- id
- inherit port-profile
- install certificate
- install http certificate
- install license bootflash:
- install service-module (kickstart and system image)
- install service-module (iso image)
- interface control
- interface ethernet
- interface loopback
- interface mgmt
- interface port-channel
- interface vethernet
- ip access-group
- ip access-list
- ip address
- ip arp inspection limit
- ip arp inspection trust
- ip arp inspection validate
- ip arp inspection vlan
- ip dhcp snooping
- ip dhcp snooping information option
- ip dhcp snooping limit rate
- ip dhcp snooping trust
- ip dhcp snooping verify mac-address
- ip dhcp snooping vlan
- ip directed-broadcast
- ip dscp
- ip flow monitor
- ip igmp snooping (Global)
- ip igmp snooping (VLAN)
- ip igmp snooping explicit-tracking
- ip igmp snooping fast-leave
- ip igmp snooping last-member-query-interval
- ip igmp snooping link-local-groups-suppression (VLAN)
- ip igmp snooping link-local-groups-suppression (Global)
- ip igmp snooping mrouter interface
- ip igmp snooping report-suppression (Global)
- ip igmp snooping report-suppression (VLAN)
- ip igmp snooping static-group
- ip igmp snooping v3-report-suppression (Global)
- ip igmp snooping v3-report-suppression (VLAN)
- ip port access-group
- ip prec
- ip source binding
- ip source binding filter-mode [ip | ip-mac]
- ip source-route
- ip ttl
- ip verify source dhcp-snooping-vlan
I Commands
This chapter describes the Cisco Nexus 1000V commands that begin with the letter I.
id
To associate a network segmentation policy with the tenant ID, use the id command.
Syntax Description
Defaults
Command Modes
Network Segment Policy configuration (config-network-segment-policy)
Command History
|
|
Usage Guidelines
The tenant ID correlates to the Organization UUID in the vCloud Director and cannot be changed once it is configured.
Examples
This example shows how associate a network segmentation policy with the tenant ID:
n1000v (config)# network-segment policy abc-policy-vxlan
n1000v (config-network-segment-policy)# id f5dcf127-cdb0-4bdd-8df5-9515d6dc8170
Related Commands
|
|
---|---|
inherit port-profile
To add the inherited configuration to the new port profile as a default configuration, use the inherit port-profile command. To remove the inherited policies, use the no form of this command.
Syntax Description
Name for the port profile whose policies are inherited. The name can be up to 80 characters and must be unique for each port profile on the Cisco Nexus 1000V. |
Defaults
Command Modes
Port profile configuration (config-port-prof)
Command History
|
|
Usage Guidelines
Any inherited setting, except the port profile type, can be changed using the CLI.
When you use the no form of the command, the port profile settings are returned to the defaults, except for the port profile type and any settings that were explicitly configured independent of those inherited.
Examples
This example shows how to designate AllAccess1 as the port profile whose policies will be inherited:
This example shows how to remove the inherited policies:
#
no port-profile inherit
Related Commands
|
|
---|---|
Displays the port profile inherited by the current port profile. |
|
Places you into port profile configuration mode and defines the port profile. |
install certificate
To install a certificate, use the install certificate command. To remove a certificate, use the no form of this command.
install certificate { bootflash: | default }
Syntax Description
Defaults
Command Modes
SVS connection configuration (config-svs-conn)
Command History
|
|
Usage Guidelines
Examples
This example shows how to install a certificate:
This example shows how to remove a certificate:
Related Commands
|
|
---|---|
install http certificate
To change the security certificate for the HTTP server, use the install http certificate bootflash:<cert_path> command. To remove the security certificate, use the no form of this command.
install http certificate { bootflash: | default }
Syntax Description
Defaults
Command Modes
SVS connection configuration (config-svs-conn)
Command History
|
|
Usage Guidelines
Examples
This example shows how to install a HTTP certificate:
This example shows how to remove a HTTP certificate:
Related Commands
|
|
---|---|
install license bootflash:
To install a license file(s) on a VSM, use the install license bootflash: command.
install license bootflash: filename
Syntax Description
(Optional) Specify a name for the license file. If you do not specify a name, then the license is installed using the default name. |
Defaults
Command Modes
network-admin
network-operator
Command History
|
|
Usage Guidelines
- You must first uninstall an evaluation license if one is present on your VSM. For more information, see the Cisco Nexus 1000V License Configuration Guide, Release 4.2(1)SV2(1.1).
