Command Reference, Cisco IOS XE Bengaluru 17.5.x (Catalyst 9400 Switches)

clear ip nhrp

To clear all dynamic entries from the Next Hop Resolution Protocol (NHRP) cache, use the clear ip nhrp command in user EXEC or privileged EXEC mode.

clear ip nhrp [vrf {vrf-name | global}] [dest-ip-address [dest-mask] | tunnel number | counters [interface tunnel number] | stats [tunnel number [vrf {vrf-name | global}]]]

Syntax Description


vrf	(Optional) Deletes entries from the NHRP cache for the specified virtual routing and forwarding (VRF) instance.
`vrf-name`	(Optional) Name of the VRF address family to which the command is applied.
global	(Optional) Specifies the global VRF instance.
`dest-ip-address`	(Optional) Destination IP address. Specifying this argument clears NHRP mapping entries for the specified destination IP address.
`dest-mask`	(Optional) Destination network mask.
counters	(Optional) Clears the NHRP counters.
interface	(Optional) Clears the NHRP mapping entries for all interfaces.
tunnel `number`	(Optional) Removes the specified interface from the NHRP cache.
stats	(Optional) Clears all IPv4 statistic information for all interfaces.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The clear ip nhrp command does not clear any static (configured) IP-to-NBMA address mappings from the NHRP cache.

Examples

The following example shows how to clear all dynamic entries from the NHRP cache for an interface:


Switch# clear ip nhrp

Related Commands


Command	Description
show ip nhrp	Displays NHRP mapping information.

clear ipv6 access-list

To reset the IPv6 access list match counters, use the clear ipv6 access-list command in privileged EXEC mode.

clear ipv6 access-list [access-list-name]

Syntax Description


`access-list-name`	(Optional) Name of the IPv6 access list for which to clear the match counters. Names cannot contain a space or quotation mark, or begin with a numeric.

Command Default

No reset is initiated.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The clear ipv6 access-list command is similar to the clear ip access-list counters command, except that it is IPv6-specific.

The clear ipv6 access-list command used without the access-list-name argument resets the match counters for all IPv6 access lists configured on the router.

This command resets the IPv6 global ACL hardware counters.

Examples

The following example resets the match counters for the IPv6 access list named marketing:

Device# clear ipv6 access-list marketing

Related Commands


Command	Description
hardware statistics	Enables the collection of hardware statistics.
ipv6 access-list	Defines an IPv6 access list and enters IPv6 access list configuration mode.
show ipv6 access-list	Displays the contents of all current IPv6 access lists.

clear ipv6 dhcp

To clear IPv6 Dynamic Host Configuration Protocol (DHCP) information, use the clear ipv6 dhcp command in privileged EXEC mode:

clear ipv6 dhcp

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The clear ipv6 dhcp command deletes DHCP for IPv6 information.

Examples

The following example :


Device# clear ipv6 dhcp

clear ipv6 dhcp binding

To delete automatic client bindings from the Dynamic Host Configuration Protocol (DHCP) for IPv6 server binding table, use the clear ipv6 dhcp binding command in privileged EXEC mode.

clear ipv6 dhcp binding [ipv6-address] [vrf vrf-name]

Syntax Description


`ipv6-address`	(Optional) The address of a DHCP for IPv6 client. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons.
vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The clear ipv6 dhcp binding command is used as a server function.

A binding table entry on the DHCP for IPv6 server is automatically:

Created whenever a prefix is delegated to a client from the configuration pool.
Updated when the client renews, rebinds, or confirms the prefix delegation.
Deleted when the client releases all the prefixes in the binding voluntarily, all prefixes’ valid lifetimes have expired, or an administrator runs the clear ipv6 dhcp binding command.

If the clear ipv6 dhcp binding command is used with the optional ipv6-address argument specified, only the binding for the specified client is deleted. If the clear ipv6 dhcp binding command is used without the ipv6-address argument, then all automatic client bindings are deleted from the DHCP for IPv6 binding table. If the optional vrf vrf-name keyword and argument combination is used, only the bindings for the specified VRF are cleared.

Examples

The following example deletes all automatic client bindings from the DHCP for IPv6 server binding table:


Device# clear ipv6 dhcp binding

Related Commands


Command	Description
show ipv6 dhcp binding	Displays automatic client bindings from the DHCP for IPv6 server binding table.

clear ipv6 dhcp client

To restart the Dynamic Host Configuration Protocol (DHCP) for IPv6 client on an interface, use the clear ipv6 dhcp client command in privileged EXEC mode.

clear ipv6 dhcp client interface-type interface-number

Syntax Description


`interface-type` `interface-number`	Interface type and number. For more information, use the question mark (? ) online help function.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The clear ipv6 dhcp client command restarts the DHCP for IPv6 client on specified interface after first releasing and unconfiguring previously acquired prefixes and other configuration options (for example, Domain Name System [DNS] servers).

Examples

The following example restarts the DHCP for IPv6 client for Ethernet interface 1/0:


Device# clear ipv6 dhcp client Ethernet 1/0

Related Commands


Command	Description
show ipv6 dhcp interface	Displays DHCP for IPv6 interface information.

clear ipv6 dhcp conflict

To clear an address conflict from the Dynamic Host Configuration Protocol for IPv6 (DHCPv6) server database, use the clear ipv6 dhcp conflict command in privileged EXEC mode.

clear ipv6 dhcp conflict {* | ipv6-address | vrf vrf-name}

Syntax Description


*	Clears all address conflicts.
`ipv6-address`	Clears the host IPv6 address that contains the conflicting address.
vrf `vrf-name`	Specifies a virtual routing and forwarding (VRF) name.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

When you configure the DHCPv6 server to detect conflicts, it uses ping. The client uses neighbor discovery to detect clients and reports to the server through a DECLINE message. If an address conflict is detected, the address is removed from the pool, and the address is not assigned until the administrator removes the address from the conflict list.

If you use the asterisk (*) character as the address parameter, DHCP clears all conflicts.

If the vrf vrf-name keyword and argument are specified, only the address conflicts that belong to the specified VRF will be cleared.

Examples

The following example shows how to clear all address conflicts from the DHCPv6 server database:


Device# clear ipv6 dhcp conflict *

Related Commands


Command	Description
show ipv6 dhcp conflict	Displays address conflicts found by a DHCPv6 server when addresses are offered to the client.

clear ipv6 dhcp relay binding

To clear an IPv6 address or IPv6 prefix of a Dynamic Host Configuration Protocol (DHCP) for IPv6 relay binding, use the clear ipv6 dhcp relay binding command in privileged EXEC mode.

clear ipv6 dhcp relay binding {vrf vrf-name} {* | ipv6-address | ipv6-prefix}

clear ipv6 dhcp relay binding {vrf vrf-name} {* | ipv6-prefix}

Syntax Description


vrf `vrf-name`	Specifies a virtual routing and forwarding (VRF) configuration.
*	Clears all DHCPv6 relay bindings.
`ipv6-address`	DHCPv6 address.
`ipv6-prefix`	IPv6 prefix.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The clear ipv6 dhcp relay binding command deletes a specific IPv6 address or IPv6 prefix of a DHCP for IPv6 relay binding. If no relay client is specified, no binding is deleted.

Examples

The following example shows how to clear the binding for a client with a specified IPv6 address:


Device# clear ipv6 dhcp relay binding 2001:0DB8:3333:4::5

The following example shows how to clear the binding for a client with the VRF name vrf1 and a specified prefix on a Cisco uBR10012 universal broadband device:

Device# clear ipv6 dhcp relay binding vrf vrf1 2001:DB8:0:1::/64

Related Commands


Command	Description
show ipv6 dhcp relay binding	Displays DHCPv6 IANA and DHCPv6 IAPD bindings on a relay agent.

clear ipv6 eigrp

To delete entries from Enhanced Interior Gateway Routing Protocol (EIGRP) for IPv6 routing tables, use the clear ipv6 eigrp command in privileged EXEC mode.

clear ipv6 eigrp [as-number] [neighbor [ipv6-address | interface-type interface-number]]

Syntax Description


`as-number`	(Optional) Autonomous system number.
neighbor	(Optional) Deletes neighbor router entries.
`ipv6-address`	(Optional) IPv6 address of a neighboring router.
`interface-type`	(Optional) The interface type of the neighbor router.
`interface-number`	(Optional) The interface number of the neighbor router.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the clear ipv6 eigrp command without any arguments or keywords to clear all EIGRP for IPv6 routing table entries. Use the as-number argument to clear routing table entries on a specified process, and use the neighbor ipv6-address keyword and argument, or the interface-type interface-number argument, to remove a specific neighbor from the neighbor table.

Examples

The following example removes the neighbor whose IPv6 address is 3FEE:12E1:2AC1:EA32:


Device# clear ipv6 eigrp neighbor 3FEE:12E1:2AC1:EA32

clear ipv6 mfib counters

To reset all active Multicast Forwarding Information Base (MFIB) traffic counters, use the clear ipv6 mfib counters command in privileged EXEC mode.

clear ipv6 mfib [vrf vrf-name] counters [group-name | group-address [source-address | source-name]]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`group-name` \| `group-address`	(Optional) IPv6 address or name of the multicast group.
`source-address` \| `source-name`	(Optional) IPv6 address or name of the source.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

After you enable the clear ipv6 mfib counters command, you can determine if additional traffic is forwarded by using one of the following show commands that display traffic counters:

show ipv6 mfib
show ipv6 mfib active
show ipv6 mfib count
show ipv6 mfib interface
show ipv6 mfib summary

Examples

The following example clears and resets all MFIB traffic counters:


Device# clear ipv6 mfib counters

clear ipv6 mld counters

To clear the Multicast Listener Discovery (MLD) interface counters, use the clear ipv6 mld counters command in privileged EXEC mode.

clear ipv6 mld [vrf vrf-name] counters [interface-type]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`interface-type`	(Optional) Interface type. For more information, use the question mark (? ) online help function.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the clear ipv6 mld counters command to clear the MLD counters, which keep track of the number of joins and leaves received. If you omit the optional interface-type argument, the clear ipv6 mld counters command clears the counters on all interfaces.

Examples

The following example clears the counters for Ethernet interface 1/0:


Device# clear ipv6 mld counters Ethernet1/0

Related Commands


Command	Description
show ipv6 mld interface	Displays multicast-related information about an interface.

clear ipv6 mld traffic

To reset the Multicast Listener Discovery (MLD) traffic counters, use the clear ipv6 mld traffic command in privileged EXEC mode.

clear ipv6 mld [vrf vrf-name] traffic

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Using the clear ipv6 mld traffic command will reset all MLD traffic counters.

Examples

The following example resets the MLD traffic counters:


Device# clear ipv6 mld traffic


Command	Description
show ipv6 mld traffic	Displays the MLD traffic counters.

clear ipv6 mtu

To clear the maximum transmission unit (MTU) cache of messages, use the clear ipv6 mtu command in privileged EXEC mode.

clear ipv6 mtu

Syntax Description

This command has no arguments or keywords.

Command Default

Messages are not cleared from the MTU cache.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

If a router is flooded with ICMPv6 toobig messages, the router is forced to create an unlimited number of entries in the MTU cache until all available memory is consumed. Use the clear ipv6 mtu command to clear messages from the MTU cache.

Examples

The following example clears the MTU cache of messages:


Device# clear ipv6 mtu

Related Commands


Command	Description
ipv6 flowset	Configures flow-label marking in 1280-byte or larger packets sent by the router.

clear ipv6 multicast aaa authorization

To clear authorization parameters that restrict user access to an IPv6 multicast network, use the clear ipv6 multicast aaa authorization command in privileged EXEC mode.

clear ipv6 multicast aaa authorization [interface-type interface-number]

Syntax Description


`interface-type` `interface-number`	Interface type and number. For more information, use the question mark (? ) online help function.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Using the clear ipv6 multicast aaa authorization command without the optional interface-type and interface-number arguments will clear all authorization parameters on a network.

Examples

The following example clears all configured authorization parameters on an IPv6 network:


Device# clear ipv6 multicast aaa authorization FastEthernet 1/0

Related Commands


Command	Description
aaa authorization multicast default	Sets parameters that restrict user access to an IPv6 multicast network.

clear ipv6 nd destination

To clear IPv6 host-mode destination cache entries, use the clear ipv6 nd destination command in privileged EXEC mode.

clear ipv6 nd destination [vrf vrf-name]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The clear ipv6 nd destination command clears IPv6 host-mode destination cache entries. If the vrf vrf-name keyword and argument pair is used, then only information about the specified VRF is cleared.

Examples

The following example shows how to clear IPv6 host-mode destination cache entries:

Device# clear ipv6 nd destination

Related Commands


Command	Description
ipv6 nd host mode strict	Enables the conformant, or strict, IPv6 host mode.

clear ipv6 nd on-link prefix

To clear on-link prefixes learned through router advertisements (RAs), use the clear ipv6 nd on-link prefix command in privileged EXEC mode.

clear ipv6 nd on-link prefix [vrf vrf-name]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the clear ipv6 nd on-link prefix command to clear locally reachable IPv6 addresses (e.g., on-link prefixes) learned through RAs. If the vrf vrf-name keyword and argument pair is used, then only information about the specified VRF is cleared.

Examples

The following examples shows how to clear on-link prefixes learned through RAs:

Device# clear ipv6 nd on-link prefix

Related Commands


Command	Description
ipv6 nd host mode strict	Enables the conformant, or strict, IPv6 host mode.

clear ipv6 nd router

To clear neighbor discovery (ND) device entries learned through router advertisements (RAs), use the clear ipv6 nd router command in privileged EXEC mode.

clear ipv6 nd router [vrf vrf-name]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the clear ipv6 nd router command to clear ND device entries learned through RAs. If the vrf vrf-name keyword and argument pair is used, then only information about the specified VRF is cleared.

Examples

The following example shows how to clear neighbor discovery ND device entries learned through RAs:


Device# clear ipv6 nd router

Related Commands


Command	Description
ipv6 nd host mode strict	Enables the conformant, or strict, IPv6 host mode.

clear ipv6 neighbors

To delete all entries in the IPv6 neighbor discovery cache, except static entries and ND cache entries on non-virtual routing and forwarding (VRF) interfaces, use the clear ipv6 neighbors command in privileged EXEC mode.

clear ipv6 neighbors [interface type number [ipv6 ipv6-address] | statistics | vrf table-name [ipv6-address | statistics]]

clear ipv6 neighbors

Syntax Description


interface `type` `number`	(Optional) Clears the IPv6 neighbor discovery cache in the specified interface.
ipv6 `ipv6-address`	(Optional) Clears the IPv6 neighbor discovery cache that matches the specified IPv6 address on the specified interface.
statistics	(Optional) Clears the IPv6 neighbor discovery entry cache.
vrf	(Optional) Clears entries for a virtual private network (VPN) routing or forwarding instance.
`table-name`	(Optional) Table name or identifier. The value range is from 0x0 to 0xFFFFFFFF (0 to 65535 in decimal).

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The clear ipv6 neighbor command clears ND cache entries. If the command is issued without the vrf keyword, then the command clears ND cache entries on interfaces associated with the default routing table (e.g., those interfaces that do not have a vrf forwarding statement). If the command is issued with the vrf keyword, then it clears ND cache entries on interfaces associated with the specified VRF.

Examples

The following example deletes all entries, except static entries and ND cache entries on non-VRF interfaces, in the neighbor discovery cache:


Device# clear ipv6 neighbors

The following example clears all IPv6 neighbor discovery cache entries, except static entries and ND cache entries on non-VRF interfaces, on Ethernet interface 0/0:


Device# clear ipv6 neighbors interface Ethernet 0/0

The following example clears a neighbor discovery cache entry for 2001:0DB8:1::1 on Ethernet interface 0/0:


Device# clear ipv6 neighbors interface Ethernet0/0 ipv6 2001:0DB8:1::1

In the following example, interface Ethernet 0/0 is associated with the VRF named red. Interfaces Ethernet 1/0 and Ethernet 2/0 are associated with the default routing table (because they are not associated with a VRF). Therefore, the clear ipv6 neighbor command will clear ND cache entries on interfaces Ethernet 1/0 and Ethernet 2/0 only. In order to clear ND cache entries on interface Ethernet 0/0, the user must issue the clear ipv6 neighbor vrf red command.

interface ethernet0/0
  vrf forward red
  ipv6 address 2001:db8:1::1/64

interface ethernet1/0
   ipv6 address 2001:db8:2::1/64

interface ethernet2/0
   ipv6 address 2001:db8:3::1/64

Related Commands


Command	Description
ipv6 neighbor	Configures a static entry in the IPv6 neighbor discovery cache.
show ipv6 neighbors	Displays IPv6 neighbor discovery cache information.

clear ipv6 nhrp

To clear all dynamic entries from the Next Hop Resolution Protocol (NHRP) cache, use the clear ipv6 nhrp command in privileged EXEC mode.

clear ipv6 nhrp [ipv6-address | counters]

Syntax Description


`ipv6-address`	(Optional) The IPv6 network to delete.
counters	(Optional) Specifies NHRP counters to delete.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

This command does not clear any static (configured) IPv6-to-nonbroadcast multiaccess (NBMA) address mappings from the NHRP cache.

Examples

The following example shows how to clear all dynamic entries from the NHRP cache for the interface:


Device# clear ipv6 nhrp

Related Commands


Command	Description
show ipv6 nhrp	Displays the NHRP cache.

clear ipv6 ospf

To clear the Open Shortest Path First (OSPF) state based on the OSPF routing process ID, use the cl ear ipv6 ospf command in privileged EXEC mode.

clear ipv6 ospf [process-id] {process | force-spf | redistribution}

Syntax Description


`process-id`	(Optional) Internal identification. It is locally assigned and can be any positive integer. The number used here is the number assigned administratively when enabling the OSPF routing process.
process	Restarts the OSPF process.
force-spf	Starts the shortest path first (SPF) algorithm without first clearing the OSPF database.
redistribution	Clears OSPF route redistribution.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

When the process keyword is used with the clear ipv6 ospf command, the OSPF database is cleared and repopulated, and then the shortest path first (SPF) algorithm is performed. When the force-spf keyword is used with the clear ipv6 ospf command, the OSPF database is not cleared before the SPF algorithm is performed.

Use the process-id option to clear only one OSPF process. If the process-id option is not specified, all OSPF processes are cleared.

Examples

The following example starts the SPF algorithm without clearing the OSPF database:


Device# clear ipv6 ospf force-spf

clear ipv6 ospf counters

To clear the Open Shortest Path First (OSPF) state based on the OSPF routing process ID, use the cl ear ipv6 ospf command in privileged EXEC mode.

clear ipv6 ospf [process-id] counters [neighbor [neighbor-interface | neighbor-id]]

Syntax Description


`process-id`	(Optional) Internal identification. It is locally assigned and can be any positive integer. The number used here is the number assigned administratively when enabling the OSPF routing process.
neighbor	(Optional) Neighbor statistics per interface or neighbor ID.
`neighbor-interface`	(Optional) Neighbor interface.
`neighbor-id`	(Optional) IPv6 or IP address of the neighbor.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the neighbor neighbor-interface option to clear counters for all neighbors on a specified interface. If the neighbor neighbor-interface option is not used, all OSPF counters are cleared.

Use the neighbor neighbor-id option to clear counters at a specified neighbor. If the neighbor neighbor-id option is not used, all OSPF counters are cleared.

Examples

The following example provides detailed information on a neighbor router:


Device# show ipv6 ospf neighbor detail
 Neighbor 10.0.0.1
    In the area 1 via interface Serial19/0
    Neighbor:interface-id 21, link-local address FE80::A8BB:CCFF:FE00:6F00
    Neighbor priority is 1, State is FULL, 6 state changes
    Options is 0x194AE05
    Dead timer due in 00:00:37
    Neighbor is up for 00:00:15
    Index 1/1/1, retransmission queue length 0, number of retransmission 1
    First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0)
    Last retransmission scan length is 1, maximum is 1
    Last retransmission scan time is 0 msec, maximum is 0 msec

The following example clears all neighbors on the specified interface:


Device# clear ipv6 ospf counters neighbor s19/0

The following example now shows that there have been 0 state changes since the clear ipv6 ospf counters neighbor s19/0 command was used:


Device# show ipv6 ospf neighbor detail
 Neighbor 10.0.0.1
    In the area 1 via interface Serial19/0
    Neighbor:interface-id 21, link-local address FE80::A8BB:CCFF:FE00:6F00
    Neighbor priority is 1, State is FULL, 0 state changes
    Options is 0x194AE05
    Dead timer due in 00:00:39
    Neighbor is up for 00:00:43
    Index 1/1/1, retransmission queue length 0, number of retransmission 1
    First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0)
    Last retransmission scan length is 1, maximum is 1
    Last retransmission scan time is 0 msec, maximum is 0 msec

Related Commands


Command	Description
show ipv6 ospf neighbor	Displays OSPF neighbor information on a per-interface basis.

clear ipv6 ospf events

To clear the Open Shortest Path First (OSPF) for IPv6 event log content based on the OSPF routing process ID, use the cl ear ipv6 ospf events command in privileged EXEC mode.

clear ipv6 ospf [process-id] events

Syntax Description


`process-id`	(Optional) Internal identification. It is locally assigned and can be any positive integer. The number used here is the number assigned administratively when enabling the OSPF routing process.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the optional process-id argument to clear the IPv6 event log content of a specified OSPF routing process. If the process-id argument is not used, all event log content is cleared.

Examples

The following example enables the clearing of OSPF for IPv6 event log content for routing process 1:


Device# clear ipv6 ospf 1 events

clear ipv6 pim reset

To delete all entries from the topology table and reset the Multicast Routing Information Base (MRIB) connection, use the clear ipv6 pim reset command in privileged EXEC mode.

clear ipv6 pim [vrf vrf-name] reset

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Using the clear ipv6 pim reset command breaks the PIM-MRIB connection, clears the topology table, and then reestablishes the PIM-MRIB connection. This procedure forces MRIB resynchronization.

Caution

Use the clear ipv6 pim reset command with caution, as it clears all PIM protocol information from the PIM topology table. Use of the clear ipv6 pim reset command should be reserved for situations where PIM and MRIB communication are malfunctioning.

Examples

The following example deletes all entries from the topology table and resets the MRIB connection:


Device# clear ipv6 pim reset

clear ipv6 pim topology

To clear the Protocol Independent Multicast (PIM) topology table, use the clear ipv6 pim topology command in privileged EXEC mode.

clear ipv6 pim [vrf vrf-name] topology [group-name | group-address]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`group-name` \| `group-address`	(Optional) IPv6 address or name of the multicast group.

Command Default

When the command is used with no arguments, all group entries located in the PIM topology table are cleared of PIM protocol information.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

This command clears PIM protocol information from all group entries located in the PIM topology table. Information obtained from the MRIB table is retained. If a multicast group is specified, only those group entries are cleared.

Examples

The following example clears all group entries located in the PIM topology table:


Device# clear ipv6 pim topology

clear ipv6 pim traffic

To clear the Protocol Independent Multicast (PIM) traffic counters, use the clear ipv6 pim traffic command in privileged EXEC mode.

clear ipv6 pim [vrf vrf-name] traffic

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.

Command Default

When the command is used with no arguments, all traffic counters are cleared.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

This command clears PIM traffic counters. If the vrf vrf-name keyword and argument are used, only those counters are cleared.

Examples

The following example clears all PIM traffic counter:


Device# clear ipv6 pim traffic

clear ipv6 prefix-list

To reset the hit count of the IPv6 prefix list entries, use the clear ipv6 prefix-list command in privileged EXEC mode.

clear ipv6 prefix-list [prefix-list-name] [ipv6-prefix/prefix-length]

Syntax Description


`prefix-list-name`	(Optional) The name of the prefix list from which the hit count is to be cleared.
`ipv6-prefix`	(Optional) The IPv6 network from which the hit count is to be cleared. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons.
/ `prefix-length`	(Optional) The length of the IPv6 prefix. A decimal value that indicates how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). A slash mark must precede the decimal value.

Command Default

The hit count is automatically cleared for all IPv6 prefix lists.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The clear ipv6 prefix-list command is similar to the clear ip prefix-list command, except that it is IPv6-specific.

The hit count is a value indicating the number of matches to a specific prefix list entry.

Examples

The following example clears the hit count from the prefix list entries for the prefix list named first_list that match the network mask 2001:0DB8::/ 35.


Device# clear ipv6 prefix-list first_list 2001:0DB8::/35

Related Commands


Command	Description
ipv6 prefix-list	Creates an entry in an IPv6 prefix list.
ipv6 prefix-list sequence-number	Enables the generation of sequence numbers for entries in an IPv6 prefix list.
show ipv6 prefix-list	Displays information about an IPv6 prefix list or prefix list entries.

clear ipv6 rip

To delete routes from the IPv6 Routing Information Protocol (RIP) routing table, use the clear ipv6 rip command in privileged EXEC mode.

clear ipv6 rip [name] [vrf vrf-name]

clear ipv6 rip [name]

Syntax Description


`name`	(Optional) Name of an IPv6 RIP process.
vrf `vrf-name`	(Optional) Clears information about the specified Virtual Routing and Forwarding (VRF) instance.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

When the name argument is specified, only routes for the specified IPv6 RIP process are deleted from the IPv6 RIP routing table. If no name argument is specified, all IPv6 RIP routes are deleted.

Use the show ipv6 rip command to display IPv6 RIP routes.

Use the clear ipv6 rip name vrf vrf-name command to delete the specified VRF instances for the specified IPv6 RIP process.

Examples

The following example deletes all the IPv6 routes for the RIP process called one:


Device# clear ipv6 rip one

The following example deletes the IPv6 VRF instance, called vrf1 for the RIP process, called one:


Device# clear ipv6 rip one vrf vrf1

*Mar 15 12:36:17.022: RIPng: Deleting 2001:DB8::/32
*Mar 15 12:36:17.022: [Exec]IPv6RT[vrf1]: rip <name>, Delete all next-hops for 2001:DB8::1
*Mar 15 12:36:17.022: [Exec]IPv6RT[vrf1]: rip <name>, Delete 2001:DB8::1 from table
*Mar 15 12:36:17.022: [IPv6 RIB Event Handler]IPv6RT[<red>]: Event: 2001:DB8::1, Del, owner rip, previous None

Related Commands


Command	Description
debug ipv6 rip	Displays the current contents of the IPv6 RIP routing table.
ipv6 rip vrf-mode enable	Enables VRF-aware support for IPv6 RIP.
show ipv6 rip	Displays the current content of the IPv6 RIP routing table.

clear ipv6 route

To delete routes from the IPv6 routing table, use the clear ipv6 route command in privileged EXEC mode.

{clear ipv6 route {ipv6-address | ipv6-prefix/prefix-length} | *}

Syntax Description


`ipv6-address`	The address of the IPv6 network to delete from the table. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons.
`ipv6-prefix`	The IPv6 network number to delete from the table. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons.
/ `prefix-length`	The length of the IPv6 prefix. A decimal value that indicates how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). A slash mark must precede the decimal value.
*	Clears all IPv6 routes.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The clear ipv6 route command is similar to the clear ip route command, except that it is IPv6-specific.

When the ipv6-address or ipv6-prefix/ prefix- length argument is specified, only that route is deleted from the IPv6 routing table. When the * keyword is specified, all routes are deleted from the routing table (the per-destination maximum transmission unit [MTU] cache is also cleared).

Examples

The following example deletes the IPv6 network 2001:0DB8::/ 35:


Device# clear ipv6 route 2001:0DB8::/35

Related Commands


Command	Description
ipv6 route	Establishes static IPv6 routes.
show ipv6 route	Displays the current contents of the IPv6 routing table.

clear ipv6 spd

To clear the most recent Selective Packet Discard (SPD) state transition, use the clear ipv6 spd command in privileged EXEC mode.

clear ipv6 spd

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The clear ipv6 spd command removes the most recent SPD state transition and any trend historical data.

Examples

The following example shows how to clear the most recent SPD state transition:


Device# clear ipv6 spd

debug nhrp

To enable Next Hop Resolution Protocol (NHRP) debugging, use the debug nhrp command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug nhrp [attribute | cache | condition {interface tunnel number | peer {nbma {ipv4-nbma-address | nbma-name | ipv6-nbma-address} } | umatched | vrf vrf-name} | detail | error | extension | group | packet | rate]

no debug nhrp [attribute | cache | condition {interface tunnel number | peer {nbma {ipv4-nbma-address | nbma-name | ipv6-nbma-address} } unmatched | vrf vrf-name} | detail | error | extension | group | packet | rate ]

Syntax Description


attribute	(Optional) Enables NHRP attribute debugging operations.
cache	(Optional) Enables NHRP cache debugging operations.
condition	(Optional) Enables NHRP conditional debugging operations.
interface tunnel `number`	(Optional) Enables debugging operations for the tunnel interface.
nbma	(Optional) Enables debugging operations for the non-broadcast multiple access (NBMA) network.
`ipv4-nbma-address`	(Optional) Enables debugging operations based on the IPv4 address of the NBMA network.
`nbma-name`	(Optional) NBMA network name.
`IPv6-address`	(Optional) Enables debugging operations based on the IPv6 address of the NBMA network.
vrf `vrf-name`	(Optional) Enables debugging operations for the virtual routing and forwarding instance.
detail	(Optional) Displays detailed logs of NHRP debugs.
error	(Optional) Enables NHRP error debugging operations.
extension	(Optional) Enables NHRP extension processing debugging operations.
group	(Optional) Enables NHRP group debugging operations.
packet	(Optional) Enables NHRP activity debugging.
rate	(Optional) Enables NHRP rate limiting.
routing	(Optional) Enables NHRP routing debugging operations.

Command Default

NHRP debugging is not enabled.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the debug nhrp detail command to view the NHRP attribute logs.

The Virtual-Access number keyword-argument pair is visible only if the virtual access interface is available on the device.

Examples

The following sample output from the debug nhrp command displays NHRP debugging output for IPv4:


Switch# debug nhrp

Aug  9 13:13:41.486: NHRP: Attempting to send packet via DEST 10.1.1.99
Aug  9 13:13:41.486: NHRP: Encapsulation succeeded.  Tunnel IP addr 10.11.11.99
Aug  9 13:13:41.486: NHRP: Send Registration Request via Tunnel0 vrf 0, packet size: 105
Aug  9 13:13:41.486:       src: 10.1.1.11, dst: 10.1.1.99
Aug  9 13:13:41.486: NHRP: 105 bytes out Tunnel0
Aug  9 13:13:41.486: NHRP: Receive Registration Reply via Tunnel0 vrf 0, packet size: 125
Aug  9 13:13:41.486: NHRP: netid_in = 0, to_us = 1

Related Commands


Command	Description
show ip nhrp	Displays NHRP mapping information.

fhrp delay

To specify the delay period for the initialization of First Hop Redundancy Protocol (FHRP) clients, use the fhrp delay command in interface configuration mode. To remove the delay period specified, use the no form of this command.

fhrp delay {[ minimum] [ reload] seconds}

no fhrp delay {[ minimum] [ reload] seconds}

Syntax Description


minimum	(Optional) Configures the delay period after an interface becomes available.
reload	(Optional) Configures the delay period after the device reloads.
`seconds`	Delay period in seconds. The range is from 0 to 3600.

Command Default

None

Command Modes

Interface configuration (config-if)

Examples

This example shows how to specify the delay period for the initialization of FHRP clients:


Device(config-if)# fhrp delay minimum 90

Related Commands


Command	Description
show fhrp	Displays First Hop Redundancy Protocol (FHRP) information.

fhrp version vrrp v3

To enable Virtual Router Redundancy Protocol version 3 (VRRPv3) and Virtual Router Redundancy Service (VRRS) configuration on a device, use the fhrp version vrrp v3 command in global configuration mode. To disable the ability to configure VRRPv3 and VRRS on a device, use the no form of this command.

fhrp version vrrp v3

no fhrp version vrrp v3

Syntax Description

This command has no keywords or arguments.

Command Default

VRRPv3 and VRRS configuration on a device is not enabled.

Command Modes

Global configuration (config)

Usage Guidelines

When VRRPv3 is in use, VRRP version 2 (VRRPv2) is unavailable.

Examples

In the following example, a tracking process is configured to track the state of an IPv6 object using a VRRPv3 group. VRRP on GigabitEthernet interface 0/0/0 then registers with the tracking process to be informed of any changes to the IPv6 object on the VRRPv3 group. If the IPv6 object state on serial interface VRRPv3 goes down, then the priority of the VRRP group is reduced by 20:


Device(config)# fhrp version vrrp v3
Device(config)# interface GigabitEthernet 0/0/0
Device(config-if)# vrrp 1 address-family ipv6
Device(config-if-vrrp)# track 1 decrement 20

Related Commands


Command	Description
track (VRRP)	Enables an object to be tracked using a VRRPv3 group.

ip address dhcp

To acquire an IP address on an interface from the DHCP, use the ip address dhcp command in interface configuration mode. To remove any address that was acquired, use the no form of this command.

ip address dhcp [client-id interface-type number] [hostname hostname]

no ip address dhcp [client-id interface-type number] [hostname hostname]

Syntax Description


client-id	(Optional) Specifies the client identifier. By default, the client identifier is an ASCII value. The client-id `interface-type` `number` option sets the client identifier to the hexadecimal MAC address of the named interface.
`interface-type`	(Optional) Interface type. For more information, use the question mark (?) online help function.
`number`	(Optional) Interface or subinterface number. For more information about the numbering syntax for your networking device, use the question mark (?) online help function.
hostname	(Optional) Specifies the hostname.
`hostname`	(Optional) Name of the host to be placed in the DHCP option 12 field. This name need not be the same as the hostname entered in global configuration mode.

Command Default

The hostname is the globally configured hostname of the device. The client identifier is an ASCII value.

Command Modes

Interface configuration (config-if)

Usage Guidelines

The ip address dhcp command allows any interface to dynamically learn its IP address by using the DHCP protocol. It is especially useful on Ethernet interfaces that dynamically connect to an Internet service provider (ISP). Once assigned a dynamic address, the interface can be used with the Port Address Translation (PAT) of Cisco IOS Network Address Translation (NAT) to provide Internet access to a privately addressed network attached to the device.

The ip address dhcp command also works with ATM point-to-point interfaces and will accept any encapsulation type. However, for ATM multipoint interfaces you must specify Inverse ARP via the protocol ip inarp interface configuration command and use only the aa15snap encapsulation type.

Some ISPs require that the DHCPDISCOVER message have a specific hostname and client identifier that is the MAC address of the interface. The most typical usage of the ip address dhcp client-id interface-type number hostname hostname command is when interface-type is the Ethernet interface where the command is configured and interface-type number is the hostname provided by the ISP.

A client identifier (DHCP option 61) can be a hexadecimal or an ASCII value. By default, the client identifier is an ASCII value. The client-id interface-type number option overrides the default and forces the use of the hexadecimal MAC address of the named interface.

If a Cisco device is configured to obtain its IP address from a DHCP server, it sends a DHCPDISCOVER message to provide information about itself to the DHCP server on the network.

If you use the ip address dhcp command with or without any of the optional keywords, the DHCP option 12 field (hostname option) is included in the DISCOVER message. By default, the hostname specified in option 12 will be the globally configured hostname of the device. However, you can use the ip address dhcp hostname hostname command to place a different name in the DHCP option 12 field than the globally configured hostname of the device.

The no ip address dhcp command removes any IP address that was acquired, thus sending a DHCPRELEASE message.

You might need to experiment with different configurations to determine the one required by your DHCP server. The table below shows the possible configuration methods and the information placed in the DISCOVER message for each method.

Table 1. Configuration Method and Resulting Contents of the DISCOVER Message
Configuration Method	Contents of DISCOVER Messages
ip address dhcp	The DISCOVER message contains “cisco- `mac-address` -Eth1” in the client ID field. The `mac-address` is the MAC address of the Ethernet 1 interface and contains the default hostname of the device in the option 12 field.
ip address dhcp hostname `hostname`	The DISCOVER message contains “cisco- `mac-address` -Eth1” in the client ID field. The `mac-address` is the MAC address of the Ethernet 1 interface, and contains `hostname` in the option 12 field.
ip address dhcp client-id ethernet 1	The DISCOVER message contains the MAC address of the Ethernet 1 interface in the client ID field and contains the default hostname of the device in the option 12 field.
ip address dhcp client-id ethernet 1 hostname `hostname`	The DISCOVER message contains the MAC address of the Ethernet 1 interface in the client ID field and contains `hostname` in the option 12 field.

Examples

In the examples that follow, the command ip address dhcp is entered for Ethernet interface 1. The DISCOVER message sent by a device configured as shown in the following example would contain “cisco- mac-address -Eth1” in the client-ID field, and the value abc in the option 12 field.


hostname abc
!
interface GigabitEthernet 1/0/1
 ip address dhcp

The DISCOVER message sent by a device configured as shown in the following example would contain “cisco- mac-address -Eth1” in the client-ID field, and the value def in the option 12 field.


hostname abc
!
interface GigabitEthernet 1/0/1
 ip address dhcp hostname def

The DISCOVER message sent by a device configured as shown in the following example would contain the MAC address of Ethernet interface 1 in the client-id field, and the value abc in the option 12 field.


hostname abc
!
interface Ethernet 1
 ip address dhcp client-id GigabitEthernet 1/0/1

The DISCOVER message sent by a device configured as shown in the following example would contain the MAC address of Ethernet interface 1 in the client-id field, and the value def in the option 12 field.


hostname abc
!
interface Ethernet 1
 ip address dhcp client-id GigabitEthernet 1/0/1 hostname def

Related Commands


Command	Description
ip dhcp pool	Configures a DHCP address pool on a Cisco IOS DHCP server and enters DHCP pool configuration mode.

ip address pool (DHCP)

To enable the IP address of an interface to be automatically configured when a Dynamic Host Configuration Protocol (DHCP) pool is populated with a subnet from IP Control Protocol (IPCP) negotiation, use the ip address pool command in interface configuration mode. To disable autoconfiguring of the IP address of the interface, use the no form of this command.

ip address pool name

no ip address pool

Syntax Description


`name`	Name of the DHCP pool. The IP address of the interface will be automatically configured from the DHCP pool specified in `name` .

Command Default

IP address pooling is disabled.

Command Modes

Interface configuration

Usage Guidelines

Use this command to automatically configure the IP address of a LAN interface when there are DHCP clients on the attached LAN that should be serviced by the DHCP pool on the device. The DHCP pool obtains its subnet dynamically through IPCP subnet negotiation.

Examples

The following example specifies that the IP address of GigabitEthernet interface 1/0/1 will be automatically configured from the address pool named abc:


ip dhcp pool abc
  import all
  origin ipcp
!
interface GigabitEthernet 1/0/1
  ip address pool abc

Related Commands


Command	Description
show ip interface	Displays the usability status of interfaces configured for IP.

ip address

To set a primary or secondary IP address for an interface, use the ip address command in interface configuration mode. To remove an IP address or disable IP processing, use the no form of this command.

ip address ip-address mask [secondary [vrf vrf-name]]

no ip address ip-address mask [secondary [vrf vrf-name]]

Syntax Description

ip-address

IP address.

mask

Mask for the associated IP subnet.

secondary

(Optional) Specifies that the configured address is a secondary IP address. If this keyword is omitted, the configured address is the primary IP address.

