IOS "interface" command

Similar Messages

• Passive interface command on RIP

  Hi all,
  This command below
  passive-interface command give additional information to RIP, that it can't send updates via this particular interface ---
  As per my understanding is this if we have 2 routers that are directly connected with each other and we enable this command on the interface of one of
  routers then that router will not send any RIP updates to other router right?
  secondly if these 2 routers are point to point connection we can ping directly conencted interfaces IP of  routers because they are directly connected even though there is no routing protocol running between these two right?
  3rd thing when i run sh ip protocols on one of router it shows
  Routing Protocol is "rip"
    Sending updates every 30 seconds, next due in 1 seconds
    Invalid after 180 seconds, hold down 180, flushed after 240
    Outgoing update filter list for all interfaces is not set
    Incoming update filter list for all interfaces is not set
    Redistributing: rip
    Default version control: send version 2, receive version 2
      Interface             Send  Recv  Triggered RIP  Key-chain
      FastEthernet0/0       2     2
    Automatic network summarization is in effect
    Maximum path: 4
    Routing for Networks:
      192.168.4.0
    Routing Information Sources:
      Gateway         Distance      Last Update
      192.168.4.2          120      00:23:38 ****************************************************
  here last update time keeps on incrementing but  sh ip route does not show now that rip is running.
  so this line means
  Invalid after 180 seconds, hold down 180, flushed after 240
  that after 240 secs router will flush the rip routes fron the routing table right?
  but sh ip protocol  will always show rip as routing protocol as we have config the rip and last update time will keep on incrementing right?
  thanks
  mahesh

  Hi Mahesh,
  From the config guide:
  To control the set of interfaces with which you  want to exchange routing updates, you can disable the sending of routing  updates on specified interfaces by configuring the
  passive-interface
  here is the link:
  http://www.cisco.com/en/US/docs/ios/12_0/np1/configuration/guide/1crip.html
  Correct, you do not need a routing protocol.  The interfaces are directly connected.  Now, if for example you add a loopback address to each router, you need a routing protocol or static router to reach the opposite router's loopback address.
  The reason the interfaces/IPs do not show up in the RIP routing table is because they are directly connected and directly connected routes have a lower admin distance (1) which is preferred over rip which is 120.
  yes
  HTH

• VLAN Interface Command

  Ok, I thought I had the reason for the VLAN interface command down. I thought it was either used for switch management or routing between VLANS? However, now I realized that some communication wont work with out this command which doesnt make sense. If I have a VLAN, then the switch will only switch packets to ports on the same VLAN. The only way, communication would work between VLANS is if I either enabled routing between VLANs with the VLAN Interface command, connected the switch to another multi-layer switch that did do routing between VLANS, or connected the switch to a router which routed between the VLANs.
  However, I just got this new 3550 switch in, configured the correct ports with the assigned VLANs, and the only way my cisco ip phone would work is if the VLAN Interface for my voice-ip VLAN was configured. The 3550 is connected to a 4507. Now, can someone tell my why this is? You shouldnt have to configure the VLAN Interface, right?(unless I wanted to route between VLANs, which could be done by the 4507)

  Sounds to me like you either dont have the dot1q trunk interface between your 4506 and 3550 working properly, or your 3550 is running the enhanced image which allows routing.
  It would be nice to see your config on both the 3550 and the 4500 to determine the reason. Just a stab at how it should be configured is that on your 4506, you have it running VTP server or transparent with the defined Data and Voice Vlan's. You have a port configured for trunking (which connects to the 3550). On your 3550, you have configured it as a vtp client or transparent and have verified that it has received (or if transparent VTP you have configured) the appropriate VLAN's. You than specified "interface VLAN #" or whatever number for switch management and configured the port that connects to the 4500 as a trunk. Your port connected to the port has the auxillary or voice vlan configured. If this is how your equipment is configured and it still does not work, than look for the line "ip routing" in your 3550 and negate it with "no ip routing".
  If still no worky worky, post your config.
  Cheers,