- You must be logged in to the active VSM console port.
- This command installs the license file using the name, license_file.lic. You can specify a different name.
- If you are installing multiple licenses for the same VSM, also called license stacking, make sure that each license key file name is unique.
- Repeat this procedure for each additional license file you are installing, or stacking, on the VSM.
Examples
This example shows how to install a license to bootflash on a VSM and then display the installed file:
Related Commands
install service-module (kickstart and system image)
To upgrade a VXLAN gateway service module (standalone) or a VXLAN gateway high availability (HA) cluster by using the kickstart and the system images, use the install service-module command.
install service-module kickstart bootflash: kickstart_image system bootflash: system_image {module-num module_number | cluster-id cluster_id}
Syntax Description
The module number. The module number range is from 3 to 130. |
|
Defaults
Command Modes
network-admin
network-operator
Command History
|
|
Usage Guidelines
Examples
This example shows how to upgrade a VXLAN gateway cluster:
Related Commands
install service-module (iso image)
To upgrade a VXLAN gateway service module (standalone) or a VXLAN gateway high availability (HA) cluster by using the iso image, use the install service-module command.
install service-module iso bootflash: iso_image {module-num module_number | cluster-id cluster_id}
Syntax Description
The module number. The module number range is from 3 to 130. |
|
Defaults
Command Modes
network-admin
network-operator
Command History
|
|
Usage Guidelines
Examples
This example shows how to upgrade a VXLAN gateway cluster:
Related Commands
interface control
To configure the control interface and enter interface configuration mode, use the interface control command.
Syntax Description
Defaults
Command Modes
Global configuration (config)
Interface configuration (config-if)
Command History
|
|
---|---|
Usage Guidelines
Examples
This example shows how to enter the interface configuration mode to configure the control interface:
n1000v(config)#
interface
control0
n1000v(config-if)#
Related Commands
|
|
---|---|
Displays information about the traffic on the control interface. |
interface ethernet
To configure an Ethernet interface, use the interface ethernet command.
Syntax Description
Specifies the slot number and port number for the Ethernet interface. |
Defaults
Command Modes
Interface configuration (config-if)
Command History
|
|
---|---|
Usage Guidelines
Examples
This example shows how to access the interface command mode for configuring the Ethernet interface on slot 2, port 1:
Related Commands
|
|
---|---|
interface loopback
To create and configure a loopback interface, use the interface loopback command. To remove a loopback interface, use the no form of this command.
Syntax Description
Identifying interface number; valid values are from 0 to 1023. |
Defaults
Command Modes
Global configuration (config)
Interface configuration (config-if)
Command History
|
|
---|---|
Usage Guidelines
Examples
This example shows how to create a loopback interface:
n1000v(config)#
interface
loopback 50
n1000v(config-if)#
Related Commands
|
|
---|---|
Displays information about the traffic on the specified loopback interface. |
interface mgmt
To configure the management interface and enter interface configuration mode, use the interface management command.
Syntax Description
Defaults
Command Modes
Global configuration (config)
Interface configuration (config-if)
Command History
|
|
---|---|
Usage Guidelines
Examples
This example shows how to enter the interface configuration mode to configure the management interface:
n1000v(config)#
interface
mgmt0
n1000v(config-if)#
Related Commands
|
|
---|---|
Displays information about the traffic on the management interface. |
interface port-channel
To create a port-channel interface and enter interface configuration mode, use the interface port-channe l command. To remove a logical port-channel interface or subinterface, use the no form of this command.
interface port-channel channel-number
no interface port-channel channel-number
Syntax Description
Channel number that is assigned to this port-channel logical interface. The range of valid values is from 1 to 4096. |
Defaults
Command Modes
Global configuration (config)
Interface configuration (config-if)
Command History
|
|
---|---|
Usage Guidelines
Use the interface port-channel command to create or delete port-channel groups and to enter the interface configuration mode for the port channel.
