- Finding Feature Information
- Restrictions for Interface Templates
- Information About Interface Templates
- About Interface Templates
- Binding an Interface Template to a Target
- Priority for Configurations Using Interface Templates
- Configuring Interface Templates
- Configuring Static Binding for Interface Templates
- Configuring Dynamic Binding of Interface Templates
- Verifying an Interface Template
- Example: Configuring User Interface Templates
- Example:Sourcing Interface Templates
- Example: Dynamically Binding Interface Templates
- Additional References for Interface Templates
- Feature Information for Interface Templates
Interface Templates
An interface template provides a mechanism to configure multiple commands at the same time and associate it with a target such as an interface. An interface template is a container of configurations or policies that can be applied to specific ports.
- Finding Feature Information
- Restrictions for Interface Templates
- Information About Interface Templates
- Additional References for Interface Templates
- Feature Information for Interface Templates
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Restrictions for Interface Templates
Information About Interface Templates
About Interface Templates
An interface template is a container of configurations or policies that can be applied to specific ports. When an interface template is applied to an access port, it impacts all traffic that is exchanged on the port.
There are two types of interface templates; user and builtin templates. Builtin templates are created by the system.
You can modify builtin templates. If you delete a modified builtin template the system restores the original definition of the template.
The following are the available builtin templates:
- AP_INTERFACE_TEMPLATE (Access Point)
- DMP_INTERFACE_TEMPLATE (Digital Media Player)
- IP_CAMERA_INTERFACE_TEMPLATE
- IP_PHONE_INTERFACE_TEMPLATE
- LAP_INTERFACE_TEMPLATE (Lightweight Access Point)
- MSP_CAMERA_INTERFACE_TEMPLATE
- MSP_VC_INTERFACE_TEMPLATE (Video Conferencing)
- PRINTER_INTERFACE_TEMPLATE
- ROUTER_INTERFACE_TEMPLATE
- SWITCH_INTERFACE_TEMPLATE
- TP_INTERFACE_TEMPLATE (TelePresence)
Template Name : IP_CAMERA_INTERFACE_TEMPLATE Modified : No Template Definition : spanning-tree portfast spanning-tree bpduguard enable switchport mode access switchport block unicast switchport port-security mls qos trust dscp srr-queue bandwidth share 1 30 35 5 priority-queue out !
 Note | The template name must not contain spaces. |
You can create an interface template using the template command in global configuration mode. In template configuration mode, enter the required commands. The following commands can be entered in template configuration mode:
| Command | Description |
|---|---|
| access-session |
Configures access session specific interface commands. |
| authentication |
Configures authentication manager Interface Configuration commands. |
| carrier-delay |
Configures delay for interface transitions. |
| dampening |
Enables event dampening. |
| default |
Sets a command to its defaults. |
| description |
Configures interface-specific description. |
| dot1x |
Configures interface configuration commands for IEEE 802.1X. |
| hold-queue |
Sets hold queue depth. |
| ip |
Configures IP template. |
| keepalive |
Enables keepalive. |
| load-interval |
Specifies interval for load calculation for an interface. |
| mab |
Configures MAC authentication bypass Interface. |
| mls |
Enables multilayer switching configurations. This command is available on the following devices in template configuration mode: |
| peer |
Configures peer parameters for point to point interfaces. |
| priority-queue |
To set the priority-queue size for a template. This command is available on the following devices in template configuration mode: |
| queue-set |
Configures the QoS queue set on a template. This command is available on the following devices in template configuration mode: |
| radius-server |
Enables RADIUS server configurations. This command is available on the following devices in template configuration mode: |
| service-policy |
Configures CPL service policy. |
| source |
Gets configurations from another source. |
| spanning-tree |
Configures spanning tree subsystem |
| storm-control |
Configures storm control. |
| subscriber |
Configures subscriber inactivity timeout value. |
| switchport |
Sets switching mode configurations |
| trust |
Sets trust value for the interface. |
Note | System builtin templates are not displayed in the running configuration. These templates show up in the running configuration only if you edit them. |
Note | On Cisco Catalyst 6500 Series Switches, the stateful switchover fails if access-session and swithcport mode access are both configured in an interface template. To avoid the switchover failure, configure the switchport mode access command on the interface, instead of in an interface template. |
Binding an Interface Template to a Target
Each template can be bound to a target. Template binding or sourcing can be either static or dynamic. Static binding of a template involves binding the template to a target, like an interface. Only one template can be bound at a time using static binding. Static binding of another template to the same target will unbind the previously bound template. To configure static binding, use the source template command in interface configuration mode.