Note

If the secondary address is used for a VRF table configuration with the vrf keyword, the vrf keyword must be specified also.

vrf

(Optional) Name of the VRF table. The vrf-name argument specifies the VRF name of the ingress interface.

Command Default

No IP address is defined for the interface.

Command Modes

Interface configuration (config-if)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

An interface can have one primary IP address and multiple secondary IP addresses. Packets generated by the Cisco IOS software always use the primary IP address. Therefore, all devices and access servers on a segment should share the same primary network number.

Hosts can determine subnet masks using the Internet Control Message Protocol (ICMP) mask request message. Devices respond to this request with an ICMP mask reply message.

You can disable IP processing on a particular interface by removing its IP address with the no ip address command. If the software detects another host using one of its IP addresses, it will print an error message on the console.

The optional secondary keyword allows you to specify an unlimited number of secondary addresses. Secondary addresses are treated like primary addresses, except the system never generates datagrams other than routing updates with secondary source addresses. IP broadcasts and Address Resolution Protocol (ARP) requests are handled properly, as are interface routes in the IP routing table.

Secondary IP addresses can be used in a variety of situations. The following are the most common applications:

There may not be enough host addresses for a particular network segment. For example, your subnetting allows up to 254 hosts per logical subnet, but on one physical subnet you need 300 host addresses. Using secondary IP addresses on the devices or access servers allows you to have two logical subnets using one physical subnet.
Many older networks were built using Level 2 bridges. The judicious use of secondary addresses can aid in the transition to a subnetted, device-based network. Devices on an older, bridged segment can be easily made aware that many subnets are on that segment.
Two subnets of a single network might otherwise be separated by another network. This situation is not permitted when subnets are in use. In these instances, the first network is extended , or layered on top of the second network using secondary addresses.

Note

If any device on a network segment uses a secondary address, all other devices on that same segment must also use a secondary address from the same network or subnet. Inconsistent use of secondary addresses on a network segment can very quickly cause routing loops.
When you are routing using the Open Shortest Path First (OSPF) algorithm, ensure that all secondary addresses of an interface fall into the same OSPF area as the primary addresses.
If you configure a secondary IP address, you must disable sending ICMP redirect messages by entering the no ip redirects command, to avoid high CPU utilization.

To transparently bridge IP on an interface, you must perform the following two tasks:

Disable IP routing (specify the no ip routing command).
Add the interface to a bridge group, see the bridge-group command.

To concurrently route and transparently bridge IP on an interface, see the bridge crb command.

Examples

In the following example, 192.108.1.27 is the primary address and 192.31.7.17 is the secondary address for GigabitEthernet interface 1/0/1:

Device> enable
Device# configure terminal
Device(config)# interface GigabitEthernet 1/0/1
Device(config-if)# ip address 192.108.1.27 255.255.255.0
Device(config-if)# ip address 192.31.7.17 255.255.255.0 secondary

Related Commands


Command	Description
match ip route-source	Specifies a source IP address to match to required route maps that have been set up based on VRF connected routes.
route-map	Defines the conditions for redistributing routes from one routing protocol into another, or to enable policy routing.
set vrf	Enables VPN VRF selection within a route map for policy-based routing VRF selection.
show ip arp	Displays the ARP cache, in which SLIP addresses appear as permanent ARP table entries.
show ip interface	Displays the usability status of interfaces configured for IP.
show route-map	Displays static and dynamic route maps.

ip nat inside source

To enable Network Address Translation (NAT) of the inside source address, use the ip nat inside source command in global configuration mode. To remove the static translation, or the dynamic association to a pool, use the no form of this command.

Dynamic NAT

ip nat inside source { list { access-list-number | access-list-name } | route-map name } { interface type number | pool name } [no-payload] [overload] [c] [ vrf name ]

no ip nat inside source { list { access-list-number | access-list-name } | route-map name } { interface type number | pool name } [no-payload] [overload] [ vrf name ]

Static NAT

ip nat inside source static { interface type number | local-ip global-ip} [extendable] [no-alias] [no-payload] [ route-map name ] [reversible] [ vrf name [forced] ]

no ip nat inside source static { interface type number | local-ip global-ip} [extendable] [no-alias] [no-payload] [ route-map name ] [ vrf name [forced] ]

Port Static NAT

ip nat inside source static {tcp | udp} {local-ip local-port global-ip global-port [extendable] [forced] [no-alias] [no-payload] [ route-map name ] [ vrf name ] | interface global-port}

no ip nat inside source static {tcp | udp} {local-ip local-port global-ip global-port [extendable] [forced] [no-alias] [no-payload] [ route-map name ] [ vrf name ] | interface global-port}

Network Static NAT

ip nat inside source static network local-network global-network mask [extendable] [forced] [no-alias] [no-payload] [ vrf name ]

no ip nat inside source static network local-network global-network mask [extendable] [forced] [no-alias] [no-payload] [ vrf name ]

Syntax Description


list `access-list-number`	Specifies the number of a standard IP access list. Packets with source addresses that pass the access list are dynamically translated using global addresses from the named pool.
list `access-list-name`	Specifies the name of a standard IP access list. Packets with source addresses that pass the access list are dynamically translated using global addresses from the named pool.
route-map `name`	Specifies the named route map.
interface	Specifies an interface for the global address.
`type`	Interface type. For more information, use the question mark (?) online help function.
`number`	Interface or subinterface number. For more information about the numbering syntax for your networking device, use the question mark (?) online help function.
pool `name`	Specifies the name of the pool from which global IP addresses are allocated dynamically.
no-payload	(Optional) Prohibits the translation of an embedded address or port in the payload.
overload	(Optional) Enables the device to use one global address for many local addresses. When overloading is configured, the TCP or UDP port number of each inside host distinguishes between the multiple conversations using the same local IP address.
vrf `name`	(Optional) Associates the NAT translation rule with a particular VPN routing and forwarding (VRF) instance.
static	Sets up a single static translation.
`local-ip`	Local IP address assigned to a host on the inside network. The address could be randomly chosen, allocated from RFC 1918, or obsolete.
`global-ip`	Globally unique IP address of an inside host as it appears to the outside network.
extendable	(Optional) Extends the translation.
forced	(Optional) Forcefully deletes an entry and its children from the configuration.
no-alias	(Optional) Prohibits an alias from being created for the global address.
tcp	Establishes the TCP protocol.
udp	Establishes the UDP protocol.
`local-port`	Local TCP or UDP port. The range is from 1 to 65535.
`global-port`	Global TCP or UDP port. The range is from 1 to 65535.
network `local-network`	Specifies the local subnet translation.
`global-network`	Global subnet translation.
`mask`	IP network mask to be used with subnet translations.

Command Default

No NAT translation of inside source addresses occurs.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Amsterdam 17.1.1	This command was introduced.
Cisco IOS XE Dublin 17.10.1	The route-map keyword was introduced.

Usage Guidelines

The optional keywords of the ip nat inside source command can be entered in any order.

This command has two forms: the dynamic and the static address translation. The form with an access list establishes the dynamic translation. Packets from addresses that match the standard access list are translated using global addresses allocated from the pool named with the ip nat pool command.

Packets that enter the device through the inside interface and packets sourced from the device are checked against the access list for possible NAT candidates. The access list is used to specify which traffic is to be translated.

Alternatively, the syntax form with the keyword static establishes a single static translation.

Note

When a session is initiated from outside with the source IP as the outside global address, the device is unable to determine the destination VRF of the packet.

Note

When you configure NAT with a VRF-enabled interface address that acts as the global address, you must configure the ip nat inside source static no-alias command. If the no-alias keyword is not configured, Telnet to the VRF-enabled interface address fails.

Examples

The following example shows how to translate between inside hosts addressed from either the 192.0.2.0 or the 198.51.100.0 network to the globally unique 203.0.113.209/28 network:


ip nat pool net-209 203.0.113.209 203.0.113.222 prefix-length 28
ip nat inside source list 1 pool net-209
!
interface ethernet 0
 ip address 203.0.113.113 255.255.255.240
 ip nat outside
!
interface ethernet 1
 ip address 192.0.2.1 255.255.255.0
 ip nat inside
!
access-list 1 permit 192.0.2.1 255.255.255.0
access-list 1 permit 198.51.100.253 255.255.255.0

The following example shows how to translate the traffic that is local to the provider’s edge device running NAT (NAT-PE):


ip nat inside source list 1 interface ethernet 0 vrf vrf1 overload
ip nat inside source list 1 interface ethernet 0 vrf vrf2 overload
!
ip route vrf vrf1 10.0.0.1 10.0.0.1 192.0.2.1
ip route vrf vrf2 10.0.0.1 10.0.0.1 192.0.2.1
!
access-list 1 permit 10.1.1.1 0.0.0.255
!
ip nat inside source list 1 interface ethernet 1 vrf vrf1 overload
ip nat inside source list 1 interface ethernet 1 vrf vrf2 overload
!
ip route vrf vrf1 10.0.0.1 10.0.0.1 198.51.100.1 global
ip route vrf vrf2 10.0.0.1 10.0.0.1 198.51.100.1 global
access-list 1 permit 10.1.1.0 0.0.0.255

The following example shows how to translate sessions from outside to inside networks:


ip nat pool POOL-A 10.1.10.1 10.1.10.126 255.255.255.128
ip nat pool POOL-B 10.1.20.1 10.1.20.126 255.255.255.128
ip nat inside source route-map MAP-A pool POOL-A reversible
ip nat inside source route-map MAP-B pool POOL-B reversible
!
ip access-list extended ACL-A
 permit ip any 10.1.10.128 0.0.0.127
ip access-list extended ACL-B
 permit ip any 10.1.20.128 0.0.0.127
!
route-map MAP-A permit 10
 match ip address ACL-A
!
route-map MAP-B permit 10
 match ip address ACL-B
!

The following example shows how to configure the route map R1 to allow outside-to-inside translation for static NAT:


ip nat inside source static 10.1.1.1 10.2.2.2 route-map R1 reversible
!
ip access-list extended ACL-A
 permit ip any 10.1.10.128 0.0.0.127
route-map R1 permit 10
 match ip address ACL-A

The following example shows how to configure NAT inside and outside traffic in the same VRF:


interface Loopback1
 ip vrf forwarding forwarding1
 ip address 192.0.2.11 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
interface Ethernet0/0
 ip vrf forwarding forwarding2
 ip address 192.0.2.22 255.255.255.0
 ip nat outside
 ip virtual-reassembly
ip nat pool MYPOOL 192.0.2.5 192.0.2.5 prefix-length 24
ip nat inside source list acl-nat pool MYPOOL vrf vrf1 overload
!
!
ip access-list extended acl-nat
 permit ip 192.0.2.0 0.0.0.255 any

Related Commands


Command	Description
access-list (IP extended)	Defines an extended IP access list.
access-list (IP standard)	Defines a standard IP access list.
clear ip nat translation	Clears dynamic NAT translations from the translation table.
interface	Configures an interface type and enters interface configuration mode.
ip access-list	Defines an IP access list or object group access control list by name or number.
ip nat	Designates that traffic originating from or destined for the interface is subject to NAT.
ip nat inside destination	Enables NAT of the inside destination address.
ip nat outside source	Enables NAT of the outside source address.
ip nat pool	Defines a pool of IP addresses for NAT.
ip nat service	Enables a port other than the default port.
ip route vrf	Establishes static routes for a VRF instance.
ip vrf forwarding	Associates a VRF instance with a diameter peer.
permit	Sets conditions in a named IP access list or object group access control list that will permit packets.
route-map	Defines the conditions for redistributing routes from one routing protocol into another routing protocol, or enables policy routing.
show ip nat statistics	Displays NAT statistics.
show ip nat translations	Displays active NAT translations.

ip nat outside source

To enable Network Address Translation (NAT) of the outside source address, use the ip nat outside source command in global configuration mode. To remove the static entry or the dynamic association, use the no form of this command.

Dynamic NAT

ip nat outside source { list { access-list-number | access-list-name } } pool pool-name [ vrf name ] [add-route]

no ip nat outside source { list { access-list-number | access-list-name } } pool pool-name [ vrf name ] [add-route]

Static NAT

ip nat outside source static global-ip local-ip [ vrf name ] [add-route] [extendable] [no-alias]

no ip nat outside source static global-ip local-ip [ vrf name ] [add-route] [extendable] [no-alias]

Port Static NAT

ip nat outside source static { tcp | udp } global-ip global-port local-ip local-port [ vrf name ] [add-route] [extendable] [no-alias]

no ip nat outside source static { tcp | udp } global-ip global-port local-ip local-port [ vrf name ] [add-route] [extendable] [no-alias]

Network Static NAT

ip nat outside source static network global-network local-network mask [ vrf name ] [add-route] [extendable] [no-alias]

no ip nat outside source static network global-network local-network mask [ vrf name ] [add-route] [extendable] [no-alias]

Syntax Description


list `access-list-number`	Specifies the number of a standard IP access list. Packets with source addresses that pass the access list are translated using global addresses from the named pool.
list `access-list-name`	Specifies the name of a standard IP access list. Packets with source addresses that pass the access list are translated using global addresses from the named pool.
pool `pool-name`	Specifies the name of the pool from which global IP addresses are allocated.
add-route	(Optional) Adds a static route for the outside local address.
vrf `name`	(Optional) Associates the NAT rule with a particular VPN routing and forwarding (VRF) instance.
static	Sets up a single static translation.
`global-ip`	Globally unique IP address assigned to a host on the outside network by its owner. The address was allocated from the globally routable network space.
`local-ip`	Local IP address of an outside host as it appears to the inside network. The address was allocated from the address space routable on the inside (RFC 1918, Address Allocation for Private Internets).
extendable	(Optional) Extends the transmission.
no-alias	(Optional) Prohibits an alias from being created for the local address.
tcp	Establishes the TCP.
udp	Establishes the UDP.
`global-port`	Port number assigned to a host on the outside network by its owner.
`local-port`	Port number of an outside host as it appears to the inside network.
static network	Sets up a single static network translation.
`global-network`	Globally unique network address assigned to a host on the outside network by its owner. The address is allocated from a globally routable network space.
`local-network`	Local network address of an outside host as it appears to the inside network. The address is allocated from an address space that is routable on the inside network.
`mask`	Subnet mask for the networks that are translated.

Command Default

No translation of source addresses coming from the outside to the inside network occurs.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Amsterdam 17.1.1	This command was introduced.

Usage Guidelines

The optional keywords of the ip nat outside source command except for the vrf name keyword can be entered in any order.

You can use NAT to translate inside addresses that overlap with outside addresses. Use this command if your IP addresses in the stub network happen to be legitimate IP addresses belonging to another network, and you need to communicate with those hosts or devices.

This command has two general forms: dynamic and static address translation. The form with an access list establishes dynamic translation. Packets from addresses that match the standard access list are translated using global addresses allocated from the pool that is named by using the ip nat pool command.

Alternatively, the syntax form with the static keyword establishes a single static translation.

When you configure the ip nat outside source static command to add static routes for static outside local addresses, there is a delay in the translation of packets and packets are dropped. To avoid dropped packets, configure either the ip nat outside source static add-route command or the ip route command.

Examples

The following example shows how to translate between inside hosts addressed from the 10.114.11.0 network to the globally unique 10.69.233.208/28 network. Further, packets from outside hosts addressed from the 10.114.11.0 network (the true 10.114.11.0 network) are translated to appear to be from the 10.0.1.0/24 network.


ip nat pool net-208 10.69.233.208 10.69.233.223 prefix-length 28
ip nat pool net-10 10.0.1.0 10.0.1.255 prefix-length 24
ip nat inside source list 1 pool net-208
ip nat outside source list 1 pool net-10
!
interface ethernet 0
 ip address 10.69.232.182 255.255.255.240
 ip nat outside
!
interface ethernet 1
 ip address 10.114.11.39 255.255.255.0
 ip nat inside
!
access-list 1 permit 10.114.11.0 0.0.0.255

Related Commands


Command	Description
access-list (IP extended)	Defines an extended IP access list.
access-list (IP standard)	Defines a standard IP access list.
clear ip nat translation	Clears dynamic NAT from the translation table.
interface	Configures an interface type and enters interface configuration mode.
ip address	Sets a primary or secondary IP address for an interface.
ip nat	Designates the traffic originating from or destined for the interface as subject to NAT.
ip nat inside destination	Enables NAT of the inside destination address.
ip nat inside source	Enables NAT of the inside source address.
ip nat pool	Defines a pool of IP addresses for NAT.
ip nat service	Enables a port other than the default port.
ip route	Establishes static routes.
show ip nat statistics	Displays NAT statistics.
show ip nat translations	Displays active NATs.

ip nat pool

To define a pool of IP addresses for Network Address Translation (NAT) translations, use the ip nat pool command in global configuration mode. To remove one or more addresses from the pool, use the no form of this command.

ip nat pool name start-ip end-ip { netmask netmask | prefix-length prefix-length } [add-route] [ type ]

no ip nat pool name start-ip end-ip { netmask netmask | prefix-length prefix-length } [add-route] [ type ]

Syntax Description


`name`	Name of the pool.
`start-ip`	Starting IP address that defines the range of addresses in the address pool.
`end-ip`	Ending IP address that defines the range of addresses in the address pool.
netmask `netmask`	Specifies the network mask that indicates the address bits that belong to the network and subnetwork fields and the ones that belong to the host field. Specify the network mask of the network to which the pool addresses belong.
prefix-length `prefix-length`	Specifies the number that indicates how many bits of the address is dedicated for the network.
add-route	(Optional) Specifies that a route is added to the NAT Virtual Interface (NVI) for the global address.
type	(Optional) Indicates the type of pool.

Command Default

No pool of addresses is defined.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Amsterdam 17.1.1	This command was introduced.

Usage Guidelines

This command defines a pool of addresses by specifying the start address, the end address, and either network mask or prefix length.

When you enable the no-alias keyword, IP aliases are not created for IP addresses mentioned in the NAT pool.

Using the nopreservation keyword with the prefix-length or the netmask keyword disables the default behavior, which is known as IP address reservation. The no form of the command with the nopreservation keyword enables the default behavior and reserves the first IP address in the NAT pool, making the IP address unavailable for dynamic translation.

Examples

The following example shows how to translate between inside hosts addressed from either the 192.0.2.1 or 192.0.2.2 network to the globally unique 10.69.233.208/28 network:


ip nat pool net-208 10.69.233.208 10.69.233.223 prefix-length 28
ip nat inside source list 1 pool net-208
!
interface ethernet 0
 ip address 10.0.0.1 255.255.255.240
 ip nat outside
!
interface ethernet 1
 ip address 192.0.2.4 255.255.255.0
 ip nat inside
!
access-list 1 permit 192.0.2.1 0.0.0.255
access-list 1 permit 192.0.2.2 0.0.0.255

The following example shows how to add a route to the NVI interface for the global address:


ip nat pool NAT 192.0.2.0 192.0.2.3 netmask 255.255.255.0 add-route
ip nat source list 1 pool NAT vrf group1 overload

Related Commands


Command	Description
access-list	Defines a standard IP access list.
clear ip nat translation	Clears dynamic NAT translations from the translation table.
debug ip nat	Displays information about IP packets translated by NAT.
interface	Configures an interface and enters interface configuration mode.
ip address	Sets a primary or secondary IP address for an interface.
ip nat	Designates that traffic originating from or destined for an interface is subject to NAT.
ip nat inside source	Enables NAT of the inside source address.
ip nat outside source	Enables NAT of the outside source address.
ip nat service	Enables a port other than the default port.
ip nat source	Enables NAT on a virtual interface without inside or outside specification.
show ip nat statistics	Displays NAT statistics.
show ip nat translations	Displays active NAT translations.

ip nat translation (timeout)

To change the Network Address Translation (NAT) timeout, use the ip nat translation command in global configuration mode. To disable the timeout, use the no form of this command.

ip nat translation { finrst-timeout | icmp-timeout | port-timeout { tcp | udp } port-number | syn-timeout | tcp-timeout | timeout | udp-timeout } {seconds | never}

no ip nat translation { finrst-timeout | icmp-timeout | port-timeout { tcp | udp } port-number | syn-timeout | tcp-timeout | timeout | udp-timeout }

Syntax Description


finrst-timeout	Specifies that the timeout value applies to Finish and Reset TCP packets, which terminate a connection. The default is 60 seconds.
icmp-timeout	Specifies the timeout value for Internet Control Message Protocol (ICMP) flows. The default is 60 seconds.
port-timeout	Specifies that the timeout value applies to the TCP/UDP port.
tcp	Specifies TCP.
udp	Specifies UDP.
`port-number`	Port number for TCP or UDP. The range is from 1 to 65535.
syn-timeout	Specifies that the timeout value applies to TCP flows immediately after a synchronous transmission (SYN) message that consists of digital signals that are sent with precise clocking. The default is 60 seconds.
tcp-timeout	Specifies that the timeout value applies to the TCP port. Default is 86,400 seconds (24 hours).
timeout	Specifies that the timeout value applies to dynamic translations, except for overload translations. The default is 86,400 seconds (24 hours).
udp-timeout	Specifies that the timeout value applies to the UDP port. The default is 300 seconds (5 minutes).
`seconds`	Number of seconds after which the specified port translation times out.
never	Specifies that port translation will not time out.

Command Default

NAT translation timeouts are enabled by default.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Amsterdam 17.1.1	This command was introduced.

Usage Guidelines

When port translation is configured, each entry contains more information about the traffic that is using the translation, which gives you finer control over translation entry timeouts. Non-DNS UDP translations time out after 5 minutes, and DNS times out in 1 minute. TCP translations time out in 24 hours, unless a TCP Reset (RST) or a Finish (FIN) bit is seen on the stream, in which case they will time out in 1 minute.

Examples

The following example shows how to configure the router to cause UDP port translation entries to time out after 10 minutes (600 seconds):


Router# configure terminal
Router(config)# ip nat translation udp-timeout 600

Related Commands


Command	Description
clear ip nat translation	Clears dynamic NAT translations from the translation table.
ip nat	Designates that traffic originating from or destined for the interface is subject to NAT; enables NAT logging; or enables static IP address support.
ip nat inside destination	Enables NAT of a globally unique host address to multiple inside host addresses.
ip nat inside source	Enables NAT of the inside source address.
ip nat outside source	Enables NAT of the outside source address.
ip nat pool	Defines a pool of IP addresses for NAT.
ip nat service	Specifies a port other than the default port for NAT.
ip nat translation max-entries	Limits the size of a NAT table to a specified maximum.
show ip nat statistics	Displays NAT statistics.
show ip nat translations	Displays active NAT translations.

ip nhrp map

To statically configure the IP-to-nonbroadcast multiaccess (NBMA) address mapping of IP destinations connected to an NBMA network, use the ip nhrp map interface configuration command. To remove the static entry from Next Hop Resolution Protocol (NHRP) cache, use the no form of this command.

ip nhrp map {ip-address [nbma-ip-address] [dest-mask] [nbma-ipv6-address] | multicast {nbma-ip-address | | nbma-ipv6-address | | dynamic}}

no ip nhrp map {ip-address [nbma-ip-address] [dest-mask] [nbma-ipv6-address] | multicast {nbma-ip-address | | nbma-ipv6-address | | dynamic}}

Syntax Description


`ip-address`	IP address of the destinations reachable through the Nonbroadcast multiaccess (NBMA) network. This address is mapped to the NBMA address.
`nbma-ip-address`	NBMA IP address.
`dest-mask`	Destination network address for which a mask is required.
`nbma-ipv6-address`	NBMA IPv6 address.
dynamic	Dynamically learns destinations from client registrations on hub.
multicast	NBMA address that is directly reachable through the NBMA network. The address format varies depending on the medium you are using. For example, ATM has a Network Service Access Point (NSAP) address, Ethernet has a MAC address, and Switched Multimegabit Data Service (SMDS) has an E.164 address. This address is mapped to the IP address.

Command Default

No static IP-to-NBMA cache entries exist.

Command Modes

Interface configuration (config-if)

Command History


Release	Modification
	This command was introduced.

Usage Guidelines

You will probably need to configure at least one static mapping in order to reach the next-hop server. Repeat this command to statically configure multiple IP-to-NBMA address mappings.

Examples

In the following example, this station in a multipoint tunnel network is statically configured to be served by two next-hop servers 10.0.0.1 and 10.0.1.3. The NBMA address for 10.0.0.1 is statically configured to be 192.0.0.1 and the NBMA address for 10.0.1.3 is 192.2.7.8.


Device(config)# interface tunnel 0
Device(config-if)# ip nhrp nhs 10.0.0.1
Device(config-if)# ip nhrp nhs 10.0.1.3
Device(config-if)# ip nhrp map 10.0.0.1 192.0.0.1
Device(config-if)# ip nhrp map 10.0.1.3 192.2.7.8

Examples

In the following example, if a packet is sent to 10.255.255.255, it is replicated to destinations 10.0.0.1 and 10.0.0.2. Addresses 10.0.0.1 and 10.0.0.2 are the IP addresses of two other routers that are part of the tunnel network, but those addresses are their addresses in the underlying network, not the tunnel network. They would have tunnel addresses that are in network 10.0.0.0.


Device(config)# interface tunnel 0
Device(config-if)# ip address 10.0.0.3 255.0.0.0
Device(config-if)# ip nhrp map multicast 10.0.0.1
Device(config-if)# ip nhrp map multicast 10.0.0.2

Related Commands


Command	Description
clear ip nhrp	Clears all dynamic entries from the NHRP cache.

ip nhrp map multicast

To configure nonbroadcast multiaccess (NBMA) addresses used as destinations for broadcast or multicast packets to be sent over a tunnel network, use the ip nhrp map multicast command in interface configuration mode. To remove the destinations, use the no form of this command.

ip nhrp map multicast {ip-nbma-address | ipv6-nbma-address | dynamic}

no ip nhrp map multicast {ip-nbma-address | ipv6-nbma-address | dynamic}

Syntax Description


`ip-nbma-address`	NBMA address that is directly reachable through the NBMA network. The address format varies depending on the medium that you are using.
`ipv6-nbma-address`	IPv6 NBMA address.
dynamic	Dynamically learns destinations from client registrations on the hub.

Command Default

No NBMA addresses are configured as destinations for broadcast or multicast packets.

Command Modes

Interface configuration (config-if)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

This command applies only to tunnel interfaces. This command is useful for supporting broadcasts over a tunnel network when the underlying network does not support IP multicast. If the underlying network does support IP multicast, you should use the tunnel destination command to configure a multicast destination for transmission of tunnel broadcasts or multicasts.

When multiple NBMA addresses are configured, the system replicates the broadcast packet for each address.

Examples

In the following example, if a packet is sent to 10.255.255.255, it is replicated to destinations 10.0.0.1 and 10.0.0.2:


Switch(config)# interface tunnel 0
Switch(config-if)# ip address 10.0.0.3 255.0.0.0
Switch(config-if)# ip nhrp map multicast 10.0.0.1
Switch(config-if)# ip nhrp map multicast 10.0.0.2

Related Commands


Command	Description
debug nhrp	Enables NHRP debugging.
interface	Configures an interface and enters interface configuration mode.
tunnel destination	Specifies the destination for a tunnel interface.

ip nhrp network-id

To enable the Next Hop Resolution Protocol ( NHRP) on an interface, use the ip nhrp network-id command in interface configuration mode. To disable NHRP on the interface, use the no form of this command.

ip nhrp network-id number

no ip nhrp network-id [number]

Syntax Description


`number`	Globally unique, 32-bit network identifier from a nonbroadcast multiaccess (NBMA) network. The range is from 1 to 4294967295.

Command Default

NHRP is disabled on the interface.

Command Modes

Interface configuration (config-if)

Command History


Release	Modification
	This command was introduced.

Usage Guidelines

In general, all NHRP stations within one logical NBMA network must be configured with the same network identifier.

Examples

The following example enables NHRP on the interface:


Device(config-if)# ip nhrp network-id 1

ip nhrp nhs

To specify the address of one or more Next Hop Resolution Protocol (NHRP) servers, use the ip nhrp nhs command in interface configuration mode. To remove the address, use the no form of this command.

ip nhrp nhs {nhs-address [nbma {nbma-address | FQDN-string}] [multicast] [priority value] [cluster value] | cluster value max-connections value | dynamic nbma {nbma-address | FQDN-string} [multicast] [priority value] [cluster value]}

no ip nhrp nhs {nhs-address [nbma {nbma-address | FQDN-string}] [multicast] [priority value] [cluster value] | cluster value max-connections value | dynamic nbma {nbma-address | FQDN-string} [multicast] [priority value] [cluster value]}

Syntax Description


`nhs-address`	Address of the next-hop server being specified.
`net-address`	(Optional) IP address of a network served by the next-hop server.
`netmask`	(Optional) IP network mask to be associated with the IP address. The IP address is logically ANDed with the mask.
nbma	(Optional) Specifies the nonbroadcast multiple access (NBMA) address or FQDN.
`nbma-address`	NBMA address.
`FQDN-string`	Next hop server (NHS) fully qualified domain name (FQDN) string.
multicast	(Optional) Specifies to use NBMA mapping for broadcasts and multicasts.
priority `value`	(Optional) Assigns a priority to hubs to control the order in which spokes select hubs to establish tunnels. The range is from 0 to 255; 0 is the highest and 255 is the lowest priority.
cluster `value`	(Optional) Specifies NHS groups. The range is from 0 to 10; 0 is the highest and 10 is the lowest. The default value is 0.
max-connections `value`	Specifies the number of NHS elements from each NHS group that needs to be active. The range is from 0 to 255.
dynamic	Configures the spoke to learn the NHS protocol address dynamically.

Command Default

No next-hop servers are explicitly configured, so normal network layer routing decisions are used to forward NHRP traffic.

Command Modes

Interface configuration (config-if)

Command History


Release	Modification
	This command was introduced.

Usage Guidelines

Use the ip nhrp nhs command to specify the address of a next hop server and the networks it serves. Normally, NHRP consults the network layer forwarding table to determine how to forward NHRP packets. When next hop servers are configured, these next hop addresses override the forwarding path that would otherwise be used for NHRP traffic.

When the ip nhrp nhs dynamic command is configured on a DMVPN tunnel and the shut command is issued to the tunnel interface, the crypto socket does not receive shut message, thereby not bringing up a DMVPN session with the hub.

For any next hop server that is configured, you can specify multiple networks by repeating this command with the same nhs-address argument, but with different IP network addresses.

Examples

The following example shows how to register a hub to a spoke using NBMA and FQDN:


Device# configure terminal
Device(config)# interface tunnel 1
Device(config-if)# ip nhrp nhs 192.0.2.1 nbma examplehub.example1.com

The following example shows how to configure the desired max-connections value:


Device# configure terminal
Device(config)# interface tunnel 1
Device(config-if)# ip nhrp nhs cluster 5 max-connections 100

The following example shows how to configure NHS priority and group values:


Device# configure terminal
Device(config)# interface tunnel 1
Device(config-if)# ip nhrp nhs 192.0.2.1 priority 1 cluster 2

Related Commands


Command	Description
ip nhrp map	Statically configures the IP-to-NBMA address mapping of IP destinations connected to an NBMA network.
show ip nhrp	Displays NHRP mapping information.

ip unnumbered

To enable IP processing on an interface without assigning an explicit IP address to the interface, use the ip unnumbered command in interface configuration mode or subinterface configuration mode. To disable the IP processing on the interface, use the no form of this command.

ip unnumbered type number [ poll ] [ point-to-point ]

no ip unnumbered [ type number ]

Syntax Description


`type`	Type of interface. For more information, use the question mark (? ) online help function.
`number`	Interface or subinterface number. For more information about the numbering syntax for your networking device, use the question mark (? ) online help function.
poll	(Optional) Enables IP connected host polling.
point-to-point	(Optional) Enables point to point connection.

Command Default

Unnumbered interfaces are not supported.

Command Modes

Interface configuration (config-if)

Subinterface configuration (config-subif)

Command History


Release	Modification
Cisco IOS XE Fuji 16.8.1a	This command was introduced.

Usage Guidelines

When an unnumbered interface generates a packet (for example, for a routing update), it uses the address of the specified interface as the source address of the IP packet. It also uses the address of the specified interface in determining which routing processes are sending updates over the unnumbered interface.

The following restrictions are applicable for this command:

Serial interfaces using High-Level Data Link Control (HDLC), PPP, Link Access Procedure Balanced (LAPB), Frame Relay encapsulations, and Serial Line Internet Protocol (SLIP), and tunnel interfaces can be unnumbered.
You cannot use the ping EXEC command to determine whether the interface is up because the interface has no address. Simple Network Management Protocol (SNMP) can be used to remotely monitor interface status.
It is not possible to netboot a Cisco IOS image over a serial interface that is assigned an IP address with the ip unnumbered command.
You cannot support IP security options on an unnumbered interface.

The interface that you specify using the type and number arguments must be enabled (listed as “up” in the show interfaces command display).

If you are configuring Intermediate System-to-Intermediate System (IS-IS) across a serial line, you must configure the serial interfaces as unnumbered. This configuration allows you to comply with RFC 1195, which states that IP addresses are not required on each interface.

Note

Using an unnumbered serial line between different major networks (or majornets) requires special care. If at each end of the link there are different majornets assigned to the interfaces that you specified as unnumbered, any routing protocol that is running across the serial line must not advertise subnet information.

Examples

The following example shows how to assign the address of Ethernet 0 to the first serial interface:

Device(config)# interface ethernet 0
Device(config-if)# ip address 10.108.6.6 255.255.255.0
!
Device(config-if)# interface serial 0
Device(config-if)# ip unnumbered ethernet 0

The following example shows how to configure Ethernet VLAN subinterface 3/0.2 as an IP unnumbered subinterface:

Device(config)# interface ethernet 3/0.2
Device(config-subif)# encapsulation dot1q 200
Device(config-subif)# ip unnumbered ethernet 3/1

The following example shows how to configure Fast Ethernet subinterfaces in the range from 5/1.1 to 5/1.4 as IP unnumbered subinterfaces:

Device(config)# interface range fastethernet5/1.1 - fastethernet5/1.4
Device(config-if-range)# ip unnumbered ethernet 3/1

The following example shows how to enable polling on a Gigabit Ethernet interface:

Device(config)# interface loopback0
Device(config-if)# ip address 10.108.6.6 255.255.255.0
!
Device(config-if)# ip unnumbered gigabitethernet 3/1
Device(config-if)# ip unnumbered loopback0 poll

ip wccp

To enable support of the specified Web Cache Communication Protocol (WCCP) service for participation in a service group, use the ip wccp command in global configuration mode. To disable the service group, use the no form of this command.

ip wccp [ vrf vrf-name ] { web-cache | service-number } [ service-list service-access-list ] [ mode { open | closed } ] [ group-address multicast-address ] [ redirect-list access-list ] [ group-list access-list ] [ password [ 0 | 7 ] password ]

no ip wccp [ vrf vrf-name ] { web-cache | service-number } [ service-list service-access-list ] [ mode { open | closed } ] [ group-address multicast-address ] [ redirect-list access-list ] [ group-list access-list ] [ password [ 0 | 7 ] password ]

Syntax Description

vrf vrf-name

(Optional) Specifies a virtual routing and forwarding instance (VRF) to associate with a service group.

web-cache

Specifies the web-cache service (WCCP Version 1 and Version 2).

Note

Web-cache counts as one of the services. The maximum number of services, including those assigned with the service-number argument, is 256.

service-number

Dynamic service identifier, which means the service definition is dictated by the cache. The dynamic service number can be from 0 to 254. The maximum number of services is 256, which includes the web-cache service specified with the web-cache keyword.

Note

If Cisco cache engines are used in the cache cluster, the reverse proxy service is indicated by a value of 99.

service-list service-access-list

(Optional) Identifies a named extended IP access list that defines the packets that will match the service.

mode open

(Optional) Identifies the service as open. This is the default service mode.

mode closed

(Optional) Identifies the service as closed.

group-address multicast-address

(Optional) Specifies the multicast IP address that communicates with the WCCP service group. The multicast address is used by the device to determine which web cache should receive redirected messages.

redirect-list access-list

(Optional) Specifies the access list that controls traffic redirected to this service group. The access-list argument should consist of a string of no more than 64 characters (name or number) in length that specifies the access list.

group-list access-list

(Optional) Specifies the access list that determines which web caches are allowed to participate in the service group. The access-list argument specifies either the number or the name of a standard or extended access list.

password [0 | 7] password

(Optional) Specifies the message digest algorithm 5 (MD5) authentication for messages received from the service group. Messages that are not accepted by the authentication are discarded. The encryption type can be 0 or 7, with 0 specifying not yet encrypted and 7 for proprietary. The password argument can be up to eight characters in length.

Command Default

WCCP services are not enabled on the device.

Command Modes

Global configuration (config)

Command History


Release	Modification
	This command was introduced.
Cisco IOS XE Bengaluru 17.6.1	The vrf keyword and `vrf-name` argument pair were added.

Usage Guidelines

WCCP transparent caching bypasses Network Address Translation (NAT) when Cisco Express Forwarding switching is enabled. To work around this situation, configure WCCP transparent caching in the outgoing direction, enable Cisco Express Forwarding switching on the content engine interface, and specify the ip wccp web-cache redirect out command. Configure WCCP in the incoming direction on the inside interface by specifying the ip wccp redirect exclude in command on the device interface facing the cache. This configuration prevents the redirection of any packets arriving on that interface.

You can also include a redirect list when configuring a service group. The specified redirect list will deny packets with a NAT (source) IP address and prevent redirection.

This command instructs a device to enable or disable support for the specified service number or the web-cache service name. A service number can be from 0 to 254. Once the service number or name is enabled, the device can participate in the establishment of a service group.

Note

All WCCP parameters must be included in a single IP WCCP command. For example: ip wccp 61 redirect-list 10 password password.

The vrf vrf-name keyword and argument pair is optional. It allows you to specify a VRF to associate with a service group. You can then specify a web-cache service name or service number.

The same service (web-cache or service number) can be configured in different VRF tables. Each service will operate independently.

When the no ip wccp command is entered, the device terminates participation in the service group, deallocates space if none of the interfaces still has the service configured, and terminates the WCCP task if no other services are configured.

The keywords following the web-cache keyword and the service-number argument are optional and may be specified in any order, but only may be specified once. The following sections outline the specific usage of each of the optional forms of this command.

ip wccp [vrf vrf-name] {web-cache | service-number} group-address multicast-address

A WCCP group address can be configured to set up a multicast address that cooperating devices and web caches can use to exchange WCCP protocol messages. If such an address is used, IP multicast routing must be enabled so that the messages that use the configured group (multicast) addresses are received correctly.