• I can send multiline interface commands but not data commands

  hi
  i am using a gpib controller.I cannot seem to find a way to switch between multiline commads and data commands.the key is the ATN bit as to send a DAB command the atn bit must be low. I cannot make the controller distinguish when a command is a adta command and not a multiline command,

  sorry bit i did not know i could answer you directly.
  i am using the measurement computing gpib controller cb7210.2 which is nearly ni compatabile.i am interfacing it with a microcontroller connected to the pc.Then i am trying to use a monitor program that is embedded in the microcontroller to perform remote access of instruments.i am using assembly. i have managed to communicate with the instrument.now the problem is that i cannot make the distinction between data commands and interface commands.for eg if i send 3Fh and atn happens to be 1 this is interpreted as UNL if atn is 0 then it is interpreted as data command.i need to be able to have control of the atn bit so that i can send either at will. so to problem is how to control the atn bit.
  thanks
  again

• Global vs interface command on switch

  Hello,
  If I have a command globally which applies on all switch ports but then I want to configure one port with a different command not apply the global command on the switch. When i configure that port will it take effect the new command configure for that port and disregard the global command that was apply on all ports or the global command still take effect and interface command not take effect?

  Some of the most common commands that are used on a per-interface level (which overrides the global commands) are:  
  1.  STP; 
  2.  UDLD; 
  3.  PoE control; 
  4.  Auto Switch Port macro (ASP)

• CBWFQ: Question about the output of "show policy-map interface" command

  Hi everyone,
  I have a question about the output of "show policy-map interface" command.
  The following is the output of this command and lower side of the output shows
  (total queued/total drops/no-buffer drops) 0/342/0
  If the packets drop occur due to the situation of no enough buffer,
  "no-buffer drops" counted up. But "no-buffer drops" has not been counted up.
  The "no-buffer drops" is 0 (zero) but "total drops" are counted as 342.
  I guess there are other factors except "no-buffer drops" to add "total drops".
  But I can not find any information about "other factors".
  So I would like to know the "other factors" added to "total drops".
  reserch-3725#sh policy-map interface fastethernet0/1
  FastEthernet0/1
  Service-policy output: shaping
  Class-map: kdpc (match-all)
  146956873 packets, 115209221595 bytes
  5 minute offered rate 156000 bps, drop rate 0 bps
  Match: access-group name YOKOHAMA_to_CHINO
  Traffic Shaping
  Target/Average Byte Sustain Excess Interval Increment
  Rate Limit bits/int bits/int (ms) (bytes)
  9360000/9360000 58500 234000 234000 25 29250
  Adapt Queue Packets Bytes Packets Bytes Shaping
  Active Depth Delayed Delayed Active
  - 0 146956724 3539850811 2960247 3851843541 no
  Class-map: class-default (match-any)
  552458414 packets, 249687580329 bytes
  5 minute offered rate 242000 bps, drop rate 0 bps
  Match: any
  Traffic Shaping
  Target/Average Byte Sustain Excess Interval Increment
  Rate Limit bits/int bits/int (ms) (bytes)
  3072000/3072000 19200 76800 76800 25 9600
  Adapt Queue Packets Bytes Packets Bytes Shaping
  Active Depth Delayed Delayed Active
  - 0 552453209 573909865 30358216 2926188156 no
  Service-policy : policy1
  Class-map: dlsw (match-all)
  979578 packets, 264843255 bytes
  5 minute offered rate 0 bps, drop rate 0 bps
  Match: access-group name acl-dlsw
  Queueing
  Output Queue: Conversation 137
  Bandwidth 128 (kbps) Max Threshold 64 (packets)
  (pkts matched/bytes matched) 20922/17371500
  (depth/total drops/no-buffer drops) 0/0/0
  Class-map: telnet (match-all)
  29938 packets, 1806058 bytes
  5 minute offered rate 0 bps, drop rate 0 bps
  Match: access-group name acl-telnet
  Queueing
  Output Queue: Conversation 138
  Bandwidth 64 (kbps) Max Threshold 64 (packets)
  (pkts matched/bytes matched) 639/38900
  (depth/total drops/no-buffer drops) 0/0/0
  Class-map: class-default (match-any)
  551448911 packets, 249420939729 bytes
  5 minute offered rate 242000 bps, drop rate 0 bps
  Match: any
  Queueing
  Flow Based Fair Queueing
  Maximum Number of Hashed Queues 128
  (total queued/total drops/no-buffer drops) 0/342/0
  Your information would be appreciated.

