IS level-1 route, L2 - IS-IS level-2 route
       EX - EIGRP external route
 
Gateway of last resort is not set
 
B    198.92.0.0 (mask is 255.255.0.0) [20/0] via 198.92.72.30, 0:00:50
B    192.0.0.0 (mask is 255.0.0.0) [20/0] via 198.92.72.24, 0:02:50
 

Table 65 describes the fields in the display.


Table 65: Show IP Route Supernets-Only Field Descriptions
Field Description

B

BGP derived, as shown in list of codes.

198.92.0.0 (mask is 255.255.0.0)

Supernet IP address.

[20/0]

Administrative distance (external/internal).

via 198.92.72.30

Next hop IP address.

0:00:50

Age of the route (how long ago the update was received).

show key chain

To display authentication key information, use the show key chain EXEC command.

show key chain [name-of-chain]

Syntax Description

name-of-chain

(Optional) Name of the key chain to display, as named in the key chain command.

Default

Information about all key chains is displayed.

Command Mode

EXEC

Usage Guidelines

This command first appeared in Cisco IOS Release 11.1.

Sample Display

The following is sample output from the show key chain command:

Router# show key chain
 
Key-chain flintstone:
    key 1 -- text "fred"
        accept lifetime (always valid) - (always valid) [valid now]
        send lifetime (always valid) - (always valid) [valid now]
    key 2 -- text "barney"
        accept lifetime (00:00:00 Dec 5 1995) - (23:59:59 Dec 5 1995)
        send lifetime (06:00:00 Dec 5 1995) - (18:00:00 Dec 5 1995)

Related Commands

You can use the master indexes or search online to find documentation of related commands.

accept-lifetime
key
key chain
key-string
send-lifetime

show route-map

To display configured route-maps, use the show route-map EXEC command.

show route-map [map-name]

Syntax Description

map-name

(Optional) Name of a specific route-map.

Command Mode

EXEC

Usage Guidelines

This command first appeared in Cisco IOS Release 10.0.

Sample Display

The following is sample output from the show route-map command:

Router# show route-map
 
route-map abc, permit, sequence 10
  Match clauses:
    tag 1 2
  Set clauses:
    metric 5
route-map xyz, permit, sequence 20
  Match clauses:
    tag 3 4
  Set clauses:
    metric 6
 

Table 66 describes the fields shown in the display:


Table 66: Show Route-Map Field Descriptions
Field Description

route-map

Name of the route map.

permit

Indicates that the route is redistributed as controlled by the set actions.

sequence

Number that indicates the position a new route map is to have in the list of route maps already configured with the same name.

Match clauses
   tag

Match criteria---conditions under which redistribution is allowed for the current route map.

Set clauses
   metric

Set actions---the particular redistribution actions to perform if the criteria enforced by the match commands are met.

Related Commands

You can use the master indexes or search online to find documentation of related commands.

redistribute
route-map


hometocprevnextglossaryfeedbacksearchhelp
Posted: Mon Feb 1 09:58:17 PST 1999
Copyright 1989-1999©Cisco Systems Inc.