This option instructs the device to use the specified multicast IP address to coalesce the "I See You" responses for the "Here I Am" messages that it has received on this group address. The response is also sent to the group address. The default is for no group address to be configured, in which case all "Here I Am" messages are responded to with a unicast reply.

ip wccp [vrf vrf-name] {web-cache | service-number} redirect-list access-list

This option instructs the device to use an access list to control the traffic that is redirected to the web caches of the service group specified by the service name given. The access-list argument specifies either the number or the name of a standard or extended access list. The access list itself specifies which traffic is permitted to be redirected. The default is for no redirect list to be configured (all traffic is redirected).

WCCP requires that the following protocol and ports not be filtered by any access lists:

UDP (protocol type 17) port 2048. This port is used for control signaling. Blocking this type of traffic prevents WCCP from establishing a connection between the device and web caches.
Generic routing encapsulation (GRE) (protocol type 47 encapsulated frames). Blocking this type of traffic prevents the web caches from ever seeing the packets that are intercepted.

ip wccp [vrf vrf-name] {web-cache | service-number} group-list access-list

This option instructs the device to use an access list to control the web caches that are allowed to participate in the specified service group. The access-list argument specifies either the number of a standard or extended access list or the name of any type of named access list. The access list itself specifies which web caches are permitted to participate in the service group. The default is for no group list to be configured, in which case all web caches may participate in the service group.

Note

The ip wccp {web-cache | service-number} group-list command syntax resembles the ip wccp {web-cache | service-number} group-listen command, but these are entirely different commands. The ip wccp group-listen command is an interface configuration command used to configure an interface to listen for multicast notifications from a cache cluster.

ip wccp [vrf vrf-name] web-cache | service-number} password password

This option instructs the device to use MD5 authentication on the messages received from the service group specified by the service name given. Use this form of the command to set the password on the device. You must also configure the same password separately on each web cache. The password can be up to a maximum of eight characters in length. Messages that do not authenticate when authentication is enabled on the device are discarded. The default is for no authentication password to be configured and for authentication to be disabled.

ip wccp service-number service-list service-access-list mode closed

In applications where the interception and redirection of WCCP packets to external intermediate devices for the purpose of applying feature processing are not available within Cisco IOS software, packets for the application must be blocked when the intermediary device is not available. This blocking is called a closed service. By default, WCCP operates as an open service, wherein communication between clients and servers proceeds normally in the absence of an intermediary device. The service-list keyword can be used only for closed mode services. When a WCCP service is configured as closed, WCCP discards packets that do not have a client application registered to receive the traffic. Use the service-list keyword and service-access-list argument to register an application protocol type or port number.

When the definition of a service in a service list conflicts with the definition received via the WCCP protocol, a warning message similar to the following is displayed:


Sep 28 14:06:35.923: %WCCP-5-SERVICEMISMATCH: Service 90 mismatched on WCCP client 10.1.1.13

When there is service list definitions conflict, the configured definition takes precedence over the external definition received via WCCP protocol messages.

Examples

The following example shows how to configure a device to run WCCP reverse-proxy service, using the multicast address of 239.0.0.0:


Device> enable
Device# configure terminal
Device(config)# ip multicast-routing
Device(config)# ip wccp 99 group-address 239.0.0.0
Device(config)# interface ethernet 0
Device(config-if)# ip wccp 99 group-listen

The following example shows how to configure a device to redirect web-related packets without a destination of 10.168.196.51 to the web cache:


Device> enable
Device# configure terminal
Device(config)# access-list 100 deny ip any host 10.168.196.51
Device(config)# access-list 100 permit ip any any
Device(config)# ip wccp web-cache redirect-list 100
Device(config)# interface ethernet 0
Device(config-if)# ip wccp web-cache redirect out

The following example shows how to configure an access list to prevent traffic from network 10.0.0.0 leaving Fast Ethernet interface 0/0. Because the outbound access control list (ACL) check is enabled, WCCP does not redirect that traffic. WCCP checks packets against the ACL before they are redirected.


Device> enable
Device# configure terminal
Device(config)# ip wccp web-cache
Device(config)# ip wccp check acl outbound
Device(config)# interface fastethernet0/0
Device(config-if)# ip access-group 10 out
Device(config-if)# ip wccp web-cache redirect out
Device(config-if)# access-list 10 deny 10.0.0.0 0.255.255.255
Device(config-if)# access-list 10 permit any

If the outbound ACL check is disabled, HTTP packets from network 10.0.0.0 would be redirected to a cache, and users with that network address could retrieve web pages when the network administrator wanted to prevent this from happening.

The following example shows how to configure a closed WCCP service:


Device> enable
Device# configure terminal
Device(config)# ip wccp 99 service-list access1 mode closed

Note

If multiple parameters are required, all parameters under ip wccp [vrf vrf-name] web-cache | service-number} must be configured as a single command.
If the command is reissued with different parameters, the existing parameter will be removed and the new parameter will be configured.

The following example shows how to configure multiple parameters as a single command:


Device> enable
Device# configure terminal
Device(config)# ip wccp 61 group-address 10.0.0.1 password 0 password mode closed redirect-list 121

Related Commands


Command	Description
ip wccp check services all	Enables all WCCP services.
ip wccp group listen	Configures an interface on a device to enable or disable the reception of IP multicast packets for WCCP.
ip wccp redirect exclude in	Enables redirection exclusion on an interface.
ip wccp redirect out	Configures redirection on an interface in the outgoing direction.
ip wccp version	Specifies which version of WCCP you want to use on your device.
show ip wccp	Displays global statistics related to WCCP.

ipv6 access-list

To define an IPv6 access list and to place the device in IPv6 access list configuration mode, use the ipv6 access-list command in global configuration mode. To remove the access list, use the no form of this command.

ipv6 access-list access-list-name

no ipv6 access-list access-list-name

Syntax Description


`access-list-name`	Name of the IPv6 access list. Names cannot contain a space or quotation mark, or begin with a numeric.

Command Default

No IPv6 access list is defined.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 access-list command is similar to the ip access-list command, except that it is IPv6-specific.

The standard IPv6 ACL functionality supports --in addition to traffic filtering based on source and destination addresses--filtering of traffic based on IPv6 option headers and optional, upper-layer protocol type information for finer granularity of control (functionality similar to extended ACLs in IPv4). IPv6 ACLs are defined by using the ipv6 access-list command in global configuration mode and their permit and deny conditions are set by using the deny and permit commands in IPv6 access list configuration mode. Configuring the ipv6 access-list command places the device in IPv6 access list configuration mode--the device prompt changes to Device(config-ipv6-acl)#. From IPv6 access list configuration mode, permit and deny conditions can be set for the defined IPv6 ACL.

Note

IPv6 ACLs are defined by a unique name (IPv6 does not support numbered ACLs). An IPv4 ACL and an IPv6 ACL cannot share the same name.

For backward compatibility, the ipv6 access-list command with the deny and permit keywords in global configuration mode is still supported; however, an IPv6 ACL defined with deny and permit conditions in global configuration mode is translated to IPv6 access list configuration mode.

Refer to the deny (IPv6) and permit (IPv6) commands for more information on filtering IPv6 traffic based on IPv6 option headers and optional, upper-layer protocol type information. See the "Examples" section for an example of a translated IPv6 ACL configuration.

Note

Every IPv6 ACL has implicit permit icmp any any nd-na , permit icmp any any nd-ns , and deny ipv6 any any statements as its last match conditions. (The former two match conditions allow for ICMPv6 neighbor discovery.) An IPv6 ACL must contain at least one entry for the implicit deny ipv6 any any statement to take effect. The IPv6 neighbor discovery process makes use of the IPv6 network layer service; therefore, by default, IPv6 ACLs implicitly allow IPv6 neighbor discovery packets to be sent and received on an interface. In IPv4, the Address Resolution Protocol (ARP), which is equivalent to the IPv6 neighbor discovery process, makes use of a separate data link layer protocol; therefore, by default, IPv4 ACLs implicitly allow ARP packets to be sent and received on an interface.

Note

IPv6 prefix lists, not access lists, should be used for filtering routing protocol prefixes.

Use the ipv6 traffic-filter interface configuration command with the access-list-name argument to apply an IPv6 ACL to an IPv6 interface. Use the ipv6 access-class line configuration command with the access-list-name argument to apply an IPv6 ACL to incoming and outgoing IPv6 virtual terminal connections to and from the device.

Note

An IPv6 ACL applied to an interface with the ipv6 traffic-filter command filters traffic that is forwarded, not originated, by the device.

Note

When using this command to modify an ACL that is already associated with a bootstrap router (BSR) candidate rendezvous point (RP) (see the ipv6 pim bsr candidate rp command) or a static RP (see the ipv6 pim rp-address command), any added address ranges that overlap the PIM SSM group address range (FF3x::/96) are ignored. A warning message is generated and the overlapping address ranges are added to the ACL, but they have no effect on the operation of the configured BSR candidate RP or static RP commands.

Duplicate remark statements can no longer be configured from the IPv6 access control list. Because each remark statement is a separate entity, each one is required to be unique.

Examples

The following example is from a device running Cisco IOS Release 12.0(23)S or later releases. The example configures the IPv6 ACL list named list1 and places the device in IPv6 access list configuration mode.


Device(config)# ipv6 access-list list1
Device(config-ipv6-acl)#

The following example is from a device running Cisco IOS Release 12.2(2)T or later releases, 12.0(21)ST, or 12.0(22)S. The example configures the IPv6 ACL named list2 and applies the ACL to outbound traffic on Ethernet interface 0. Specifically, the first ACL entry keeps all packets from the network FEC0:0:0:2::/64 (packets that have the site-local prefix FEC0:0:0:2 as the first 64 bits of their source IPv6 address) from exiting out of Ethernet interface 0. The second entry in the ACL permits all other traffic to exit out of Ethernet interface 0. The second entry is necessary because an implicit deny all condition is at the end of each IPv6 ACL.


Device(config)# ipv6 access-list list2 deny FEC0:0:0:2::/64 any
Device(config)# ipv6 access-list list2 permit any any
Device(config)# interface ethernet 0
Device(config-if)# ipv6 traffic-filter list2 out

If the same configuration was entered on a device running Cisco IOS Release 12.0(23)S or later releases, the configuration would be translated into IPv6 access list configuration mode as follows:


ipv6 access-list list2 
  deny FEC0:0:0:2::/64 any
  permit ipv6 any any
interface ethernet 0
 ipv6 traffic-filter list2 out

Note

IPv6 is automatically configured as the protocol type in permit any any and deny any any statements that are translated from global configuration mode to IPv6 access list configuration mode.

Note

IPv6 ACLs defined on a device running Cisco IOS Release 12.2(2)T or later releases, 12.0(21)ST, or 12.0(22)S that rely on the implicit deny condition or specify a deny any any statement to filter traffic should contain permit statements for link-local and multicast addresses to avoid the filtering of protocol packets (for example, packets associated with the neighbor discovery protocol). Additionally, IPv6 ACLs that use deny statements to filter traffic should use a permit any any statement as the last statement in the list.

Note

An IPv6 device will not forward to another network an IPv6 packet that has a link-local address as either its source or destination address (and the source interface for the packet is different from the destination interface for the packet).

Related Commands


Command	Description
deny (IPv6)	Sets deny conditions for an IPv6 access list.
ipv6 access-class	Filters incoming and outgoing connections to and from the device based on an IPv6 access list.
ipv6 pim bsr candidate rp	Configures the candidate RP to send PIM RP advertisements to the BSR.
ipv6 pim rp-address	Configure the address of a PIM RP for a particular group range.
ipv6 traffic-filter	Filters incoming or outgoing IPv6 traffic on an interface.
permit (IPv6)	Sets permit conditions for an IPv6 access list.
show ipv6 access-list	Displays the contents of all current IPv6 access lists.

ipv6 address-validate

To enable IPv6 address validation, use the ipv6 address-validate in global configuration mode. To disable IPv6 address validation, use the no form of this command.

ipv6 address- validate

no ipv6 address- validate

Command Default

This command is enabled by default.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Gibraltar 16.11.1	This command was introduced.

Usage Guidelines

The ipv6 address-validate command is used to validate whether the interface identifiers in an assigned IPv6 address are a part of the reserved IPv6 interface identifiers range, as specified in RFC5453. If the interface identifiers of the assigned IPv6 address are a part of the reserved range, a new IPv6 address is assigned.

Only auto-configured addresses or addresses configured by DHCPv6 are validated.

Note

The no ipv6-address validate command disables the IPv6 address validation and allows assigning of IPv6 addresses with interface identifiers that are a part of the reserved IPv6 interface identifiers range. We do not recommend the use of this command.

You must enter a minimum of eight characters of the ipv6-address validate command if you’re using CLI help (?) for completing the syntax of this command. If you enter less than eight characters the command will conflict with the no ipv6 address command in interface configuration mode.

Examples

The following example shows how to re-enable IPv6 address validation if it is disabled using the no ipv6-address validate command:

Device> enable
Device# configure terminal
Device(config)# ipv6 address-validate

ipv6 cef

To enable Cisco Express Forwarding for IPv6, use the ipv6 cef command in global configuration mode. To disable Cisco Express Forwarding for IPv6, use the no form of this command.

ipv6 cef

no ipv6 cef

Syntax Description

This command has no arguments or keywords.

Command Default

Cisco Express Forwarding for IPv6 is disabled by default.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 cef command is similar to the ip cef command, except that it is IPv6-specific.

The ipv6 cef command is not available on the Cisco 12000 series Internet routers because this distributed platform operates only in distributed Cisco Express Forwarding for IPv6 mode.

Note

The ipv6 cef command is not supported in interface configuration mode.

Note

Some distributed architecture platforms support both Cisco Express Forwarding for IPv6 and distributed Cisco Express Forwarding for IPv6. When Cisco Express Forwarding for IPv6 is configured on distributed platforms, Cisco Express Forwarding switching is performed by the Route Processor (RP).

Note

You must enable Cisco Express Forwarding for IPv4 by using the ip cef global configuration command before enabling Cisco Express Forwarding for IPv6 by using the ipv6 cef global configuration command.

Cisco Express Forwarding for IPv6 is advanced Layer 3 IP switching technology that functions the same and offer the same benefits as Cisco Express Forwarding for IPv4. Cisco Express Forwarding for IPv6 optimizes network performance and scalability for networks with dynamic, topologically dispersed traffic patterns, such as those associated with web-based applications and interactive sessions.

Examples

The following example enables standard Cisco Express Forwarding for IPv4 operation and then standard Cisco Express Forwarding for IPv6 operation globally on the Device.


Device(config)# ip cef
Device(config)# ipv6 cef

Related Commands


Command	Description
ip route-cache	Controls the use of high-speed switching caches for IP routing.
ipv6 cef accounting	Enables Cisco Express Forwarding for IPv6 and distributed Cisco Express Forwarding for IPv6 network accounting.
ipv6 cef distributed	Enables distributed Cisco Express Forwarding for IPv6.
show cef	Displays which packets the line cards dropped or displays which packets were not express-forwarded.
show ipv6 cef	Displays entries in the IPv6 FIB.

ipv6 cef accounting

To enable Cisco Express Forwarding for IPv6 and distributed Cisco Express Forwarding for IPv6 network accounting, use the ipv6 cef accounting command in global configuration mode or interface configuration mode. To disable Cisco Express Forwarding for IPv6 network accounting, use the no form of this command.

ipv6 cef accounting accounting-types

no ipv6 cef accounting accounting-types

Specific Cisco Express Forwarding Accounting Information Through Interface Configuration Mode

ipv6 cef accounting non-recursive {external | internal}

no ipv6 cef accounting non-recursive {external | internal}

Syntax Description


`accounting-types`	The `accounting-types` argument must be replaced with at least one of the following keywords. Optionally, you can follow this keyword by any or all of the other keywords, but you can use each keyword only once. load-balance-hash --Enables load balancing hash bucket counters. non-recursive --Enables accounting through nonrecursive prefixes. per-prefix --Enables express forwarding of the collection of the number of packets and bytes to a destination (or prefix). prefix-length --Enables accounting through prefix length.
non-recursive	Enables accounting through nonrecursive prefixes. This keyword is optional when used in global configuration mode after another keyword is entered. See the `accounting-types` argument.
external	Counts input traffic in the nonrecursive external bin.
internal	Counts input traffic in the nonrecursive internal bin.

Command Default

Cisco Express Forwarding for IPv6 network accounting is disabled by default.

Command Modes

Global configuration (config)

Interface configuration (config-if)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 cef accounting command is similar to the ip cef accounting command, except that it is IPv6-specific.

Configuring Cisco Express Forwarding for IPv6 network accounting enables you to collect statistics on Cisco Express Forwarding for IPv6 traffic patterns in your network.

When you enable network accounting for Cisco Express Forwarding for IPv6 by using the ipv6 cef accounting command in global configuration mode, accounting information is collected at the Route Processor (RP) when Cisco Express Forwarding for IPv6 mode is enabled and at the line cards when distributed Cisco Express Forwarding for IPv6 mode is enabled. You can then display the collected accounting information using the show ipv6 cef EXEC command.

For prefixes with directly connected next hops, the non-recursive keyword enables express forwarding of the collection of packets and bytes through a prefix. This keyword is optional when this command is used in global configuration mode after you enter another keyword on the ipv6 cef accounting command.

This command in interface configuration mode must be used in conjunction with the global configuration command. The interface configuration command allows a user to specify two different bins (internal or external) for the accumulation of statistics. The internal bin is used by default. The statistics are displayed through the show ipv6 cef detail command.

Per-destination load balancing uses a series of 16 hash buckets into which the set of available paths are distributed. A hash function operating on certain properties of the packet is applied to select a bucket that contains a path to use. The source and destination IP addresses are the properties used to select the bucket for per-destination load balancing. Use the load-balance-hash keyword with the ipv6 cef accounting command to enable per-hash-bucket counters. Enter the show ipv6 cef prefix internal command to display the per-hash-bucket counters.

Examples

The following example enables the collection of Cisco Express Forwarding for IPv6 accounting information for prefixes with directly connected next hops:

Device(config)# ipv6 cef accounting non-recursive

Related Commands


Command	Description
ip cef accounting	Enable Cisco Express Forwarding network accounting (for IPv4).
show cef	Displays information about packets forwarded by Cisco Express Forwarding.
show ipv6 cef	Displays entries in the IPv6 FIB.

ipv6 cef distributed

To enable distributed Cisco Express Forwarding for IPv6, use the ipv6 cef distributed command in global configuration mode. To disable Cisco Express Forwarding for IPv6, use the no form of this command.

ipv6 cef distributed

no ipv6 cef distributed

Syntax Description

This command has no arguments or keywords.

Command Default

Distributed Cisco Express Forwarding for IPv6 is disabled by default.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 cef distributed command is similar to the ip cef distributed command, except that it is IPv6-specific.

Enabling distributed Cisco Express Forwarding for IPv6 globally on the router by using the ipv6 cef distributed in global configuration mode distributes the Cisco Express Forwarding processing of IPv6 packets from the Route Processor (RP) to the line cards of distributed architecture platforms.

Note

To forward distributed Cisco Express Forwarding for IPv6 traffic on the router, configure the forwarding of IPv6 unicast datagrams globally on your router by using the ipv6 unicast-routing global configuration command, and configure an IPv6 address and IPv6 processing on an interface by using the ipv6 address interface configuration command.

Note

You must enable distributed Cisco Express Forwarding for IPv4 by using the ip cef distributed global configuration command before enabling distributed Cisco Express Forwarding for IPv6 by using the ipv6 cef distributed global configuration command.

Cisco Express Forwarding is advanced Layer 3 IP switching technology. Cisco Express Forwarding optimizes network performance and scalability for networks with dynamic, topologically dispersed traffic patterns, such as those associated with web-based applications and interactive sessions.

Examples

The following example enables distributed Cisco Express Forwarding for IPv6 operation:


Device(config)# ipv6 cef distributed

Related Commands


Command	Description
ip route-cache	Controls the use of high-speed switching caches for IP routing.
show ipv6 cef	Displays entries in the IPv6 FIB.

ipv6 cef load-sharing algorithm

To select a Cisco Express Forwarding load-balancing algorithm for IPv6, use the ipv6 cef load-sharing algorithm command in global configuration mode. To return to the default universal load-balancing algorithm, use the no form of this command.

ipv6 cef load-sharing algorithm {original | universal [id] }

no ipv6 cef load-sharing algorithm

Syntax Description


original	Sets the load-balancing algorithm to the original algorithm based on a source and destination hash.
universal	Sets the load-balancing algorithm to the universal algorithm that uses a source and destination and an ID hash.
`id`	(Optional) Fixed identifier in hexadecimal format.

Command Default

The universal load-balancing algorithm is selected by default. If you do not configure the fixed identifier for a load-balancing algorithm, the device automatically generates a unique ID.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 cef load-sharing algorithm command is similar to the ip cef load-sharing algorithm command, except that it is IPv6-specific.

When the Cisco Express Forwarding for IPv6 load-balancing algorithm is set to universal mode, each device on the network can make a different load-sharing decision for each source-destination address pair.

Examples

The following example shows how to enable the Cisco Express Forwarding original load-balancing algorithm for IPv6:

Device> enable
Device# configure terminal
Device(config)# ipv6 cef load-sharing algorithm original

Related Commands


Command	Description
ip cef load-sharing algorithm	Selects a Cisco Express Forwarding load-balancing algorithm (for IPv4).

ipv6 cef optimize neighbor resolution

To configure address resolution optimization from Cisco Express Forwarding for IPv6 for directly connected neighbors, use the ipv6 cef optimize neighbor resolution command in global configuration mode. To disable address resolution optimization from Cisco Express Forwarding for IPv6 for directly connected neighbors, use the no form of this command.

ipv6 cef optimize neighbor resolution

no ipv6 cef optimize neighbor resolution

Syntax Description

This command has no arguments or keywords.

Command Default

If this command is not configured, Cisco Express Forwarding for IPv6 does not optimize the address resolution of directly connected neighbors.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 cef optimize neighbor resolution command is very similar to the ip cef optimize neighbor resolution command, except that it is IPv6-specific.

Use this command to trigger Layer 2 address resolution of neighbors directly from Cisco Express Forwarding for IPv6.

Examples

The following example shows how to optimize address resolution from Cisco Express Forwarding for IPv6 for directly connected neighbors:


Device(config)# ipv6 cef optimize neighbor resolution

Related Commands


Command	Description
ip cef optimize neighbor resolution	Configures address resolution optimization from Cisco Express Forwarding for IPv4 for directly connected neighbors.

ipv6 destination-guard policy

To define a destination guard policy, use the ipv6 destination-guard policy command in global configuration mode. To remove the destination guard policy, use the no form of this command.

ipv6 destination-guard policy [policy-name]

no ipv6 destination-guard policy [policy-name]

Syntax Description


`policy-name`	(Optional) Name of the destination guard policy.

Command Default

No destination guard policy is defined.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

This command enters destination-guard configuration mode. The destination guard policies can be used to filter IPv6 traffic based on the destination address to block data traffic from an unknown source.

Examples

The following example shows how to define the name of a destination guard policy:


Device(config)#ipv6 destination-guard policy policy1

Related Commands


Command	Description
show ipv6 destination-guard policy	Displays destination guard information.

ipv6 dhcp-relay bulk-lease

To configure bulk lease query parameters, use the ipv6 dhcp-relay bulk-lease command in global configuration mode. To remove the bulk-lease query configuration, use the no form of this command.

ipv6 dhcp-relay bulk-lease {data-timeout seconds | retry number} [disable]

no ipv6 dhcp-relay bulk-lease [disable]

Syntax Description


data-timeout	(Optional) Bulk lease query data transfer timeout.
`seconds`	(Optional) The range is from 60 seconds to 600 seconds. The default is 300 seconds.
retry	(Optional) Sets the bulk lease query retries.
`number`	(Optional) The range is from 0 to 5. The default is 5.
disable	(Optional) Disables the DHCPv6 bulk lease query feature.

Command Default

Bulk lease query is enabled automatically when the DHCP for IPv6 (DHCPv6) relay agent feature is enabled.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the ipv6 dhcp-relay bulk-lease command in global configuration mode to configure bulk lease query parameters, such as data transfer timeout and bulk-lease TCP connection retries.

The DHCPv6 bulk lease query feature is enabled automatically when the DHCPv6 relay agent is enabled. The DHCPv6 bulk lease query feature itself cannot be enabled using this command. To disable this feature, use the ipv6 dhcp-relay bulk-lease command with the disable keyword.

Examples

The following example shows how to set the bulk lease query data transfer timeout to 60 seconds:


Device(config)# ipv6 dhcp-relay bulk-lease data-timeout 60

ipv6 dhcp-relay option vpn

To enable the DHCP for IPv6 relay VRF-aware feature, use the ipv6 dhcp-relay option vpn command in global configuration mode. To disable the feature, use the no form of this command.

ipv6 dhcp-relay option vpn

no ipv6 dhcp-relay option vpn

Syntax Description

This command has no arguments or keywords.

Command Default

The DHCP for IPv6 relay VRF-aware feature is not enabled on the device.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 dhcp-relay option vpn command allows the DHCPv6 relay VRF-aware feature to be enabled globally on the device. If the ipv6 dhcp relay option vpn command is enabled on a specified interface, it overrides the global ipv6 dhcp-relay option vpn command.

Examples

The following example enables the DHCPv6 relay VRF-aware feature globally on the device:

Device(config)# ipv6 dhcp-relay option vpn

Related Commands


Command	Description
ipv6 dhcp relay option vpn	Enables the DHCPv6 relay VRF-aware feature on an interface.

ipv6 dhcp-relay source-interface

To configure an interface to use as the source when relaying messages, use the ipv6 dhcp-relay source-interface command in global configuration mode. To remove the interface from use as the source, use the no form of this command.

ipv6 dhcp-relay source-interface interface-type interface-number

no ipv6 dhcp-relay source-interface interface-type interface-number

Syntax Description


`interface-type` `interface-number`	(Optional) Interface type and number that specifies output interface for a destination. If this argument is configured, client messages are forwarded to the destination address through the link to which the output interface is connected.

Command Default

The address of the server-facing interface is used as the IPv6 relay source.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

If the configured interface is shut down, or if all of its IPv6 addresses are removed, the relay will revert to its standard behavior.

The interface configuration (using the ipv6 dhcp relay source-interface command in interface configuration mode) takes precedence over the global configuration if both have been configured.

Examples

The following example configures the Loopback 0 interface to be used as the relay source:

Device(config)# ipv6 dhcp-relay source-interface loopback 0

Related Commands


Command	Description
ipv6 dhcp relay source-interface	Enables DHCP for IPv6 service on an interface.

ipv6 dhcp binding track ppp

To configure Dynamic Host Configuration Protocol (DHCP) for IPv6 to release any bindings associated with a PPP connection when that connection closes, use the ipv6 dhcp binding track ppp command in global configuration mode. To return to the default behavior, use the no form of this command.

ipv6 dhcp binding track ppp

no ipv6 dhcp binding track ppp

Syntax Description

This command has no arguments or keywords.

Command Default

When a PPP connection closes, the DHCP bindings associated with that connection are not released.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 dhcp binding track ppp command configures DHCP for IPv6 to automatically release any bindings associated with a PPP connection when that connection is closed. The bindings are released automatically to accommodate subsequent new registrations by providing sufficient resource.

Note

In IPv6 broadband deployment using DHCPv6, you must enable release of prefix bindings associated with a PPP virtual interface using this command. This ensures that DHCPv6 bindings are tracked together with PPP sessions, and in the event of DHCP REBIND failure, the client initiates DHCPv6 negotiation again.

A binding table entry on the DHCP for IPv6 server is automatically:

Created whenever a prefix is delegated to a client from the configuration pool.
Updated when the client renews, rebinds, or confirms the prefix delegation.
Deleted when the client releases all the prefixes in the binding voluntarily, all prefixes’ valid lifetimes have expired, or an administrator clears the binding.

Examples

The following example shows how to release the prefix bindings associated with the PPP:


Device(config)# ipv6 dhcp binding track ppp

ipv6 dhcp database

To configure a Dynamic Host Configuration Protocol (DHCP) for IPv6 binding database agent, use the ipv6 dhcp database command in global configuration mode. To delete the database agent, use the no form of this command.

ipv6 dhcp database agent [ write-delay seconds ] abort [ timeout seconds ]

no ipv6 dhcp database agent

Syntax Description


`agent`	A flash, local bootflash, compact flash, NVRAM, FTP, TFTP, or Remote Copy Protocol (RCP) uniform resource locator.
write-delay `seconds`	(Optional) How often (in seconds) DHCP for IPv6 sends database updates. The default is 300 seconds. The minimum write delay is 60 seconds.
timeout `seconds`	(Optional) How long, in seconds, the router waits for a database transfer.

Command Default

Write-delay default is 300 seconds. Timeout default is 300 seconds.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 dhcp database command specifies DHCP for IPv6 binding database agent parameters. The user may configure multiple database agents.

A binding table entry is automatically created whenever a prefix is delegated to a client from the configuration pool, updated when the client renews, rebinds, or confirms the prefix delegation, and deleted when the client releases all the prefixes in the binding voluntarily, all prefixes’ valid lifetimes have expired, or administrators enable the clear ipv6 dhcp binding command. These bindings are maintained in RAM and can be saved to permanent storage using the agent argument so that the information about configuration such as prefixes assigned to clients is not lost after a system reload or power down. The bindings are stored as text records for easy maintenance.

Each permanent storage to which the binding database is saved is called the database agent. A database agent can be a remote host such as an FTP server or a local file system such as NVRAM.

The write-delay keyword specifies how often, in seconds, that DHCP sends database updates. By default, DHCP for IPv6 server waits 300 seconds before sending any database changes.

The timeout keyword specifies how long, in seconds, the router waits for a database transfer. Infinity is defined as 0 seconds, and transfers that exceed the timeout period are canceled. By default, the DHCP for IPv6 server waits 300 seconds before canceling a database transfer. When the system is going to reload, there is no transfer timeout so that the binding table can be stored completely.

Examples

The following example specifies DHCP for IPv6 binding database agent parameters and stores binding entries in TFTP:


Device(config)# ipv6 dhcp database tftp://10.0.0.1/dhcp-binding

The following example specifies DHCP for IPv6 binding database agent parameters and stores binding entries in bootflash:

Device(config)# ipv6 dhcp database bootflash

Related Commands


Command	Description
clear ipv6 dhcp binding	Deletes automatic client bindings from the DHCP for IPv6 server binding table
show ipv6 dhcp database	Displays DHCP for IPv6 binding database agent information.

ipv6 dhcp iana-route-add

To add routes for individually assigned IPv6 addresses on a relay or server, use the ipv6 dhcp iana-route-add command in global configuration mode. To disable route addition for individually assigned IPv6 addresses on a relay or server, use the no form of the command.

ipv6 dhcp iana-route-add

no ipv6 dhcp iana-route-add

Syntax Description

This command has no arguments or keywords.

Command Default

Route addition for individually assigned IPv6 addresses on a relay or server is disabled by default.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 dhcp iana-route-add command is disabled by default and has to be enabled if route addition is required. Route addition for Internet Assigned Numbers Authority (IANA) is possible if the client is connected to the relay or server through unnumbered interfaces, and if route addition is enabled with the help of this command.

Examples

The following example shows how to enable route addition for individually assigned IPv6 addresses:


Device(config)# ipv6 dhcp iana-route-add

ipv6 dhcp iapd-route-add

To enable route addition by Dynamic Host Configuration Protocol for IPv6 (DHCPv6) relay and server for the delegated prefix, use the ipv6 dhcp iapd-route-add command in global configuration mode. To disable route addition, use the no form of the command.

ipv6 dhcp iapd-route-add

no ipv6 dhcp iapd-route-add

Syntax Description

This command has no arguments or keywords.

Command Default

DHCPv6 relay and DHCPv6 server add routes for delegated prefixes by default.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The DHCPv6 relay and the DHCPv6 server add routes for delegated prefixes by default. The presence of this command on a device does not mean that routes will be added on that device. When you configure the command, routes for delegated prefixes will only be added on the first Layer 3 relay and server.

Examples

The following example shows how to enable the DHCPv6 relay and server to add routes for a delegated prefix:


Device(config)# ipv6 dhcp iapd-route-add

ipv6 dhcp-ldra

To enable Lightweight DHCPv6 Relay Agent (LDRA) functionality on an access node, use the ipv6 dhcp-ldra command in global configuration mode. To disable the LDRA functionality, use the no form of this command.

ipv6 dhcp-ldra {enable | disable}

no ipv6 dhcp-ldra {enable | disable}

Syntax Description


enable	Enables LDRA functionality on an access node.
disable	Disables LDRA functionality on an access node.

Command Default

By default, LDRA functionality is not enabled on an access node.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

You must configure the LDRA functionality globally using the ipv6 dhcp-ldra command before configuring it on a VLAN or an access node (such as a Digital Subscriber Link Access Multiplexer [DSLAM] or an Ethernet switch) interface.

Examples

The following example shows how to enable the LDRA functionality:


Device(config)# ipv6 dhcp-ldra enable
Device(config)# exit

Note

In the above example, Device denotes an access node.

Related Commands


Command	Description
ipv6 dhcp ldra attach-policy	Enables LDRA functionality on a VLAN.
ipv6 dhcp-ldra attach-policy	Enables LDRA functionality on an interface.

ipv6 dhcp ping packets

To specify the number of packets a Dynamic Host Configuration Protocol for IPv6 (DHCPv6) server sends to a pool address as part of a ping operation, use the ipv6 dhcp ping packets command in global configuration mode. To prevent the server from pinging pool addresses, use the no form of this command.

ipv6 dhcp ping packets number

ipv6 dhcp ping packets

Syntax Description


`number`	The number of ping packets sent before the address is assigned to a requesting client. The valid range is from 0 to 10.

Command Default

No ping packets are sent before the address is assigned to a requesting client.

Command Modes

Global configuration (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The DHCPv6 server pings a pool address before assigning the address to a requesting client. If the ping is unanswered, the server assumes, with a high probability, that the address is not in use and assigns the address to the requesting client.

Setting the number argument to 0 turns off the DHCPv6 server ping operation

Examples

The following example specifies four ping attempts by the DHCPv6 server before further ping attempts stop:


Device(config)# ipv6 dhcp ping packets 4

Related Commands


Command	Description
clear ipv6 dhcp conflict	Clears an address conflict from the DHCPv6 server database.
show ipv6 dhcp conflict	Displays address conflicts found by a DHCPv6 server, or reported through a DECLINE message from a client.

ipv6 dhcp pool

To configure a Dynamic Host Configuration Protocol (DHCP) for IPv6 server configuration information pool and enter DHCP for IPv6 pool configuration mode, use the ipv6 dhcp pool command in global configuration mode. To delete a DHCP for IPv6 pool, use the no form of this command.

ipv6 dhcp pool poolname

no ipv6 dhcp pool poolname

Syntax Description


`poolname`	User-defined name for the local prefix pool. The pool name can be a symbolic string (such as "Engineering") or an integer (such as 0).

Command Default

DHCP for IPv6 pools are not configured.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the ipv6 dhcp pool command to create a DHCP for IPv6 server configuration information pool. When the ipv6 dhcp pool command is enabled, the configuration mode changes to DHCP for IPv6 pool configuration mode. In this mode, the administrator can configure pool parameters, such as prefixes to be delegated and Domain Name System (DNS) servers, using the following commands:

address prefix IPv6-prefix [lifetime {valid-lifetime preferred-lifetime | infinite }] sets an address prefix for address assignment. This address must be in hexadecimal, using 16-bit values between colons.
link-address IPv6-prefix sets a link-address IPv6 prefix. When an address on the incoming interface or a link-address in the packet matches the specified IPv6-prefix, the server uses the configuration information pool. This address must be in hexadecimal, using 16-bit values between colons.
vendor-specific vendor-id enables DHCPv6 vendor-specific configuration mode. Specify a vendor identification number. This number is the vendor IANA Private Enterprise Number. The range is 1 to 4294967295. The following configuration command is available:
- suboption number sets vendor-specific suboption number. The range is 1 to 65535. You can enter an IPv6 address, ASCII text, or a hex string as defined by the suboption parameters.

Note

The hex value used under the suboption keyword allows users to enter only hex digits (0-f). Entering an invalid hex value does not delete the previous configuration.

Once the DHCP for IPv6 configuration information pool has been created, use the ipv6 dhcp server command to associate the pool with a server on an interface. If you do not configure an information pool, you need to use the ipv6 dhcp server interface configuration command to enable the DHCPv6 server function on an interface.

When you associate a DHCPv6 pool with an interface, only that pool services requests on the associated interface. The pool also services other interfaces. If you do not associate a DHCPv6 pool with an interface, it can service requests on any interface.

Not using any IPv6 address prefix means that the pool returns only configured options.

The link-address command allows matching a link-address without necessarily allocating an address. You can match the pool from multiple relays by using multiple link-address configuration commands inside a pool.

Since a longest match is performed on either the address pool information or the link information, you can configure one pool to allocate addresses and another pool on a subprefix that returns only configured options.

Examples

The following example specifies a DHCP for IPv6 configuration information pool named cisco1 and places the router in DHCP for IPv6 pool configuration mode:


Device(config)# ipv6 dhcp pool cisco1
Device(config-dhcpv6)#

The following example shows how to configure an IPv6 address prefix for the IPv6 configuration pool cisco1:

Device(config-dhcpv6)# address prefix 2001:1000::0/64
Device(config-dhcpv6)# end

The following example shows how to configure a pool named engineering with three link-address prefixes and an IPv6 address prefix:


Device# configure terminal
Device(config)# ipv6 dhcp pool engineering
Device(config-dhcpv6)# link-address 2001:1001::0/64Device(config-dhcpv6)# link-address 2001:1002::0/64Device(config-dhcpv6)# link-address 2001:2000::0/48Device(config-dhcpv6)# address prefix 2001:1003::0/64
Device(config-dhcpv6)# end

The following example shows how to configure a pool named 350 with vendor-specific options:


Device# configure terminal
Device(config)# ipv6 dhcp pool 350
Device(config-dhcpv6)# vendor-specific 9
Device(config-dhcpv6-vs)# suboption 1 address 1000:235D::1Device(config-dhcpv6-vs)# suboption 2 ascii "IP-Phone"
Device(config-dhcpv6-vs)# end

Related Commands


Command	Description
ipv6 dhcp server	Enables DHCP for IPv6 service on an interface.
show ipv6 dhcp pool	Displays DHCP for IPv6 configuration pool information.

ipv6 dhcp server vrf enable

To enable the DHCP for IPv6 server VRF-aware feature, use the ipv6 dhcp server vrf enable command in global configuration mode. To disable the feature, use the no form of this command.

ipv6 dhcp server vrf enable

no ipv6 dhcp server vrf enable

Syntax Description

This command has no arguments or keywords.

Command Default

The DHCPv6 server VRF-aware feature is not enabled.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 dhcp server option vpn command allows the DHCPv6 server VRF-aware feature to be enabled globally on a device.

Examples

The following example enables the DHCPv6 server VRF-aware feature globally on a device:

Device(config)# ipv6 dhcp server option vpn

ipv6 flow monitor

This command activates a previously created flow monitor by assigning it to the interface to analyze incoming or outgoing traffic.