  Details infomatiuon regarding show policy-map interface
  http://www.cisco.com/en/US/tech/tk543/tk545/technologies_tech_note09186a008010dd6a.shtml
  http://www.cisco.com/en/US/tech/tk543/tk760/technologies_tech_note09186a0080108e2d.shtml
  http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/qos_r/qos_s2g.htm#wp1146884

• Interface & command consistency !?!

  I am dismayed that the commands, interface, menu item location etc are so drastically different for each application.  It is as if there are four different companies within Adobe, thus the simple commands like <ctrl> F does not have the same function in Illustrator as it does in InDesign.  <ctrl> R in Acrobat is different in Illustrator etc etc ....   Geewiz -- its frustrating! One of Adobes big pronouncements for the CS suite was the common interface from application to application within the CS suites ,,,,, uh someone screwed up in the kitchen because these Applications interfaces are obviously politically motivated and managed, with each enclave within Adobe being arrogantly possessive their own interface hierarchy and short cut functionality.   Adobe upper management must take hold of these little enclaves of selfish power struggles and mandate a common interface/function/menu interface to live up to the marketing claim that the user will enjoy a consistent work environment.   Really folks get it together, stop the power struggle and get over yourselves, and give the consumers/user/buyer what you promised. <br /><br />I dont expect anything to change within Adobe CS anytime soon, because the business culture therein is obviously stagnated and combative which will take years to resolve, unless there is courageous leadership at the top that abolishes the fortress mentality that permeates the product development cycle.   <br /><br />Another thing I don't get is why,, when I open a file, why can't the save command default to the directory that I opened the file in. I end up saving in the wrong directory so many times because Adobe programs seem fixated on the last directory I saved to, which obviously a history lesson, and not the current folder/reality that is now my new focus and workflow. <br /><br />Thanks to all that have taken the time to let me vent. May your day unfold with new adventures.

  Hi Mahesh,
  From the config guide:
  To control the set of interfaces with which you  want to exchange routing updates, you can disable the sending of routing  updates on specified interfaces by configuring the
  passive-interface
  here is the link:
  http://www.cisco.com/en/US/docs/ios/12_0/np1/configuration/guide/1crip.html
  Correct, you do not need a routing protocol.  The interfaces are directly connected.  Now, if for example you add a loopback address to each router, you need a routing protocol or static router to reach the opposite router's loopback address.
  The reason the interfaces/IPs do not show up in the RIP routing table is because they are directly connected and directly connected routes have a lower admin distance (1) which is preferred over rip which is 120.
  yes
  HTH

• Default interface command in Cisco Nexus 5000

  It doesn't still work in 6.0.2.N1.1
  xxx# sh version
  Software
  BIOS: version 3.6.0
  loader: version N/A
  kickstart: version 6.0(2)N1(1)
  system: version 6.0(2)N1(1)
  Power Sequencer Firmware:
  Module 1: version v5.0
  Module 2: version v1.0
  Module 3: version v1.0
  Module 4: version v1.0
  Microcontroller Firmware: version v1.0.0.2
  SFP uC: Module 1: v1.0.0.0
  QSFP uC: Module not detected
  BIOS compile time: 05/09/2012
  kickstart image file is: bootflash:///n5000-uk9-kickstart.6.0.2.N1.1.bin
  kickstart compile time: 1/29/2013 7:00:00 [01/29/2013 19:40:46]
  system image file is: bootflash:///n5000-uk9.6.0.2.N1.1.bin
  system compile time: 1/29/2013 7:00:00 [01/29/2013 21:44:48]
  xxx(config)# default interface eth 3/16 ?
  ^
  % Invalid parameter detected at '^' marker.
  ^
  % Invalid parameter detected at '^' marker.

