- Preface
- Product Overview
- Configuring the Router for the First Time
- Configuring a Supervisor Engine 720
- Configuring a Route Switch Processor 720
- Configuring NSF with SSO Supervisor Engine Redundancy
- ISSU and eFSU on Cisco 7600 Series Routers
- Configuring RPR and RPR+ Supervisor Engine Redundancy
- Configuring Interfaces
- Configuring a Supervisor Engine 32
- Configuring LAN Ports for Layer 2 Switching
- Configuring Flex Links
- Configuring EtherChannels
- Configuring VTP
- Configuring VLANs
- Configuring Private VLANs
- Configuring Cisco IP Phone Support
- Configuring IEEE 802.1Q Tunneling
- Configuring Layer 2 Protocol Tunneling
- Configuring L2TPv3
- Configuring STP and MST
- Configuring Optional STP Features
- Configuring Layer 3 Interfaces
- Configuring GTP-SLB IPV6 Support
- IP Subscriber Awareness over Ethernet
- Configuring UDE and UDLR
- Configuring Multiprotocol Label Switching on the PFC
- Configuring IPv4 Multicast VPN Support
- Configuring Multicast VPN Extranet Support
- Configuring IP Unicast Layer 3 Switching
- Configuring IPv6 Multicast PFC3 and DFC3 Layer 3 Switching
- Configuring IPv4 Multicast Layer 3 Switching
- Configuring MLDv2 Snooping for IPv6 Multicast Traffic
- Configuring IGMP Snooping for IPv4 Multicast Traffic
- Configuring PIM Snooping
- Configuring Network Security
- Understanding Cisco IOS ACL Support
- Configuring VRF aware 6RD Tunnels
- Configuring VLAN ACLs
- Private Hosts (Using PACLs)
- Configuring IPv6 PACL
- IPv6 First-Hop Security Features
- Configuring Online Diagnostics
- Configuring Denial of Service Protection
- Configuring DHCP Snooping
- Configuring Dynamic ARP Inspection
- Configuring Traffic Storm Control
- Unknown Unicast Flood Blocking
- Configuring PFC QoS
- Configuring PFC QoS Statistics Data Export
- Configuring MPLS QoS on the PFC
- Configuring LSM MLDP based MVPN Support
- Configuring IEEE 802.1X Port-Based Authentication
- Configuring IEEE 802.1ad
- Configuring Port Security
- Configuring UDLD
- Configuring NetFlow and NDE
- Configuring Local SPAN, RSPAN, and ERSPAN
- Configuring SNMP IfIndex Persistence
- Power Management and Environmental Monitoring
- Configuring Web Cache Services Using WCCP
- Using the Top N Utility
- Using the Layer 2 Traceroute Utility
- Configuring Bidirectional Forwarding and Detection over Switched Virtual Interface
- Configuring Call Home
- Configuring IPv6 Policy Based Routing
- Using the Mini Protocol Analyzer
- Configuring Resilient Ethernet Protocol
- Configuring Synchronous Ethernet
- Configuring Link State Tracking
- Configuring BGP PIC Edge and Core for IP and MPLS
- Configuring VRF aware IPv6 tunnels over IPv4 transport
- ISIS IPv4 Loop Free Alternate Fast Reroute (LFA FRR)
- Multicast Service Reflection
- Y.1731 Performance Monitoring
- Online Diagnostic Tests
- Acronyms
- Cisco IOS Release 15S Software Images
- Index
Configuring Layer 3 Interfaces
This chapter contains information about how to configure Layer 3 interfaces on the Cisco 7600 series routers.
Note For complete syntax and usage information for the commands used in this chapter, see these publications:
http://www.cisco.com/en/US/products/hw/routers/ps368/prod_command_reference_list.html
Layer 3 Interface Configuration Guidelines and Restrictions
When configuring Layer 3 interfaces, follow these guidelines and restrictions:
- We recommend that you configure no more than 2,000 Layer 3 VLAN interfaces.
- The ip unnumbered command is supported on Layer 3 VLAN interfaces.
- The [ no ] ip dhcp route [ connected | static ] command is supported.
- To support VLAN interfaces, create and configure VLANs and assign VLAN membership to Layer 2 LAN ports. For more information, see Chapter 14, “Configuring VLANs” and Chapter13, “Configuring VTP”
- Cisco 7600 series routers do not support:
–
Integrated routing and bridging (IRB)
– Concurrent routing and bridging (CRB)
– Remote source-route bridging (RSRB)
- Use bridge groups on VLAN interfaces, sometimes called fall-back bridging, to bridge nonrouted protocols. Bridge groups on VLAN interfaces are supported in software on the MSFC.