Any number of templates can be bound dynamically to a target. To configure dynamic binding using builtin policy maps and parameter maps, enable the autoconf feature using the autoconf enable command.
Note | You can have statically and dynamically bind templates on the same interface at a time. |
Priority for Configurations Using Interface Templates
Configuration applied through dynamically-bound templates has the highest priority, followed by configuration applied directly on the interface, and then configuration applied through statically-bound templates. When similar commands are present at different priority levels, the one at the highest priority is applied. If a configuration at a higher priority level is not applied, then the configuration with the next highest priority is applied to the target.
Multiple templates can be dynamically bound to a target. When multiple templates are dynamically bound, the template that is applied last has the highest priority.
To delete a template, you must remove the binding to all targets. If you bind a template that does not exist, a new template is created with no configurations.
Configuring Interface Templates
Perform the following task to create user interface templates:
1.
enable
2.
configure
terminal
3.
template
name
4.
load-interval
interval
5.
description
description
6.
keepalive
number
7.
end
DETAILED STEPS
Configuring Static Binding for Interface Templates
1.
enable
2.
configure
terminal
3.
interface
type
number
4.
source
template
name
5.
end
DETAILED STEPS
| Command or Action | Purpose | |
|---|---|---|
| Step 1 |
enable
Example: Device> enable |
Enables privileged EXEC mode. |
| Step 2 |
configure
terminal
Example: Device# configure terminal |
Enters global configuration mode. |
| Step 3 |
interface
type
number
Example: Device(config)# interface GigabitEthernet 1/0/12 |
Specifies the interface type and number and enters interface configuration mode. |
| Step 4 |
source
template
name
Example: Device(config-if)# source template user-template1 |
Statically applies an interface template to a target. |
| Step 5 |
end
Example: Device(config-if)# end |
Exits interface configuration mode and returns to privileged EXEC mode. |
Example
To verify static binding use the show running-config interface int-name and the show derived-config interface int-name commands.
Device# show running-config interface GigabitEthernet 1/0/12 Building configuration... Current configuration : 71 bytes ! interface GigabitEthernet1/0/12 source template user-template1 end
Device# show derived-config interface GigabitEthernet 1/0/12 Building configuration... Derived configuration : 108 bytes ! interface GigabitEthernet1/0/12 description This is a user template load-interval 60 keepalive 60 end
Configuring Dynamic Binding of Interface Templates
1.
enable
2.
configure
terminal
3.
interface
type
number
4.
service-policy
type
control
subscriber
policymap-name
5.
end
DETAILED STEPS
| Command or Action | Purpose | |
|---|---|---|
| Step 1 |
enable
Example: Device> enable |
Enables privileged EXEC mode. |
| Step 2 |
configure
terminal
Example: Device# configure terminal |
Enters global configuration mode. |
| Step 3 |
interface
type
number
Example: Device(config)# interface GigabitEthernet 4/0/1 |
Specifies the interface type and number and enters interface configuration mode. |
| Step 4 |
service-policy
type
control
subscriber
policymap-name
Example: Device(config-if)# service-policy type control subscriber POLICY-Gi1/0/12 |
Dynamically applies an interface template to a target. |
| Step 5 |
end
Example: Device(config-if)# end |
Exits interface configuration mode and returns to privileged EXEC mode. |
Verifying an Interface Template
Use one or more of the commands listed below to verify the interface template configuration.