A port can belong to only one channel group.
When you use the interface port-channel command, follow these guidelines:
- If you are using CDP, you must configure it only on the physical interface and not on the port-channel interface.
- If you do not assign a static MAC address on the port-channel interface, a MAC address is automatically assigned. If you assign a static MAC address and then later remove it, the MAC address is automatically assigned.
- The MAC address of the port channel is the address of the first operational port added to the channel group. If this first-added port is removed from the channel, the MAC address comes from the next operational port added, if there is one.
Examples
This example shows how to create a port-channel group interface with channel-group number 50:
n1000v(config)#
interface port-channel 50
n1000v(config-if)#
Related Commands
|
|
---|---|
Displays information on traffic on the specified port-channel interface. |
|
interface vethernet
To create a virtual Ethernet interface and enter interface configuration mode, use the interface vethernet command. To remove a virtual Ethernet interface, use the no form of this command.
Syntax Description
Identifying interface number; valid values are from 1 to 1048575. |
Defaults
Command Modes
Global configuration (config)
Interface configuration (config-if)
Command History
|
|
---|---|
Usage Guidelines
Use the interface vethernet command to create a virtual Ethernet interface.
Examples
This example shows how to create a virtual Ethernet interface:
n1000v(config)#
interface
vethernet 50
n1000v(config-if)#
Related Commands
|
|
---|---|
Displays information about the traffic on the specified virtual Ethernet interface. |
ip access-group
To create an IP access group for mgmt0 interface, use the ip access-group command. To remove the access group, use the no form of this command.
ip access-group name { in | out }
no ip access-group name { in | out }
Syntax Description
Defaults
Command Modes
Interface configuration (config-if)
Command History
|
|
Usage Guidelines
Examples
This example shows how to configure an IP access group named Telnet for incoming traffic to the mgmt0 interface:
Related Commands
|
|
---|---|
ip access-list
To create an access list, use the ip access-list command. To remove an access list, use the no form of this command.
ip access-list { name | match-local-traffic }
no ip access-list { name | match-local-traffic }
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to create an access list:
n1000v#
configure terminal
n1000v(
config)#
ip access-list acl1
n1000v(
config)#
Related Commands
|
|
---|---|
ip address
To create an IP route, use the ip address command. To remove an IP address, use the no form of this command.
ip address { address mask | prefix } { next-hop | next-hop-prefix | interface-type interface-number } [ tag tag-value | preference ]
no ip address { address mask | prefix } { next-hop | next-hop-prefix | interface-type interface-number } [ secondary | tag tag-value | preference ]
Syntax Description
(Optional) Configures additional IP addresses on the interface. |
|
Supply tag value. The range of valid values is 0 to 4294967295. The default is 0. |
|
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to create an IP address:
n1000v#
configure terminal
n1000v(
config)#
ip address 209.165.200.225 255.255.255.224 x
n1000v(
config)#
Related Commands
|
|
---|---|
ip arp inspection limit
To set the rate limit of ARP requests and responses, use the ip arp inspection limit command. To remove this setting, use the no form of this command. To set the rate limit to its default, use the default form of this command.
ip arp inspection limit { rate pps [ burst interval bint ] | none }
no ip arp inspection limit { rate pps [ burst interval bint ] | none }
default ip arp inspection limit { rate pps [ burst interval bint ] | none }
Syntax Description
Defaults
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-prof)
Command History
|
|
Examples
This example shows how to set the rate limit of ARP requests to 20 pps:
n1000v(
config)#
ip arp inspection limit rate 20
This example shows how to remove the configuration:
n1000v(
config)#
no arp inspection limit rate 20
Related Commands
|
|
---|---|
Displays the trust state and the ARP packet rate for a specified interface. |
ip arp inspection trust
To configure a Layer 2 interface as a trusted ARP interface, use the ip arp inspection trust command. To configure a Layer 2 interface as an untrusted ARP interface, use the no form of this command. To return a Layer 2 interface to its default, use the default form of this command.
default ip arp inspection trust
Syntax Description
Defaults
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-prof)
Command History
|
|
Usage Guidelines
You can configure only Layer 2 virtual Ethernet interfaces as trusted ARP interfaces.