- Cisco 7600 series routers do not support the IEEE bridging protocol for bridge groups. Configure bridge groups to use the VLAN-bridge or the DEC spanning-tree protocol.
- Do not configure an IP address on the physical interface if there is a subinterface configured with dot1q native encapsulation on the same physical interface.
- IPV6 support for TCP Adjust MSS is available on 7600 series routers from Release 15.4(01)S onwards.
Configuring Subinterfaces on Layer 3 Interfaces
When configuring Layer 3 subinterfaces, follow these guidelines and restrictions:
– IPv4 unicast forwarding, including MPLS VPN
– IPv4 multicast forwarding, including MPLS VPN
– Counters for subinterfaces in MIBS and with the show vlans command
– Unidirectional link routing (UDLR)
– Multicast routing monitor (MRM)
– Multicast source discovery protocol (MSDP)
- Always use the native keyword when the VLAN ID is the ID of the IEEE 802.1Q native VLAN. Do not configure encapsulation on the native VLAN of an IEEE 802.1Q trunk without the native keyword.
- Because VLAN IDs are global to the router, you can use a VLAN internally, on a subinterface, or with a Layer 3 VLAN interface.
– You cannot configure an internal VLAN on a subinterface or a Layer 3 VLAN interface.
– You cannot configure a subinterface VLAN on a Layer 3 VLAN interface.
– You cannot configure a VLAN used with a Layer 3 VLAN interface on a subinterface.
Note You cannot configure a VLAN used on one interface or subinterface on another interface or subinterface.
- You can configure subinterfaces with any normal range or extended range VLAN ID in VTP transparent mode. Because VLAN IDs 1 to 1005 are global in the VTP domain and can be defined on other network devices in the VTP domain, you can use only extended range VLANs with subinterfaces in VTP client or server mode. In VTP client or server mode, normal range VLANs are excluded from subinterfaces.
Note If you configure normal range VLANs on subinterfaces, you cannot change the VTP mode from transparent.
To configure a subinterface, perform this task:
|
|
|
|
|---|---|---|
Router(config)# interface {{ type 1 slot / port. subinterface } | { port-channel port_channel_number. subinterface }} |
Selects an interface and enters subinterface configuration mode. |
|
Router(config-subif)# encapsulation dot1q vlan_ID [ native ] |
||
|
1.type = ethernet, fastethernet, gigabitethernet, tengigabitethernet, or ge-wan |
Configuring IPv4 Routing and Addresses
For complete information and procedures, refer to these publications:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/index.htm
When configuring IPv4 routing and addresses, follow these guidelines and restrictions:
- For information about the maximum paths command, refer to the Cisco 7600 Series Router Cisco IOS Command Reference publication.
- The Policy Feature Card (PFC) and any Distributed Feature Cards (DFCs) provide hardware support for policy-based routing (PBR) for route-map sequences that use the match ip address, set ip next-hop, and ip default next-hop PBR keywords.
When configuring PBR, follow these guidelines and restrictions:
– The PFC provides hardware support for PBR configured on a tunnel interface.
– The PFC does not provide hardware support for PBR configured with the set ip next-hop keywords if the next hop is a tunnel interface.
– If the MSFC address falls within the range of a PBR ACL, traffic addressed to the MSFC is policy routed in hardware instead of being forwarded to the MSFC. To prevent policy routing of traffic addressed to the MSFC, configure PBR ACLs to deny traffic addressed to the MSFC.
– Any options in Cisco IOS ACLs that provide filtering in a PBR route-map that would cause flows to be sent to the MSFC to be switched in software are ignored. For example, logging is not supported in ACEs in Cisco IOS ACLs that provide filtering in PBR route-maps.
– PBR traffic through switching module ports where PBR is configured is routed in software if the switching module resets. (CSCee92191)
– In Cisco IOS Release 15.2(1)S1 and later releases, for efficient use of hardware resources, enter the platform ipv4 pbr optimize tcam command in global configuration mode when configuring multiple PBR sequences (or a single PBR sequence with multiple ACLs) in which more than one PBR ACL contains DENY entries.
Starting from Cisco IOS Release 15.2(4)S4, the same global CLI optimizes the use of masks in the ACL TCAM when PBR is applied on MPLS interfaces and VPN-CAM is enabled.
– PBR is not supported with next-hop as MPLS labeled interface. If MPLS is not label imposing, then PBR works fine on hardware. It is not supported on both hardware and software. PBR does not do label imposition. So you cannot use PBR to forward VPN traffic to a remote PE. This applies to both IP PBR and IPv6 PBR.
– When PBR is configured on an interface where MPLS is enabled, and if that interface receives MPLS packets, PBR will not work on those MPLS packets. This restriction applies to both IPv4 and IPv6 PBR.