To activate a previously created flow monitor, use the ipv6 flow monitor command. To de-activate a flow monitor, use the no form of the command.

ipv6 flow monitor ipv6-monitor-name [sampler ipv6-sampler-name] {input | output}

no ipv6 flow monitor ipv6-monitor-name [sampler ipv6-sampler-name] {input | output}

Syntax Description


`ipv6-monitor-name`	Activates a previously created flow monitor by assigning it to the interface to analyze incoming or outgoing traffic.
sampler `ipv6-sampler-name`	Applies the flow monitor sampler.
input	Applies the flow monitor on input traffic.
output	Applies the flow monitor on output traffic.

Command Default

IPv6 flow monitor is not activated until it is assigned to an interface.

Command Modes

Interface configuration (config-if)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

You cannot attach a NetFlow monitor to a port channel interface. If both service module interfaces are part of an EtherChannel, you should attach the monitor to both physical interfaces.

Examples

This example shows how to apply a flow monitor to an interface:

Device(config)# interface gigabitethernet 1/1/2
Device(config-if)# ip flow monitor FLOW-MONITOR-1 input
Device(config-if)# ip flow monitor FLOW-MONITOR-2 output
Device(config-if)# end

ipv6 general-prefix

To define an IPv6 general prefix, use the ipv6 general-prefix command in global configuration mode. To remove the IPv6 general prefix, use the no form of this command.

ipv6 general-prefix prefix-name {ipv6-prefix/prefix-length | 6to4 interface-type interface-number | 6rd interface-type interface-number}

no ipv6 general-prefix prefix-name

Syntax Description


`prefix-name`	The name assigned to the prefix.
`ipv6-prefix`	The IPv6 network assigned to the general prefix. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons. When defining a general prefix manually, specify both the `ipv6-prefix` and / `prefix-length` arguments.
/ `prefix-length`	The length of the IPv6 prefix. A decimal value that indicates how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). A slash mark must precede the decimal value. When defining a general prefix manually, specify both the `ipv6-prefix` and / `prefix-length` arguments.
6to4	Allows configuration of a general prefix based on an interface used for 6to4 tunneling. When defining a general prefix based on a 6to4 interface, specify the 6to4 keyword and the `interface-type` `interface-number` argument.
`interface-type` `interface-number`	Interface type and number. For more information, use the question mark (? ) online help function. When defining a general prefix based on a 6to4 interface, specify the 6to4 keyword and the `interface-type` `interface-number` argument.
6rd	Allows configuration of a general prefix computed from an interface used for IPv6 rapid deployment (6RD) tunneling.

Command Default

No general prefix is defined.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the ipv6 general-prefix command to define an IPv6 general prefix.

A general prefix holds a short prefix, based on which a number of longer, more specific, prefixes can be defined. When the general prefix is changed, all of the more specific prefixes based on it will change, too. This function greatly simplifies network renumbering and allows for automated prefix definition.

More specific prefixes, based on a general prefix, can be used when configuring IPv6 on an interface.

When defining a general prefix based on an interface used for 6to4 tunneling, the general prefix will be of the form 2002:a.b.c.d::/48, where "a.b.c.d" is the IPv4 address of the interface referenced.

Examples

The following example manually defines an IPv6 general prefix named my-prefix:


Device(config)# ipv6 general-prefix my-prefix 2001:DB8:2222::/48

The following example defines an IPv6 general prefix named my-prefix based on a 6to4 interface:


Device(config)# ipv6 general-prefix my-prefix 6to4 ethernet0

Related Commands


Command	Description
show ipv6 general-prefix	Displays information on general prefixes for an IPv6 addresses.

ipv6 local policy route-map

To enable local policy-based routing (PBR) for IPv6 packets, use the ipv6 local policy route-map command in global configuration mode. To disable local policy-based routing for IPv6 packets, use the no form of this command.

ipv6 local policy route-map route-map-name

no ipv6 local policy route-map route-map-name

Syntax Description


`route-map-name`	Name of the route map to be used for local IPv6 PBR. The name must match a `route-map-name` value specified by the route-map command.

Command Default

IPv6 packets are not policy routed.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Packets originating from a router are not normally policy routed. However, you can use the ipv6 local policy route-map command to policy route such packets. You might enable local PBR if you want packets originated at the router to take a route other than the obvious shortest path.

The ipv6 local policy route-map command identifies a route map to be used for local PBR. The route-map commands each have a list of match and set commands associated with them. The match commands specify the match criteria, which are the conditions under which packets should be policy routed. The set commands specify set actions, which are particular policy routing actions to be performed if the criteria enforced by the match commands are met. The no ipv6 local policy route-map command deletes the reference to the route map and disables local policy routing.

Examples

In the following example, packets with a destination IPv6 address matching that allowed by access list pbr-src-90 are sent to the router at IPv6 address 2001:DB8::1:


ipv6 access-list src-90
 permit ipv6 host 2001::90 2001:1000::/64
route-map pbr-src-90 permit 10
 match ipv6 address src-90
 set ipv6 next-hop 2001:DB8::1
ipv6 local policy route-map pbr-src-90

Related Commands


Command	Description
ipv6 policy route-map	Configures IPv6 PBR on an interface.
match ipv6 address	Specifies an IPv6 access list to be used to match packets for PBR for IPv6.
match length	Bases policy routing on the Level 3 length of a packet.
route-map (IP)	Defines the conditions for redistributing routes from one routing protocol into another, or enables policy routing.
set default interface	Specifies the default interface to output packets that pass a match clause of a route map for policy routing and have no explicit route to the destination.
set interface	Specifies the default interface to output packets that pass a match clause of a route map for policy routing.
set ipv6 default next-hop	Specifies an IPv6 default next hop to which matching packets will be forwarded.
set ipv6 next-hop (PBR)	Indicates where to output IPv6 packets that pass a match clause of a route map for policy routing.
set ipv6 precedence	Sets the precedence value in the IPv6 packet header.

ipv6 local pool

To configure a local IPv6 prefix pool, use the ipv6 local pool configuration command with the prefix pool name. To disband the pool, use the no form of this command.

ipv6 local pool poolname prefix/prefix-length assigned-length [shared] [cache-size size]

no ipv6 local pool poolname

Syntax Description


`poolname`	User-defined name for the local prefix pool.
`prefix`	IPv6 prefix assigned to the pool. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons.
/ `prefix-length`	The length of the IPv6 prefix assigned to the pool. A decimal value that indicates how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address).
`assigned-length`	Length of prefix, in bits, assigned to the user from the pool. The value of the `assigned-length` argument cannot be less than the value of the / `prefix-length` argument.
shared	(Optional) Indicates that the pool is a shared pool.
cache-size `size`	(Optional) Specifies the size of the cache.

Command Default

No pool is configured.

Command Modes

Global configuration (global)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

All pool names must be unique.

IPv6 prefix pools have a function similar to IPv4 address pools. Contrary to IPv4, a block of addresses (an address prefix) are assigned and not single addresses.

Prefix pools are not allowed to overlap.

Once a pool is configured, it cannot be changed. To change the configuration, the pool must be removed and recreated. All prefixes already allocated will also be freed.

Examples

This example shows the creation of an IPv6 prefix pool:


Device(config)# ipv6 local pool pool1 2001:0DB8::/29 64
Device(config)# end
Device# show ipv6 local pool
Pool Prefix Free In use 
pool1  2001:0DB8::/29  65516  20

Related Commands


Command	Description
debug ipv6 pool	Enables IPv6 pool debugging.
peer default ipv6 address pool	Specifies the pool from which client prefixes are assigned for PPP links.
prefix-delegation pool	Specifies a named IPv6 local prefix pool from which prefixes are delegated to DHCP for IPv6 clients.
show ipv6 local pool	Displays information about any defined IPv6 address pools.

ipv6 mld snooping (global)

To enable Multicast Listener Discovery version 2 (MLDv2) protocol snooping globally, use the ipv6 mld snooping command in global configuration mode. To disable the MLDv2 snooping globally, use the no form of this command.

ipv6 mld snooping

no ipv6 mld snooping

Syntax Description

This command has no arguments or keywords.

Command Default

This command is enabled.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced on the Supervisor Engine 720.

Usage Guidelines

MLDv2 snooping is supported on the Supervisor Engine 720 with all versions of the Policy Feature Card 3 (PFC3).

To use MLDv2 snooping, configure a Layer 3 interface in the subnet for IPv6 multicast routing or enable the MLDv2 snooping querier in the subnet.

Examples

This example shows how to enable MLDv2 snooping globally:


Device(config)# ipv6 mld snooping

Related Commands


Command	Description
show ipv6 mld snooping	Displays MLDv2 snooping information.

ipv6 mld ssm-map enable

To enable the Source Specific Multicast (SSM) mapping feature for groups in the configured SSM range, use the ipv6 mld ssm-map enable command in global configuration mode. To disable this feature, use the no form of this command.

ipv6 mld [vrf vrf-name] ssm-map enable

no ipv6 mld [vrf vrf-name] ssm-map enable

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.

Command Default

The SSM mapping feature is not enabled.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 mld ssm-map enable command enables the SSM mapping feature for groups in the configured SSM range. When the ipv6 mld ssm-map enable command is used, SSM mapping defaults to use the Domain Name System (DNS).

SSM mapping is applied only to received Multicast Listener Discovery (MLD) version 1 or MLD version 2 membership reports.

Examples

The following example shows how to enable the SSM mapping feature:

Device(config)# ipv6 mld ssm-map enable

Related Commands


Command	Description
debug ipv6 mld ssm-map	Displays debug messages for SSM mapping.
ipv6 mld ssm-map query dns	Enables DNS-based SSM mapping.
ipv6 mld ssm-map static	Configures static SSM mappings.
show ipv6 mld ssm-map	Displays SSM mapping information.

ipv6 mld state-limit

To limit the number of Multicast Listener Discovery (MLD) states globally, use the ipv6 mld state-limit command in global configuration mode. To disable a configured MLD state limit, use the no form of this command.

ipv6 mld [vrf vrf-name] state-limit number

no ipv6 mld [vrf vrf-name] state-limit number

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`number`	Maximum number of MLD states allowed on a router. The valid range is from 1 to 64000.

Command Default

No default number of MLD limits is configured. You must configure the number of maximum MLD states allowed globally on a router when you configure this command.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the ipv6 mld state-limit command to configure a limit on the number of MLD states resulting from MLD membership reports on a global basis. Membership reports sent after the configured limits have been exceeded are not entered in the MLD cache and traffic for the excess membership reports is not forwarded.

Use the ipv6 mld limit command in interface configuration mode to configure the per-interface MLD state limit.

Per-interface and per-system limits operate independently of each other and can enforce different configured limits. A membership state will be ignored if it exceeds either the per-interface limit or global limit.

Examples

The following example shows how to limit the number of MLD states on a router to 300:


Device(config)# ipv6 mld state-limit 300

Related Commands


Command	Description
ipv6 mld access-group	Enables the performance of IPv6 multicast receiver access control.
ipv6 mld limit	Limits the number of MLD states resulting from MLD membership state on a per-interface basis.

ipv6 multicast-routing

To enable multicast routing using Protocol Independent Multicast (PIM) and Multicast Listener Discovery (MLD) on all IPv6-enabled interfaces of the router and to enable multicast forwarding, use the ipv6 multicast-routing command in global configuration mode. To stop multicast routing and forwarding, use the no form of this command.

ipv6 multicast-routing [vrf vrf-name]

no ipv6 multicast-routing

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.

Command Default

Multicast routing is not enabled.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the ipv6 multicast-routing command to enable multicast forwarding. This command also enables Protocol Independent Multicast (PIM) and Multicast Listener Discovery (MLD) on all IPv6-enabled interfaces of the router being configured.

You can configure individual interfaces before you enable multicast so that you can then explicitly disable PIM and MLD protocol processing on those interfaces, as needed. Use the no ipv6 pim or the no ipv6 mld router command to disable IPv6 PIM or MLD router-side processing, respectively.

Examples

The following example enables multicast routing and turns on PIM and MLD on all interfaces:


Device(config)# ipv6 multicast-routing

Related Commands


Command	Description
ipv6 pim rp-address	Configures the address of a PIM RP for a particular group range.
no ipv6 pim	Turns off IPv6 PIM on a specified interface.
no ipv6 mld router	Disables MLD router-side processing on a specified interface.

ipv6 multicast group-range

To disable multicast protocol actions and traffic forwarding for unauthorized groups or channels on all the interfaces in a router, use the ipv6 multicast group-range command in global configuration mode. To return to the command’s default settings, use the no form of this command.

ipv6 multicast [vrf vrf-name] group-range [access-list-name]

no ipv6 multicast [vrf vrf-name] group-range [access-list-name]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`access-list-name`	(Optional) Name of an access list that contains authenticated subscriber groups and authorized channels that can send traffic to the router.

Command Default

Multicast is enabled for groups and channels permitted by a specified access list and disabled for groups and channels denied by a specified access list.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 multicast group-range command provides an access control mechanism for IPv6 multicast edge routing. The access list specified by the access-list-name argument specifies the multicast groups or channels that are to be permitted or denied. For denied groups or channels, the router ignores protocol traffic and actions (for example, no Multicast Listener Discovery (MLD) states are created, no mroute states are created, no Protocol Independent Multicast ( PIM) joins are forwarded), and drops data traffic on all interfaces in the system, thus disabling multicast for denied groups or channels.

Using the ipv6 multicast group-range global configuration command is equivalent to configuring the MLD access control and multicast boundary commands on all interfaces in the system. However, the ipv6 multicast group-range command can be overridden on selected interfaces by using the following interface configuration commands:

ipv6 mld access-group access-list-name
ipv6 multicast boundary scope scope-value

Because the no ipv6 multicast group-range command returns the router to its default configuration, existing multicast deployments are not broken.

Examples

The following example ensures that the router disables multicast for groups or channels denied by an access list named list2:


Device(config)# ipv6 multicast group-range list2

The following example shows that the command in the previous example is overridden on an interface specified by int2:


Device(config)# interface int2
Device(config-if)# ipv6 mld access-group int-list2

On int2, MLD states are created for groups or channels permitted by int-list2 but are not created for groups or channels denied by int-list2. On all other interfaces, the access-list named list2 is used for access control.

In this example, list2 can be specified to deny all or most multicast groups or channels, and int-list2 can be specified to permit authorized groups or channels only for interface int2.

Related Commands


Command	Description
ipv6 mld access-group	Performs IPv6 multicast receiver access control.
ipv6 multicast boundary scope	Configures a multicast boundary on the interface for a specified scope.

ipv6 multicast pim-passive-enable

To enable the Protocol Independent Multicast (PIM) passive feature on an IPv6 router, use the ipv6 multicast pim-passive-enable command in global configuration mode. To disable this feature, use the no form of this command.

ipv6 multicast pim-passive-enable

no ipv6 multicast pim-passive-enable

Syntax Description

This command has no arguments or keywords.

Command Default

PIM passive mode is not enabled on the router.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the ipv6 multicast pim-passive-enable command to configure IPv6 PIM passive mode on a router. Once PIM passive mode is configured globally, use the ipv6 pim passive command in interface configuration mode to configure PIM passive mode on a specific interface.

Examples

The following example configures IPv6 PIM passive mode on a router:


Device(config)# ipv6 multicast pim-passive-enable

Related Commands


Command	Description
ipv6 pim passive	Configures PIM passive mode on a specific interface.

ipv6 multicast rpf

To enable IPv6 multicast reverse path forwarding (RPF) check to use Border Gateway Protocol (BGP) unicast routes in the Routing Information Base (RIB), use the ipv6 multicast rpf command in global configuration mode. To disable this function, use the no form of this command.

ipv6 multicast [vrf vrf-name] rpf {backoff initial-delay max-delay | use-bgp}

no ipv6 multicast [vrf vrf-name] rpf {backoff initial-delay max-delay | use-bgp}

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
backoff	Specifies the backoff delay after a unicast routing change.
`initial-delay`	Initial RPF backoff delay, in milliseconds (ms). The range is from 200 to 65535.
`max-delay`	Maximum RPF backoff delay, in ms. The range is from 200 to 65535.
use-bgp	Specifies to use BGP routes for multicast RPF lookups.

Command Default

The multicast RPF check does not use BGP unicast routes.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

When the ipv6 multicast rpf command is configured, multicast RPF check uses BGP unicast routes in the RIB. This is not done by default.

Examples

The following example shows how to enable the multicast RPF check function:


Device(config)# ipv6 multicast rpf use-bgp

Related Commands


Command	Description
ipv6 multicast limit	Configure per-interface multicast route (mroute) state limiters in IPv6.
ipv6 multicast multipath	Enables load splitting of IPv6 multicast traffic across multiple equal-cost paths.

ipv6 nd cache expire

To configure the duration of time before an IPv6 neighbor discovery cache entry expires, use the ipv6 nd cache expire command in the interface configuration mode. To remove this configuration, use the no form of this command.

ipv6 nd cache expire expire-time-in-seconds [refresh]

no ipv6 nd cache expire expire-time-in-seconds [refresh]

Syntax Description


`expire-time-in-seconds`	The time range is from 1 through 65536 seconds. The default is 14400 seconds or 4 hours.
refresh	(Optional) Automatically refreshes the neighbor discovery cache entry.

Command Modes

Interface configuration (config-if)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

By default, a neighbor discovery cache entry is expired and deleted if it remains in the STALE state for 14,400 seconds or 4 hours. The ipv6 nd cache expire command allows the expiry time to vary and to trigger auto refresh of an expired entry before the entry is deleted.

When the refresh keyword is used, a neighbor discovery cache entry is auto refreshed. The entry moves into the DELAY state and the neighbor unreachability detection process occurs, in which the entry transitions from the DELAY state to the PROBE state after 5 seconds. When the entry reaches the PROBE state, a neighbor solicitation is sent and then retransmitted as per the configuration.

Examples

The following example shows that the neighbor discovery cache entry is configured to expire in 7200 seconds or 2 hours:

Device> enable
Device# configure terminal
Device(config)# interface gigabitethernet 1/1/4
Device(config-if)# ipv6 nd cache expire 7200

Related Commands


Command	Description
ipv6 nd na glean	Configures neighbor discovery to glean an entry from an unsolicited neighbor advertisement.
ipv6 nd nud retry	Configures the number of times neighbor unreachability detection resends neighbor solicitations.
show ipv6 interface	Displays the usability status of interfaces that are configured for IPv6.

ipv6 nd cache interface-limit (global)

To configure a neighbor discovery cache limit on all interfaces on the device, use the ipv6 nd cache interface-limit command in global configuration mode. To remove the neighbor discovery from all interfaces on the device, use the no form of this command.

ipv6 nd cache interface-limit size [log rate]

no ipv6 nd cache interface-limit size [log rate]

Syntax Description


`size`	Cache size.
log `rate`	(Optional) Adjustable logging rate, in seconds. The valid values are 0 and 1.

Command Default

Default logging rate for the device is one entry every second.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 nd cache interface-limit command in global configuration mode imposes a common per-interface cache size limit on all interfaces on the device.

Issuing the no or default form of the command will remove the neighbor discovery limit from every interface on the device that was configured using global configuration mode. It will not remove the neighbor discovery limit from any interface configured using the ipv6 nd cache interface-limit command in interface configuration mode.

The default (and maximum) logging rate for the device is one entry every second.

Examples

The following example shows how to set a common per-interface cache size limit of 4 seconds on all interfaces on the device:

Device(config)# ipv6 nd cache interface-limit 4

Related Commands


Command	Description
ipv6 nd cache interface-limit (interface)	Configures a neighbor discovery cache limit on a specified interface on the device.

ipv6 nd host mode strict

To enable the conformant, or strict, IPv6 host mode, use the ipv6 nd host mode strict command in global configuration mode. To reenable conformant, or loose, IPv6 host mode, use the no form of this command.

ipv6 nd host mode strict

Syntax Description

This command has no arguments or keywords.

Command Default

Nonconformant, or loose, IPv6 host mode is enabled.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The default IPv6 host mode type is loose, or nonconformant. To enable IPv6 strict, or conformant, host mode, use the ipv6 nd host mode strict command. You can change between the two IPv6 host modes using the no form of this command.

The ipv6 nd host mode strict command selects the type of IPv6 host mode behavior and enters interface configuration mode. However, the ipv6 nd host mode strict command is ignored if you have configured IPv6 routing with the ipv6 unicast-routing command. In this situation, the default IPv6 host mode type, loose, is used.

Examples

The following example shows how to configure the device as a strict IPv6 host and enables IPv6 address autoconfiguration on Ethernet interface 0/0:

Device(config)# ipv6 nd host mode strict
Device(config-if)# interface ethernet0/0
Device(config-if)# ipv6 address autoconfig

The following example shows how to configure the device as a strict IPv6 host and configures a static IPv6 address on Ethernet interface 0/0:

Device(config)# ipv6 nd host mode strict
Device(config-if)# interface ethernet0/0
Device(config-if)# ipv6 address 2001::1/64

Related Commands


Command	Description
ipv6 unicast-routing	Enables the forwarding of IPv6 unicast datagrams.

ipv6 nd na glean

To configure the neighbor discovery to glean an entry from an unsolicited neighbor advertisement, use the ipv6 nd na glean command in the interface configuration mode. To disable this feature, use the no form of this command.

ipv6 nd na glean

no ipv6 nd na glean

Command Modes

Interface configuration

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

IPv6 nodes may emit a multicast unsolicited neighbor advertisement packet following the successful completion of duplicate address detection (DAD). By default, other IPv6 nodes ignore these unsolicited neighbor advertisement packets. The ipv6 nd na glean command configures the router to create a neighbor advertisement entry on receipt of an unsolicited neighbor advertisement packet (assuming no such entry already exists and the neighbor advertisement has the link-layer address option). Use of this command allows a device to populate its neighbor advertisement cache with an entry for a neighbor before data traffic exchange with the neighbor.

Examples

The following example shows how to configure neighbor discovery to glean an entry from an unsolicited neighbor advertisement:

Device> enable
Device# configure terminal
Device(config)# interface gigabitethernet 1/1/4
Device(config-if)# ipv6 nd na glean

Related Commands


Command	Description
ipv6 nd cache expire	Configures the duration of time before an IPv6 neighbor discovery cache entry expires.
ipv6 nd nud retry	Configures the number of times neighbor unreachability detection resends neighbor solicitations.
show ipv6 interface	Displays the usability status of interfaces that are configured for IPv6.

ipv6 nd ns-interval

To configure the interval between IPv6 neighbor solicitation (NS) retransmissions on an interface, use the ipv6 nd ns-interval command in interface configuration mode. To restore the default interval, use the no form of this command.

ipv6 nd ns-interval milliseconds

no ipv6 nd ns-interval

Syntax Description


`milliseconds`	The interval between IPv6 neighbor solicit transmissions for address resolution. The acceptable range is from 1000 to 3600000 milliseconds.

Command Default

0 milliseconds (unspecified) is advertised in router advertisements and the value 1000 is used for the neighbor discovery activity of the router itself.

Command Modes

Interface configuration (config-if)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

By default, using the ipv6 nd ns-interval command changes the NS retransmission interval for both address resolution and duplicate address detection (DAD). To specify a different NS retransmission interval for DAD, use the ipv6 nd dad time command.

This value will be included in all IPv6 router advertisements sent out this interface. Very short intervals are not recommended in normal IPv6 operation. When a nondefault value is configured, the configured time is both advertised and used by the router itself.

Examples

The following example configures an IPv6 neighbor solicit transmission interval of 9000 milliseconds for Ethernet interface 0/0:


Device(config)# interface ethernet 0/0
Device(config-if)# ipv6 nd ns-interval 9000

Related Commands


Command	Description
ipv6 nd dad time	Configures the NS retransmit interval for DAD separately from the NS retransmit interval for address resolution.
show ipv6 interface	Displays the usability status of interfaces configured for IPv6.

ipv6 nd nud retry

To configure the number of times the neighbor unreachability detection process resends neighbor solicitations, use the ipv6 nd nud retry command in the interface configuration mode. To disable this feature, use the no form of this command.

ipv6 nd nud retry base interval max-attempts {final-wait-time}

no ipv6 nd nud retry base interval max-attempts {final-wait-time}

Syntax Description


`base`	The neighbor unreachability detection process base value.
`interval`	The time interval, in milliseconds, between retries. The range is from 1000 to 32000.
`max-attempts`	The maximum number of retry attempts, depending on the base value. The range is from 1 to 128.
`final-wait-time`	The waiting time, in milliseconds, on the last probe. The range is from 1000 to 32000.

Command Modes

Interface configuration (config-if)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

When a device runs neighbor unreachability detection to resolve the neighbor detection entry for a neighbor again, it sends three neighbor solicitation packets 1 second apart. In certain situations, for example, spanning-tree events, or high-traffic events, or end-host reloads), three neighbor solicitation packets that are sent at an interval of 1 second may not be sufficient. To help maintain the neighbor cache in such situations, use the ipv6 nd nud retry command to configure exponential timers for neighbor solicitation retransmits.

The maximum number of retry attempts is configured using the max-attempts argument. The retransmit interval is calculated with the following formula:

tm^n

here,

t = Time interval
m = Base (1, 2, or 3)
n = Current neighbor solicitation number (where the first neighbor solicitation is 0).

Therefore, ipv6 nd nud retry 3 1000 5 command retransmits at intervals of 1,3,9,27,81 seconds. If the final wait time is not configured, the entry remains for 243 seconds before it is deleted.

The ipv6 nd nud retry command affects only the retransmit rate for the neighbor unreachability detection process, and not for the initial resolution, which uses the default of three neighbor solicitation packets sent 1 second apart.

Examples

The following example shows how to configure a fixed interval of 1 second and three retransmits:

Device> enable
Device# configure terminal
Device(config)# interface gigabitethernet 1/1/4
Device(config-if)# ipv6 nd nud retry 1 1000 3

The following example shows how to configure a retransmit interval of 1, 2, 4, and 8:

Device> enable
Device# configure terminal
Device(config)# interface gigabitethernet 1/1/4
Device(config-if)# ipv6 nd nud retry 2 1000 4

The following example shows how to configure the retransmit intervals of 1, 3, 9, 27, 81:

Device> enable
Device# configure terminal
Device(config)# interface gigabitethernet 1/1/4
Device(config-if)# ipv6 nd nud retry 3 1000 5

Related Commands


Command	Description
ipv6 nd cache expire	Configures the duration of time before an IPv6 neighbor discovery (ND) cache entry expires.
ipv6 nd na glean	Configures neighbor discovery to glean an entry from an unsolicited neighbor advertisement.
show ipv6 interface	Displays the usability status of interfaces that are configured for IPv6.

ipv6 nd reachable-time

To configure the amount of time that a remote IPv6 node is considered reachable after some reachability confirmation event has occurred, use the ipv6 nd reachable-time command in interface configuration mode. To restore the default time, use the no form of this command.

ipv6 nd reachable-time milliseconds

no ipv6 nd reachable-time

Syntax Description


`milliseconds`	The amount of time that a remote IPv6 node is considered reachable (in milliseconds).

Command Default

0 milliseconds (unspecified) is advertised in router advertisements and the value 30000 (30 seconds) is used for the neighbor discovery activity of the router itself.

Command Modes

Interface configuration (config-if)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The configured time enables the router to detect unavailable neighbors. Shorter configured times enable the router to detect unavailable neighbors more quickly; however, shorter times consume more IPv6 network bandwidth and processing resources in all IPv6 network devices. Very short configured times are not recommended in normal IPv6 operation.

The configured time is included in all router advertisements sent out of an interface so that nodes on the same link use the same time value. A value of 0 means indicates that the configured time is unspecified by this router.

Examples

The following example configures an IPv6 reachable time of 1,700,000 milliseconds for Ethernet interface 0/0:

Device(config)# interface ethernet 0/0
Device(config-if)# ipv6 nd reachable-time 1700000

Related Commands


Command	Description
show ipv6 interface	Displays the usability status of interfaces configured for IPv6.

ipv6 nd resolution data limit

To configure the number of data packets queued pending Neighbor Discovery resolution, use the ipv6 nd resolution data limit command in global configuration mode.

ipv6 nd resolution data limit number-of-packets

no ipv6 nd resolution data limit number-of-packets

Syntax Description


`number-of-packets`	The number of queued data packets. The range is from 16 to 2048 packets.

Command Default

Queue limit is 16 packets.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 nd resolution data limit command allows the customer to configure the number of data packets queued pending Neighbor Discovery resolution. IPv6 Neighbor Discovery queues a data packet that initiates resolution for an unresolved destination. Neighbor Discovery will only queue one packet per destination. Neighbor Discovery also enforces a global (per-router) limit on the number of packets queued. Once the global queue limit is reached, further packets to unresolved destinations are discarded. The minimum (and default) value is 16 packets, and the maximum value is 2048.

In most situations, the default value of 16 queued packets pending Neighbor Discovery resolution is sufficient. However, in some high-scalability scenarios in which the router needs to initiate communication with a very large number of neighbors almost simultaneously, then the value may be insufficient. This may lead to loss of the initial packet sent to some neighbors. In most applications, the initial packet is retransmitted, so initial packet loss generally is not a cause for concern. (Note that dropping the initial packet to an unresolved destination is normal in IPv4.) However, there may be some high-scale configurations where loss of the initial packet is inconvenient. In these cases, the customer can use the ipv6 nd resolution data limit command to prevent the initial packet loss by increasing the unresolved packet queue size.

Examples

The following example configures the global number of data packets held awaiting resolution to be 32:


Device(config)# ipv6 nd resolution data limit 32

ipv6 nd route-owner

To insert Neighbor Discovery-learned routes into the routing table with "ND" status and to enable ND autoconfiguration behavior, use the ipv6 nd route-owner command. To remove this information from the routing table, use the no form of this command.

ipv6 nd route-owner

Syntax Description

This command has no arguments or keywords.

Command Default

The status of Neighbor Discovery-learned routes is "Static."

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 nd route-owner command inserts routes learned by Neighbor Discovery into the routing table with a status of "ND" rather than "Static" or "Connected."

This global command also enables you to use the ipv6 nd autoconfig default or ipv6 nd autoconfig prefix commands in interface configuration mode. If the ipv6 nd route-owner command is not issued, then the ipv6 nd autoconfig default and ipv6 nd autoconfig prefix commands are accepted by the router but will not work.

Examples

Device(config)# ipv6 nd route-owner

Related Commands


Command	Description
ipv6 nd autoconfig default	Allows Neighbor Discovery to install a default route to the Neighbor Discovery-derived default router.
ipv6 nd autoconfig prefix	Uses Neighbor Discovery to install all valid on-link prefixes from RAs received on the interface.

ipv6 neighbor

To configure a static entry in the IPv6 neighbor discovery cache, use the ipv6 neighbor command in global configuration mode. To remove a static IPv6 entry from the IPv6 neighbor discovery cache, use the no form of this command.

ipv6 neighbor ipv6-address interface-type interface-number hardware-address

no ipv6 neighbor ipv6-address interface-type interface-number

Syntax Description


`ipv6-address`	The IPv6 address that corresponds to the local data-link address. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons.
`interface-type`	The specified interface type. For supported interface types, use the question mark (?) online help function.
`interface-number`	The specified interface number.
`hardware-address`	The local data-link address (a 48-bit address).

Command Default

Static entries are not configured in the IPv6 neighbor discovery cache.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 neighbor command is similar to the arp (global) command.

If an entry for the specified IPv6 address already exists in the neighbor discovery cache--learned through the IPv6 neighbor discovery process--the entry is automatically converted to a static entry.

Use the show ipv6 neighbors command to view static entries in the IPv6 neighbor discovery cache. A static entry in the IPv6 neighbor discovery cache can have one of the following states:

INCMP (Incomplete)--The interface for this entry is down.
REACH (Reachable)--The interface for this entry is up.

Note

Reachability detection is not applied to static entries in the IPv6 neighbor discovery cache; therefore, the descriptions for the INCMP and REACH states are different for dynamic and static cache entries. See the show ipv6 neighbors command for descriptions of the INCMP and REACH states for dynamic cache entries.

The clear ipv6 neighbors command deletes all entries in the IPv6 neighbor discovery cache, except static entries. The no ipv6 neighbor command deletes a specified static entry from the neighbor discovery cache; the command does not remove dynamic entries--learned from the IPv6 neighbor discovery process--from the cache. Disabling IPv6 on an interface by using the no ipv6 enable command or the no ipv6 unnumbered command deletes all IPv6 neighbor discovery cache entries configured for that interface, except static entries (the state of the entry changes to INCMP).

Static entries in the IPv6 neighbor discovery cache are not modified by the neighbor discovery process.

Note

Static entries for IPv6 neighbors can be configured only on IPv6-enabled LAN and ATM LAN Emulation interfaces.

Examples

The following example configures a static entry in the IPv6 neighbor discovery cache for a neighbor with the IPv6 address 2001:0DB8::45A and link-layer address 0002.7D1A.9472 on Ethernet interface 1:


Device(config)# ipv6 neighbor 2001:0DB8::45A ethernet1 0002.7D1A.9472

Related Commands


Command	Description
arp (global)	Adds a permanent entry in the ARP cache.
clear ipv6 neighbors	Deletes all entries in the IPv6 neighbor discovery cache, except static entries.
no ipv6 enable	Disables IPv6 processing on an interface that has not been configured with an explicit IPv6 address.
no ipv6 unnumbered	Disables IPv6 on an unnumbered interface.
show ipv6 neighbors	Displays IPv6 neighbor discovery cache information.

ipv6 ospf name-lookup

To display Open Shortest Path First (OSPF) router IDs as Domain Naming System (DNS) names, use the ipv6 ospf name-lookup command in global configuration mode. To stop displaying OSPF router IDs as DNS names, use the no form of this command.

ipv6 ospf name-lookup

no ipv6 ospf name-lookup

Syntax Description

This command has no arguments or keywords.

Command Default

This command is disabled by default

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

This command makes it easier to identify a router because the router is displayed by name rather than by its router ID or neighbor ID.

Examples

The following example configures OSPF to look up DNS names for use in all OSPF show EXEC command displays:


Device(config)# ipv6 ospf name-lookup

ipv6 pim

To reenable IPv6 Protocol Independent Multicast (PIM) on a specified interface, use the ipv6 pim command in interface configuration mode. To disable PIM on a specified interface, use the no form of the command.

ipv6 pim

no ipv6 pim

Syntax Description

This command has no arguments or keywords.

Command Default

PIM is automatically enabled on every interface.

Command Modes

Interface configuration (config-if)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

After a user has enabled the ipv6 multicast-routing command, PIM is enabled to run on every interface. Because PIM is enabled on every interface by default, use the no form of the ipv6 pim command to disable PIM on a specified interface. When PIM is disabled on an interface, it does not react to any host membership notifications from the Multicast Listener Discovery (MLD) protocol.

Examples

The following example turns off PIM on Fast Ethernet interface 1/0:


Device(config)# interface FastEthernet 1/0
Device(config-if)# no ipv6 pim

Related Commands


Command	Description
ipv6 multicast-routing	Enables multicast routing using PIM and MLD on all IPv6-enabled interfaces of the router and enables multicast forwarding.

ipv6 pim accept-register

To accept or reject registers at the rendezvous point (RP), use the ipv6 pim accept-register command in global configuration mode. To return to the default value, use the no form of this command.

ipv6 pim [vrf vrf-name] accept-register {list access-list | route-map map-name}

no ipv6 pim [vrf vrf-name] accept-register {list access-list | route-map map-name}

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
list `access-list`	Defines the access list name.
route-map `map-name`	Defines the route map.

Command Default

All sources are accepted at the RP.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the ipv6 pim accept-register command to configure a named access list or route map with match attributes. When the permit conditions as defined by the access-list and map-name arguments are met, the register message is accepted. Otherwise, the register message is not accepted, and an immediate register-stop message is returned to the encapsulating designated router.

Examples

The following example shows how to filter on all sources that do not have a local multicast Border Gateway Protocol (BGP) prefix:


ipv6 pim accept-register route-map reg-filter
route-map reg-filter permit 20
 match as-path 101
ip as-path access-list 101 permit

ipv6 pim allow-rp

To enable the PIM Allow RP feature for all IP multicast-enabled interfaces in an IPv6 device, use the ip pim allow-rp command in global configuration mode. To return to the default value, use the no form of this command.

ipv6 pim allow-rp [group-list access-list | rp-list access-list [group-list access-list]]

no ipv6 pim allow-rp

Syntax Description


group-list	(Optional) Identifies an access control list (ACL) of allowed group ranges for PIM Allow RP.
rp-list	(Optional) Specifies an ACL for allowed rendezvous-point (RP) addresses for PIM Allow RP.
`access-list`	(Optional) Unique number or name of a standard ACL.

Command Default

PIM Allow RP is disabled.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use this command to enable the receiving device in an IP multicast network to accept a (*, G) Join from an unexpected (different) RP address.

Before enabling PIM Allow RP, you must first use the ipv6 pim rp-address command to define an RP.

Related Commands


Command	Description
ipv6 pim rp-address	Statically configures the address of a PIM RP for multicast groups.

ipv6 pim neighbor-filter list

To filter Protocol Independent Multicast (PIM) neighbor messages from specific IPv6 addresses, use the ipv6 pim neighbor-filter command in the global configuration mode. To return to the router default, use the no form of this command.

ipv6 pim [vrf vrf-name] neighbor-filter list access-list

no ipv6 pim [vrf vrf-name] neighbor-filter list access-list

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`access-list`	Name of an IPv6 access list that denies PIM hello packets from a source.

Command Default

PIM neighbor messages are not filtered.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 pim neighbor-filter list command is used to prevent unauthorized routers on the LAN from becoming PIM neighbors. Hello messages from addresses specified in this command are ignored.

Examples

The following example causes PIM to ignore all hello messages from IPv6 address FE80::A8BB:CCFF:FE03:7200:


Device(config)# ipv6 pim neighbor-filter list nbr_filter_acl
Device(config)# ipv6 access-list nbr_filter_acl
Device(config-ipv6-acl)# deny ipv6 host FE80::A8BB:CCFF:FE03:7200 any
Device(config-ipv6-acl)# permit any any

ipv6 pim rp-address

To configure the address of a Protocol Independent Multicast (PIM) rendezvous point (RP) for a particular group range, use the ipv6 pim rp-address command in global configuration mode. To remove an RP address, use the no form of this command.

ipv6 pim [vrf vrf-name] rp-address ipv6-address [group-access-list] [bidir]

no ipv6 pim rp-address ipv6-address [group-access-list] [bidir]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`ipv6-address`	The IPv6 address of a router to be a PIM RP. The `ipv6-address` argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons.
`group-access-list`	(Optional) Name of an access list that defines for which multicast groups the RP should be used. If the access list contains any group address ranges that overlap the assigned source-specific multicast (SSM) group address range (FF3x::/96), a warning message is displayed, and the overlapping ranges are ignored. If no access list is specified, the specified RP is used for all valid multicast non-SSM address ranges. To support embedded RP, the router configured as the RP must use a configured access list that permits the embedded RP group ranges derived from the embedded RP address. Note that the embedded RP group ranges need not include all the scopes (for example, 3 through 7).
bidir	(Optional) Indicates that the group range will be used for bidirectional shared-tree forwarding; otherwise, it will be used for sparse-mode forwarding. A single IPv6 address can be configured to be RP only for either bidirectional or sparse-mode group ranges. A single group-range list can be configured to operate either in bidirectional or sparse mode.