  Sure.  Try this:
  conf t
  archive
  !           “$h” means the appliance’s hostname will be the filename.  The filename format is hostname-month-!day-hour-minute-seconds-timezone-version, like “Hostname-Apr-23-10-51-13-AEST-0”.
  !           Make sure you put a “-“ at the end of the “$h”.  Compare the two and you’ll see.  J
  !           If you are using Windows to store these files, DO NOT USE “$t” because it won’t work.  Cisco will store the timestamps as “:” and Windows don’t like it. 
  !           You can use TFTP, FTP, SCP and some more stuffs. 
    path tftp:///Subdirectory/$h-
  !           The next two lines means that this command will run when someone saves the configuration and/or at a certain time, like 24 hours or weekly. 
    time-period
    write-memory
  end

• Backup interface command

  if i use this command do I need to include a route for that interface ? how does it exactly work ?

  hi carl,,,
  i dont think u need more configuration for that...
  here u just need to configure bri...and need to publish that ip address in to your routing protocol...
  u can have clear picture by this link
  http://www.cisco.com/en/US/tech/tk801/tk379/technologies_configuration_example09186a00800b1148.shtml
  just readit it will clear you whole fundamental...
  rate this post if it helps
  regards
  Devang

• EEM TCL for interface commands

  I am working on a script that will make interface changes.  I am trying to do the following:
  1) save the output from the following command:  #show cdp nei detail | i Interface
  2) this will most likely give a list of interfaces some of which will be repeated.  If the interface is listed more than once then i would like to remove the
      repeated interface.  (note i am not concerned about the outgoing interface)
  3)using the above information i would then like to make configuration to the interfaces with the following commands
       #config t
       #interface $intf
       #no mls qos vlan-based
       #mls qos trust dscp
  i have started this script (please see attached file) and would really appreciate some assistance especially with how to eliminate multiple instances of the same interface.
  thanks!!

  I am having issues running scripts on my 3750x.  One of the few commands i am getting to work is the
  router(tcl)#puts "testing this command"
  most all other commands are not working for example:  ios_config, set
  I am attaching a file with more details.  Any help would be greatly appreciated!

• Help sending multiline interface commands

  Hello,
  I have an instrument that is controlled by its own software on a PC that it is connected to with GPIB and RS232. I would like to write a labview program that emulates what the software does. I ran the GPIB analyzer during the initialization of the machine and captured this:
  I want to send these 6 commands in LabView so I have a little vi that initializes the machine. I looked at this thread and tried to follow the advice given there. I need to send the string @?#yI followed by a line feed. I'm very new to LabView so I downloaded the example GPIB read/write and tried to make the changes suggested. Here is a screenshot of my attempt:
  I'm sure this has many mistakes, can someone point them out to me? When I run it it either a) does nothing or b) gives me an error saying "the interface associated with this session is not the controller in charge".
  Also, how can I send the "line feed" character? The manual for the instrument (attached, check page 63) says statements must be followed by a PRINT statement which is the line feed character according to the GPIB analyzer output ("a" in the sixth line).
  Thanks!!!
   

  Thanks for the advice Dennis. This is what I ended up with:
  The VISA read sends the 4 green commands (TA0, UNL, LA3, SC25) by itself and the "I\n" in the buffer sends the data.
  Now I am trying to get information back from the instrument. This screenshot is what the software is doing (and I want to replicate). In the red square are the commands I want VISA read to send. The instrument sends "60." back. 
  Basically, I want to have listener address 0 (LA0), talker address 3 (TA3) and secondary address 13. 
  Here's what I tried:
  You can ignore the stuff at the begining and see that for the VISA read I set the VISA resource name as GPIB::0::13::INSTR. However that created this result:
  There is a big mess of green commands. I need LA0 and TA3. In this case I got LA0 but TA0 instead of TA3. This was the error I got when I ran it:
  So then I tried using the same block diagram but with the address GPIB::0::13::INSTR for the VISA resource name input on the VISA read. This time this is what happened:
  This time I got LA3 not LA0 and the TA was not set at all. This was the error when I ran it:
  Do you have any ideas on how to get this to work properly and what I am doing wrong? 
  Thanks!
   

• IOS XR Command authorization with ACS server

  We have a newly implemented ASR 9010 and are trying to figure out how to best configure it with TACACS, as it is slightly different than IOS.
  In ACS, we have two groups: Group 1 and Group 2
  Group 1 allows full access in the shell command authorization set.
  Group 2 allows limited access in the shell command set (basically just show commands).
  Both groups can login fine (aaa authentication login default group <groupname> local)
  Group 1 has full access to everything (group I am in). 
  Group 2 has NO access to anything (can't even perform show commands).
  Group 2 CAN access other IOS devices and can perform the various show commands.
  With regards to our authorization commands, we currently have it configured as:
  aaa authorization commands default group <groupname> local
  Why is it working for the one group, but not the other?  I've read how IOS XR uses task Ids and other various things that I'm unfamiliar with.  I'm mainly curious if I have to use those, if the authorized commands are configured in ACS.
  Thanks!
  Kyle

  dont have enough info to give you a full conclusive answer Kyle, but some suspicions.
  Task group not set right?
  Command groups not defined properly in tacacs for command author.
  if you only want show access, you can just use the task groups in XR with a read permission on any command for instance. no direct need to send every command down to tacacs (hate that slowness )
  More info here:
  https://supportforums.cisco.com/docs/DOC-15944
  xander