1.
enable
2.
show
template
interface
all
{all |
binding
{temp-name |
all |
target
int-name} |
brief }
3.
show
template
interface
source
{built-in
[original]
|
user}{temp-name |
all}}
4.
show
template
service{all |
binding
target
int-name |
brief
|
source
{aaa |
built-in |
user
{temp-name |
all}}
DETAILED STEPS
| Step 1 |
enable
Example: Device> enable Enables privileged EXEC mode. |
| Step 2 | show
template
interface
all
{all |
binding
{temp-name |
all |
target
int-name} |
brief }
Shows all interface template configurations. |
| Step 3 | show
template
interface
source
{built-in
[original]
|
user}{temp-name |
all}}
Shows interface template source configurations. |
| Step 4 | show
template
service{all |
binding
target
int-name |
brief
|
source
{aaa |
built-in |
user
{temp-name |
all}}
Shows all interface template service configurations. |
Verifying Interface User Templates
Device# show template interface source user all
Template Name : TEST-1
Template Definition:
load-interval 60
description TEST_1_TEMPLATE
keepalive 200
!
Template Name : TEST-2
Template Definition:
load-interval 60
description TEST-1_TEMPLATE
keepalive 200
Device# show template interface source built-in all Building configuration... Template Name : AP_INTERFACE_TEMPLATE Modified : No Template Definition : switchport mode trunk switchport nonegotiate service-policy input AutoConf-4.0-Trust-Cos-Input-Policy service-policy output AutoConf-4.0-Output-Policy ! Template Name : DMP_INTERFACE_TEMPLATE Modified : No Template Definition : switchport mode access switchport block unicast switchport port-security spanning-tree portfast spanning-tree bpduguard enable service-policy input AutoConf-4.0-Trust-Dscp-Input-Policy service-policy output AutoConf-4.0-Output-Policy ! Template Name : IP_CAMERA_INTERFACE_TEMPLATE Modified : No Template Definition : switchport mode access switchport block unicast switchport port-security spanning-tree portfast spanning-tree bpduguard enable service-policy input AutoConf-4.0-Trust-Dscp-Input-Policy service-policy output AutoConf-4.0-Output-Policy ! Template Name : IP_PHONE_INTERFACE_TEMPLATE Modified : No Template Definition : switchport mode access switchport block unicast switchport port-security maximum 3 switchport port-security maximum 2 vlan access switchport port-security violation restrict switchport port-security aging time 2 switchport port-security aging type inactivity switchport port-security storm-control broadcast level pps 1k storm-control multicast level pps 2k storm-control action trap spanning-tree portfast spanning-tree bpduguard enable service-policy input AutoConf-4.0-CiscoPhone-Input-Policy service-policy output AutoConf-4.0-Output-Policy ip dhcp snooping limit rate 15 load-interval 30 ! Template Name : LAP_INTERFACE_TEMPLATE Modified : No Template Definition : switchport mode access switchport block unicast switchport port-security violation protect switchport port-security aging time 2 switchport port-security aging type inactivity switchport port-security storm-control broadcast level pps 1k storm-control multicast level pps 2k storm-control action trap spanning-tree portfast spanning-tree bpduguard enable ip dhcp snooping limit rate 15 load-interval 30 ! Template Name : MSP_CAMERA_INTERFACE_TEMPLATE Modified : No Template Definition : switchport mode access switchport block unicast switchport port-security spanning-tree portfast spanning-tree bpduguard enable ! Template Name : MSP_VC_INTERFACE_TEMPLATE Modified : No Template Definition : switchport mode access switchport port-security spanning-tree portfast spanning-tree bpduguard enable load-interval 30 ! Template Name : PRINTER_INTERFACE_TEMPLATE Modified : No Template Definition : switchport mode access switchport port-security maximum 2 switchport port-security spanning-tree portfast spanning-tree bpduguard enable load-interval 60 ! Template Name : ROUTER_INTERFACE_TEMPLATE Modified : No Template Definition : switchport mode trunk spanning-tree portfast trunk spanning-tree bpduguard enable service-policy input AutoConf-4.0-Trust-Cos-Input-Policy service-policy output AutoConf-4.0-Output-Policy ! Template Name : SWITCH_INTERFACE_TEMPLATE Modified : No Template Definition : switchport mode trunk service-policy input AutoConf-4.0-Trust-Cos-Input-Policy service-policy output AutoConf-4.0-Output-Policy ! Template Name : TP_INTERFACE_TEMPLATE Modified : No Template Definition : switchport mode access switchport port-security maximum 3 switchport port-security maximum 2 vlan access switchport port-security violation restrict switchport port-security aging time 2 switchport port-security aging type inactivity switchport port-security storm-control broadcast level pps 1k storm-control multicast level pps 2k storm-control action trap spanning-tree portfast spanning-tree bpduguard enable service-policy input AutoConf-4.0-Trust-Dscp-Input-Policy service-policy output AutoConf-4.0-Output-Policy ip dhcp snooping limit rate 15 load-interval 30 ! end
Device# show template interface source built-in all Building configuration... Template Name : AP_INTERFACE_TEMPLATE Modified : No Template Definition : switchport mode trunk switchport nonegotiate mls qos trust cos srr-queue bandwidth share 1 30 35 5 priority-queue out ! Template Name : DMP_INTERFACE_TEMPLATE Modified : No Template Definition : spanning-tree portfast spanning-tree bpduguard enable switchport mode access switchport block unicast switchport port-security mls qos trust dscp srr-queue bandwidth share 1 30 35 5 priority-queue out ! Template Name : IP_CAMERA_INTERFACE_TEMPLATE Modified : No Template Definition : spanning-tree portfast spanning-tree bpduguard enable switchport mode access switchport block unicast switchport port-security mls qos trust dscp srr-queue bandwidth share 1 30 35 5 priority-queue out ! Template Name : IP_PHONE_INTERFACE_TEMPLATE Modified : No Template Definition : spanning-tree portfast spanning-tree bpduguard enable switchport mode access switchport block unicast switchport port-security maximum 3 switchport port-security maximum 2 vlan access switchport port-security violation restrict switchport port-security aging time 2 switchport port-security aging type inactivity switchport port-security storm-control broadcast level pps 1k storm-control multicast level pps 2k storm-control action trap mls qos trust cos service-policy input AUTOCONF-SRND4-CISCOPHONE-POLICY ip dhcp snooping limit rate 15 load-interval 30 srr-queue bandwidth share 1 30 35 5 priority-queue out ! Template Name : LAP_INTERFACE_TEMPLATE Modified : No Template Definition : spanning-tree portfast spanning-tree bpduguard enable switchport mode access switchport block unicast switchport port-security violation protect switchport port-security aging time 2 switchport port-security aging type inactivity switchport port-security storm-control broadcast level pps 1k storm-control multicast level pps 2k storm-control action trap mls qos trust dscp ip dhcp snooping limit rate 15 load-interval 30 srr-queue bandwidth share 10 10 60 20 priority-queue out ! Template Name : MSP_CAMERA_INTERFACE_TEMPLATE Modified : No Template Definition : spanning-tree portfast spanning-tree bpduguard enable switchport mode access switchport block unicast switchport port-security ! Template Name : MSP_VC_INTERFACE_TEMPLATE Modified : No Template Definition : spanning-tree portfast spanning-tree bpduguard enable switchport mode access switchport block unicast switchport port-security violation restrict switchport port-security aging time 2 switchport port-security aging type inactivity switchport port-security ip dhcp snooping limit rate 15 load-interval 30 ! Template Name : PRINTER_INTERFACE_TEMPLATE Modified : No Template Definition : spanning-tree portfast spanning-tree bpduguard enable switchport mode access switchport port-security maximum 2 switchport port-security load-interval 60 ! Template Name : ROUTER_INTERFACE_TEMPLATE Modified : No Template Definition : spanning-tree portfast trunk spanning-tree bpduguard enable switchport mode trunk mls qos trust dscp srr-queue bandwidth share 1 30 35 5 priority-queue out ! Template Name : SWITCH_INTERFACE_TEMPLATE Modified : No Template Definition : switchport mode trunk mls qos trust cos srr-queue bandwidth share 1 30 35 5 priority-queue out ! Template Name : TP_INTERFACE_TEMPLATE Modified : No Template Definition : spanning-tree portfast spanning-tree bpduguard enable switchport mode access switchport port-security maximum 3 switchport port-security maximum 2 vlan access switchport port-security violation restrict switchport port-security aging time 2 switchport port-security aging type inactivity switchport port-security storm-control broadcast level pps 1k storm-control multicast level pps 2k storm-control action trap ip dhcp snooping limit rate 15 load-interval 30 ! End