Command Default

No PIM RPs are preconfigured. Embedded RP support is enabled by default when IPv6 PIM is enabled (where embedded RP support is provided). Multicast groups operate in PIM sparse mode.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

When PIM is configured in sparse mode, you must choose one or more routers to operate as the RP. An RP is a single common root of a shared distribution tree and is statically configured on each router.

Where embedded RP support is available, only the RP needs to be statically configured as the RP for the embedded RP ranges. No additional configuration is needed on other IPv6 PIM routers. The other routers will discover the RP address from the IPv6 group address. If these routers want to select a static RP instead of the embedded RP, the specific embedded RP group range must be configured in the access list of the static RP.

The RP address is used by first-hop routers to send register packets on behalf of source multicast hosts. The RP address is also used by routers on behalf of multicast hosts that want to become members of a group. These routers send join and prune messages to the RP.

If the optional group-access-list argument is not specified, the RP is applied to the entire routable IPv6 multicast group range, excluding SSM, which ranges from FFX[3-f]::/8 to FF3X::/96. If the group-access-list argument is specified, the IPv6 address is the RP address for the group range specified in the group-access-list argument.

You can configure Cisco IOS software to use a single RP for more than one group. The conditions specified by the access list determine which groups the RP can be used for. If no access list is configured, the RP is used for all groups.

A PIM router can use multiple RPs, but only one per group.

Examples

The following example shows how to set the PIM RP address to 2001::10:10 for all multicast groups:


Device(config)# ipv6 pim rp-address 2001::10:10

The following example sets the PIM RP address to 2001::10:10 for the multicast group FF04::/64 only:


Device(config)# ipv6 access-list acc-grp-1
Device(config-ipv6-acl)# permit ipv6 any ff04::/64
Device(config)# ipv6 pim rp-address 2001::10:10 acc-grp-1

The following example shows how to configure a group access list that permits the embedded RP ranges derived from the IPv6 RP address 2001:0DB8:2::2:


Device(config)# ipv6 pim rp-address 2001:0DB8:2::2 embd-ranges
Device(config)# ipv6 access-list embd-ranges
Device(config-ipv6-acl)# permit ipv6 any ff73:240:2:2:2::/96
Device(config-ipv6-acl)# permit ipv6 any ff74:240:2:2:2::/96
Device(config-ipv6-acl)# permit ipv6 any ff75:240:2:2:2::/96
Device(config-ipv6-acl)# permit ipv6 any ff76:240:2:2:2::/96
Device(config-ipv6-acl)# permit ipv6 any ff77:240:2:2:2::/96
Device(config-ipv6-acl)# permit ipv6 any ff78:240:2:2:2::/96

The following example shows how to enable the address 100::1 as the bidirectional RP for the entries multicast range FF::/8:


ipv6 pim rp-address 100::1 bidir

In the following example, the IPv6 address 200::1 is enabled as the bidirectional RP for the ranges permitted by the access list named bidir-grps. The ranges permitted by this list are ff05::/16 and ff06::/16.


Device(config)# ipv6 access-list bidir-grps
Device(config-ipv6-acl)# permit ipv6 any ff05::/16
Device(config-ipv6-acl)# permit ipv6 any ff06::/16
Device(config-ipv6-acl)# exit
Device(config)# ipv6 pim rp-address 200::1 bidir-grps bidir

Related Commands


Command	Description
debug ipv6 pim df-election	Displays debug messages for PIM bidirectional DF-election message processing.
ipv6 access-list	Defines an IPv6 access list and places the router in IPv6 access list configuration mode.
show ipv6 pim df	Displays the DF -election state of each interface for each RP.
show ipv6 pim df winner	Displays the DF-election winner on each interface for each RP.

ipv6 pim rp embedded

To enable embedded rendezvous point (RP) support in IPv6 Protocol Independent Multicast (PIM), use the ipv6 pim rp-embedded command in global configuration mode. To disable embedded RP support, use the no form of this command.

ipv6 pim [vrf vrf-name] rp embedded

no ipv6 pim [vrf vrf-name] rp embedded

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.

Command Default

Embedded RP support is enabled by default.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Because embedded RP support is enabled by default, users will generally use the no form of this command to turn off embedded RP support.

The ipv6 pim rp embedded command applies only to the embedded RP group ranges ff7X::/16 and fffX::/16. When the router is enabled, it parses groups in the embedded RP group ranges ff7X::/16 and fffX::/16, and extracts the RP to be used from the group address.

Examples

The following example disables embedded RP support in IPv6 PIM:


Device# no ipv6 pim rp embedded

ipv6 pim spt-threshold infinity

To configure when a Protocol Independent Multicast (PIM) leaf router joins the shortest path tree (SPT) for the specified groups, use the ipv6 pim spt-threshold infinity command in global configuration mode. To restore the default value, use the no form of this command.

ipv6 pim [vrf vrf-name] spt-threshold infinity [group-list access-list-name]

no ipv6 pim spt-threshold infinity

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
group-list `access-list-name`	(Optional) Indicates to which groups the threshold applies. Must be a standard IPv6 access list name. If the value is omitted, the threshold applies to all groups.

Command Default

When this command is not used, the PIM leaf router joins the SPT immediately after the first packet arrives from a new source. Once the router has joined the SPT, configuring the ipv6 pim spt-threshold infinity command will not cause it to switch to the shared tree.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Using the ipv6 pim spt-threshold infinity command enables all sources for the specified groups to use the shared tree. The group-list keyword indicates to which groups the SPT threshold applies.

The access-list-name argument refers to an IPv6 access list. When the access-list-name argument is specified with a value of 0, or the group-list keyword is not used, the SPT threshold applies to all groups. The default setting (that is, when this command is not enabled) is to join the SPT immediately after the first packet arrives from a new source.

Examples

The following example configures a PIM last-hop router to stay on the shared tree and not switch to the SPT for the group range ff04::/64.:


Device(config)# ipv6 access-list acc-grp-1
Device(config-ipv6-acl)# permit ipv6 any FF04::/64
Device(config-ipv6-acl)# exit
Device(config)# ipv6 pim spt-threshold infinity group-list acc-grp-1

ipv6 prefix-list

To create an entry in an IPv6 prefix list, use the ipv6 prefix-list command in global configuration mode. To delete the entry, use the no form of this command.

ipv6 prefix-list list-name [seq seq-number] {deny ipv6-prefix/ prefix-length | permit ipv6-prefix/ prefix-length | description text} [ge ge-value] [le le-value]

no ipv6 prefix-list list-name

Syntax Description


`list-name`	Name of the prefix list. Cannot be the same name as an existing access list. Cannot be the name “detail” or “summary” because they are keywords in the show ipv6 prefix-list command.
seq `seq-number`	(Optional) Sequence number of the prefix list entry being configured.
deny	Denies networks that matches the condition.
permit	Permits networks that matches the condition.
`ipv6-prefix`	The IPv6 network assigned to the specified prefix list. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons.
/ `prefix-length`	The length of the IPv6 prefix. A decimal value that indicates how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). A slash mark must precede the decimal value.
description `text`	A description of the prefix list that can be up to 80 characters in length.
ge `ge-value`	(Optional) Specifies a prefix length greater than or equal to the `ipv6-prefix` / `prefix-length` arguments. It is the lowest value of a range of the `length` (the “from” portion of the length range).
le `le-value`	(Optional) Specifies a prefix length less than or equal to the `ipv6-prefix` / `prefix-length` arguments. It is the highest value of a range of the `length` (the “to” portion of the length range).

Command Default

No prefix list is created.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The ipv6 prefix-list command is similar to the ip prefix-list command, except that it is IPv6-specific.

To suppress networks from being advertised in updates, use the distribute-list out command.

The sequence number of a prefix list entry determines the order of the entries in the list. The router compares network addresses to the prefix list entries. The router begins the comparison at the top of the prefix list, with the entry having the lowest sequence number.

If multiple entries of a prefix list match a prefix, the entry with the lowest sequence number is considered the real match. Once a match or deny occurs, the router does not go through the rest of the prefix list. For efficiency, you may want to put the most common permits or denies near the top of the list, using the seq-number argument.

The show ipv6 prefix-list command displays the sequence numbers of entries.

IPv6 prefix lists are used to specify certain prefixes or a range of prefixes that must be matched before a permit or deny statement can be applied. Two operand keywords can be used to designate a range of prefix lengths to be matched. A prefix length of less than, or equal to, a value is configured with the le keyword. A prefix length greater than, or equal to, a value is specified using the ge keyword. The ge and le keywords can be used to specify the range of the prefix length to be matched in more detail than the usual ipv6-prefix / prefix-length argument. For a candidate prefix to match against a prefix list entry three conditions can exist:

The candidate prefix must match the specified prefix list and prefix length entry.
The value of the optional le keyword specifies the range of allowed prefix lengths from the prefix-length argument up to, and including, the value of the le keyword.
The value of the optional ge keyword specifies the range of allowed prefix lengths from the value of the ge keyword up to, and including, 128.

Note

The first condition must match before the other conditions take effect.

An exact match is assumed when the ge or le keywords are not specified. If only one keyword operand is specified then the condition for that keyword is applied, and the other condition is not applied. The prefix-length value must be less than the ge value. The ge value must be less than, or equal to, the le value. The le value must be less than or equal to 128.

Every IPv6 prefix list, including prefix lists that do not have any permit and deny condition statements, has an implicit deny any any statement as its last match condition.

Examples

The following example denies all routes with a prefix of ::/0.


Device(config)# ipv6 prefix-list abc deny ::/0

The following example permits the prefix 2002::/16:


Device(config)# ipv6 prefix-list abc permit 2002::/16

The following example shows how to specify a group of prefixes to accept any prefixes from prefix 5F00::/48 up to and including prefix 5F00::/64.


Device(config)# ipv6 prefix-list abc permit 5F00::/48 le 64

The following example denies prefix lengths greater than 64 bits in routes that have the prefix 2001:0DB8::/64.


Device(config)# ipv6 prefix-list abc permit 2001:0DB8::/64 le 128

The following example permits mask lengths from 32 to 64 bits in all address space.


Device(config)# ipv6 prefix-list abc permit ::/0 ge 32 le 64

The following example denies mask lengths greater than 32 bits in all address space.


Device(config)# ipv6 prefix-list abc deny ::/0 ge 32

The following example denies all routes with a prefix of 2002::/128.


Device(config)# ipv6 prefix-list abc deny 2002::/128

The following example permits all routes with a prefix of ::/0.


Device(config)# ipv6 prefix-list abc permit ::/0

Related Commands


Command	Description
clear ipv6 prefix-list	Resets the hit count of the IPv6 prefix list entries.
distribute-list out	Suppresses networks from being advertised in updates.
ipv6 prefix-list sequence-number	Enables the generation of sequence numbers for entries in an IPv6 prefix list.
match ipv6 address	Distributes IPv6 routes that have a prefix permitted by a prefix list.
show ipv6 prefix-list	Displays information about an IPv6 prefix list or IPv6 prefix list entries.

ipv6 source-guard attach-policy

To apply IPv6 source guard policy on an interface, use the ipv6 source-guard attach-policy in interface configuration mode. To remove this source guard from the interface, use the no form of this command.

ipv6 source-guard attach-policy [source-guard-policy ]

Syntax Description


`source-guard-policy`	(Optional) User-defined name of the source guard policy. The policy name can be a symbolic string (such as Engineering) or an integer (such as 0).

Command Default

An IPv6 source-guard policy is not applied on the interface.

Command Modes

Interface configuration (config-if)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

If no policy is specified using the source-guard-policy argument, then the default source-guard policy is applied.

A dependency exists between IPv6 source guard and IPv6 snooping. Whenever IPv6 source guard is configured, when the ipv6 source-guard attach-policy command is entered, it verifies that snooping is enabled and issues a warning if it is not. If IPv6 snooping is disabled, the software checks if IPv6 source guard is enabled and sends a warning if it is.

Examples

The following example shows how to apply IPv6 source guard on an interface:


Device(config)# interface gigabitethernet 0/0/1
Device(config-if)# ipv6 source-guard attach-policy mysnoopingpolicy

Related Commands


Command	Description
ipv6 snooping policy	Configures an IPv6 snooping policy and enters IPv6 snooping configuration mode.

ipv6 source-route

To enable processing of the IPv6 type 0 routing header (the IPv6 source routing header), use the ipv6 source-route command in global configuration mode. To disable the processing of this IPv6 extension header, use the no form of this command.

ipv6 source-route

no ipv6 source-route

Syntax Description

This command has no arguments or keywords.

Command Default

The no version of the ipv6 source-route command is the default. When the router receives a packet with a type 0 routing header, the router drops the packet and sends an IPv6 Internet Control Message Protocol (ICMP) error message back to the source and logs an appropriate debug message.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The default was changed to be the no version of the ipv6 source-route command, which means this functionality is not enabled. Before this change, this functionality was enabled automatically. User who had configured the no ipv6 source-route command before the default was changed will continue to see this configuration in their show config command output, even though the no version of the command is the default.

The no ipv6 source-route command (which is the default) prevents hosts from performing source routing using your routers. When the no ipv6 source-route command is configured and the router receives a packet with a type0 source routing header, the router drops the packet and sends an IPv6 ICMP error message back to the source and logs an appropriate debug message.

In IPv6, source routing is performed only by the destination of the packet. Therefore, in order to stop source routing from occurring inside your network, you need to configure an IPv6 access control list (ACL) that includes the following rule:


deny ipv6 any any routing

The rate at which the router generates all IPv6 ICMP error messages can be limited by using the ipv6 icmp error-interval command.

Examples

The following example disables the processing of IPv6 type 0 routing headers:


no ipv6 source-route

Related Commands


Command	Description
deny (IPv6)	Sets deny conditions for an IPv6 access list.
ipv6 icmp error-interval	Configures the interval for IPv6 ICMP error messages.

ipv6 spd mode

To configure an IPv6 Selective Packet Discard (SPD) mode, use the ipv6 spd mode command in global configuration mode. To remove the IPv6 SPD mode, use the no form of this command.

ipv6 spd mode {aggressive | tos protocol ospf}

no ipv6 spd mode {aggressive | tos protocol ospf}

Syntax Description


aggressive	Aggressive drop mode discards incorrectly formatted packets when the IPv6 SPD is in random drop state.
tos protocol o spf	OSPF mode allows OSPF packets to be handled with SPD priority.

Command Default

No IPv6 SPD mode is configured.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The default setting for the IPv6 SPD mode is none, but you may want to use the ipv6 spd mode command to configure a mode to be used when a certain SPD state is reached.

The aggressive keyword enables aggressive drop mode, which drops deformed packets when IPv6 SPD is in random drop state. The ospf keyword enables OSPF mode, in which OSPF packets are handled with SPD priority.

The size of the process input queue governs the SPD state: normal (no drop), random drop, or max. When the process input queue is less than the SPD minimum threshold, SPD takes no action and enters normal state. In the normal state, no packets are dropped. When the input queue reaches the maximum threshold, SPD enters max state, in which normal priority packets are discarded. If the input queue is between the minimum and maximum thresholds, SPD enters the random drop state, in which normal packets may be dropped.

Examples

The following example shows how to enable the router to drop deformed packets when the router is in the random drop state:


Device(config)# ipv6 spf mode aggressive

Related Commands


Command	Description
ipv6 spd queue max-threshold	Configures the maximum number of packets in the IPv6 SPD process input queue.
ipv6 spd queue min-threshold	Configures the minimum number of packets in the IPv6 SPD process input queue.
show ipv6 spd	Displays the IPv6 SPD configuration.

ipv6 spd queue max-threshold

To configure the maximum number of packets in the IPv6 Selective Packet Discard (SPD) process input queue, use the ipv6 spd queue max-threshold command in global configuration mode. To return to the default value, use the no form of this command.

ipv6 spd queue max-threshold value

no ipv6 spd queue max-threshold

Syntax Description


`value`	Number of packets. The range is from 0 through 65535.

Command Default

No SPD queue maximum threshold value is configured.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the ipv6 spd queue max-threshold command to configure the SPD queue maximum threshold value.

The size of the process input queue governs the SPD state: normal (no drop), random drop, or max. When the process input queue is less than the SPD minimum threshold, SPD takes no action and enters normal state. In the normal state, no packets are dropped. When the input queue reaches the maximum threshold, SPD enters max state, in which normal priority packets are discarded. If the input queue is between the minimum and maximum thresholds, SPD enters the random drop state, in which normal packets may be dropped.

Examples

The following example shows how to set the maximum threshold value of the queue to 60,000:


Device(config)# ipv6 spd queue max-threshold 60000

Related Commands


Command	Description
ipv6 spd queue min-threshold	Configures the minimum number of packets in the IPv6 SPD process input queue.
show ipv6 spd	Displays the IPv6 SPD configuration.

ipv6 traffic interface-statistics

To collect IPv6 forwarding statistics for all interfaces, use the ipv6 traffic interface-statistics command in global configuration mode. To ensure that IPv6 forwarding statistics are not collected for any interface, use the no form of this command.

ipv6 traffic interface-statistics [unclearable]

no ipv6 traffic interface-statistics [unclearable]

Syntax Description


unclearable	(Optional) IPv6 forwarding statistics are kept for all interfaces, but it is not possible to clear the statistics on any interface.

Command Default

IPv6 forwarding statistics are collected for all interfaces.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Using the optional unclearable keyword halves the per-interface statistics storage requirements.

Examples

The following example does not allow statistics to be cleared on any interface:


Device(config)# ipv6 traffic interface-statistics unclearable

ipv6 unicast-routing

To enable the forwarding of IPv6 unicast datagrams, use the ipv6 unicast-routing command in global configuration mode. To disable the forwarding of IPv6 unicast datagrams, use the no form of this command.

ipv6 unicast-routing

no ipv6 unicast-routing

Syntax Description

This command has no arguments or keywords.

Command Default

IPv6 unicast routing is disabled.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Configuring the no ipv6 unicast-routing command removes all IPv6 routing protocol entries from the IPv6 routing table.

Examples

The following example enables the forwarding of IPv6 unicast datagrams:


Device(config)# ipv6 unicast-routing

Related Commands


Command	Description
ipv6 address link-local	Configures an IPv6 link-local address for an interface and enables IPv6 processing on the interface.
ipv6 address eui-64	Configures an IPv6 address and enables IPv6 processing on an interface using an EUI-64 interface ID in the low-order 64 bits of the address.
ipv6 enable	Enables IPv6 processing on an interface that has not been configured with an explicit IPv6 address.
ipv6 unnumbered	Enables IPv6 processing on an interface without assigning an explicit IPv6 address to the interface.
show ipv6 route	Displays the current contents of the IPv6 routing table.

key chain

To define an authentication key chain needed to enable authentication for routing protocols and enter key-chain configuration mode, use the key chain command in global configuration mode. To remove the key chain, use the no form of this command.

key chain name-of-chain

no key chain name-of-chain

Syntax Description


`name-of-chain`	Name of a key chain. A key chain must have at least one key and can have up to 2147483647 keys.

Command Default

No key chain exists.

Command Modes

Global configuration (config)

Usage Guidelines

You must configure a key chain with keys to enable authentication.

Although you can identify multiple key chains, we recommend using one key chain per interface per routing protocol. Upon specifying the key chain command, you enter key chain configuration mode.

Examples

The following example shows how to specify key chain:


Device(config-keychain-key)# key-string chestnut

Related Commands


Command	Description
accept-lifetime	Sets the time period during which the authentication key on a key chain is received as valid.
key	Identifies an authentication key on a key chain.
key-string (authentication)	Specifies the authentication string for a key.
send-lifetime	Sets the time period during which an authentication key on a key chain is valid to be sent.
show key chain	Displays authentication key information.

key-string (authentication)

To specify the authentication string for a key, use the key-string (authentication) command in key chain key configuration mode. To remove the authentication string, use the no form of this command.

key-string key-string text

no key-string text

Syntax Description


`text`	Authentication string that must be sent and received in the packets using the routing protocol being authenticated. The string can contain from 1 to 80 uppercase and lowercase alphanumeric characters.

Command Default

No authentication string for a key exists.

Command Modes

Key chain key configuration (config-keychain-key)

Examples

The following example shows how to specify the authentication string for a key:


Device(config-keychain-key)# key-string key1

Related Commands


Command	Description
accept-lifetime	Sets the time period during which the authentication key on a key chain is received as valid.
key	Identifies an authentication key on a key chain.
key chain	Defines an authentication key-chain needed to enable authentication for routing protocols.
send-lifetime	Sets the time period during which an authentication key on a key chain is valid to be sent.
show key chain	Displays authentication key information.

key

To identify an authentication key on a key chain, use the key command in key-chain configuration mode. To remove the key from the key chain, use the no form of this command.

key key-id

no key key-id

Syntax Description


`key-id`	Identification number of an authentication key on a key chain. The range of keys is from 0 to 2147483647. The key identification numbers need not be consecutive.

Command Default

No key exists on the key chain.

Command Modes

Key-chain configuration (config-keychain)

Usage Guidelines

It is useful to have multiple keys on a key chain so that the software can sequence through the keys as they become invalid after time, based on the accept-lifetime and send-lifetime key chain key command settings.

Each key has its own key identifier, which is stored locally. The combination of the key identifier and the interface associated with the message uniquely identifies the authentication algorithm and Message Digest 5 (MD5) authentication key in use. Only one authentication packet is sent, regardless of the number of valid keys. The software starts looking at the lowest key identifier number and uses the first valid key.

If the last key expires, authentication will continue and an error message will be generated. To disable authentication, you must manually delete the last valid key.

To remove all keys, remove the key chain by using the no key chain command.

Examples

The following example shows how to specify a key to identify authentication on a key-chain:


Device(config-keychain)# key 1

Related Commands


Command	Description
accept-lifetime	Sets the time period during which the authentication key on a key chain is received as valid.
key chain	Defines an authentication key chain needed to enable authentication for routing protocols.
key-string (authentication)	Specifies the authentication string for a key.
send-lifetime	Sets the time period during which an authentication key on a key chain is valid to be sent.
show key chain	Displays authentication key information.

show ip nat translations

To display active Network Address Translation ( NAT) translations, use the show ip nat translations command in EXEC mode.

show ip nat translations [ inside global-ip ] [ outside local-ip ] [icmp] [tcp] [udp] [verbose] [ vrf vrf-name ]

Syntax Description


icmp	(Optional) Displays Internet Control Message Protocol (ICMP) entries.
inside `global-ip`	(Optional) Displays entries for only a specific inside global IP address.
outside `local-ip`	(Optional) Displays entries for only a specific outside local IP address.
tcp	(Optional) Displays TCP protocol entries.
udp	(Optional) Displays User Datagram Protocol (UDP) entries.
verbose	(Optional) Displays additional information for each translation table entry, including how long ago the entry was created and used.
vrf `vrf-name`	(Optional) Displays VPN routing and forwarding (VRF) traffic-related information.

Command Modes

EXEC

Command History


Release	Modification
Cisco IOS XE Amsterdam 17.1.1	This command was introduced.

Examples

The following is sample output from the show ip nat translations command. Without overloading, two inside hosts are exchanging packets with some number of outside hosts.


Router# show ip nat translations
Pro Inside global      Inside local       Outside local      Outside global
--- 10.69.233.209     192.168.1.95       ---                ---
--- 10.69.233.210     192.168.1.89       ---                --

With overloading, a translation for a Domain Name Server (DNS) transaction is still active, and translations for two Telnet sessions (from two different hosts) are also active. Note that two different inside hosts appear on the outside with a single IP address.


Router# show ip nat translations
Pro Inside global        Inside local       Outside local      Outside global
udp 10.69.233.209:1220  192.168.1.95:1220  172.16.2.132:53    172.16.2.132:53
tcp 10.69.233.209:11012 192.168.1.89:11012 172.16.1.220:23    172.16.1.220:23
tcp 10.69.233.209:1067  192.168.1.95:1067  172.16.1.161:23    172.16.1.161:23

The following is sample output that includes the verbose keyword:


Router# show ip nat translations verbose
Pro Inside global        Inside local       Outside local      Outside global
udp 172.16.233.209:1220  192.168.1.95:1220  172.16.2.132:53    172.16.2.132:53
        create 00:00:02, use 00:00:00, flags: extended
tcp 172.16.233.209:11012 192.168.1.89:11012 172.16.1.220:23    172.16.1.220:23
        create 00:01:13, use 00:00:50, flags: extended
tcp 172.16.233.209:1067  192.168.1.95:1067  172.16.1.161:23    172.16.1.161:23
        create 00:00:02, use 00:00:00, flags: extended

The following is sample output that includes the vrf keyword:


Router# show ip nat translations vrf 
abc
Pro Inside global      Inside local       Outside local      Outside global
--- 10.2.2.1            192.168.121.113    ---                ---
--- 10.2.2.2            192.168.122.49     ---                ---
--- 10.2.2.11           192.168.11.1       ---                ---
--- 10.2.2.12           192.168.11.3       ---                ---
--- 10.2.2.13           172.16.5.20        ---                ---
Pro Inside global      Inside local       Outside local      Outside global
--- 10.2.2.3            192.168.121.113    ---                ---
--- 10.2.2.4            192.168.22.49      ---                ---

The following is sample output that includes the inside keyword:


Router# show ip nat translations inside 10.69.233.209
Pro Inside global        Inside local       Outside local      Outside global
udp 10.69.233.209:1220  192.168.1.95:1220  172.16.2.132:53    172.16.2.132:53

The following is sample output when NAT that includes the inside keyword:


Router# show ip nat translations inside 10.69.233.209
Pro Inside global        Inside local       Outside local      Outside global
udp 10.69.233.209:1220  192.168.1.95:1220  172.16.2.132:53    172.16.2.132:53

The following is a sample output that displays information about NAT port parity and conservation:


Router# show ip nat translations 
Pro  Inside global         Inside local          Outside local         Outside global
udp  200.200.0.100:5066    100.100.0.56:5066     200.200.0.56:5060     200.200.0.56:5060
udp  200.200.0.100:1025    100.100.0.57:10001    200.200.0.57:10001    200.200.0.57:10001
udp  200.200.0.100:10000   100.100.0.56:10000    200.200.0.56:10000    200.200.0.56:10000
udp  200.200.0.100:1024    100.100.0.57:10000    200.200.0.57:10000    200.200.0.57:10000
udp  200.200.0.100:10001   100.100.0.56:10001    200.200.0.56:10001    200.200.0.56:10001
udp  200.200.0.100:9985    100.100.0.57:5066     200.200.0.57:5060     200.200.0.57:5060
Total number of translations: 6

The table below describes the significant fields shown in the display.

Table 2. show ip nat translations Field Descriptions
Field	Description
Pro	Protocol of the port identifying the address.
Inside global	The legitimate IP address that represents one or more inside local IP addresses to the outside world.
Inside local	The IP address assigned to a host on the inside network; probably not a legitimate address assigned by the Network Interface Card (NIC) or service provider.
Outside local	IP address of an outside host as it appears to the inside network; probably not a legitimate address assigned by the NIC or service provider.
Outside global	The IP address assigned to a host on the outside network by its owner.
create	How long ago the entry was created (in hours:minutes:seconds).
use	How long ago the entry was last used (in hours:minutes:seconds).
flags	Indication of the type of translation. Possible flags are: extended--Extended translation static--Static translation destination--Rotary translation outside--Outside translation timing out--Translation will no longer be used, due to a TCP finish (FIN) or reset (RST) flag.

Related Commands


Command	Description
clear ip nat translation	Clears dynamic NAT translations from the translation table.
ip nat	Designates that traffic originating from or destined for the interface is subject to NAT.
ip nat inside destination	Enables NAT of the inside destination address.
ip nat inside source	Enables NAT of the inside source address.
ip nat outside source	Enables NAT of the outside source address.
ip nat pool	Defines a pool of IP addresses for NAT.
ip nat service	Enables a port other than the default port.
show ip nat statistics	Displays NAT statistics.

show ip nhrp nhs

To display Next Hop Resolution Protocol (NHRP) next hop server (NHS) information, use the show ip nhrp nhs command in user EXEC or privileged EXEC mode.

show ip nhrp nhs [interface] [detail] [redundancy [cluster number | preempted | running | waiting]]

Syntax Description


`interface`	(Optional) Displays NHS information currently configured on the interface. See the table below for types, number ranges, and descriptions.
detail	(Optional) Displays detailed NHS information.
redundancy	(Optional) Displays information about NHS redundancy stacks.
cluster `number`	(Optional) Displays redundancy cluster information.
preempted	(Optional) Displays information about NHS that failed to become active and is preempted.
running	(Optional) Displays NHSs that are currently in Responding or Expecting replies states.
waiting	(Optional) Displays NHSs awaiting to be scheduled.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The table below lists the valid types, number ranges, and descriptions for the optional interface argument.

Note

The valid types can vary according to the platform and interfaces on the platform.

Table 3. Valid Types, Number Ranges, and Interface Descriptions
Valid Types	Number Ranges	Interface Descriptions
ANI	0 to 1000	Autonomic-Networking virtual interface
Auto-Template	1 to 999	Auto-Template interface
Capwap	0 to 2147483647	Control and Provisioning of Wireless Access Points protocol (CAPWAP) tunnel interface
GMPLS	0 to 1000	Multiprotocol Label Switching (MPLS) interface
GigabitEthernet	0 to 9	GigabitEthernet IEEE 802.3z
InternalInterface	0 to 9	Internal interface
LISP	0 to 65520	Locator/ID Separation Protocol (LISP) virtual interface
loopback	0 to 2147483647	Loopback interface
Null	0 to 0	Null interface
PROTECTION_GROUP	0 to 0	Protection-group controller
Port-channel	1 to 128	Port channel interface
TenGigabitEthernet	0 to 9	TenGigabitEthernet interface
Tunnel	0 to 2147483647	Tunnel interface
Tunnel-tp	0 to 65535	MPLS Transport Profile interface
Vlan	1 to 4094	VLAN interface

Examples

The following is sample output from the show ip nhrp nhs detail command:


Switch# show ip nhrp nhs detail

Legend:
  E=Expecting replies
  R=Responding
Tunnel1:
  	10.1.1.1           E  req-sent 128  req-failed 1  repl-recv 0
Pending Registration Requests:
Registration Request: Reqid 1, Ret 64  NHS 10.1.1.1

The table below describes the significant field shown in the display.

Table 4. show ip nhrp nhs Field Descriptions
Field	Description
Tunnel1	Interface through which the target network is reached.

Related Commands


Command	Description
ip nhrp map	Statically configures the IP-to-NBMA address mapping of IP destinations connected to an NBMA network.
show ip nhrp	Displays NHRP mapping information.

show ip ports all

To display all the open ports on a device, use the show ip ports all in user EXEC or privileged EXEC mode.

show ip ports all

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

This command provides a list of all open TCP/IP ports on the system including the ports opened using Cisco networking stack.

To close open ports, you can use one of the following methods:

Use Access Control List (ACL).
To close the UDP 2228 port, use the no l2 traceroute command.
To close TCP 80, TCP 443, TCP 6970, TCP 8090 ports, use the no ip http server and no ip http secure-server commands.

Examples

The following is sample output from the show ip ports all command:

Device# 
show ip ports all 
Proto Local Address Foreign Address State PID/Program Name
TCB Local Address Foreign Address (state)
tcp *:4786 *:* LISTEN 224/[IOS]SMI IBC server process
tcp *:443 *:* LISTEN 286/[IOS]HTTP CORE
tcp *:443 *:* LISTEN 286/[IOS]HTTP CORE
tcp *:80 *:* LISTEN 286/[IOS]HTTP CORE
tcp *:80 *:* LISTEN 286/[IOS]HTTP CORE
udp *:10002 *:* 0/[IOS] Unknown
udp *:2228 10.0.0.0:0 318/[IOS]L2TRACE SERVER

The table below describes the significant fields shown in the display

Table 5. Field Descriptions of show ip ports all
Field	Description
Protocol	Transport protocol used.
Local Address.	Device IP Address.
Foreign Address	Remote or peer address.
State	State of the connection. It can be listen, established or connected.
PID/Program Name	Process ID or name

Related Commands


Command	Description
show tcp brief all	Displays information about TCP connection endpoints.
show ip sockets	Displays IP sockets information.

show ipv6 access-list

To display the contents of all current IPv6 access lists, use the show ipv6 access-list command in user EXEC or privileged EXEC mode.

show ipv6 access-list [access-list-name]

Syntax Description


`access-list-name`	(Optional) Name of access list.

Command Default

All IPv6 access lists are displayed.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The show ipv6 access-list command provides output similar to the show ip access-list command, except that it is IPv6-specific.

Examples

The following output from the show ipv6 access-list command shows IPv6 access lists named inbound, tcptraffic, and outbound:


Device# show ipv6 access-list
IPv6 access list inbound
    permit tcp any any eq bgp reflect tcptraffic (8 matches) sequence 10
    permit tcp any any eq telnet reflect tcptraffic (15 matches) sequence 20
    permit udp any any reflect udptraffic sequence 30
IPv6 access list tcptraffic (reflexive) (per-user)
    permit tcp host 2001:0DB8:1::1 eq bgp host 2001:0DB8:1::2 eq 11000 timeout 300 (time         left 243) sequence 1
    permit tcp host 2001:0DB8:1::1 eq telnet host 2001:0DB8:1::2 eq 11001 timeout 300         (time left 296) sequence 2
IPv6 access list outbound
    evaluate udptraffic
    evaluate tcptraffic

The following sample output shows IPv6 access list information for use with IPSec:


Device#  show ipv6 access-list
IPv6 access list Tunnel0-head-0-ACL (crypto)
     permit ipv6 any any (34 matches) sequence 1
IPv6 access list Ethernet2/0-ipsecv6-ACL (crypto)
     permit 89 FE80::/10 any (85 matches) sequence 1

The table below describes the significant fields shown in the display.

Table 6. show ipv6 access-list Field Descriptions
Field	Description
ipv6 access list inbound	Name of the IPv6 access list, for example, inbound.
permit	Permits any packet that matches the specified protocol type.
tcp	Transmission Control Protocol. The higher-level (Layer 4) protocol type that the packet must match.
any	Equal to ::/0.
eq	An equal operand that compares the source or destination ports of TCP or UDP packets.
bgp	Border Gateway Protocol. The lower-level (Layer 3) protocol type that the packet must be equal to.
reflect	Indicates a reflexive IPv6 access list.
tcptraffic (8 matches)	The name of the reflexive IPv6 access list and the number of matches for the access list. The clear ipv6 access-list privileged EXEC command resets the IPv6 access list match counters.
sequence 10	Sequence in which an incoming packet is compared to lines in an access list. Lines in an access list are ordered from first priority (lowest number, for example, 10) to last priority (highest number, for example, 80).
host 2001:0DB8:1::1	The source IPv6 host address that the source address of the packet must match.
host 2001:0DB8:1::2	The destination IPv6 host address that the destination address of the packet must match.
11000	The ephemeral source port number for the outgoing connection.
timeout 300	The total interval of idle time (in seconds) after which the temporary IPv6 reflexive access list named tcptraffic will time out for the indicated session.
(time left 243)	The amount of idle time (in seconds) remaining before the temporary IPv6 reflexive access list named tcptraffic is deleted for the indicated session. Additional received traffic that matches the indicated session resets this value to 300 seconds.
evaluate udptraffic	Indicates the IPv6 reflexive access list named udptraffic is nested in the IPv6 access list named outbound.

Related Commands


Command	Description
clear ipv6 access-list	Resets the IPv6 access list match counters.
hardware statistics	Enables the collection of hardware statistics.
show ip access-list	Displays the contents of all current IP access lists.
show ip prefix-list	Displays information about a prefix list or prefix list entries.
show ipv6 prefix-list	Displays information about an IPv6 prefix list or IPv6 prefix list entries.

show ipv6 destination-guard policy

To display destination guard information, use the show ipv6 destination-guard policy command in privileged EXEC mode.

show ipv6 destination-guard policy [policy-name]

Syntax Description


`policy-name`	(Optional) Name of the destination guard policy.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

If the policy-name argument is specified, only the specified policy information is displayed. If the policy-name argument is not specified, information is displayed for all policies.

Examples

The following is sample output from the show ipv6 destination-guard policy command when the policy is applied to a VLAN:

Device# show ipv6 destination-guard policy pol1
Destination guard policy destination: 
  enforcement always
        Target: vlan 300

The following is sample output from the show ipv6 destination-guard policy command when the policy is applied to an interface:


Device# show ipv6 destination-guard policy pol1
Destination guard policy destination: 
  enforcement always
        Target: Gi0/0/1

Related Commands


Command	Description
ipv6 destination-guard policy	Defines the destination guard policy.

show ipv6 dhcp

To display the Dynamic Host Configuration Protocol (DHCP) unique identifier (DUID) on a specified device, use the show ipv6 dhcp command in user EXEC or privileged EXEC mode.

show ipv6 dhcp

Syntax Description

This command has no arguments or keywords.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The show ipv6 dhcp command uses the DUID based on the link-layer address for both client and server identifiers. The device uses the MAC address from the lowest-numbered interface to form the DUID. The network interface is assumed to be permanently attached to the device. Use the show ipv6 dhcp command to display the DUID of a device.

Examples

The following is sample output from the show ipv6 dhcp command. The output is self-explanatory:


Device# show ipv6 dhcp 
This device's DHCPv6 unique identifier(DUID): 000300010002FCA5DC1C

show ipv6 dhcp binding

To display automatic client bindings from the Dynamic Host Configuration Protocol (DHCP) for IPv6 server binding table, use the show ipv6 dhcp binding command in user EXEC or privileged EXEC mode.

show ipv6 dhcp binding [ipv6-address] [vrf vrf-name]

Syntax Description


`ipv6-address`	(Optional) The address of a DHCP for IPv6 client.
vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The show ipv6 dhcp binding command displays all automatic client bindings from the DHCP for IPv6 server binding table if the ipv6-address argument is not specified. When the ipv6-address argument is specified, only the binding for the specified client is displayed.

If the vrf vrf-name keyword and argument combination is specified, all bindings that belong to the specified VRF are displayed.

Note

The ipv6 dhcp server vrf enable command must be enabled for the configured VRF to work. If the command is not configured, the output of the show ipv6 dhcp binding command will not display the configured VRF; it will only display the default VRF details.