Examples
This example shows how to configure a Layer 2 interface as a trusted ARP interface:
Related Commands
|
|
---|---|
Displays the trust state and the ARP packet rate for a specified interface. |
ip arp inspection validate
To enable additional Dynamic ARP Inspection (DAI) validation, use the ip arp inspection validate command. To disable additional DAI, use the no form of this command.
ip arp inspection validate {dst-mac [ip] [src-mac] | ip [dst-mac] [src-mac] | src-mac [dst-mac] [ip]}
no ip arp inspection validate {dst-mac [ip] [src-mac] | ip [dst-mac] [src-mac] | src-mac [dst-mac] [ip]}
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
You must specify at least one keyword. If you specify more than one keyword, the order is irrelevant.
Examples
This example shows how to enable additional DAI validation:
Related Commands
|
|
---|---|
ip arp inspection vlan
To enable Dynamic ARP Inspection (DAI) for a list of VLANs, use the ip arp inspection vlan command. To disable DAI for a list of VLANs, use the no form of this command.
ip arp inspection vlan vlan-list
no ip arp inspection vlan vlan-list
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
By default, the device does not log packets inspected by DAI.
Examples
This example shows how to enable DAI on VLANs 13, 15, and 17 through 23:
Related Commands
|
|
---|---|
ip dhcp snooping
To globally enable DHCP snooping on the device, use the ip dhcp snooping command. To globally disable DHCP snooping, use the no form of this command.
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
To use this command, you must enable the DHCP snooping feature (see the feature dhcp command).
The device preserves DHCP snooping configuration when you disable DHCP snooping with the no ip dhcp snooping command.
Examples
This example shows how to globally enable DHCP snooping:
Related Commands
|
|
---|---|
Configures an interface as a trusted source of DHCP messages. |
|
ip dhcp snooping information option
To relay the VSM MAC address and vEthernet port information in DHCP packets, use the ip dhcp snooping information option command. To remove the configuration, use the no form of this command.
ip dhcp snooping information option
no ip dhcp snooping information option
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Examples
This example shows how to globally relay the VSM MAC address and vEthernet port information in DHCP packets:
This example shows how to remove global relaying of the VSM MAC address and vEthernet port information in DHCP packets:
Related Commands
|
|
---|---|
Configures an interface as a trusted source of DHCP messages. |
|
ip dhcp snooping limit rate
To configure a rate limit for DHCP packets that are received on a port, use the ip dhcp snooping limit rate command. To remove the rate limit for DHCP packets that are received on each port, use the no form of this command. To restore the default setting, use the default form of this command.
ip dhcp snooping limit rate rate
no ip dhcp snooping limit rate
default ip dhcp snooping limit rate
Syntax Description
Number of DHCP packets per second. The range is from 1 to 2048. |
Defaults
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-prof)
Command History
|
|
Examples
This example shows how to limit the rate of DHCP packets to 30 pps on vEthernet interface 3:
n1000v#
configure terminal
n1000v(
config)#
interface vethernet 3
n1000v(
config-if)#
ip dhcp snooping limit rate 30
Related Commands
|
|
---|---|
Configures an interface as a trusted source of DHCP messages. |
|
ip dhcp snooping trust
To configure an interface as a trusted source of DHCP messages, use the ip dhcp snooping trust command. To configure an interface as an untrusted source of DHCP messages, use the no form of this command. To restore the default setting, use the default form of this command.
default ip dhcp snooping trust
Syntax Description
Defaults
By default, no interface is a trusted source of DHCP messages.