Device# show template interface binding all
Template-name Source Method Interface
============= ==== ========== ==========
IP_PHONE_INTERFACE_TEMPLATE Built-in Dynamic Gi1/0/1, Gi1/0/2, Gi1/0/3
Gi1/0/4, Gi1/0/5, Gi1/0/6
Gi1/0/7, Gi1/0/8, Gi1/0/9
Gi1/0/10, Gi1/0/11, Gi1/0/12
Gi1/0/13, Gi1/0/14, Gi1/0/15
Gi1/0/16, Gi1/0/17, Gi1/0/18
Gi1/0/19, Gi1/0/20, Gi1/0/21
Gi1/0/22, Gi1/0/23, Gi1/0/24
Gi1/1/1, Gi1/1/2, Gi1/1/3
IP_PHONE_INTERFACE_TEMPLATE Built-in Static Gi4/0/4
Device# show template interface binding target GigabitEthernet 1/0/4
Interface Method Source Template
========= ========== ===== =========
Gi1/0/4 Dynamic built-in IP_PHONE_INTERFACE_TEMPLATE
Static user TEST
Dynamic Modified-built-in TEST
Device# show template service all
User-defined template:
======================
Template Name : SVC-1
Template Definition:
vlan 100
access-group acl1
built-in template:
======================
Template Name : SVC-2
Template Definition:
vlan 100
access-group acl1
aaa downloaded template:
==========================
Template Name : SVC-2
Template Definition:
vlan 100
access-group acl1
Device# show template binding target GigabitEthernet 1/0/4
Interface Templates:
Interface method Source Template
========= ========== ===== =========
Gi1/0/4 Dynamic built-in IP_PHONE_INTERFACE_TEMPLATE
Static user TEST
Dynamic Modified-built-in TEST
Service Templates:
Template Source Session-Mac
======== ==== ================
SVC1 user aa-bb-cc-dd-ee-ff
SVC2 built-in ab-ab-ab-ab-ab-ab
SVC3 aaa ac-ac-ac-ac-ac-ac
Example: Configuring User Interface Templates
Example: Configuring User Templates
Device# enable Device (config)# configure terminal Device(config)# template user-template1 Device(config-template)# load-interval 60 Device(config-template)# description This is a user template Device(config-template)# Keepalive 60 Device(config)# end
Example:Sourcing Interface Templates
Device> enable Device# configure terminal Device(config)# interface fastethernet 4/0/0 Device(config-if)# source template user-template1 Device(config-if)# end
Example: Dynamically Binding Interface Templates
Device> enable Device# configure terminal Device(config)# interface GigabitEthernet 4/0/1 Device(config-if)# service-policy type control subscriber POLICY_Gi1/0/12 Device(config-if)# end
Additional References for Interface Templates
Related Documents
|
Related Topic |
Document Title |
|---|---|
|
Cisco IOS commands |
|
|
Identity-Based Networking Services commands |
Cisco IOS Identity-Based Networking Services Command Reference |
|
Autoconf |
“Autoconf” module in Identity-Based Networking Services Configuration Guide. |
Technical Assistance
|
Description |
Link |
|---|---|
|
The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password. |
Feature Information for Interface Templates
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
|
Feature Name |
Releases |
Feature Information |
|---|---|---|
|
Interface Templates |
Cisco IOS 15.2(1)SY |
An interface template provides a mechanism to configure multiple commands at the same time and associate it with a target such as an interface. In Cisco IOS 15.2(1)SY, this feature was supported on Cisco Catalyst 6500 Series Switches. The following commands were introduced or modified: access-session , authentication, carrier-delay, dampening, default, description, dot1x, hold-queue, ip , keepalive, load-interval, mab, mls, peer, priority-queue, queue-set, radius-server, service-policy type control subscriber, source, spanning-tree, storm-control, subscriber, switchport, trust. |
Feedback