Examples

The following sample output displays all automatic client bindings from the DHCP for IPv6 server binding table:


Device# show ipv6 dhcp binding

Client: FE80::A8BB:CCFF:FE00:300 
  DUID: 00030001AABBCC000300
  Username : client_1
  Interface: Virtual-Access2.1
  IA PD: IA ID 0x000C0001, T1 75, T2 135
    Prefix: 2001:380:E00::/64
            preferred lifetime 150, valid lifetime 300
            expires at Dec 06 2007 12:57 PM (262 seconds)
Client: FE80::A8BB:CCFF:FE00:300 (Virtual-Access2.2) 
  DUID: 00030001AABBCC000300
  IA PD: IA ID 0x000D0001, T1 75, T2 135
    Prefix: 2001:0DB8:E00:1::/64
            preferred lifetime 150, valid lifetime 300
            expires at Dec 06 2007 12:58 PM (288 seconds)

The table below describes the significant fields shown in the display.

Table 7. show ipv6 dhcp binding Field Descriptions
Field	Description
Client	Address of a specified client.
DUID	DHCP unique identifier (DUID).
Virtual-Access2.1	First virtual client. When an IPv6 DHCP client requests two prefixes with the same DUID but a different identity association for prefix delegation (IAPD ) on two different interfaces, these prefixes are considered to be for two different clients, and interface information is maintained for both.
Username : client_1	The username associated with the binding.
IA PD	Collection of prefixes assigned to a client.
IA ID	Identifier for this IAPD.
Prefix	Prefixes delegated to the indicated IAPD on the specified client.
preferred lifetime, valid lifetime	The preferred lifetime and valid lifetime settings, in seconds, for the specified client.
Expires at	Date and time at which the valid lifetime expires.
Virtual-Access2.2	Second virtual client. When an IPv6 DHCP client requests two prefixes with the same DUID but different IAIDs on two different interfaces, these prefixes are considered to be for two different clients, and interface information is maintained for both.

When the DHCPv6 pool on the Cisco IOS DHCPv6 server is configured to obtain prefixes for delegation from an authentication, authorization, and accounting (AAA) server, it sends the PPP username from the incoming PPP session to the AAA server for obtaining the prefixes. The PPP username is associated with the binding is displayed in output from the show ipv6 dhcp binding command. If there is no PPP username associated with the binding, this field value is displayed as "unassigned."

The following example shows that the PPP username associated with the binding is "client_1":


Device# show ipv6 dhcp binding

Client: FE80::2AA:FF:FEBB:CC 
  DUID: 0003000100AA00BB00CC 
  Username : client_1
  Interface : Virtual-Access2
  IA PD: IA ID 0x00130001, T1 75, T2 135
    Prefix: 2001:0DB8:1:3::/80
            preferred lifetime 150, valid lifetime 300
            expires at Aug 07 2008 05:19 AM (225 seconds)

The following example shows that the PPP username associated with the binding is unassigned:

Device# show ipv6 dhcp binding 

Client: FE80::2AA:FF:FEBB:CC 
  DUID: 0003000100AA00BB00CC 
  Username : unassigned 
  Interface : Virtual-Access2 
  IA PD: IA ID 0x00130001, T1 150, T2 240 
    Prefix: 2001:0DB8:1:1::/80 
            preferred lifetime 300, valid lifetime 300 
            expires at Aug 11 2008 06:23 AM (233 seconds)

Related Commands


Command	Description
ipv6 dhcp server vrf enable	Enables the DHCPv6 server VRF-aware feature.
clear ipv6 dhcp binding	Deletes automatic client bindings from the DHCP for IPv6 binding table.

show ipv6 dhcp conflict

To display address conflicts found by a Dynamic Host Configuration Protocol for IPv6 (DHCPv6) server when addresses are offered to the client, use the show ipv6 dhcp conflict command in privileged EXEC mode.

show ipv6 dhcp conflict [ipv6-address] [vrf vrf-name]

Syntax Description


`ipv6-address`	(Optional) The address of a DHCP for IPv6 client.
vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

When you configure the DHCPv6 server to detect conflicts, it uses ping. The client uses neighbor discovery to detect clients and reports to the server through a DECLINE message. If an address conflict is detected, the address is removed from the pool, and the address is not assigned until the administrator removes the address from the conflict list.

Examples

The following is a sample output from the show ipv6 dhcp conflict command. This command shows the pool and prefix values for DHCP conflicts.:


Device# show ipv6 dhcp conflict
Pool 350, prefix 2001:0DB8:1005::/48
	    2001:0DB8:1005::10

Related Commands


Command	Description
clear ipv6 dhcp conflict	Clears an address conflict from the DHCPv6 server database.

show ipv6 dhcp database

To display the Dynamic Host Configuration Protocol (DHCP) for IPv6 binding database agent information, use the show ipv6 dhcp database command in user EXEC or privileged EXEC mode.

show ipv6 dhcp database [agent-URL]

Syntax Description


`agent-URL`	(Optional) A flash, NVRAM, FTP, TFTP, or remote copy protocol (RCP) uniform resource locator.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Each permanent storage to which the binding database is saved is called the database agent. An agent can be configured using the ipv6 dhcp database command. Supported database agents include FTP and TFTP servers, RCP, Flash file system, and NVRAM.

The show ipv6 dhcp database command displays DHCP for IPv6 binding database agent information. If the agent-URL argument is specified, only the specified agent is displayed. If the agent-URL argument is not specified, all database agents are shown.

Examples

The following is sample output from the show ipv6 dhcp database command:


Device# show ipv6 dhcp database 
Database agent tftp://172.19.216.133/db.tftp:
  write delay: 69 seconds, transfer timeout: 300 seconds
  last written at Jan 09 2003 01:54 PM,
     write timer expires in 56 seconds
  last read at Jan 06 2003 05:41 PM
  successful read times 1
  failed read times 0
  successful write times 3172
  failed write times 2
Database agent nvram:/dhcpv6-binding:
  write delay: 60 seconds, transfer timeout: 300 seconds
  last written at Jan 09 2003 01:54 PM,
     write timer expires in 37 seconds
  last read at never
  successful read times 0
  failed read times 0
  successful write times 3325
  failed write times 0
Database agent flash:/dhcpv6-db:
  write delay: 82 seconds, transfer timeout: 3 seconds
  last written at Jan 09 2003 01:54 PM,
    write timer expires in 50 seconds
  last read at never
  successful read times 0
  failed read times 0
  successful write times 2220
  failed write times 614

The table below describes the significant fields shown in the display.

Table 8. show ipv6 dhcp database Field Descriptions
Field	Description
Database agent	Specifies the database agent.
Write delay	The amount of time (in seconds) to wait before updating the database.
transfer timeout	Specifies how long (in seconds) the DHCP server should wait before canceling a database transfer. Transfers that exceed the timeout period are canceled.
Last written	The last date and time bindings were written to the file server.
Write timer expires...	The length of time, in seconds, before the write timer expires.
Last read	The last date and time bindings were read from the file server.
Successful/failed read times	The number of successful or failed read times.
Successful/failed write times	The number of successful or failed write times.

Related Commands


Command	Description
ipv6 dhcp database	Specifies DHCP for IPv6 binding database agent parameters.

show ipv6 dhcp guard policy

To display Dynamic Host Configuration Protocol for IPv6 (DHCPv6) guard information, use the show ipv6 dhcp guard policy command in privileged EXEC mode.

show ipv6 dhcp guard policy [policy-name]

Syntax Description


`policy-name`	(Optional) DHCPv6 guard policy name.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

If the policy-name argument is specified, only the specified policy information is displayed. If the policy-name argument is not specified, information is displayed for all policies.

Examples

The following is sample output from the show ipv6 dhcp guard guard command:


Device# show ipv6 dhcp guard policy

Dhcp guard policy: default
        Device Role: dhcp client
        Target: Et0/3 

Dhcp guard policy: test1
        Device Role: dhcp server
        Target: vlan 0    vlan 1    vlan 2    vlan 3    vlan 4   
        Max Preference: 200
        Min Preference: 0
        Source Address Match Access List: acl1
        Prefix List Match Prefix List: pfxlist1

Dhcp guard policy: test2
        Device Role: dhcp relay
        Target: Et0/0 Et0/1 Et0/2

The table below describes the significant fields shown in the display.

Table 9. show ipv6 dhcp guard Field Descriptions
Field	Description
Device Role	The role of the device. The role is either client, server or relay.
Target	The name of the target. The target is either an interface or a VLAN.

Related Commands


Command	Description
ipv6 dhcp guard policy	Defines the DHCPv6 guard policy name.

show ipv6 dhcp interface

To display Dynamic Host Configuration Protocol (DHCP) for IPv6 interface information, use the show ipv6 dhcp interface command in user EXEC or privileged EXEC mode.

show ipv6 dhcp interface [type number]

Syntax Description


`type` `number`	(Optional) Interface type and number. For more information, use the question mark (? ) online help function.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

If no interfaces are specified, all interfaces on which DHCP for IPv6 (client or server) is enabled are shown. If an interface is specified, only information about the specified interface is displayed.

Examples

The following is sample output from the show ipv6 dhcp interface command. In the first example, the command is used on a router that has an interface acting as a DHCP for IPv6 server. In the second example, the command is used on a router that has an interface acting as a DHCP for IPv6 client:


Device# show ipv6 dhcp interface
Ethernet2/1 is in server mode
  Using pool: svr-p1
  Preference value: 20
  Rapid-Commit is disabled
Router2# show ipv6 dhcp interface
Ethernet2/1 is in client mode
  State is OPEN (1)
  List of known servers:
    Address: FE80::202:FCFF:FEA1:7439, DUID 000300010002FCA17400
    Preference: 20
      IA PD: IA ID 0x00040001, T1 120, T2 192
        Prefix: 3FFE:C00:C18:1::/72
                preferred lifetime 240, valid lifetime 54321
                expires at Nov 08 2002 09:10 AM (54319 seconds)
        Prefix: 3FFE:C00:C18:2::/72
                preferred lifetime 300, valid lifetime 54333
                expires at Nov 08 2002 09:11 AM (54331 seconds)
        Prefix: 3FFE:C00:C18:3::/72
                preferred lifetime 280, valid lifetime 51111
                expires at Nov 08 2002 08:17 AM (51109 seconds)
      DNS server: 1001::1
      DNS server: 1001::2
      Domain name: domain1.net
      Domain name: domain2.net 
      Domain name: domain3.net
    Prefix name is cli-p1
    Rapid-Commit is enabled

The table below describes the significant fields shown in the display.

Table 10. show ipv6 dhcp interface Field Descriptions
Field	Description
Ethernet2/1 is in server/client mode	Displays whether the specified interface is in server or client mode.
Preference value:	The advertised (or default of 0) preference value for the indicated server.
Prefix name is cli-p1	Displays the IPv6 general prefix pool name, in which prefixes successfully acquired on this interface are stored.
Using pool: svr-p1	The name of the pool that is being used by the interface.
State is OPEN	State of the DHCP for IPv6 client on this interface. "Open" indicates that configuration information has been received.
List of known servers	Lists the servers on the interface.
Address, DUID	Address and DHCP unique identifier (DUID) of a server heard on the specified interface.
Rapid commit is disabled	Displays whether the rapid-commit keyword has been enabled on the interface.

The following example shows the DHCP for IPv6 relay agent configuration on FastEthernet interface 0/0, and use of the show ipv6 dhcp interface command displays relay agent information on FastEthernet interface 0/0:


Device(config-if)# ipv6 dhcp relay destination FE80::250:A2FF:FEBF:A056 FastEthernet0/1
Device# show ipv6 dhcp interface FastEthernet 0/0
FastEthernet0/0 is in relay mode 
  Relay destinations:
    FE80::250:A2FF:FEBF:A056 via FastEthernet0/1

Related Commands


Command	Description
ipv6 dhcp client pd	Enables the DHCP for IPv6 client process and enables requests for prefix delegation through a specified interface.
ipv6 dhcp relay destination	Specifies a destination address to which client messages are forwarded and enables DHCP for IPv6 relay service on the interface.
ipv6 dhcp server	Enables DHCP for IPv6 service on an interface.

show ipv6 dhcp relay binding

To display DHCPv6 Internet Assigned Numbers Authority (IANA) and DHCPv6 Identity Association for Prefix Delegation (IAPD) bindings on a relay agent, use the show ipv6 dhcp relay binding command in user EXEC or privileged EXEC mode.

show ipv6 dhcp relay binding [vrf vrf-name]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

If the vrf vrf-name keyword-argument pair is specified, all bindings belonging to the specified VRF are displayed.

Note

Only the DHCPv6 IAPD bindings on a relay agent are displayed on the Cisco uBR10012 and Cisco uBR7200 series universal broadband devices.

Examples

The following is sample output from the show ipv6 dhcp relay binding command:


Device#  show ipv6 dhcp relay binding

The following example shows output from the show ipv6 dhcp relay binding command with a specified VRF name on a Cisco uBR10012 universal broadband device:


Device# show ipv6 dhcp relay binding vrf vrf1

Prefix: 2001:DB8:0:1:/64 (Bundle100.600)
  DUID: 000300010023BED94D31
  IAID: 3201912114
  lifetime: 600

The table below describes the significant fields shown in the display.

Table 11. show ipv6 dhcp relay binding Field Descriptions
Field	Description
Prefix	IPv6 prefix for DHCP.
DUID	DHCP Unique Identifier (DUID) for the IPv6 relay binding.
IAID	Identity Association Identification (IAID) for DHCP.
lifetime	Lifetime of the prefix, in seconds.

Related Commands


Command	Description
clear ipv6 dhcp relay binding	Clears a specific IPv6 address or IPv6 prefix of a DHCP for IPv6 relay binding.
debug ipv6 dhcp relay	Enables debugging for IPv6 DHCP relay agent.
debug ipv6 dhcp relay bulk-lease	Enables bulk lease query debugging for IPv6 DHCP relay agent.

show ipv6 eigrp events

To display Enhanced Interior Gateway Routing Protocol (EIGRP) events logged for IPv6, use the show ipv6 eigrp events command in user EXEC or privileged EXEC mode.

show ipv6 eigrp events [ [errmsg | sia] [event-num-start event-num-end] | type]

Syntax Description


errmsg	(Optional) Displays error messages being logged.
sia	(Optional) Displays Stuck In Active (SIA) messages.
`event-num-start`	(Optional) Starting number of the event range. The range is from 1 to 4294967295.
`event-num-end`	(Optional) Ending number of the event range. The range is from 1 to 4294967295.
type	(Optional) Displays event types being logged.

Command Default

If no event range is specified, information for all IPv6 EIGRP events is displayed.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The show ipv6 eigrp events command is used to analyze a network failure by the Cisco support team and is not intended for general use. This command provides internal state information about EIGRP and how it processes route notifications and changes.

Examples

The following is sample output from the show ipv6 eigrp events command. The fields are self-explanatory.


Device# show ipv6 eigrp events
Event information for AS 65535:
1    00:56:41.719 State change: Successor Origin Local origin
2    00:56:41.719 Metric set: 2555:5555::/32 4294967295
3    00:56:41.719 Poison squashed: 2555:5555::/32 lost if
4    00:56:41.719 Poison squashed: 2555:5555::/32 rt gone
5    00:56:41.719 Route installing: 2555:5555::/32 FE80::ABCD:4:EF00:1
6    00:56:41.719 RDB delete: 2555:5555::/32 FE80::ABCD:4:EF00:2
7    00:56:41.719 Send reply: 2555:5555::/32 FE80::ABCD:4:EF00:1
8    00:56:41.719 Find FS: 2555:5555::/32 4294967295
9    00:56:41.719 Free reply status: 2555:5555::/32
10   00:56:41.719 Clr handle num/bits: 0 0x0
11   00:56:41.719 Clr handle dest/cnt: 2555:5555::/32 0
12   00:56:41.719 Rcv reply met/succ met: 4294967295 4294967295
13   00:56:41.719 Rcv reply dest/nh: 2555:5555::/32 FE80::ABCD:4:EF00:2
14   00:56:41.687 Send reply: 2555:5555::/32 FE80::ABCD:4:EF00:2
15   00:56:41.687 Rcv query met/succ met: 4294967295 4294967295
16   00:56:41.687 Rcv query dest/nh: 2555:5555::/32 FE80::ABCD:4:EF00:2
17   00:56:41.687 State change: Local origin Successor Origin
18   00:56:41.687 Metric set: 2555:5555::/32 4294967295
19   00:56:41.687 Active net/peers: 2555:5555::/32 65536
20   00:56:41.687 FC not sat Dmin/met: 4294967295 2588160
21   00:56:41.687 Find FS: 2555:5555::/32 2588160
22   00:56:41.687 Rcv query met/succ met: 4294967295 4294967295
23   00:56:41.687 Rcv query dest/nh: 2555:5555::/32 FE80::ABCD:4:EF00:1
24   00:56:41.659 Change queue emptied, entries: 1
25   00:56:41.659 Metric set: 2555:5555::/32 2588160

Related Commands


Command	Description
clear ipv6 eigrp	Deletes entries from EIGRP for IPv6 routing tables.
debug ipv6 eigrp	Displays information about EIGRP for IPv6 protocol.
ipv6 eigrp	Enables EIGRP for IPv6 on a specified interface.

show ipv6 eigrp interfaces

To display information about interfaces configured for the Enhanced Interior Gateway Routing Protocol (EIGRP) in IPv6 topologies, use the show ipv6 eigrp interfaces command in user EXEC or privileged EXEC mode.

show ipv6 eigrp [as-number] interfaces [type number] [detail]

Syntax Description


`as-number`	(Optional) Autonomous system number.
`type`	(Optional) Interface type. For more information, use the question mark (?) online help function.
`number`	(Optional) Interface number. For more information about the numbering syntax for your networking device, use the question mark (?) online help function.
detail	(Optional) Displays detailed interface information.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the show ipv6 eigrp interfaces command to determine the interfaces on which EIGRP is active and to get information about EIGRP processes related to those interfaces. The optional type number argument and the detail keyword can be entered in any order.

If an interface is specified, only that interface is displayed. Otherwise, all interfaces on which EIGRP is running are displayed.

If an autonomous system is specified, only the routing process for the specified autonomous system is displayed. Otherwise, all EIGRP processes are displayed.

Examples

The following is sample output from the show ipv6 eigrp interfaces command:


Device# show ipv6 eigrp 1 interfaces

IPv6-EIGRP interfaces for process 1
                     Xmit Queue    Mean    Pacing Time    Multicast     Pending
Interface    Peers   Un/Reliable   SRTT    Un/Reliable    Flow Timer    Routes
Et0/0         0         0/0           0        0/10            0          0

The following is sample output from the show ipv6 eigrp interfaces detail command:

Device# show ipv6 eigrp interfaces detail

IPv6-EIGRP interfaces for process 1
                     Xmit Queue    Mean    Pacing Time    Multicast    Pending
Interface    Peers   Un/Reliable   SRTT    Un/Reliable    Flow Timer    Routes
Et0/0          0        0/0           0        0/10            0           0
Hello interval is 5 sec
Next xmit serial <none>
Un/reliable mcasts: 0/0 Un/reliable ucasts: 0/0
Mcast exceptions: 0 CR packets: 0 ACKs suppressed: 0
Retransmissions sent: 0 Out-of-sequence rcvd: 0
Authentication mode is not set

The following sample output from the show ipv6 eigrp interface detail command displays detailed information about a specific interface on which the no ipv6 next-hop self command is configured with the no-ecmp-mode option:


DeviceDevice# show ipv6 eigrp interfaces detail tunnel 0

EIGRP-IPv6 Interfaces for AS(1)
                        Xmit Queue   PeerQ        Mean   Pacing Time   Multicast   Pending 
Interface        Peers  Un/Reliable  Un/Reliable  SRTT   Un/Reliable   Flow Timer   Routes
Tu0/0              2        0/0       0/0         	29       0/0         136           0
Hello-interval is 5, Hold-time is 15
  Split-horizon is disabled
  Next xmit serial <none>
  Packetized sent/expedited: 48/1
  Hello's sent/expedited: 13119/49
  Un/reliable mcasts: 0/20  Un/reliable ucasts: 31/398
  Mcast exceptions: 5  CR packets: 5  ACKs suppressed: 1
  Retransmissions sent: 355  Out-of-sequence rcvd: 6
		Next-hop-self disabled, next-hop info forwarded, ECMP mode Enabled
  Topology-ids on interface - 0 
  Authentication mode is not set

The table below describes the significant fields shown in the displays.

Table 12. show ipv6 eigrp interfaces Field Descriptions
Field	Description
Interface	Interface over which EIGRP is configured.
Peers	Number of directly connected EIGRP neighbors.
Xmit Queue Un/Reliable	Number of packets remaining in the Unreliable and Reliable transmit queues.
Mean SRTT	Mean smooth round-trip time (SRTT) interval (in seconds).
Pacing Time Un/Reliable	Pacing time (in seconds) used to determine when EIGRP packets (unreliable and reliable) should be sent out of the interface.
Multicast Flow Timer	Maximum number of seconds in which the device will send multicast EIGRP packets.
Pending Routes	Number of routes in the transmit queue waiting to be sent.
Hello interval is 5 sec	Length (in seconds) of the hello interval.

show ipv6 eigrp topology

To display Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 topology table entries, use the show ipv6 eigrp topology command in user EXEC or privileged EXEC mode.

Syntax Description


`as-number`	(Optional) Autonomous system number.
`ipv6-address`	(Optional) IPv6 address.
active	(Optional) Displays only active entries in the EIGRP topology table.
all-links	(Optional) Displays all entries in the EIGRP topology table (including nonfeasible-successor sources).
pending	(Optional) Displays all entries in the EIGRP topology table that are either waiting for an update from a neighbor or waiting to reply to a neighbor.
summary	(Optional) Displays a summary of the EIGRP topology table.
zero-successors	(Optional) Displays the available routes that have zero successors.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

If this command is used without any keywords or arguments, only routes that are feasible successors are displayed. The show ipv6 eigrp topology command can be used to determine Diffusing Update Algorithm (DUAL) states and to debug possible DUAL problems.

Examples

The following is sample output from the show ipv6 eigrp topology command. The fields in the display are self-explanatory.


Device# show ipv6 eigrp topology

IPv6-EIGRP Topology Table for AS(1)/ID(2001:0DB8:10::/64)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 2001:0DB8:3::/64, 1 successors, FD is 281600
via Connected, Ethernet1/0

The following sample output from the show ipv6 eigrp topology prefix command displays ECMP mode information when the no ipv6 next-hop-self command is configured without the no-ecmp-mode option in the EIGRP topology. The ECMP mode provides information about the path that is being advertised. If there is more than one successor, the top most path will be advertised as the default path over all interfaces, and the message “ECMP Mode: Advertise by default” will be displayed in the output. If any path other than the default path is advertised, the message “ECMP Mode: Advertise out <Interface name>” will be displayed. The fields in the display are self-explanatory.


Device# show ipv6 eigrp topology 2001:DB8:10::1/128

EIGRP-IPv6 Topology Entry for AS(1)/ID(192.0.2.100) for 2001:DB8:10::1/128
  State is Passive, Query origin flag is 1, 2 Successor(s), FD is 284160
  Descriptor Blocks:
  FE80::A8BB:CCFF:FE01:2E01 (Tunnel0), from FE80::A8BB:CCFF:FE01:2E01, Send flag is 0x0
      Composite metric is (284160/281600), route is Internal
      Vector metric:
        Minimum bandwidth is 10000 Kbit
        Total delay is 1100 microseconds
        Reliability is 255/255
        Load is ½55
        Minimum MTU is 1400
        Hop count is 1
        Originating router is 10.10.1.1
      ECMP Mode: Advertise by default
FE80::A8BB:CCFF:FE01:3E01 (Tunnel1), from FE80::A8BB:CCFF:FE01:3E01, Send flag is 0x0
      Composite metric is (284160/281600), route is Internal
      Vector metric:
        Minimum bandwidth is 10000 Kbit
        Total delay is 1100 microseconds
        Reliability is 255/255
        Load is ½55
        Minimum MTU is 1400
        Hop count is 1
								Originating router is 10.10.2.2
      ECMP Mode: Advertise out Tunnel1

Related Commands


Command	Description
show eigrp address-family topology	Displays entries in the EIGRP topology table.

show ipv6 eigrp traffic

To display the number of Enhanced Interior Gateway Routing Protocol (EIGRP) for IPv6 packets sent and received, use the show ipv6 eigrp traffic command in user EXEC or privileged EXEC mode.

show ipv6 eigrp traffic [as-number]

Syntax Description


`as-number`	(Optional) Autonomous system number.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the show ipv6 eigrp traffic command to provide information on packets received and sent.

Examples

The following is sample output from the show ipv6 eigrp traffic command:


Device# show ipv6 eigrp traffic
IPv6-EIGRP Traffic Statistics for process 9
 Hellos sent/received: 218/205
 Updates sent/received: 7/23
 Queries sent/received: 2/0
 Replies sent/received: 0/2
 Acks sent/received: 21/14

The table below describes the significant fields shown in the display.

Table 13. show ipv6 eigrp traffic Field Descriptions
Field	Description
process 9	Autonomous system number specified in the ipv6 router eigrp command.
Hellos sent/received	Number of hello packets sent and received.
Updates sent/received	Number of update packets sent and received.
Queries sent/received	Number of query packets sent and received.
Replies sent/received	Number of reply packets sent and received.
Acks sent/received	Number of acknowledgment packets sent and received.

Related Commands


Command	Description
ipv6 router eigrp	Configures the EIGRP for IPv6 routing process.

show ipv6 general-prefix

To display information on IPv6 general prefixes, use the show ipv6 general-prefix command in user EXEC or privileged EXEC mode.

show ipv6 general-prefix

Syntax Description

This command has no arguments or keywords.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the show ipv6 general-prefix command to view information on IPv6 general prefixes.

Examples

The following example shows an IPv6 general prefix called my-prefix, which has been defined based on a 6to4 interface. The general prefix is also being used to define an address on interface loopback42.


Device# show ipv6 general-prefix
IPv6 Prefix my-prefix, acquired via 6to4
2002:B0B:B0B::/48
 Loopback42 (Address command)

The table below describes the significant fields shown in the display.

Table 14. show ipv6 general-prefix Field Descriptions
Field	Description
IPv6 Prefix	User-defined name of the IPv6 general prefix.
Acquired via	The general prefix has been defined based on a 6to4 interface. A general prefix can also be defined manually or acquired using DHCP for IPv6 prefix delegation.
2002:B0B:B0B::/48	The prefix value for this general prefix.
Loopback42 (Address command)	List of interfaces where this general prefix is used.

Related Commands


Command	Description
ipv6 general-prefix	Defines a general prefix for an IPv6 address manually.

show ipv6 interface

To display the usability status of interfaces configured for IPv6, use the show ipv6 interface command in user EXEC or privileged EXEC mode.

show ipv6 interface [brief ] [type number] [prefix]

Syntax Description


brief	(Optional) Displays a brief summary of IPv6 status and configuration for each interface.
`type`	(Optional) The interface type about which to display information.
`number`	(Optional) The interface number about which to display information.
prefix	(Optional) Prefix generated from a local IPv6 prefix pool.

Command Default

All IPv6 interfaces are displayed.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The show ipv6 interface command provides output similar to the show ip interface command, except that it is IPv6-specific.

Use the show ipv6 interface command to validate the IPv6 status of an interface and its configured addresses. The show ipv6 interface command also displays the parameters that IPv6 is using for operation on this interface and any configured features.

If the interface’s hardware is usable, the interface is marked up. If the interface can provide two-way communication for IPv6, the line protocol is marked up.

If you specify an optional interface type and number, the command displays information only about that specific interface. For a specific interface, you can enter the prefix keyword to see the IPv6 neighbor discovery (ND) prefixes that are configured on the interface.

Examples

The show ipv6 interface command displays information about the specified interface.


Device(config)# show ipv6 interface ethernet0/0    
Ethernet0/0 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::A8BB:CCFF:FE00:6700 
  No Virtual link-local address(es):
  Global unicast address(es):
    2001::1, subnet is 2001::/64 [DUP]
    2001::A8BB:CCFF:FE00:6700, subnet is 2001::/64 [EUI]
    2001:100::1, subnet is 2001:100::/64 
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FF00:1
    FF02::1:FF00:6700
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds (using 30000)
  ND advertised reachable time is 0 (unspecified)
  ND advertised retransmit interval is 0 (unspecified)
  ND router advertisements are sent every 200 seconds
  ND router advertisements live for 1800 seconds
  ND advertised default router preference is Medium
  Hosts use stateless autoconfig for addresses.

The table below describes the significant fields shown in the display.

Table 15. show ipv6 interface Field Descriptions
Field	Description
Ethernet0/0 is up, line protocol is up	Indicates whether the interface hardware is active (whether line signal is present) and whether it has been taken down by an administrator. If the interface hardware is usable, the interface is marked "up." For an interface to be usable, both the interface hardware and line protocol must be up.
line protocol is up, down (down is not shown in sample output)	Indicates whether the software processes that handle the line protocol consider the line usable (that is, whether keepalives are successful or IPv6 CP has been negotiated). If the interface can provide two-way communication, the line protocol is marked up. For an interface to be usable, both the interface hardware and line protocol must be up.
IPv6 is enabled, stalled, disabled (stalled and disabled are not shown in sample output)	Indicates that IPv6 is enabled, stalled, or disabled on the interface. If IPv6 is enabled, the interface is marked "enabled." If duplicate address detection processing identified the link-local address of the interface as being a duplicate address, the processing of IPv6 packets is disabled on the interface and the interface is marked "stalled." If IPv6 is not enabled, the interface is marked "disabled."
link-local address	Displays the link-local address assigned to the interface.
Global unicast address(es):	Displays the global unicast addresses assigned to the interface.
Joined group address(es):	Indicates the multicast groups to which this interface belongs.
MTU	Maximum transmission unit of the interface.
ICMP error messages	Specifies the minimum interval (in milliseconds) between error messages sent on this interface.
ICMP redirects	The state of Internet Control Message Protocol (ICMP) IPv6 redirect messages on the interface (the sending of the messages is enabled or disabled).
ND DAD	The state of duplicate address detection on the interface (enabled or disabled).
number of DAD attempts:	Number of consecutive neighbor solicitation messages that are sent on the interface while duplicate address detection is performed.
ND reachable time	Displays the neighbor discovery reachable time (in milliseconds) assigned to this interface.
ND advertised reachable time	Displays the neighbor discovery reachable time (in milliseconds) advertised on this interface.
ND advertised retransmit interval	Displays the neighbor discovery retransmit interval (in milliseconds) advertised on this interface.
ND router advertisements	Specifies the interval (in seconds) for neighbor discovery router advertisements (RAs) sent on this interface and the amount of time before the advertisements expire. As of Cisco IOS Release 12.4(2)T, this field displays the default router preference (DRP) value sent by this device on this interface.
ND advertised default router preference is Medium	The DRP for the device on a specific interface.

Examples

The show ipv6 interface command displays information about attributes that may be associated with an IPv6 address assigned to the interface.


Attribute	Description
ANY	Anycast. The address is an anycast address, as specified when configured using the ipv6 address command.
CAL	Calendar. The address is timed and has valid and preferred lifetimes.
DEP	Deprecated. The timed address is deprecated.
DUP	Duplicate. The address is a duplicate, as determined by duplicate address detection (DAD). To re-attampt DAD, the user must use the shutdown or no shutdown command on the interface.
EUI	EUI-64 based. The address was generated using EUI-64.
OFF	Offlink. The address is offlink.
OOD	Overly optimistic DAD. DAD will not be performed for this address. This attribute applies to virtual addresses.
PRE	Preferred. The timed address is preferred.
TEN	Tentative. The address is in a tentative state per DAD.
UNA	Unactivated. The virtual address is not active and is in a standby state.
VIRT	Virtual. The address is virtual and is managed by HSRP, VRRP, or GLBP.

The following is sample output from the show ipv6 interface command when entered with the brief keyword:


Device# show ipv6 interface brief
Ethernet0 is up, line protocol is up
Ethernet0                  [up/up]
    unassigned
Ethernet1                  [up/up]
    2001:0DB8:1000:/29
Ethernet2                  [up/up]
    2001:0DB8:2000:/29
Ethernet3                  [up/up]
    2001:0DB8:3000:/29
Ethernet4                  [up/down]
    2001:0DB8:4000:/29
Ethernet5                  [administratively down/down]
    2001:123::210:7BFF:FEC2:ACD8
Interface         Status                IPv6 Address
Ethernet0         up                    3FFE:C00:0:1:260:3EFF:FE11:6770
Ethernet1         up                    unassigned
Fddi0             up                    3FFE:C00:0:2:260:3EFF:FE11:6772
Serial0           administratively down unassigned
Serial1           administratively down unassigned
Serial2           administratively down unassigned
Serial3           administratively down unassigned
Tunnel0           up                    unnumbered (Ethernet0)
Tunnel1           up                    3FFE:700:20:1::12

Examples

This sample output shows the characteristics of an interface that has generated a prefix from a local IPv6 prefix pool:


Device# show ipv6 interface Ethernet 0/0 prefix
 
interface Ethernet0/0
 ipv6 address 2001:0DB8::1/64
 ipv6 address 2001:0DB8::2/64
 ipv6 nd prefix 2001:0DB8:2::/64
 ipv6 nd prefix 2001:0DB8:3::/64 2592000 604800 off-link
end
.
.
.
IPv6 Prefix Advertisements Ethernet0/0
Codes: A - Address, P - Prefix-Advertisement, O - Pool
       U - Per-user prefix, D - Default
       N - Not advertised, C - Calendar
     default [LA] Valid lifetime 2592000, preferred lifetime 604800
AD   2001:0DB8:1::/64 [LA] Valid lifetime 2592000, preferred lifetime 604800
APD  2001:0DB8:2::/64 [LA] Valid lifetime 2592000, preferred lifetime 604800
P    2001:0DB8:3::/64 [A] Valid lifetime 2592000, preferred lifetime 604800

The default prefix shows the parameters that are configured using the ipv6 nd prefix default command.

Examples

This sample output shows the state of the DRP preference value as advertised by this device through an interface:


Device# show ipv6 interface gigabitethernet 0/1
  GigabitEthernet0/1 is up, line protocol is up
    IPv6 is enabled, link-local address is FE80::130
    Description: Management network (dual stack)
    Global unicast address(es):
      FEC0:240:104:1000::130, subnet is FEC0:240:104:1000::/64
    Joined group address(es):
      FF02::1
      FF02::2
      FF02::1:FF00:130
    MTU is 1500 bytes
    ICMP error messages limited to one every 100 milliseconds
    ICMP redirects are enabled
    ND DAD is enabled, number of DAD attempts: 1
    ND reachable time is 30000 milliseconds
    ND advertised reachable time is 0 milliseconds
    ND advertised retransmit interval is 0 milliseconds
    ND router advertisements are sent every 200 seconds
    ND router advertisements live for 1800 seconds
    ND advertised default router preference is Low
    Hosts use stateless autoconfig for addresses.

Examples

When HSRP IPv6 is first configured on an interface, the interface IPv6 link-local address is marked unactive (UNA) because it is no longer advertised, and the HSRP IPv6 virtual link-local address is added to the virtual link-local address list with the UNA and tentative DAD (TEN) attributes set. The interface is also programmed to listen for the HSRP IPv6 multicast address.

This sample output shows the status of UNA and TEN attributes, when HSRP IPv6 is configured on an interface:


Device# show ipv6 interface ethernet 0/0
Ethernet0/0 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80:2::2 [UNA]
  Virtual link-local address(es):
    FE80::205:73FF:FEA0:1 [UNA/TEN]
  Global unicast address(es):
    2001:2::2, subnet is 2001:2::/64 
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::66
    FF02::1:FF00:2
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ND DAD is enabled, number of DAD attempts: 1

After the HSRP group becomes active, the UNA and TEN attributes are cleared, and the overly optimistic DAD (OOD) attribute is set. The solicited node multicast address for the HSRP virtual IPv6 address is also added to the interface.

This sample output shows the status of UNA, TEN and OOD attributes, when HSRP group is activated:


# show ipv6 interface ethernet 0/0
Ethernet0/0 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80:2::2 [UNA]
  Virtual link-local address(es):
    FE80::205:73FF:FEA0:1 [OPT]
  Global unicast address(es):
    2001:2::2, subnet is 2001:2::/64 
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::66 
    FF02::1:FF00:2
    FF02::1:FFA0:1 
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ND DAD is enabled, number of DAD attempts: 1

The table below describes additional significant fields shown in the displays for the show ipv6 interface command with HSRP configured.

Table 16. show ipv6 interface Command with HSRP Configured Field Descriptions
Field	Description
IPv6 is enabled, link-local address is FE80:2::2 [UNA]	The interface IPv6 link-local address is marked UNA because it is no longer advertised.
FE80::205:73FF:FEA0:1 [UNA/TEN]	The virtual link-local address list with the UNA and TEN attributes set.
FF02::66	HSRP IPv6 multicast address.
FE80::205:73FF:FEA0:1 [OPT]	HSRP becomes active, and the HSRP virtual address marked OPT.
FF02::1:FFA0:1	HSRP solicited node multicast address.

Examples

When you enable Mobile IPv6 on an interface, you can configure a minimum interval between IPv6 router advertisement (RA) transmissions. The show ipv6 interface command output reports the minimum RA interval, when configured. If the minimum RA interval is not explicitly configured, then it is not displayed.

In the following example, the maximum RA interval is configured as 100 seconds, and the minimum RA interval is configured as 60 seconds on Ethernet interface 1/0:


Device(config-if)# ipv6 nd ra-interval 100 60

Subsequent use of the show ipv6 interface then displays the interval as follows:


Device(config)# show ipv6 interface ethernet 1/0 
Ethernet1/0 is administratively down, line protocol is down 
  IPv6 is enabled, link-local address is FE80::A8BB:CCFF:FE00:5A01 [TEN]
  No Virtual link-local address(es):
  No global unicast address is configured
  Joined group address(es):
    FF02::1
    FF02::2
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds
  ND advertised reachable time is 0 milliseconds
  ND advertised retransmit interval is 0 milliseconds
  ND router advertisements are sent every 60 to 100 seconds
  ND router advertisements live for 1800 seconds
  ND advertised default router preference is Medium
  Hosts use stateless autoconfig for addresses.

In the following example, the maximum RA interval is configured as 100 milliseconds (ms), and the minimum RA interval is configured as 60 ms on Ethernet interface 1/0:


Device(config)# show ipv6 interface ethernet 1/0 
Ethernet1/0 is administratively down, line protocol is down
  IPv6 is enabled, link-local address is FE80::A8BB:CCFF:FE00:5A01 [TEN]
  No Virtual link-local address(es):
  No global unicast address is configured
  Joined group address(es):
    FF02::1
    FF02::2
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds
  ND advertised reachable time is 0 milliseconds
  ND advertised retransmit interval is 0 milliseconds
  ND router advertisements are sent every 60 to 100 milliseconds
  ND router advertisements live for 1800 seconds
  ND advertised default router preference is Medium
  Hosts use stateless autoconfig for addresses.

The table below describes additional significant fields shown in the displays for the show ipv6 interface command with minimum RA interval information configured.