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-prof)
Command History
|
|
Usage Guidelines
You can configure DHCP trust on the following types of interfaces:
Examples
This example shows how to configure an interface as a trusted source of DHCP messages:
Related Commands
|
|
---|---|
ip dhcp snooping verify mac-address
To enable DHCP snooping MAC address verification, use the ip dhcp snooping verify mac-address command. To disable MAC address verification, use the no form of this command.
ip dhcp snooping verify mac-address
no ip dhcp snooping verify mac-address
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to enable DHCP snooping MAC address verification:
This example shows how to disable DHCP snooping MAC address verification:
Related Commands
|
|
---|---|
Clears dynamically added entries from the DHCP snooping binding database. |
|
Configures the interface as a trusted interface for DHCP snooping. |
|
ip dhcp snooping vlan
To enable DHCP snooping on one or more VLANs, use the ip dhcp snooping vlan command. To disable DHCP snooping on one or more VLANs, use the no form of this command.
ip dhcp snooping vlan vlan-list
no ip dhcp snooping vlan vlan-list
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to enable DHCP snooping on VLANs 100, 200, and 250 through 252:
Related Commands
|
|
---|---|
Configures an interface as a trusted source of DHCP messages. |
|
ip directed-broadcast
To enable IP directed broadcast, use the ip directed-broadcast command. To disable IP directed broadcast, use the no form of this command.
Syntax Description
Defaults
Command Modes
Interface configuration (config-if)
Command History
|
|
Examples
This example shows how to enable IP directed broadcast:
n1000v#
configure terminal
n1000v(
config)#
interface mgmt 0
n1000v(
config-if)#
ip directed-broadcast
n1000v(
config-if)#
Related Commands
|
|
---|---|
ip dscp
To specify the IP DSCP value for the packets in the ERSPAN traffic and save it in the running configuration, use the ip dscp command.
Syntax Description
DSCP value, in seconds, for ERSPAN traffic packets. The value can range from 0–63. |
Defaults
Command Modes
CLI ERSPAN source configuration (config-erspan-src)
Command History
|
|
Examples
This example shows how to specify the DSCP value of 25 for packets in the ERSPAN traffic:
Related Commands
ip flow monitor
To enable a Flexible NetFlow flow monitor for traffic that the router is receiving or forwarding, use the ip flow monitor interface configuration mode command. To disable a Flexible NetFlow flow monitor, use the no form of this command.
ip flow monitor monitor-name { input | output }
no ip flow monitor monitor-name { input | output }
Syntax Description
Monitors traffic that the routers is receiving on the interface. |
|
Monitors traffic that the routers is transmitting on the interface. |
Defaults
Command Modes
Interface configuration (config-if)
Command History
|
|
---|---|
Usage Guidelines
You must have already created a flow monitor by using the flow monitor command before you can apply the flow monitor to an interface with the ip flow monitor command to enable traffic monitoring with Flexible NetFlow.
Examples
The following example enables a flow monitor for monitoring input traffic:
The following example enables a flow monitor for monitoring output traffic:
The following example enables the same flow monitor on the same interface for monitoring input and output traffic:
The following example enables two different flow monitors on the same interface for monitoring input and output traffic:
The following example enables the same flow monitor on two different interfaces for monitoring input and output traffic:
The following example enables two different flow monitors on two different interfaces for monitoring input and output traffic:
Related Commands
|
|
---|---|
ip igmp snooping (Global)
To enable IGMP snooping, use the ip igmp snooping command. To disable IGMP snooping, use the no form of this command.
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
If the global configuration of IGMP snooping is disabled, then all VLANs are treated as disabled, whether they are enabled or not.
Examples
This example shows how to enable IGMP snooping:
n1000v(
config)#
ip igmp snooping
n1000v(
config)#
This example shows how to disable IGMP snooping:
n1000v(
config)#
no ip igmp snooping
n1000v(
config)#
Related Commands
|
|
---|---|
ip igmp snooping (VLAN)
To enable IGMP snooping on a VLAN interface, use the ip igmp snooping command. To disable IGMP snooping on the interface, use the no form of this command.
Syntax Description
Defaults
Command Modes
VLAN configuration (config-vlan)
Command History
|
|
Usage Guidelines
If the global configuration of IGMP snooping is disabled, then all VLANs are treated as disabled, whether they are enabled or not.