To configure PBR, refer to the Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2, “Classification,” “Configuring Policy-Based Routing,” at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fqos_c/fqcprt1/qcfpbr.htm
To configure IPv4 routing and an IPv4 address on a Layer 3 interface, perform this task:
|
|
|
|
|---|---|---|
Enables IPv4 routing. (Required only if IPv4 routing is disabled.) |
||
Router(config)# interface { vlan vlan_ID } | { type 2 slot/port } | { port-channel port_channel_number } |
||
Router# show interfaces [{ vlan vlan_ID } | { type 1 slot/port } | { port-channel port_channel_number }] Router# show ip interfaces [{ vlan vlan_ID } | { type 1 slot/port } | { port-channel port_channel_number }] Router# show running-config interfaces [{ vlan vlan_ID } | { type 1 slot/port } | { port-channel port_channel_number }] |
|
2.type = ethernet, fastethernet, gigabitethernet, tengigabitethernet, or ge-wan |
This example shows how to enable IPv4 Routing Information Protocol (RIP) routing:
This example shows how to configure an IPv4 address on Fast Ethernet port 5/4:
This example uses the show interfaces command to display the interface IPv4 address configuration and status of Fast Ethernet port 5/4:
This example uses the show ip interface command to display the detailed configuration and status of Fast Ethernet port 5/4:
This example uses the show running-config command to display the interface IPv4 address configuration of Fast Ethernet port 5/4:
Configuring IPX Routing and Network Numbers
Note The MSFC supports Internetwork Packet Exchange (IPX) with fast switching.
For complete information and procedures, refer to these publications:
http://www.cisco.com/en/US/docs/ios/12_2/atipx/configuration/guide/fatipx_c.html
http://www.cisco.com/en/US/docs/ios/12_2/atipx/command/reference/fatipx_r.html
To configure routing for IPX and to configure IPX on a Layer 3 interface, perform this task:
|
|
|
|
|---|---|---|
Specifies an IP routing prot ocol. This step might include other commands, such as specifying the networks to route with the network command. |
||
Router(config)# interface { vlan vlan_ID } | { type 3 slot/port } | { port-channel port_channel_number } |
||
Router(config-if)# ipx network [ network | unnumbered ] encapsulation encapsulation_type |
Configures the IPX network number. This enables IPX routing on the interface. When you enable IPX routing on the interface, you can also specify an encapsulation type. |
|
Router# show interfaces [{ vlan vlan_ID } | { type 1 slot/port } | { port-channel port_channel_number }] Router# show ipx interfaces [{ vlan vlan_ID } | { type 1 slot/port } | { port-channel port_channel_number }] Router# show running-config interfaces [{ vlan vlan_ID } | { type 1 slot/port } | { port-channel port_channel_number }] |
|
3.type = ethernet, fastethernet, gigabitethernet, or tengigabitethernet, or ge-wan |
This example shows how to enable IPX routing and assign an IPX network address to interface VLAN 100:
Configuring AppleTalk Routing, Cable Ranges, and Zones
For complete information and procedures, refer to these publications:
http://www.cisco.com/en/US/docs/ios/12_2/atipx/configuration/guide/fatipx_c.html
http://www.cisco.com/en/US/docs/ios/12_2/atipx/command/reference/fatipx_r.html
To configure routing for AppleTalk, perform this task beginning in global configuration mode:
|
|
|
|
|---|---|---|
Router(config)# interface { vlan vlan_ID } | { type 4 slot/port } | { port-channel port_channel_number } |
||
Router# show interfaces [{ vlan vlan_ID } | { type 1 slot/port } | { port-channel port_channel_number }] Router# show appletalk interfaces [{ vlan vlan_ID } | { type 1 slot/port } | { port-channel port_channel_number }] Router# show running-config interfaces [{ vlan vlan_ID } | { type 1 slot/port } | { port-channel port_channel_number }] |
|
4.type = ethernet, fastethernet, gigabitethernet, or tengigabitethernet, or ge-wan |
This example shows how to enable AppleTalk routing and assign an AppleTalk cable-range and zone name to interface VLAN 100:
Configuring Other Protocols on Layer 3 Interfaces
Refer to these publications for information about configuring other protocols on Layer 3 interfaces:
- Cisco IOS Apollo Domain, VINES, DECnet, ISO CLNS, and XNS Configuration Guide, Release 12.2, at this URL:
http://www.cisco.com/en/US/docs/ios/12_2/apollo/configuration/guide/fapolo_c.html
- Cisco IOS Apollo Domain, VINES, DECnet, ISO CLNS, and XNS Command Reference, Release 12.2, at this URL:
http://www.cisco.com/en/US/docs/ios/12_2/apollo/command/reference/fapolo_r.html
Feedback