Table 17. show ipv6 interface Command with Minimum RA Interval Information Configuration Field Descriptions
Field	Description
ND router advertisements are sent every 60 to 100 seconds	ND RAs are sent at an interval randomly selected from a value between the minimum and maximum values. In this example, the minimum value is 60 seconds, and the maximum value is 100 seconds.
ND router advertisements are sent every 60 to 100 milliseconds	ND RAs are sent at an interval randomly selected from a value between the minimum and maximum values. In this example, the minimum value is 60 ms, and the maximum value is 100 ms.

Related Commands


Command	Description
ipv6 nd prefix	Configures which IPv6 prefixes are included in IPv6 router advertisements.
ipv6 nd ra interval	Configures the interval between IPv6 RA transmissions on an interface.
show ip interface	Displays the usability status of interfaces configured for IP.

show ipv6 mfib

To display the forwarding entries and interfaces in the IPv6 Multicast Forwarding Information Base (MFIB), use the show ipv6 mfib command in user EXEC or privileged EXEC mode.

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
all	(Optional) Displays all forwarding entries and interfaces in the IPv6 MFIB.
linkscope	(Optional) Displays the link-local groups.
verbose	(Optional) Provides additional information, such as the MAC encapsulation header and platform-specific information.
`ipv6-prefix`	(Optional) The IPv6 network assigned to the interface. The default IPv6 prefix is 128. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons.
/ `prefix-length`	(Optional) The length of the IPv6 prefix. A decimal value that indicates how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). A slash mark must precede the decimal value.
`group-address-name`	(Optional) IPv6 address or name of the multicast group.
`source-address-name`	(Optional) IPv6 address or name of the multicast group.
interface	(Optional) Interface settings and status.
status	(Optional) General settings and status.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the show ipv6 mfib command to display MFIB entries; and forwarding interfaces, and their traffic statistics. This command can be enabled on virtual IP (VIP) if the router is operating in distributed mode.

A forwarding entry in the MFIB has flags that determine the default forwarding and signaling behavior to use for packets matching the entry. The entry also has per-interface flags that further specify the forwarding behavior for packets received or forwarded on specific interfaces. The table below describes the MFIB forwarding entries and interface flags.

Table 18. MFIB Entries and Interface Flags
Flag	Description
F	Forward--Data is forwarded out of this interface.
A	Accept--Data received on this interface is accepted for forwarding.
IC	Internal copy--Deliver to the router a copy of the packets received or forwarded on this interface.
NS	Negate signal--Reverse the default entry signaling behavior for packets received on this interface.
DP	Do not preserve--When signaling the reception of a packet on this interface, do not preserve a copy of it (discard it instead).
SP	Signal present--The reception of a packet on this interface was just signaled.
S	Signal--By default, signal the reception of packets matching this entry.
C	Perform directly connected check for packets matching this entry. Signal the reception if packets were originated by a directly connected source.

Examples

The following example displays the forwarding entries and interfaces in the MFIB. The router is configured for fast switching, and it has a receiver joined to FF05::1 on Ethernet1/1 and a source (2001::1:1:20) sending on Ethernet1/2:


Device# show ipv6 mfib
IP Multicast Forwarding Information Base
Entry Flags: C - Directly Connected, S - Signal, IA - Inherit A flag,
             AR - Activity Required, D - Drop
Forwarding Counts: Pkt Count/Pkts per second/Avg Pkt Size/Kbits per second
Other counts: Total/RPF failed/Other drops
Interface Flags: A - Accept, F - Forward, NS - Negate Signalling 
             IC - Internal Copy, NP - Not platform switched
             SP - Signal Present
Interface Counts: FS Pkt Count/PS Pkt Count
(*,FF00::/8) Flags: C
   Forwarding: 0/0/0/0, Other: 0/0/0
   Tunnel0 Flags: NS
(*,FF00::/15) Flags: D
   Forwarding: 0/0/0/0, Other: 0/0/0
(*,FF05::1) Flags: C
   Forwarding: 2/0/100/0, Other: 0/0/0
   Tunnel0 Flags: A NS
   Ethernet1/1 Flags: F NS
     Pkts: 0/2
(2001::1:1:200,FF05::1) Flags:
   Forwarding: 5/0/100/0, Other: 0/0/0
   Ethernet1/2 Flags: A
   Ethernet1/1 Flags: F NS
     Pkts: 3/2
(*,FF10::/15) Flags: D
   Forwarding: 0/0/0/0, Other: 0/0/0

The table below describes the significant fields shown in the display.

Table 19. show ipv6 mfib Field Descriptions
Field	Description
Entry Flags	Information about the entry.
Forwarding Counts	Statistics on the packets that are received from and forwarded to at least one interface.
Pkt Count/	Total number of packets received and forwarded since the creation of the multicast forwarding state to which this counter applies.
Pkts per second/	Number of packets received and forwarded per second.
Avg Pkt Size/	Total number of bytes divided by the total number of packets for this multicast forwarding state. There is no direct display for the total number of bytes. You can calculate the total number of bytes by multiplying the average packet size by the packet count.
Kbits per second	Bytes per second divided by packets per second divided by 1000.
Other counts:	Statistics on the received packets. These counters include statistics about the packets received and forwarded and packets received but not forwarded.
Interface Flags:	Information about the interface.
Interface Counts:	Interface statistics.

The following example shows forwarding entries and interfaces in the MFIB, with a group address of FF03:1::1 specified:


Device# show ipv6 mfib FF03:1::1
IP Multicast Forwarding Information Base
Entry Flags:C - Directly Connected, S - Signal, IA - Inherit A
flag,
            AR - Activity Required, D - Drop
Forwarding Counts:Pkt Count/Pkts per second/Avg Pkt Size/Kbits per
second
Other counts:Total/RPF failed/Other drops
Interface Flags:A - Accept, F - Forward, NS - Negate Signalling 
             IC - Internal Copy, NP - Not platform switched
             SP - Signal Present
Interface Counts:FS Pkt Count/PS Pkt Count
*,FF03:1::1) Flags:C
  Forwarding:0/0/0/0, Other:0/0/0
  Tunnel1 Flags:A NS
  GigabitEthernet5/0.25 Flags:F NS
    Pkts:0/0
  GigabitEthernet5/0.24 Flags:F NS
    Pkts:0/0
(5002:1::2,FF03:1::1) Flags:
  Forwarding:71505/0/50/0, Other:42/0/42
  GigabitEthernet5/0 Flags:A
  GigabitEthernet5/0.19 Flags:F NS
    Pkts:239/24
  GigabitEthernet5/0.20 Flags:F NS
    Pkts:239/24
  GigabitEthernet5/0.21 Flags:F NS
    Pkts:238/24
.
.
.
GigabitEthernet5/0.16 Flags:F NS
Pkts:71628/24

The following example shows forwarding entries and interfaces in the MFIB, with a group address of FF03:1::1 and a source address of 5002:1::2 specified:


Device# show ipv6 mfib FF03:1::1 5002:1::2
 
IP Multicast Forwarding Information Base
Entry Flags:C - Directly Connected, S - Signal, IA - Inherit A flag,
             AR - Activity Required, D - Drop
Forwarding Counts:Pkt Count/Pkts per second/Avg Pkt Size/Kbits per second
Other counts:Total/RPF failed/Other drops
Interface Flags:A - Accept, F - Forward, NS - Negate Signalling 
             IC - Internal Copy, NP - Not platform switched
             SP - Signal Present
Interface Counts:FS Pkt Count/PS Pkt Count
(5002:1::2,FF03:1::1) Flags:
   Forwarding:71505/0/50/0, Other:42/0/42
   GigabitEthernet5/0 Flags:A
   GigabitEthernet5/0.19 Flags:F NS
     Pkts:239/24
   GigabitEthernet5/0.20 Flags:F NS
     Pkts:239/24
.
.
.
   GigabitEthernet5/0.16 Flags:F NS
     Pkts:71628/24

The following example shows forwarding entries and interfaces in the MFIB, with a group address of FF03:1::1 and a default prefix of 128:


Device# show ipv6 mfib FF03:1::1/128
IP Multicast Forwarding Information Base
Entry Flags:C - Directly Connected, S - Signal, IA - Inherit A flag,
             AR - Activity Required, D - Drop
Forwarding Counts:Pkt Count/Pkts per second/Avg Pkt Size/Kbits per second
Other counts:Total/RPF failed/Other drops
Interface Flags:A - Accept, F - Forward, NS - Negate Signalling 
             IC - Internal Copy, NP - Not platform switched
             SP - Signal Present
Interface Counts:FS Pkt Count/PS Pkt Count
(*,FF03:1::1) Flags:C
   Forwarding:0/0/0/0, Other:0/0/0
   Tunnel1 Flags:A NS
   GigabitEthernet5/0.25 Flags:F NS
     Pkts:0/0
   GigabitEthernet5/0.24 Flags:F NS
     Pkts:0/0
.
.
.
   GigabitEthernet5/0.16 Flags:F NS
     Pkts:0/0

The following example shows forwarding entries and interfaces in the MFIB, with a group address of FFE0 and a prefix of 15:


Device# show ipv6 mfib FFE0::/15
IP Multicast Forwarding Information Base
Entry Flags:C - Directly Connected, S - Signal, IA - Inherit A flag,
             AR - Activity Required, D - Drop
Forwarding Counts:Pkt Count/Pkts per second/Avg Pkt Size/Kbits per second
Other counts:Total/RPF failed/Other drops
Interface Flags:A - Accept, F - Forward, NS - Negate Signalling 
             IC - Internal Copy, NP - Not platform switched
             SP - Signal Present
Interface Counts:FS Pkt Count/PS Pkt Count
(*,FFE0::/15) Flags:D
   Forwarding:0/0/0/0, Other:0/0/0

The following example shows output of the show ipv6 mfib command used with the verbose keyword. It shows forwarding entries and interfaces in the MFIB and additional information such as the MAC encapsulation header and platform-specific information.


Device# show ipv6 mfib ff33::1:1 verbose
IP Multicast Forwarding Information Base
Entry Flags: C - Directly Connected, S - Signal, IA - Inherit A flag,
             AR - Activity Required, K - Keepalive
Forwarding Counts: Pkt Count/Pkts per second/Avg Pkt Size/Kbits per second
Other counts: Total/RPF failed/Other drops
Platform per slot HW-Forwarding Counts: Pkt Count/Byte Count
Platform flags: HF - Forwarding entry,HB - Bridge entry,HD - NonRPF Drop entry,
                NP - Not platform switchable,RPL - RPF-ltl linkage,
                MCG - Metset change,ERR - S/w Error Flag,RTY - In RetryQ,
                LP - L3 pending,MP - Met pending,AP - ACL pending
Interface Flags: A - Accept, F - Forward, NS - Negate Signalling 
             IC - Internal Copy, NP - Not platform switched
             SP - Signal Present
Interface Counts: Distributed FS Pkt Count/FS Pkt Count/PS Pkt Count
(10::2,FF33::1:1) Flags: K
   RP Forwarding: 0/0/0/0, Other: 0/0/0
   LC Forwarding: 0/0/0/0, Other: 0/0/0
   HW Forwd:   0/0/0/0, Other: NA/NA/NA
   Slot 6: HW Forwarding: 0/0, Platform Flags:  HF RPL
   Slot 1: HW Forwarding: 0/0, Platform Flags:  HF RPL
   Vlan10 Flags: A
   Vlan30 Flags: F NS
     Pkts: 0/0/0 MAC: 33330001000100D0FFFE180086DD

The table below describes the fields shown in the display.

Table 20. show ipv6 mfib verbose Field Descriptions
Field	Description
Platform flags	Information about the platform.
Platform per slot HW-Forwarding Counts	Total number of packets per bytes forwarded.

Related Commands


Command	Description
show ipv6 mfib active	Displays the rate at which active sources are sending to multicast groups.
show ipv6 mfib count	Displays summary traffic statistics from the MFIB about the group and source.
show ipv6 mfib interface	Displays information about IPv6 multicast-enabled interfaces and their forwarding status.
show ipv6 mfib status	Displays the general MFIB configuration and operational status.
show ipv6 mfib summary	Displays summary information about the number of IPv6 MFIB entries (including link-local groups) and interfaces.

show ipv6 mld groups

To display the multicast groups that are directly connected to the router and that were learned through Multicast Listener Discovery (MLD), use the show ipv6 mld groups command in user EXEC or privileged EXEC mode.

show ipv6 mld [vrf vrf-name] groups [link-local] [group-name | group-address] [interface-type interface-number] [detail | explicit]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
link-local	(Optional) Displays the link-local groups.
`group-name` \| `group-address`	(Optional) IPv6 address or name of the multicast group.
`interface-type` `interface-number`	(Optional) Interface type and number.
detail	(Optional) Displays detailed information about individual sources.
explicit	(Optional) Displays information about the hosts being explicitly tracked on each interface for each group.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

If you omit all optional arguments, the show ipv6 mld groups command displays by group address and interface type and number all directly connected multicast groups, including link-local groups (where the link-local keyword is not available) used.

Examples

The following is sample output from the show ipv6 mld groups command. It shows all of the groups joined by Fast Ethernet interface 2/1, including link-local groups used by network protocols.


Device# show ipv6 mld groups FastEthernet 2/1
MLD Connected Group Membership
Group Address          Interface           Uptime        Expires
FF02::2                FastEthernet2/1     3d18h         never
FF02::D                FastEthernet2/1     3d18h         never
FF02::16               FastEthernet2/1     3d18h         never
FF02::1:FF00:1         FastEthernet2/1     3d18h         00:00:27
FF02::1:FF00:79        FastEthernet2/1     3d18h         never
FF02::1:FF23:83C2      FastEthernet2/1     3d18h         00:00:22
FF02::1:FFAF:2C39      FastEthernet2/1     3d18h         never
FF06:7777::1           FastEthernet2/1     3d18h         00:00:26

The following is sample output from the show ipv6 mld groups command using the detail keyword:


Device# show ipv6 mld groups detail 
Interface:      Ethernet2/1/1 
Group:          FF33::1:1:1 
Uptime:         00:00:11 
Router mode:    INCLUDE 
Host mode:      INCLUDE 
Last reporter:  FE80::250:54FF:FE60:3B14 
Group source list: 
Source Address                          Uptime    Expires   Fwd  Flags 
2004:4::6                               00:00:11  00:04:08  Yes  Remote Ac 4

The following is sample output from the show ipv6 mld groups command using the explicit keyword:


Device# show ipv6 mld groups explicit
Ethernet1/0, FF05::1
    Up:00:43:11 EXCLUDE(0/1) Exp:00:03:17
    Host Address                            Uptime   Expires
    FE80::A8BB:CCFF:FE00:800                00:43:11 00:03:17
    Mode:EXCLUDE
Ethernet1/0, FF05::6
    Up:00:42:22 INCLUDE(1/0) Exp:not used
    Host Address                            Uptime   Expires
    FE80::A8BB:CCFF:FE00:800                00:42:22 00:03:17
    Mode:INCLUDE
        300::1
        300::2
        300::3
Ethernet1/0 - Interface
ff05::1 - Group address
Up:Uptime for the group
EXCLUDE/INCLUDE - The mode the group is in on the router.
(0/1) (1/0) - (Number of hosts in INCLUDE mode/Number of hosts in EXCLUDE moe)
Exp:Expiry time for the group.
FE80::A8BB:CCFF:FE00:800 - Host ipv6 address.
00:43:11 - Uptime for the host.
00:03:17 - Expiry time for the host
Mode:INCLUDE/EXCLUDE - Mode the Host is operating in.
300::1, 300::2, 300::3 - Sources that the host has joined in the above specified mode.

The table below describes the significant fields shown in the display.

Table 21. show ipv6 mld groups Field Descriptions
Field	Description
Group Address	Address of the multicast group.
Interface	Interface through which the group is reachable.
Uptime	How long (in hours, minutes, and seconds) this multicast group has been known.
Expires	How long (in hours, minutes, and seconds) until the entry is removed from the MLD groups table. The expiration timer shows "never" if the router itself has joined the group, and the expiration timer shows "not used" when the router mode of the group is INCLUDE. In this situation, the expiration timers on the source entries are used.
Last reporter:	Last host to report being a member of the multicast group.
Flags Ac 4	Flags counted toward the MLD state limits configured.

Related Commands


Command	Description
ipv6 mld query-interval	Configures the frequency at which the Cisco IOS software sends MLD host-query messages.

show ipv6 mld interface

To display multicast-related information about an interface, use the show ipv6 mld interface command in user EXEC or privileged EXEC mode.

show ipv6 mld [vrf vrf-name] interface [type number]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`type` `number`	(Optional) Interface type and number.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

If you omit the optional type and number arguments, the show ipv6 mld interface command displays information about all interfaces.

Examples

The following is sample output from the show ipv6 mld interface command for Ethernet interface 2/1/1:


Device# show ipv6 mld interface Ethernet 2/1/1 
Global State Limit : 2 active out of 2 max
Loopback0 is administratively down, line protocol is down
  Internet address is ::/0
. 
. 
. 
Ethernet2/1/1 is up, line protocol is up 
  Internet address is FE80::260:3EFF:FE86:5649/10 
  MLD is enabled on interface 
  Current MLD version is 2 
  MLD query interval is 125 seconds 
  MLD querier timeout is 255 seconds 
  MLD max query response time is 10 seconds 
  Last member query response interval is 1 seconds 
  Interface State Limit : 2 active out of 3 max 
  State Limit permit access list:
  MLD activity: 83 joins, 63 leaves
  MLD querying router is FE80::260:3EFF:FE86:5649 (this system)

The table below describes the significant fields shown in the display.

Table 22. show ipv6 mld interface Field Descriptions
Field	Description
Global State Limit: 2 active out of 2 max	Two globally configured MLD states are active.
Ethernet2/1/1 is up, line protocol is up	Interface type, number, and status.
Internet address is...	Internet address of the interface and subnet mask being applied to the interface.
MLD is enabled in interface	Indicates whether Multicast Listener Discovery (MLD) has been enabled on the interface with the ipv6 multicast-routing command.
Current MLD version is 2	The current MLD version.
MLD query interval is 125 seconds	Interval (in seconds) at which the Cisco IOS software sends MLD query messages, as specified with the ipv6 mld query-interval command.
MLD querier timeout is 255 seconds	The length of time (in seconds) before the router takes over as the querier for the interface, as specified with the ipv6 mld query-timeout command.
MLD max query response time is 10 seconds	The length of time (in seconds) that hosts have to answer an MLD Query message before the router deletes their group, as specified with the ipv6 mld query-max-response-time command.
Last member query response interval is 1 seconds	Used to calculate the maximum response code inserted in group and source-specific query. Also used to tune the "leave latency" of the link. A lower value results in reduced time to detect the last member leaving the group.
Interface State Limit : 2 active out of 3 max	Two out of three configured interface states are active.
State Limit permit access list: change	Activity for the state permit access list.
MLD activity: 83 joins, 63 leaves	Number of groups joins and leaves that have been received.
MLD querying router is FE80::260:3EFF:FE86:5649 (this system)	IPv6 address of the querying router.

Related Commands


Command	Description
ipv6 mld join-group	Configures MLD reporting for a specified group and source.
ipv6 mld query-interval	Configures the frequency at which the Cisco IOS software sends MLD host-query messages.

show ipv6 mld snooping

Use the show ipv6 mld snooping command in EXEC mode to display IP version 6 (IPv6) Multicast Listener Discovery (MLD) snooping configuration of the switch or the VLAN.

show ipv6 mld snooping [vlan vlan-id]

Syntax Description


vlan `vlan-id`	(Optional) Specify a VLAN; the range is 1 to 1001 and 1006 to 4094.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use this command to display MLD snooping configuration for the switch or for a specific VLAN.

VLAN numbers 1002 through 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in MLD snooping.

To configure the dual IPv4 and IPv6 template, enter the sdm prefer dual-ipv4-and-ipv6 global configuration command and reload the switch.

Examples

This is an example of output from the show ipv6 mld snooping vlan command. It shows snooping characteristics for a specific VLAN.


Device# show ipv6 mld snooping vlan 100
Global MLD Snooping configuration:
-------------------------------------------
MLD snooping : Enabled
MLDv2 snooping (minimal) : Enabled
Listener message suppression : Enabled
TCN solicit query : Disabled
TCN flood query count : 2
Robustness variable : 3
Last listener query count : 2
Last listener query interval : 1000
Vlan 100:
--------
MLD snooping : Disabled
MLDv1 immediate leave : Disabled
Explicit host tracking : Enabled
Multicast router learning mode : pim-dvmrp
Robustness variable : 3
Last listener query count : 2
Last listener query interval : 1000

This is an example of output from the show ipv6 mld snooping command. It displays snooping characteristics for all VLANs on the switch.


Device# show ipv6 mld snooping 
Global MLD Snooping configuration:
-------------------------------------------
MLD snooping : Enabled
MLDv2 snooping (minimal) : Enabled
Listener message suppression : Enabled
TCN solicit query : Disabled
TCN flood query count : 2
Robustness variable : 3
Last listener query count : 2
Last listener query interval : 1000
 
Vlan 1:
--------
MLD snooping : Disabled
MLDv1 immediate leave : Disabled
Explicit host tracking : Enabled
Multicast router learning mode : pim-dvmrp
Robustness variable : 1
Last listener query count : 2
Last listener query interval : 1000
 
<output truncated>
 
Vlan 951:
--------
MLD snooping : Disabled
MLDv1 immediate leave : Disabled
Explicit host tracking : Enabled
Multicast router learning mode : pim-dvmrp
Robustness variable : 3
Last listener query count : 2
Last listener query interval : 1000

Related Commands


Command	Description
ipv6 mld snooping	Enables and configures MLD snooping on the switch or on a VLAN.
sdm prefer	Configures an SDM template to optimize system resources based on how the switch is being used.

show ipv6 mld ssm-map

To display Source Specific Multicast (SSM) mapping information, use the show ipv6 mld ssm-map static command in user EXEC or privileged EXEC mode.

show ipv6 mld [vrf vrf-name] ssm-map [source-address]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`source-address`	(Optional) Source address associated with an MLD membership for a group identified by the access list.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

If the optional source-address argument is not used, all SSM mapping information is displayed.

Examples

The following example shows all SSM mappings for the router:


Device# show ipv6 mld ssm-map
SSM Mapping  : Enabled
DNS Lookup   : Enabled

The following examples show SSM mapping for the source address 2001:0DB8::1:


Device# show ipv6 mld ssm-map 2001:0DB8::1
 Group address  : 2001:0DB8::1
 Group mode ssm : TRUE
 Database       : STATIC
 Source list    : 2001:0DB8::2
                  2001:0DB8::3
Router# show ipv6 mld ssm-map 2001:0DB8::2
 Group address  : 2001:0DB8::2
 Group mode ssm : TRUE
 Database       : DNS
 Source list    : 2001:0DB8::3
                  2001:0DB8::1

The table below describes the significant fields shown in the displays.

Table 23. show ipv6 mld ssm-map Field Descriptions
Field	Description
SSM Mapping	The SSM mapping feature is enabled.
DNS Lookup	The DNS lookup feature is automatically enabled when the SSM mapping feature is enabled.
Group address	Group address identified by a specific access list.
Group mode ssm : TRUE	The identified group is functioning in SSM mode.
Database : STATIC	The router is configured to determine source addresses by checking static SSM mapping configurations.
Database : DNS	The router is configured to determine source addresses using DNS-based SSM mapping.
Source list	Source address associated with a group identified by the access list.

Related Commands


Command	Description
debug ipv6 mld ssm-map	Displays debug messages for SSM mapping.
ipv6 mld ssm-map enable	Enables the SSM mapping feature for groups in the configured SSM range
ipv6 mld ssm-map query dns	Enables DNS-based SSM mapping.
ipv6 mld ssm-map static	Configures static SSM mappings.

show ipv6 mld traffic

To display the Multicast Listener Discovery (MLD) traffic counters, use the show ipv6 mld traffic command in user EXEC or privileged EXEC mode.

show ipv6 mld [vrf vrf-name] traffic

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the show ipv6 mld traffic command to check if the expected number of MLD protocol messages have been received and sent.

Examples

The following example displays the MLD protocol messages received and sent.


Device# show ipv6 mld traffic
 
MLD Traffic Counters
Elapsed time since counters cleared:00:00:21
                              Received     Sent
Valid MLD Packets               3           1         
Queries                         1           0         
Reports                         2           1         
Leaves                          0           0         
Mtrace packets                  0           0         
Errors:
Malformed Packets                           0         
Bad Checksums                               0         
Martian source                              0         
Packets Received on MLD-disabled Interface  0

The table below describes the significant fields shown in the display.

Table 24. show ipv6 mld traffic Field Descriptions
Field	Description
Elapsed time since counters cleared	Indicates the amount of time (in hours, minutes, and seconds) since the counters cleared.
Valid MLD packets	Number of valid MLD packets received and sent.
Queries	Number of valid queries received and sent.
Reports	Number of valid reports received and sent.
Leaves	Number of valid leaves received and sent.
Mtrace packets	Number of multicast trace packets received and sent.
Errors	Types of errors and the number of errors that have occurred.

show ipv6 mrib client

To display information about the clients of the Multicast Routing Information Base (MRIB), use the show ipv6 mrib client command in user EXEC or privileged EXEC mode.

show ipv6 mrib [vrf vrf-name] client [filter] [name {client-name | client-name : client-id}]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
filter	(Optional) Displays information about MRIB flags that each client owns and that each client is interested in.
name	(Optional) The name of a multicast routing protocol that acts as a client of MRIB, such as Multicast Listener Discovery (MLD) and Protocol Independent Multicast (PIM).
`client-name` : `client-id`	The name and ID of a multicast routing protocol that acts as a client of MRIB, such as MLD and PIM. The colon is required.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the filter keyword to display information about the MRIB flags each client owns and the flags in which each client is interested.

Examples

The following is sample output from the show ipv6 mrib client command:


Device# show ipv6 mrib client
IP MRIB client-connections
igmp:145        (connection id 0)
pim:146 (connection id 1)
mfib ipv6:3     (connection id 2)
slot 3  mfib ipv6 rp agent:16   (connection id 3)
slot 1  mfib ipv6 rp agent:16   (connection id 4)
slot 0  mfib ipv6 rp agent:16   (connection id 5)
slot 4  mfib ipv6 rp agent:16   (connection id 6)
slot 2  mfib ipv6 rp agent:16   (connection id 7)

The table below describes the significant fields shown in the display.

Table 25. show ipv6 mrib client Field Descriptions
Field	Description
igmp:145 (connection id 0) pim:146 (connection id 1) mfib ipv6:3 (connection id 2) mfib ipv6 rp agent:16 (connection id 3)	Client ID (client name:process ID)

show ipv6 mrib route

To display Multicast Routing Information Base (MRIB) route information, use the show ipv6 mrib route command in user EXEC or privileged EXEC mode.

show ipv6 mrib [vrf vrf-name] route [link-local | summary | [source-address | source-name | *] [groupname-or-address [prefix-length] ]]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
link-local	(Optional) Displays the link-local groups.
summary	(Optional) Displays the number of MRIB entries (including link-local groups) and interfaces present in the MRIB table.
`source address-or-name`	(Optional) IPv6 address or name of the source.
*	(Optional) Displays all MRIB route information.
`groupname` `or-address`	(Optional) IPv6 address or name of the multicast group.
`prefix-length`	(Optional) IPv6 prefix length.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

All entries are created by various clients of the MRIB, such as Multicast Listener Discovery (MLD), Protocol Independent Multicast (PIM), and Multicast Forwarding Information Base (MFIB). The flags on each entry or interface serve as a communication mechanism between various clients of the MRIB. The entries reveal how PIM sends register messages for new sources and the action taken.

The summary keyword shows the count of all entries, including link-local entries.

The interface flags are described in the table below.

Table 26. Description of Interface Flags
Flag	Description
F	Forward--Data is forwarded out of this interface
A	Accept--Data received on this interface is accepted for forwarding
IC	Internal copy
NS	Negate signal
DP	Do not preserve
SP	Signal present
II	Internal interest
ID	Internal uninterest
LI	Local interest
LD	Local uninterest
C	Perform directly connected check

Special entries in the MRIB indicate exceptions from the normal behavior. For example, no signaling or notification is necessary for arriving data packets that match any of the special group ranges. The special group ranges are as follows:

Undefined scope (FFX0::/16)
Node local groups (FFX1::/16)
Link-local groups (FFX2::/16)
Source Specific Multicast (SSM) groups (FF3X::/32).

For all the remaining (usually sparse-mode) IPv6 multicast groups, a directly connected check is performed and the PIM notified if a directly connected source arrives. This procedure is how PIM sends register messages for new sources.

Examples

The following is sample output from the show ipv6 mrib route command using the summary keyword:


Device# show ipv6 mrib route summary
MRIB Route-DB Summary 
  No. of (*,G) routes = 52
  No. of (S,G) routes = 0
  No. of Route x Interfaces (RxI) = 10

The table below describes the significant fields shown in the display.

Table 27. show ipv6 mrib route Field Descriptions
Field	Description
No. of (*, G) routes	Number of shared tree routes in the MRIB.
No. of (S, G) routes	Number of source tree routes in the MRIB.
No. of Route x Interfaces (RxI)	Sum of all the interfaces on each MRIB route entry.

show ipv6 mroute

To display the information in the PIM topology table in a format similar to the show ip mroute command, use the show ipv6 mroute command in user EXEC or privileged EXEC mode.

show ipv6 mroute [vrf vrf-name] [link-local | [group-name | group-address [source-address | source-name]]] [summary] [count]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
link-local	(Optional) Displays the link-local groups.
`group-name` \| `group-address`	(Optional) IPv6 address or name of the multicast group.
`source-address` \| `source-name`	(Optional) IPv6 address or name of the source.
summary	(Optional) Displays a one-line, abbreviated summary of each entry in the IPv6 multicast routing table.
count	(Optional) Displays statistics from the Multicast Forwarding Information Base (MFIB) about the group and source, including number of packets, packets per second, average packet size, and bytes per second.

Command Default

The show ipv6 mroute command displays all groups and sources.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The IPv6 multicast implementation does not have a separate mroute table. For this reason, the show ipv6 mroute command enables you to display the information in the PIM topology table in a format similar to the show ip mroute command.

If you omit all optional arguments and keywords, the show ipv6 mroute command displays all the entries in the PIM topology table (except link-local groups where the link-local keyword is available).

The Cisco IOS software populates the PIM topology table by creating (S,G) and (*,G) entries based on PIM protocol messages, MLD reports, and traffic. The asterisk (*) refers to all source addresses, the "S" refers to a single source address, and the "G" is the destination multicast group address. In creating (S, G) entries, the software uses the best path to that destination group found in the unicast routing table (that is, through Reverse Path Forwarding [RPF]).

Use the show ipv6 mroute command to display the forwarding status of each IPv6 multicast route.

Examples

The following is sample output from the show ipv6 mroute command:


Device# show ipv6 mroute ff07::1
Multicast Routing Table
Flags:D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, 
       C - Connected, L - Local, I - Received Source Specific Host Report,
       P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set,
       J - Join SPT 
Timers:Uptime/Expires
Interface state:Interface, State
(*, FF07::1), 00:04:45/00:02:47, RP 2001:0DB8:6::6, flags:S
  Incoming interface:Tunnel5
  RPF nbr:6:6:6::6
  Outgoing interface list:
    POS4/0, Forward, 00:04:45/00:02:47
(2001:0DB8:999::99, FF07::1), 00:02:06/00:01:23, flags:SFT
  Incoming interface:POS1/0
  RPF nbr:2001:0DB8:999::99
  Outgoing interface list:
    POS4/0, Forward, 00:02:06/00:03:27

The following is sample output from the show ipv6 mroute command with the summary keyword:


Device# show ipv6 mroute ff07::1 summary
Multicast Routing Table
Flags:D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, 
       C - Connected, L - Local, I - Received Source Specific Host Report,
       P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set,
       J - Join SPT 
Timers:Uptime/Expires
Interface state:Interface, State
(*, FF07::1), 00:04:55/00:02:36, RP 2001:0DB8:6::6, OIF count:1, flags:S
(2001:0DB8:999::99, FF07::1), 00:02:17/00:01:12, OIF count:1, flags:SFT

The following is sample output from the show ipv6 mroute command with the count keyword:


Device# show ipv6 mroute ff07::1 count
IP Multicast Statistics
71 routes, 24 groups, 0.04 average sources per group
Forwarding Counts:Pkt Count/Pkts per second/Avg Pkt Size/Kilobits per second
Other counts:Total/RPF failed/Other drops(OIF-null, rate-limit etc)
Group:FF07::1
  RP-tree:
   RP Forwarding:0/0/0/0, Other:0/0/0
   LC Forwarding:0/0/0/0, Other:0/0/0
  Source:2001:0DB8:999::99,
   RP Forwarding:0/0/0/0, Other:0/0/0
   LC Forwarding:0/0/0/0, Other:0/0/0
   HW Forwd:  20000/0/92/0, Other:0/0/0
  Tot. shown:Source count:1, pkt count:20000

The table below describes the significant fields shown in the display.

Table 28. show ipv6 mroute Field Descriptions
Field	Description
Flags:	Provides information about the entry. S--sparse. Entry is operating in sparse mode. s--SSM group. Indicates that a multicast group is within the SSM range of IP addresses. This flag is reset if the SSM range changes. C--connected. A member of the multicast group is present on the directly connected interface. L--local. The router itself is a member of the multicast group. I--received source specific host report. Indicates that an (S, G) entry was created by an (S, G) report. This flag is set only on the designated router (DR). P--pruned. Route has been pruned. The Cisco IOS software keeps this information so that a downstream member can join the source. R--RP-bit set. Indicates that the (S, G) entry is pointing toward the RP. This is typically prune state along the shared tree for a particular source. F--register flag. Indicates that the software is registering for a multicast source. T--SPT-bit set. Indicates that packets have been received on the shortest path source tree. J--join SPT. For (, G) entries, indicates that the rate of traffic flowing down the shared tree is exceeding the SPT-Threshold value set for the group. (The default SPT-Threshold setting is 0 kbps.) When the J - Join shortest path tree (SPT) flag is set, the next (S, G) packet received down the shared tree triggers an (S, G) join in the direction of the source, thereby causing the router to join the source tree. The default SPT-Threshold value of 0 kbps is used for the group, and the J - Join SPT flag is always set on (, G) entries and is never cleared. The router immediately switches to the shortest path source tree when traffic from a new source is received
Timers: Uptime/Expires	"Uptime" indicates per interface how long (in hours, minutes, and seconds) the entry has been in the IPv6 multicast routing table. "Expires" indicates per interface how long (in hours, minutes, and seconds) until the entry will be removed from the IPv6 multicast routing table.
Interface state:	Indicates the state of the incoming or outgoing interface. Interface. Indicates the type and number of the interface listed in the incoming or outgoing interface list. Next-Hop. "Next-Hop" specifies the IP address of the downstream neighbor. State/Mode. "State" indicates that packets will either be forwarded, pruned, or null on the interface depending on whether there are restrictions due to access lists. "Mode" indicates that the interface is operating in sparse mode.
(*, FF07::1) and (2001:0DB8:999::99)	Entry in the IPv6 multicast routing table. The entry consists of the IPv6 address of the source router followed by the IPv6 address of the multicast group. An asterisk () in place of the source router indicates all sources. Entries in the first format are referred to as (, G) or "star comma G" entries. Entries in the second format are referred to as (S, G) or "S comma G" entries; (*, G) entries are used to build (S, G) entries.
RP	Address of the RP router.
flags:	Information set by the MRIB clients on this MRIB entry.
Incoming interface:	Expected interface for a multicast packet from the source. If the packet is not received on this interface, it is discarded.
RPF nbr	IP address of the upstream router to the RP or source.
Outgoing interface list:	Interfaces through which packets will be forwarded. For (S,G) entries, this list will not include the interfaces inherited from the (*,G) entry.

Related Commands


Command	Description
ipv6 multicast-routing	Enables multicast routing using PIM and MLD on all IPv6-enabled interfaces of the router and enables multicast forwarding.
show ipv6 mfib	Displays the forwarding entries and interfaces in the IPv6 MFIB.

show ipv6 mtu

To display maximum transmission unit (MTU) cache information for IPv6 interfaces, use the show ipv6 mtu command in user EXEC or privileged EXEC mode.

show ipv6 mtu [vrf vrfname]

Syntax Description


vrf	(Optional) Displays an IPv6 Virtual Private Network (VPN) routing/forwarding instance (VRF).
`vrfname`	(Optional) Name of the IPv6 VRF.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The vrf keyword and vrfname argument allow you to view MTUs related to a specific VRF.

Examples

The following is sample output from the show ipv6 mtu command:


Device# show ipv6 mtu
MTU     Since    Destination Address
1400    00:04:21  5000:1::3
1280    00:04:50  FE80::203:A0FF:FED6:141D

The following is sample output from the show ipv6 mtu command using the vrf keyword and vrfname argument. This example provides information about the VRF named vrfname1:


Device# show ipv6 mtu vrf vrfname1 
MTU   Since       Source Address     Destination Address 
1300  00:00:04    2001:0DB8:2        2001:0DB8:7

The table below describes the significant fields shown in the display.

Table 29. show ipv6 mtu Field Descriptions
Field	Description
MTU	MTU, which was contained in the Internet Control Message Protocol (ICMP) packet-too-big message, used for the path to the destination address.
Since	Age of the entry since the ICMP packet-too-big message was received.
Destination Address	Address contained in the received ICMP packet-too-big message. Packets originating from this router to this address should be no bigger than the given MTU.

Related Commands


Command	Description
ipv6 mtu	Sets the MTU size of IPv6 packets sent on an interface.

show ipv6 nd destination

To display information about IPv6 host-mode destination cache entries, use the show ipv6 nd destination command in user EXEC or privileged EXEC mode.

show ipv6 nd destination [vrf vrf-name] [interface-type interface-number]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`interface` - `type`	(Optional) Specifies the Interface type.
`interface` - `number`	(Optional) Specifies the Interface number.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the show ipv6 nd destination command to display information about IPv6 host-mode destination cache entries. If the vrf vrf-name keyword and argument pair is used, then only information about the specified VRF is displayed. If the interface-type and interface-number arguments are used, then only information about the specified interface is displayed.

Examples


Device# show ipv6 nd destination

IPv6 ND destination cache (table: default)
Code: R - Redirect
   2001::1 [8]
    via FE80::A8BB:CCFF:FE00:5B00/Ethernet0/0

The following table describes the significant fields shown in the display.

Table 30. show ipv6 nd destination Field Descriptions
Field	Description
Code: R - Redirect	Destinations learned through redirect.
2001::1 [8]	The value displayed in brackets is the time, in seconds, since the destination cache entry was last used.

Related Commands


Command	Description
ipv6 nd host mode strict	Enables the conformant, or strict, IPv6 host mode.

show ipv6 nd on-link prefix

To display information about on-link prefixes learned through router advertisements (RAs), use the show ipv6 nd on-link prefix command in user EXEC or privileged EXEC mode.

show ipv6 nd on-link prefix [vrf vrf-name] [interface-type interface-number]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`interface` -`type`	(Optional) Specifies the Interface type.
`interface` -`number`	(Optional) Specifies the Interface number.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the show ipv6 nd on-link prefix command to display information about on-link prefixes learned through RAs.