• Catalyst 4500 IOS to IOS XE command compatibility check?

  Good Day.
  I will be performing 4500 non-E chassis to 4500E chassis upgrade this week.
  non-E chassis has IOS 12.2 running on it while 4500E will have IOS-XE 3.2.5SG code running. Is there any website where I can paste the IOS configuration to see if they are compatible on IOS XE code?
  Thank you, sir.

  There's no website or tool that I'm aware of to do such a pre-upgrade check for IOS to IOS-XE. That said, I've done several without issue. Just about all old commands carry forward.
  One thing indirectly command-related is to make sure you have the same license level on the new switch (i.e. lanbase, ipbase or ipservices). If your new switch has a lower license level and you were using features that require the higher license level on the old switch, those commands won't be parsed on the new one because the features aren't available without the necessary license.
  To verify, you should connect to the physical console port and log the output to a file while the system loads. Any commands that aren't parsed or have been deprecated will be logged as exceptions during the boot process. You can do this using the old switch configuration file loaded onto the new switch in advance of the actual cutover and resolve any issues ahead of time.

• MARS - IOS interface up down, AD securuty entries

  Our MARS appliance is running V4.2.1. We have about 40 or 50 IOS switches sending their entries to it. We see interface up and down transitions all the time as expected.
  It seems that for many of the entries in MARS, the interesting data, such as the actual port number that went up or down, is nowhere to be found. Am I simply drilling wrong?
  We have the same problem with Windows Active Directory security entries - we can see user account changes, but not who made them or which account was changed.

  Seymour,
  We see similar events on our MARS appliance too. We have nearly 300 switches logging to it now so you can imagine the up/down alerts that we have generated! You are correct that MARS does not provide complete information in the incident view. You are doing nothing incorrect. Keep in mind that the MARS appliance is aggregating a massive amount of security/system data and needs to normalize it to data fields that are most important when it comes to attack information. To view full messages keep in mind that you can view the "Raw Data" directly from the incident screen. In the case of interface up/down messages this would show you the exact port (it's found directly next to the "Reporting Device" name). Keep in mind that Cisco now has enchanced notifications using XML. This exported data contains the raw message that could be included as part of a notification like this:
  # Incident Details #
  Incident: 1428252525
  Start: Oct 3, 2006 8:46:18 AM EDT
  End: Oct 3, 2006 8:50:20 AM EDT
  Severity: LOW
  Rule: Cisco IOS AP wireless MAXRETRIES
  Descript: This rule will detect and alert of a Warning on the wireless network for {DOT11-4-MAXRETRIES: Packet to client [mac] reached max retries, removeing the client} errors.
  # Session Details #
  Session ID: 1428578861
  Device: AP12_Freezer.company.com
  Event: Generic IOS syslog
  Source: 0.0.0.0
  Destination: 0.0.0.0
  Raw Message: <188>6032: Oct 3 08:49:30: %DOT11-4-MAXRETRIES: Packet to client 00a0.f123.23f7 reached max retries, removing the client
  Anything else I can help with let me know.
  -Mike
  http://cs-mars.blogspot.com

• Default interface command for SG50052

  Hello 
  I am trying to set an interface back to its defaults but with no success at all. Actually is a trunk interface and I want to make it access again. With no switchport mode and then switchport mode trunk I get a message about wrong VLAN assignments.

  Hi,
  Configure as below:
  switchxxxxxx(config)# interface gi1
  switchxxxxxx(config-if)# no switchport mode trunk
  switchxxxxxx(config-if)# switchport mode access
  switchxxxxxx(config-if)# switchport access vlan 2(required vlan number)
  regards
  Moorthy