Examples
This example shows how to enable IGMP snooping on a VLAN interface:
n1000v(
config)#
vlan 1
n1000v(
config-vlan)#
ip igmp snooping
n1000v(
config-vlan)#
This example shows how to disable IGMP snooping on a VLAN interface:
n1000v(
config)#
vlan 1
n1000v(
config-vlan)#
no ip igmp snooping
n1000v(
config-vlan)#
Related Commands
|
|
---|---|
ip igmp snooping explicit-tracking
To enable tracking of IGMPv3 membership reports from individual hosts for each port on a per-VLAN basis, use the ip igmp snooping explicit-tracking command. To disable tracking, use the no form of this command.
ip igmp snooping explicit-tracking
no ip igmp snooping explicit-tracking
Syntax Description
Defaults
Command Modes
VLAN configuration (config-vlan)
Command History
|
|
Examples
This example shows how to enable tracking of IGMPv3 membership reports on a VLAN interface:
n1000v(
config)#
vlan 1
n1000v(
config-vlan)#
ip igmp snooping explicit-tracking
n1000v(
config-vlan)#
This example shows how to disable IGMP snooping on a VLAN interface:
n1000v(
config)#
vlan 1
n1000v(
config-vlan)#
no ip igmp snooping explicit-tracking
n1000v(
config-vlan)#
Related Commands
|
|
---|---|
ip igmp snooping fast-leave
To enable support of IGMPv2 hosts that cannot be explicitly tracked because of the host report suppression mechanism of the IGMPv2 protocol, use the ip igmp snooping fast-leave command. To disable support of IGMPv2 hosts, use the no form of this command.
no ip igmp snooping fast-leave
Syntax Description
Defaults
Command Modes
VLAN configuration (config-vlan)
Command History
|
|
Usage Guidelines
When you enable fast leave, the IGMP software assumes that no more than one host is present on each VLAN port.
Examples
This example shows how to enable support of IGMPv2 hosts:
n1000v(
config)#
vlan 1
n1000v(
config-vlan)#
ip igmp snooping fast-leave
n1000v(
config-vlan)#
This example shows how to disable support of IGMPv2 hosts:
n1000v(
config)#
vlan 1
n1000v(
config-vlan)#
no ip igmp snooping fast-leave
n1000v(
config-vlan)#
Related Commands
|
|
---|---|
ip igmp snooping last-member-query-interval
To configure a query interval in which the software removes a group, use the ip igmp snooping last-member-query-interval command. To reset the query interval to the default, use the no form of this command.
ip igmp snooping last-member-query-interval interval
no ip igmp snooping last-member-query-interval [ interval ]
Syntax Description
Query interval in seconds. The range is from 1 to 25. The default is 1. |
Defaults
Command Modes
VLAN configuration (config-vlan)
Command History
|
|
Examples
This example shows how to configure a query interval in which the software removes a group:
n1000v(
config)#
vlan 1
n1000v(
config-vlan)#
ip igmp snooping last-member-query-interval 3
n1000v(
config-vlan)#
This example shows how to reset a query interval to the default:
n1000v(
config)#
vlan 1
n1000v(
config-vlan)#
no ip igmp snooping last-member-query-interval
n1000v(
config-vlan)#
Related Commands
|
|
---|---|
ip igmp snooping link-local-groups-suppression (VLAN)
To suppress snooping on link-local group IPs, use the ip igmp snooping link-local-groups-suppression command. To allow unlimited snooping, use the no form of this command.
ip igmp snooping link-local-groups-suppression
no ip igmp snooping link-local-groups-suppression
Syntax Description
Defaults
Command Modes
VLAN configuration (config-vlan)
Command History
|
|
Usage Guidelines
You can apply link-local groups suppression to all interfaces in the VSM by entering this command in global configuration mode.
Examples
This example shows how to limit IGMP traffic sent from VLAN2:
n1000v# config t
n1000v(
config)# vlan vlan2
n1000v(
config-vlan)#
ip igmp snooping link-local-groups-suppression
This example shows how to resume IGMP traffic sent from VLAN2:
n1000v# config t
n1000v(
config)# vlan vlan2
n1000v(
config-vlan)#
no ip igmp snooping link-local-groups-suppression
n1000v(
config-vlan)#
Related Commands
|
|
---|---|
ip igmp snooping link-local-groups-suppression (Global)
To suppress snooping on link-local group IPs, use the ip igmp snooping link-local-groups-suppression command. To allow unlimited snooping, use the no form of this command.
ip igmp snooping link-local-groups-suppression
no ip igmp snooping link-local-groups-suppression
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
You can apply link-local groups suppression to a single VLAN by entering this command in VLAN configuration mode.
Examples
This example shows how to limit IGMP traffic sent from all interfaces in the VSM:
n1000v# config t
n1000v(
config)#
ip igmp snooping link-local-groups-suppression
n1000v(
config)#
This example shows how to resume sending unlimited IGMP traffic from all interfaces in the VSM:
n1000v# config t
n1000v(
config)#
no ip igmp snooping link-local-groups-suppression
n1000v(
config)#
Related Commands
|
|
---|---|
ip igmp snooping mrouter interface
To configure a static connection to a multicast router, use the ip igmp snooping mrouter interface command. To remove the static connection, use the no form of this command.
ip igmp snooping mrouter interface if-type if-number
no ip igmp snooping mrouter interface if-type if-number
Syntax Description
Defaults
Command Modes
VLAN configuration (config-vlan)
Command History
|
|
Usage Guidelines
Examples
This example shows how to configure a static connection to a multicast router:
n1000v(
config)#
vlan 1
n1000v(
config-vlan)#
ip igmp snooping mrouter interface ethernet 2/1
n1000v(
config-vlan)#
This example shows how to remove a static connection to a multicast router:
n1000v(
config)#
vlan 1
n1000v(
config-vlan)#
no ip igmp snooping mrouter interface ethernet 2/1
n1000v(
config-vlan)#
Related Commands
|
|
---|---|
ip igmp snooping report-suppression (Global)
To configure IGMPv1 or GMPv2 report suppression for VLANs, use the ip igmp snooping report-suppression command. To remove IGMPv1 or GMPv2 report suppression, use the no form of this command.
ip igmp snooping report-suppression
no ip igmp snooping report-suppression
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to configure IGMPv1 or GMPv2 report suppression for VLANs:
n1000v(
config)#
ip igmp snooping report-suppression
This example shows how to remove IGMPv1 or GMPv2 report suppression:
n1000v(
config)#
no ip igmp snooping report-suppression
Related Commands
|
|
---|---|
ip igmp snooping report-suppression (VLAN)
To configure IGMPv1 or GMPv2 report suppression for VLANs, use the ip igmp snooping report-suppression command. To remove IGMPv1 or GMPv2 report suppression, use the no form of this command.
ip igmp snooping report-suppression
no ip igmp snooping report-suppression
Syntax Description
Defaults
Command Modes
VLAN configuration (config-vlan)
Command History
|
|
Examples
This example shows how to configure IGMPv1 or GMPv2 report suppression for VLANs:
This example shows how to remove IGMPv1 or GMPv2 report suppression:
Related Commands
|
|
---|---|
ip igmp snooping static-group
To configure a Layer 2 port of a VLAN as a static member of a multicast group, use the ip igmp snooping static-group command. To remove the static member, use the no form of this command.
ip igmp snooping static-group group interface if-type if-number
no ip igmp snooping static-group group interface if-type if-number
Syntax Description
Defaults
Command Modes
VLAN configuration (config-vlan)
Command History
|
|
Usage Guidelines
You can specify the interface by the type and the number, such as ethernet slot/port.
Examples
This example shows how to configure a static member of a multicast group:
n1000v(
config)#
vlan 1
n1000v(
config-vlan)#
ip igmp snooping static-group 230.0.0.1 interface ethernet 2/1
n1000v(
config-vlan)#
This example shows how to remove a static member of a multicast group:
n1000v(
config)#
vlan 1
n1000v(
config-vlan)#
no ip igmp snooping static-group 230.0.0.1 interface ethernet 2/1
n1000v(
config-vlan)#
Related Commands
|
|
---|---|
ip igmp snooping v3-report-suppression (Global)
To configure IGMPv3 report suppression and proxy reporting, use the ip igmp snooping v3-report-suppression command. To remove IGMPv3 report suppression and proxy reporting, use the no form of this command.
ip igmp snooping v3-report-suppression
no ip igmp snooping v3-report-suppression
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to configure IGMPv3 report suppression and proxy reporting:
n1000v(
config)#
ip igmp snooping v3-report-suppression
This example shows how to remove IGMPv3 report suppression and proxy reporting:
n1000v(
config)#
no ip igmp snooping v3-report-suppression
Related Commands
|
|
---|---|
ip igmp snooping v3-report-suppression (VLAN)
To configure IGMPv3 report suppression and proxy reporting for VLANs, use the ip igmp snooping v3-report-suppression command. To remove IGMPv3 report suppression, use the no form of this command.
ip igmp snooping v3-report-suppression
no ip igmp snooping v3-report-suppression
Syntax Description
Defaults
Command Modes
VLAN configuration (config-vlan)
Command History
|
|
Examples
This example shows how to configure IGMPv3 report suppression and proxy reporting for VLANs:
This example shows how to remove IGMPv3 report suppression and proxy reporting for VLANs:
Related Commands
|
|
---|---|
ip port access-group
To create an access group, use the ip port access-group command. To remove access control, use the no form of this command.
ip port access-group name { in | out }
no ip port access-group name { in | out }
Syntax Description
Defaults
Command Modes
Port profile configuration (config-port-prof)
Command History
|
|
Usage Guidelines
You create an access group to specify in an ACL the access control of packets.
Examples
This example shows how to create an access group:
Related Commands
|
|
---|---|
ip prec
To specify the IP precedence value for the packets in the ERSPAN traffic and save it in the running configuration, use the ip prec command.
Syntax Description
IP precedence value for the ERSPAN traffic packets. The range is 0–7. |
Defaults
Command Modes
CLI ERSPAN source configuration (config-monitor-erspan-src)
Command History
|
|
Examples
This example shows how to specify the IP precedence value as 1 for the packets in the ERSPAN traffic and save it in the running configuration:
Related Commands
ip source binding
To create a static IP source entry for a Layer 2 vEthernet interface, use the ip source binding command. To disable the static IP source entry, use the no form of this command.
ip source binding IP-address MAC-address vlan vlan-id interface vethernet interface-number
no ip source binding IP-address MAC-address vlan vlan-id interface vethernet interface-number
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Examples
This example shows how to create a static IP source entry that is associated with VLAN 100 on vEthernet interface 3:
Related Commands
|
|
---|---|
ip source binding filter-mode [ip | ip-mac]
Use the ip source binding [ip | ip-mac]command to enable source IP based filtering.
ip source binding filter-mode [ip | ip-mac]
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
This functionality is applicable to static bindings only. In the case of the dynamic bindings, a new MAC Address results in updating the dynamic binding on the Cisco Nexus 1000V.
Examples
This example shows how to enable source-IP only filtering for IPSG/DAI:
Related Commands
|
|
---|---|
ip source-route
To enable an IP source route, use the ip source-route command. To disable an IP source route, use the no form of this command.
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to enable an IP source route:
n1000v#
configure terminal
n1000v(
config)#
ip source-route
n1000v(
config)#
Related Commands
|
|
---|---|
ip ttl
To specify the IP time-to-live value for the packets in the Encapsulated Remote Switch Port Analyzer (ERSPAN) traffic and save it in the running configuration, use the ip ttl command.
Syntax Description
Defaults
Command Modes
CLI ERSPAN source configuration (config-monitor-erspan-src)
Command History
|
|
Examples
This example shows how to specify the time-to-live value of 64 seconds for packets in the ERSPAN traffic:
Related Commands
ip verify source dhcp-snooping-vlan
To enable IP Source Guard on a Layer 2 vEthernet interface, use the ip verify source dhcp-snooping-vlan command. To disable IP Source Guard on an interface, use the no form of this command. To restore the default setting, use the default form of this command.
ip verify source dhcp-snooping-vlan
no ip verify source dhcp-snooping-vlan
default ip verify source dhcp-snooping-vlan
Syntax Description
Defaults
Command Modes
Interface configuration (config-if)
Port profile configuration (config-port-prof)
Command History
|
|
Usage Guidelines
By default, IP Source Guard is not enabled on any interface.
Examples
This example shows how to enable IP Source Guard on an interface:
Related Commands
|
|
---|---|
Creates a static IP source entry for the specified vEthernet interface. |
|