Prefixes learned from an RA may be inspected using the show ipv6 nd on-link prefix command. If the vrf vrf-name keyword and argument pair is used, then only information about the specified VRF is displayed. If the interface-type and interface-number arguments are used, then only information about the specified interface is displayed.

Examples

The following example displays information about on-link prefixes learned through RAs:


Device# show ipv6 nd on-link prefix

IPv6 ND on-link Prefix (table: default), 2 prefixes
Code: A - Autonomous Address Config
A  2001::/64  [2591994/604794]
router FE80::A8BB:CCFF:FE00:5A00/Ethernet0/0
2001:1:2::/64  [2591994/604794]
router FE80::A8BB:CCFF:FE00:5A00/Ethernet0/0

Related Commands


Command	Description
ipv6 nd host mode strict	Enables the conformant, or strict, IPv6 host mode.

show ipv6 neighbors

To display IPv6 neighbor discovery (ND) cache information, use the show ipv6 neighbors command in user EXEC or privileged EXEC mode.

show ipv6 neighbors [interface-type interface-number | ipv6-address | ipv6-hostname | statistics]

Syntax Description


`interface` -`type`	(Optional) Specifies the type of the interface from which IPv6 neighbor information is to be displayed.
`interface` -`number`	(Optional) Specifies the number of the interface from which IPv6 neighbor information is to be displayed.
`ipv6-address`	(Optional) Specifies the IPv6 address of the neighbor. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons.
`ipv6-hostname`	(Optional) Specifies the IPv6 hostname of the remote networking device.
statistics	(Optional) Displays ND cache statistics.

Command Default

All IPv6 ND cache entries are listed.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

When the interface -type and interface -number arguments are not specified, cache information for all IPv6 neighbors is displayed. Specifying the interface -type and interface -number arguments displays only cache information about the specified interface.

Specifying the statistics keyword displays ND cache statistics.

Examples

The following is sample output from the show ipv6 neighbors command when entered with an interface type and number:


Device# show ipv6 neighbors ethernet 2
IPv6 Address                              Age Link-layer Addr State Interface
2000:0:0:4::2                               0 0003.a0d6.141e  REACH Ethernet2
FE80::203:A0FF:FED6:141E                    0 0003.a0d6.141e  REACH Ethernet2
3001:1::45a                                 - 0002.7d1a.9472  REACH Ethernet2

The following is sample output from the show ipv6 neighbors command when entered with an IPv6 address:


Device# show ipv6 neighbors 2000:0:0:4::2
IPv6 Address                              Age Link-layer Addr State Interface
2000:0:0:4::2                               0 0003.a0d6.141e  REACH Ethernet2

The table below describes the significant fields shown in the displays.

Table 31. show ipv6 neighbors Field Descriptions

Field

Description

IPv6 Address

IPv6 address of neighbor or interface.

Age

Time (in minutes) since the address was confirmed to be reachable. A hyphen (-) indicates a static entry.

Link-layer Addr

MAC address. If the address is unknown, a hyphen (-) is displayed.

State

The state of the neighbor cache entry. Following are the states for dynamic entries in the IPv6 neighbor discovery cache:

INCMP (Incomplete)--Address resolution is being performed on the entry. A neighbor solicitation message has been sent to the solicited-node multicast address of the target, but the corresponding neighbor advertisement message has not yet been received.
REACH (Reachable)--Positive confirmation was received within the last ReachableTime milliseconds that the forward path to the neighbor was functioning properly. While in REACH state, the device takes no special action as packets are sent.
STALE--More than ReachableTime milliseconds have elapsed since the last positive confirmation was received that the forward path was functioning properly. While in STALE state, the device takes no action until a packet is sent.
DELAY--More than ReachableTime milliseconds have elapsed since the last positive confirmation was received that the forward path was functioning properly. A packet was sent within the last DELAY_FIRST_PROBE_TIME seconds. If no reachability confirmation is received within DELAY_FIRST_PROBE_TIME seconds of entering the DELAY state, send a neighbor solicitation message and change the state to PROBE.
PROBE--A reachability confirmation is actively sought by resending neighbor solicitation messages every RetransTimer milliseconds until a reachability confirmation is received.
????--Unknown state.

Following are the possible states for static entries in the IPv6 neighbor discovery cache:

INCMP (Incomplete)--The interface for this entry is down.
REACH (Reachable)--The interface for this entry is up.

Note

Reachability detection is not applied to static entries in the IPv6 neighbor discovery cache; therefore, the descriptions for the INCMP (Incomplete) and REACH (Reachable) states are different for dynamic and static cache entries.

Interface

Interface from which the address was reachable.

The following is sample output from the show ipv6 neighbors command with the statistics keyword:


Device# show ipv6 neighbor statistics
 
IPv6 ND Statistics
 Entries 2, High-water 2, Gleaned 1, Scavenged 0
 Entry States
   INCMP 0  REACH 0  STALE 2  GLEAN 0  DELAY 0  PROBE 0
 Resolutions (INCMP)
   Requested 1, timeouts 0, resolved 1, failed 0
   In-progress 0, High-water 1, Throttled 0, Data discards 0
 Resolutions (PROBE)
   Requested 3, timeouts 0, resolved 3, failed 0

The table below describes the significant fields shown in this display:

Table 32. show ipv6 neighbors statistics Field Descriptions
Field	Description
Entries	Total number of ND neighbor entries in the ND cache.
High-Water	Maximum amount (so far) of ND neighbor entries in ND cache.
Gleaned	Number of ND neighbor entries gleaned (that is, learned from a neighbor NA or other ND packet).
Scavenged	Number of stale ND neighbor entries that have timed out and been removed from the cache.
Entry States	Number of ND neighbor entries in each state.
Resolutions (INCMP)	Statistics for neighbor resolutions attempted in INCMP state (that is, resolutions prompted by a data packet). Details about the resolutions attempted in INCMP state are follows: Requested--Total number of resolutions requested. Timeouts--Number of timeouts during resolutions. Resolved--Number of successful resolutions. Failed--Number of unsuccessful resolutions. In-progress--Number of resolutions in progress. High-water--Maximum number (so far) of resolutions in progress. Throttled--Number of times resolution request was ignored due to maximum number of resolutions in progress limit. Data discards--Number of data packets discarded that are awaiting neighbor resolution.
Resolutions (PROBE)	Statistics for neighbor resolutions attempted in PROBE state (that is, re-resolutions of existing entries prompted by a data packet): Requested--Total number of resolutions requested. Timeouts--Number of timeouts during resolutions. Resolved--Number of successful resolutions. Failed--Number of unsuccessful resolutions.

show ipv6 nhrp

To display Next Hop Resolution Protocol (NHRP) mapping information, use the show ipv6 nhrp command in user EXEC or privileged EXEC mode.

show ipv6 nhrp [dynamic [ipv6-address] | incomplete | static] [address | interface] [brief | detail] [purge]

Syntax Description


dynamic	(Optional) Displays dynamic (learned) IPv6-to-nonbroadcast multiaccess address (NBMA) mapping entries. Dynamic NHRP mapping entries are obtained from NHRP resolution/registration exchanges. See the table below for types, number ranges, and descriptions.
`ipv6-address`	(Optional) The IPv6 address of the cache entry.
incomplete	(Optional) Displays information about NHRP mapping entries for which the IPv6-to-NBMA is not resolved. See the table below for types, number ranges, and descriptions.
static	(Optional) Displays static IPv6-to-NBMA address mapping entries. Static NHRP mapping entries are configured using the ipv6 nhrp map command. See the table below for types, number ranges, and descriptions.
`address`	(Optional) NHRP mapping entry for specified protocol addresses.
`interface`	(Optional) NHRP mapping entry for the specified interface. See the table below for types, number ranges, and descriptions.
brief	(Optional) Displays a short output of the NHRP mapping.
detail	(Optional) Displays detailed information about NHRP mapping.
purge	(Optional) Displays NHRP purge information.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The table below lists the valid types, number ranges, and descriptions for the optional interface argument.

Note

The valid types can vary according to the platform and interfaces on the platform.

Table 33. Valid Types, Number Ranges, and Interface Description
Valid Types	Number Ranges	Interface Descriptions
async	1	Async
atm	0 to 6	ATM
bvi	1 to 255	Bridge-Group Virtual Interface
cdma-ix	1	CDMA Ix
ctunnel	0 to 2147483647	C-Tunnel
dialer	0 to 20049	Dialer
ethernet	0 to 4294967295	Ethernet
fastethernet	0 to 6	FastEthernet IEEE 802.3
lex	0 to 2147483647	Lex
loopback	0 to 2147483647	Loopback
mfr	0 to 2147483647	Multilink Frame Relay bundle
multilink	0 to 2147483647	Multilink-group
null	0	Null
port-channel	1 to 64	Port channel
tunnel	0 to 2147483647	Tunnel
vif	1	PGM multicast host
virtual-ppp	0 to 2147483647	Virtual PPP
virtual-template	1 to 1000	Virtual template
virtual-tokenring	0 to 2147483647	Virtual Token Ring
xtagatm	0 to 2147483647	Extended tag ATM

Examples

The following is sample output from the show ipv6 nhrp command:


Device# show ipv6 nhrp
2001:0db8:3c4d:0015::1a2f:3d2c/48  via 
2001:0db8:3c4d:0015::1a2f:3d2c
Tunnel0 created 6d05h, never expire

The table below describes the significant fields shown in the display.

Table 34. show ipv6 nhrp Field Descriptions
Field	Description
2001:0db8:3c4d:0015::1a2f: 3d2c/48	Target network.
2001:0db8:3c4d:0015::1a2f:3d2c	Next hop to reach the target network.
Tunnel0	Interface through which the target network is reached.
created 6d05h	Length of time since the entry was created (dayshours).
never expire	Indicates that static entries never expire.

The following is sample output from the show ipv6 nhrp command using the brief keyword:


Device# show ipv6 nhrp brief
2001:0db8:3c4d:0015:0000:0000:1a2f:3d2c/48 
 via 2001:0db8:3c4d:0015:0000:0000:1a2f:3d2c
Interface: Tunnel0 Type: static 
NBMA address: 10.11.11.99

The table below describes the significant fields shown in the display.

Table 35. show ipv6 nhrp brief Field Descriptions
Field	Description
2001:0db8:3c4d:0015:0000:0000: 1a2f:3d2c/48	Target network.
via 2001:0db8:3c4d:0015:0000:0000: 1a2f:3d2c	Next Hop to reach the target network.
Interface: Tunnel0	Interface through which the target network is reached.
Type: static	Type of tunnel. The types can be one of the following: dynamic--NHRP mapping is obtained dynamically. The mapping entry is created using information from the NHRP resolution and registrations. static--NHRP mapping is configured statically. Entries configured by the ipv6 nhrp map command are marked static. incomplete--The NBMA address is not known for the target network.

Related Commands


Command	Description
ipv6 nhrp map	Statically configures the IPv6-to-NBMA address mapping of IP destinations connected to an NBMA network.

show ipv6 ospf

To display general information about Open Shortest Path First ( OSPF) routing processes, use the show ipv6 ospf command in user EXEC or privileged EXEC mode.

show ipv6 ospf [process-id] [area-id] [rate-limit]

Syntax Description


`process-id`	(Optional) Internal identification. It is locally assigned and can be any positive integer. The number used here is the number assigned administratively when the OSPF routing process is enabled.
`area-id`	(Optional) Area ID. This argument displays information about a specified area only.
rate-limit	(Optional) Rate-limited link-state advertisements (LSAs). This keyword displays LSAs that are currently being rate limited, together with the remaining time to the next generation.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Examples

The following is sample output from the show ipv6 ospf command:


Device# show ipv6 ospf
Routing Process "ospfv3 1" with ID 10.10.10.1
 SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
 Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
 LSA group pacing timer 240 secs
 Interface flood pacing timer 33 msecs
 Retransmission pacing timer 66 msecs
 Number of external LSA 0. Checksum Sum 0x000000
 Number of areas in this device is 1. 1 normal 0 stub 0 nssa
    Area BACKBONE(0)
        Number of interfaces in this area is 1
        MD5 Authentication, SPI 1000
        SPF algorithm executed 2 times
        Number of LSA 5. Checksum Sum 0x02A005
        Number of DCbitless LSA 0
        Number of indication LSA 0
        Number of DoNotAge LSA 0
        Flood list length 0

The table below describes the significant fields shown in the display.

Table 36. show ipv6 ospf Field Descriptions
Field	Description
Routing process "ospfv3 1" with ID 10.10.10.1	Process ID and OSPF device ID.
LSA group pacing timer	Configured LSA group pacing timer (in seconds).
Interface flood pacing timer	Configured LSA flood pacing timer (in milliseconds).
Retransmission pacing timer	Configured LSA retransmission pacing timer (in milliseconds).
Number of areas	Number of areas in device, area addresses, and so on.

Examples

The following sample output shows the show ipv6 ospf command with area encryption information:


Device# show ipv6 ospf 
Routing Process "ospfv3 1" with ID 10.0.0.1 
It is an area border device 
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs 
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs 
LSA group pacing timer 240 secs 
Interface flood pacing timer 33 msecs 
Retransmission pacing timer 66 msecs 
Number of external LSA 0. Checksum Sum 0x000000 
Number of areas in this device is 2. 2 normal 0 stub 0 nssa 
Reference bandwidth unit is 100 mbps 
    Area BACKBONE(0) 
        Number of interfaces in this area is 2 
        SPF algorithm executed 3 times 
        Number of LSA 31. Checksum Sum 0x107493 
        Number of DCbitless LSA 0 
        Number of indication LSA 0 
        Number of DoNotAge LSA 20 
        Flood list length 0 
    Area 1 
        Number of interfaces in this area is 2 
        NULL Encryption SHA-1 Auth, SPI 1001 
        SPF algorithm executed 7 times 
        Number of LSA 20. Checksum Sum 0x095E6A 
        Number of DCbitless LSA 0 
        Number of indication LSA 0 
        Number of DoNotAge LSA 0 
        Flood list length 0

The table below describes the significant fields shown in the display.

Table 37. show ipv6 ospf with Area Encryption Information Field Descriptions
Field	Description
Area 1	Subsequent fields describe area 1.
NULL Encryption SHA-1 Auth, SPI 1001	Displays the encryption algorithm (in this case, null, meaning no encryption algorithm is used), the authentication algorithm (SHA-1), and the security policy index (SPI) value (1001).

The following example displays the configuration values for SPF and LSA throttling timers:


Device# show ipv6 ospf
 Routing Process "ospfv3 1" with ID 10.9.4.1
 Event-log enabled, Maximum number of events: 1000, Mode: cyclic
 It is an autonomous system boundary device
 Redistributing External Routes from,
    ospf 2
 Initial SPF schedule delay 5000 msecs
 Minimum hold time between two consecutive SPFs 10000 msecs
 Maximum wait time between two consecutive SPFs 10000 msecs
 Minimum LSA interval 5 secs
 Minimum LSA arrival 1000 msecs

The table below describes the significant fields shown in the display.

Table 38. show ipv6 ospf with SPF and LSA Throttling Timer Field Descriptions
Field	Description
Initial SPF schedule delay	Delay time of SPF calculations.
Minimum hold time between two consecutive SPFs	Minimum hold time between consecutive SPF calculations.
Maximum wait time between two consecutive SPFs 10000 msecs	Maximum hold time between consecutive SPF calculations.
Minimum LSA interval 5 secs	Minimum time interval (in seconds) between link-state advertisements.
Minimum LSA arrival 1000 msecs	Maximum arrival time (in milliseconds) of link-state advertisements.

The following example shows information about LSAs that are currently being rate limited:


Device# show ipv6 ospf rate-limit
List of LSAs that are in rate limit Queue
    LSAID: 0.0.0.0 Type: 0x2001 Adv Rtr: 10.55.55.55 Due in: 00:00:00.500
    LSAID: 0.0.0.0 Type: 0x2009 Adv Rtr: 10.55.55.55 Due in: 00:00:00.500

The table below describes the significant fields shown in the display.

Table 39. show ipv6 ospf rate-limit Field Descriptions
Field	Description
LSAID	Link-state ID of the LSA.
Type	Description of the LSA.
Adv Rtr	ID of the advertising device.
Due in:	Remaining time until the generation of the next event.

show ipv6 ospf border-routers

To display the internal Open Shortest Path First (OSPF) routing table entries to an Area Border Router (ABR) and Autonomous System Boundary Router (ASBR), use the show ipv6 ospf border-routers command in user EXEC or privileged EXEC mode.

show ip ospf [process-id] border-routers

Syntax Description


`process-id`	(Optional) Internal identification. It is locally assigned and can be any positive integer. The number used here is the number assigned administratively when the OSPF routing process is enabled.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Examples

The following is sample output from the show ipv6 ospf border-routers command:


Device# show ipv6 ospf border-routers
 
OSPFv3 Process 1 internal Routing Table
Codes: i - Intra-area route, I - Inter-area route
i 172.16.4.4 [2] via FE80::205:5FFF:FED3:5808, FastEthernet0/0, ABR, Area 1, SPF 13
i 172.16.4.4 [1] via FE80::205:5FFF:FED3:5406, POS4/0, ABR, Area 0, SPF 8
i 172.16.3.3 [1] via FE80::205:5FFF:FED3:5808, FastEthernet0/0, ASBR, Area 1, SPF 3

The table below describes the significant fields shown in the display.

Table 40. show ipv6 ospf border-routers Field Descriptions
Field	Description
i - Intra-area route, I - Inter-area route	The type of this route.
172.16.4.4, 172.16.3.3	Router ID of the destination router.
[2], [1]	Metric used to reach the destination router.
FE80::205:5FFF:FED3:5808, FE80::205:5FFF:FED3:5406, FE80::205:5FFF:FED3:5808	Link-local routers.
FastEthernet0/0, POS4/0	The interface on which the IPv6 OSPF protocol is configured.
ABR	Area border router.
ASBR	Autonomous system boundary router.
Area 0, Area 1	The area ID of the area from which this route is learned.
SPF 13, SPF 8, SPF 3	The internal number of the shortest path first (SPF) calculation that installs this route.

show ipv6 ospf event

To display detailed information about IPv6 Open Shortest Path First (OSPF) events, use the show ipv6 ospf event command in privileged EXEC mode.

show ipv6 ospf [process-id] event [generic | interface | lsa | neighbor | reverse | rib | spf]

Syntax Description


`process-id`	(Optional) Internal identification. It is locally assigned and can be any positive integer. The number used here is the number assigned administratively when the OSPF routing process is enabled.
generic	(Optional) Generic information regarding OSPF for IPv6 events.
interface	(Optional) Interface state change events, including old and new states.
lsa	(Optional) LSA arrival and LSA generation events.
neighbor	(Optional) Neighbor state change events, including old and new states.
reverse	(Optional) Keyword to allow the display of events in reverse-from the latest to the oldest or from oldest to the latest.
rib	(Optional) Routing Information Base (RIB) update, delete, and redistribution events.
spf	(Optional) Scheduling and SPF run events.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

An OSPF event log is kept for every OSPF instance. If you enter no keywords with the show ipv6 ospf event command, all information in the OSPF event log is displayed. Use the keywords to filter specific information.

Examples

The following example shows scheduling and SPF run events, LSA arrival and LSA generation events, in order from the oldest events to the latest generated events:


Device# show ipv6 ospf event spf lsa reverse
 
OSPFv3 Router with ID (10.0.0.1) (Process ID 1) 
1 *Sep 29 11:59:18.367: Rcv Changed Type-0x2009 LSA, LSID 10.0.0.0, Adv-Rtr 192.168.0.1, Seq# 80007699, Age 3600 
3 *Sep 29 11:59:18.367: Schedule SPF, Area 0, Change in LSID 10.0.0.0, LSA type P 
4 *Sep 29 11:59:18.367: Rcv Changed Type-0x2001 LSA, LSID 10.0.0.0, Adv-Rtr 192.168.0.1, Seq# 80007699, Age 2 
5 *Sep 29 11:59:18.367: Schedule SPF, Area 0, Change in LSID 10.0.0.0, LSA type R 
6 *Sep 29 11:59:18.367: Rcv Changed Type-0x2002 LSA, LSID 10.1.0.1, Adv-Rtr 192.168.0.1, Seq# 80007699, Age 3600 
8 *Sep 29 11:59:18.367: Schedule SPF, Area 0, Change in LSID 10.1.0.1, LSA type N 
9 *Sep 29 11:59:18.367: Rcv Changed Type-0x2001 LSA, LSID 10.0.0.0, Adv-Rtr 1.1.1.1, Seq# 80007699, Age 2 
10 *Sep 29 11:59:18.367: Schedule SPF, Area 0, Change in LSID 10.0.0.0, LSA type R 
11 *Sep 29 11:59:18.867: Starting SPF 
12 *Sep 29 11:59:18.867: Starting Intra-Area SPF in Area 0 
16 *Sep 29 11:59:18.867: Starting Inter-Area SPF in area 0 
17 *Sep 29 11:59:18.867: Starting External processing 
18 *Sep 29 11:59:18.867: Starting External processing in area 0 
19 *Sep 29 11:59:18.867: Starting External processing in area 1 
20 *Sep 29 11:59:18.867: End of SPF 
21 *Sep 29 11:59:19.367: Generate Changed Type-0x2003 LSA, LSID 10.0.0.4, Seq# 80000002, Age 3600, Area 1, Prefix 3000:11:22::/64 
23 *Sep 29 11:59:20.367: Rcv Changed Type-0x2009 LSA, LSID 10.0.0.0, Adv-Rtr 192.168.0.1, Seq# 8000769A, Age 2 
24 *Sep 29 11:59:20.367: Schedule SPF, Area 0, Change in LSID 10.0.0.0, LSA type P 
25 *Sep 29 11:59:20.367: Rcv Changed Type-0x2001 LSA, LSID 10.0.0.0, Adv-Rtr 192.168.0.1, Seq# 8000769A, Age 2 
26 *Sep 29 11:59:20.367: Schedule SPF, Area 0, Change in LSID 10.0.0.0, LSA type R 
27 *Sep 29 11:59:20.367: Rcv Changed Type-0x2002 LSA, LSID 10.1.0.1, Adv-Rtr 192.168.0.1, Seq# 8000769A, Age 2 
28 *Sep 29 11:59:20.367: Schedule SPF, Area 0, Change in LSID 10.1.0.1, LSA type N 
29 *Sep 29 11:59:20.367: Rcv Changed Type-0x2001 LSA, LSID 10.0.0.0, Adv-Rtr 1.1.1.1, Seq# 8000769A, Age 2 
30 *Sep 29 11:59:20.367: Schedule SPF, Area 0, Change in LSID 10.0.0.0, LSA type R 
31 *Sep 29 11:59:20.867: Starting SPF 
32 *Sep 29 11:59:20.867: Starting Intra-Area SPF in Area 0 
36 *Sep 29 11:59:20.867: Starting Inter-Area SPF in area 0 
37 *Sep 29 11:59:20.867: Starting External processing 
38 *Sep 29 11:59:20.867: Starting External processing in area 0 
39 *Sep 29 11:59:20.867: Starting External processing in area 1 
40 *Sep 29 11:59:20.867: End of SPF

The table below describes the significant fields shown in the display.

Table 41. show ip ospf Field Descriptions
Field	Description
OSPFv3 Router with ID (10.0.0.1) (Process ID 1)	Process ID and OSPF router ID.
Rcv Changed Type-0x2009 LSA	Description of newly arrived LSA.
LSID	Link-state ID of the LSA.
Adv-Rtr	ID of the advertising router.
Seq#	Link state sequence number (detects old or duplicate link state advertisements).
Age	Link state age (in seconds).
Schedule SPF	Enables SPF to run.
Area	OSPF area ID.
Change in LSID	Changed link-state ID of the LSA.
LSA type	LSA type.

show ipv6 ospf graceful-restart

To display Open Shortest Path First for IPv6 (OSPFv3) graceful restart information, use the show ipv6 ospf graceful-restart command in privileged EXEC mode.

show ipv6 ospf graceful-restart

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the show ipv6 ospf graceful-restart command to discover information about the OSPFv3 graceful restart feature.

Examples

The following example displays OSPFv3 graceful restart information:


Device# show ipv6 ospf graceful-restart
Routing Process "ospf 1"
 Graceful Restart enabled
    restart-interval limit: 120 sec, last restart 00:00:15 ago (took 36 secs)
  Graceful Restart helper support enabled
  Router status : Active
  Router is running in SSO mode
  OSPF restart state : NO_RESTART 
  Router ID 10.1.1.1, checkpoint Router ID 10.0.0.0

The table below describes the significant fields shown in the display.

Table 42. show ipv6 ospf graceful-restart Field Descriptions
Field	Description
Routing Process "ospf 1"	The OSPFv3 routing process ID.
Graceful Restart enabled	The graceful restart feature is enabled on this router.
restart-interval limit: 120 sec	The restart-interval limit.
last restart 00:00:15 ago (took 36 secs)	How long ago the last graceful restart occurred, and how long it took to occur.
Graceful Restart helper support enabled	Graceful restart helper mode is enabled. Because graceful restart mode is also enabled on this router, you can identify this router as being graceful-restart capable. A router that is graceful-restart-aware cannot be configured in graceful-restart mode.
Router status : Active	This router is in active, as opposed to standby, mode.
Router is running in SSO mode	The router is in stateful switchover mode.
OSPF restart state : NO_RESTART	The current OSPFv3 restart state.
Router ID 10.1.1.1, checkpoint Router ID 10.0.0.0	The IPv6 addresses of the current router and the checkpoint router.

Related Commands


Command	Description
show ipv6 ospf interface	Displays OSPFv3-related interface information.

show ipv6 ospf interface

To display Open Shortest Path First (OSPF)-related interface information, use the showipv6ospfinterface command in user EXEC or privileged mode.

show ipv6 ospf [process-id] [area-id] interface [type number] [brief]

Syntax Description


`process-id`	(Optional) Internal identification. It is locally assigned and can be any positive integer. The number used here is the number assigned administratively when the OSPF routing process is enabled.
`area-id`	(Optional) Displays information about a specified area only.
`type` `number`	(Optional) Interface type and number.
brief	(Optional) Displays brief overview information for OSPF interfaces, states, addresses and masks, and areas on the router.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Examples

The following is sample output from the showipv6ospfinterface command:

Device# show ipv6 ospf interface
ATM3/0 is up, line protocol is up 
  Link Local Address 2001:0DB1:205:5FFF:FED3:5808, Interface ID 13
  Area 1, Process ID 1, Instance ID 0, Router ID 172.16.3.3
  Network Type POINT_TO_POINT, Cost: 1
  Transmit Delay is 1 sec, State POINT_TO_POINT,
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 00:00:06
  Index 1/2/2, flood queue length 0
  Next 0x0(0)/0x0(0)/0x0(0)
  Last flood scan length is 12, maximum is 12
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 1, Adjacent neighbor count is 1 
    Adjacent with neighbor 172.16.4.4
  Suppress hello for 0 neighbor(s)
FastEthernet0/0 is up, line protocol is up 
  Link Local Address 2001:0DB1:205:5FFF:FED3:5808, Interface ID 3
  Area 1, Process ID 1, Instance ID 0, Router ID 172.16.3.3
  Network Type BROADCAST, Cost: 1
  Transmit Delay is 1 sec, State BDR, Priority 1 
  Designated Router (ID) 172.16.6.6, local address 2001:0DB1:205:5FFF:FED3:6408
  Backup Designated router (ID) 172.16.3.3, local address 2001:0DB1:205:5FFF:FED3:5808
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 00:00:05
  Index 1/1/1, flood queue length 0
  Next 0x0(0)/0x0(0)/0x0(0)
  Last flood scan length is 12, maximum is 12
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 1, Adjacent neighbor count is 1 
    Adjacent with neighbor 172.16.6.6  (Designated Router)
  Suppress hello for 0 neighbor(s)

The table below describes the significant fields shown in the display.

Table 43. show ipv6 ospf interface Field Descriptions
Field	Description
ATM3/0	Status of the physical link and operational status of protocol.
Link Local Address	Interface IPv6 address.
Area 1, Process ID 1, Instance ID 0, Router ID 172.16.3.3	The area ID, process ID, instance ID, and router ID of the area from which this route is learned.
Network Type POINT_TO_POINT, Cost: 1	Network type and link-state cost.
Transmit Delay	Transmit delay, interface state, and router priority.
Designated Router	Designated router ID and respective interface IP address.
Backup Designated router	Backup designated router ID and respective interface IP address.
Timer intervals configured	Configuration of timer intervals.
Hello	Number of seconds until the next hello packet is sent out this interface.
Neighbor Count	Count of network neighbors and list of adjacent neighbors.

Examples

The following is sample output of the showipv6ospfinterface command when the brief keyword is entered.

Device# show ipv6 ospf interface brief
 
Interface    PID   Area            Intf ID    Cost  State Nbrs F/C
VL0          6     0               21         65535 DOWN  0/0
Se3/0        6     0               14         64    P2P   0/0
Lo1          6     0               20         1     LOOP  0/0
Se2/0        6     6               10         62    P2P   0/0
Tu0          1000  0               19         11111 DOWN  0/0

Examples

The following is sample output from the showipv6ospfinterface command with authentication enabled on the interface:


Device# show ipv6 ospf interface
Ethernet0/0 is up, line protocol is up
  Link Local Address 2001:0DB1:A8BB:CCFF:FE00:6E00, Interface ID 2
  Area 0, Process ID 1, Instance ID 0, Router ID 10.10.10.1
  Network Type BROADCAST, Cost:10
  MD5 Authentication SPI 500, secure socket state UP (errors:0)
  Transmit Delay is 1 sec, State BDR, Priority 1
  Designated Router (ID) 10.11.11.1, local address 2001:0DB1:A8BB:CCFF:FE00:6F00
  Backup Designated router (ID) 10.10.10.1, local address
2001:0DB1:A8BB:CCFF:FE00:6E00
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 00:00:01
  Index 1/1/1, flood queue length 0
  Next 0x0(0)/0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 1
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 10.11.11.1  (Designated Router)
  Suppress hello for 0 neighbor(s)

Examples

The following is sample output from the showipv6ospfinterface command with null authentication configured on the interface:


Device# show ipv6 ospf interface
Ethernet0/0 is up, line protocol is up
  Link Local Address 2001:0DB1:A8BB:CCFF:FE00:6E00, Interface ID 2
  Area 0, Process ID 1, Instance ID 0, Router ID 10.10.10.1
  Network Type BROADCAST, Cost:10
  Authentication NULL
  Transmit Delay is 1 sec, State BDR, Priority 1
  Designated Router (ID) 10.11.11.1, local address 2001:0DB1:A8BB:CCFF:FE00:6F00
  Backup Designated router (ID) 10.10.10.1, local address
2001:0DB1:A8BB:CCFF:FE00:6E00
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 00:00:03
  Index 1/1/1, flood queue length 0
  Next 0x0(0)/0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 1
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 10.11.11.1  (Designated Router)
  Suppress hello for 0 neighbor(s)

Examples

The following is sample output from the showipv6ospfinterface command with authentication configured for the area:


Device# show ipv6 ospf interface
Ethernet0/0 is up, line protocol is up
  Link Local Address 2001:0DB1:A8BB:CCFF:FE00:6E00, Interface ID 2
  Area 0, Process ID 1, Instance ID 0, Router ID 10.10.10.1
  Network Type BROADCAST, Cost:10
  MD5 Authentication (Area) SPI 1000, secure socket state UP (errors:0)
  Transmit Delay is 1 sec, State BDR, Priority 1
  Designated Router (ID) 10.11.11.1, local address 2001:0DB1:A8BB:CCFF:FE00:6F00
  Backup Designated router (ID) 10.10.10.1, local address
FE80::A8BB:CCFF:FE00:6E00
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 00:00:03
  Index 1/1/1, flood queue length 0
  Next 0x0(0)/0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 1
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 10.11.11.1  (Designated Router)
  Suppress hello for 0 neighbor(s)

Examples

The following display shows sample output from the showipv6ospfinterface command when the OSPF cost dynamic is configured.


Device# show ipv6 ospf interface serial 2/0
Serial2/0 is up, line protocol is up
   Link Local Address 2001:0DB1:A8BB:CCFF:FE00:100, Interface ID 10
   Area 1, Process ID 1, Instance ID 0, Router ID 172.1.1.1
   Network Type POINT_TO_MULTIPOINT, Cost: 64 (dynamic), Cost Hysteresis: 200
   Cost Weights: Throughput 100, Resources 20, Latency 80, L2-factor 100
   Transmit Delay is 1 sec, State POINT_TO_MULTIPOINT,
   Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
     Hello due in 00:00:19
   Index 1/2/3, flood queue length 0
   Next 0x0(0)/0x0(0)/0x0(0)
   Last flood scan length is 0, maximum is 0
   Last flood scan time is 0 msec, maximum is 0 msec
   Neighbor Count is 0, Adjacent neighbor count is 0
   Suppress hello for 0 neighbor(s)

Examples

The following display shows sample output from the showipv6ospfinterface command when the OSPF graceful restart feature is configured:


Device# show ipv6 ospf interface 
Ethernet0/0 is up, line protocol is up 
  Link Local Address FE80::A8BB:CCFF:FE00:300, Interface ID 2
  Area 0, Process ID 1, Instance ID 0, Router ID 10.3.3.3
  Network Type POINT_TO_POINT, Cost: 10
  Transmit Delay is 1 sec, State POINT_TO_POINT,
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
   Graceful Restart p2p timeout in 00:00:19
    Hello due in 00:00:02
  Graceful Restart helper support enabled
  Index 1/1/1, flood queue length 0
  Next 0x0(0)/0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 1
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 1, Adjacent neighbor count is 1 
    Adjacent with neighbor 10.1.1.1
  Suppress hello for 0 neighbor(s)

Examples

The following display shows that the OSPF interface is enabled for Bidirectional Forwarding Detection (BFD):


Device# show ipv6 ospf interface 
Serial10/0 is up, line protocol is up 
  Link Local Address FE80::A8BB:CCFF:FE00:6500, Interface ID 42 
  Area 1, Process ID 1, Instance ID 0, Router ID 10.0.0.1 
  Network Type POINT_TO_POINT, Cost: 64 
  Transmit Delay is 1 sec, State POINT_TO_POINT, BFD enabled 
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 
    Hello due in 00:00:07 
  Index 1/1/1, flood queue length 0 
  Next 0x0(0)/0x0(0)/0x0(0) 
  Last flood scan length is 1, maximum is 1 
  Last flood scan time is 0 msec, maximum is 0 msec 
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 10.1.0.1
  Suppress hello for 0 neighbor(s)

Related Commands


Command	Description
show ipv6 ospf graceful-restart	Displays OSPFv3 graceful restart information.

show ipv6 ospf request-list

To display a list of all link-state advertisements (LSAs) requested by a router, use the show ipv6 ospf request-list command in user EXEC or privileged EXEC mode.

show ipv6 ospf [process-id] [area-id] request-list [neighbor] [interface] [interface-neighbor]

Syntax Description


`process-id`	(Optional) Internal identification. It is locally assigned and can be any positive integer. The number used here is the number assigned administratively when the Open Shortest Path First (OSPF) routing process is enabled.
`area-id`	(Optional) Displays information only about a specified area.
`neighbor`	(Optional) Displays the list of all LSAs requested by the router from this neighbor.
`interface`	(Optional) Displays the list of all LSAs requested by the router from this interface.
`interface-neighbor`	(Optional) Displays the list of all LSAs requested by the router on this interface, from this neighbor.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The information displayed by the show ipv6 ospf request-list command is useful in debugging OSPF routing operations.

Examples

The following example shows information about the LSAs requested by the router:


Device# show ipv6 ospf request-list
 
            OSPFv3 Router with ID (192.168.255.5) (Process ID 1)
 Neighbor 192.168.255.2, interface Ethernet0/0 address
FE80::A8BB:CCFF:FE00:6600
 Type    LS ID           ADV RTR         Seq NO      Age    Checksum
  1      0.0.0.0         192.168.255.3   0x800000C2  1      0x0014C5
  1      0.0.0.0         192.168.255.2   0x800000C8  0      0x000BCA
  1      0.0.0.0         192.168.255.1   0x800000C5  1      0x008CD1
  2      0.0.0.3         192.168.255.3   0x800000A9  774    0x0058C0
  2      0.0.0.2         192.168.255.3   0x800000B7  1      0x003A63

The table below describes the significant fields shown in the display.

Table 44. show ipv6 ospf request-list Field Descriptions
Field	Description
OSPFv3 Router with ID (192.168.255.5) (Process ID 1)	Identification of the router for which information is displayed.
Interface Ethernet0/0	Interface for which information is displayed.
Type	Type of LSA.
LS ID	Link-state ID of the LSA.
ADV RTR	IP address of advertising router.
Seq NO	Sequence number of LSA.
Age	Age of LSA (in seconds).
Checksum	Checksum of LSA.

show ipv6 ospf retransmission-list

To display a list of all link-state advertisements (LSAs) waiting to be re-sent, use the show ipv6 ospf retransmission-list command in user EXEC or privileged EXEC mode.

show ipv6 ospf [process-id] [area-id] retransmission-list [neighbor] [interface] [interface-neighbor]

Syntax Description


`process-id`	(Optional) Internal identification. It is locally assigned and can be any positive integer. The number used here is the number assigned administratively when the OSPF routing process is enabled.
`area-id`	(Optional) Displays information only about a specified area.
`neighbor`	(Optional) Displays the list of all LSAs waiting to be re-sent for this neighbor.
`interface`	(Optional) Displays the list of all LSAs waiting to be re-sent on this interface.
`interface` `neighbor`	(Optional) Displays the list of all LSAs waiting to be re-sent on this interface, from this neighbor.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The information displayed by the show ipv6 ospf retransmission-list command is useful in debugging Open Shortest Path First (OSPF) routing operations.

Examples

The following is sample output from the show ipv6 ospf retransmission-list command:


Device# show ipv6 ospf retransmission-list
 
        OSPFv3 Router with ID (192.168.255.2) (Process ID 1)
 Neighbor 192.168.255.1, interface Ethernet0/0
 Link state retransmission due in 3759 msec, Queue length 1
 Type    LS ID           ADV RTR         Seq NO      Age    Checksum
 0x2001  0               192.168.255.2   0x80000222  1      0x00AE52

The table below describes the significant fields shown in the display.

Table 45. show ipv6 ospf retransmission-list Field Descriptions
Field	Description
OSPFv3 Router with ID (192.168.255.2) (Process ID 1)	Identification of the router for which information is displayed.
Interface Ethernet0/0	Interface for which information is displayed.
Link state retransmission due in	Length of time before next link-state transmission.
Queue length	Number of elements in the retransmission queue.
Type	Type of LSA.
LS ID	Link-state ID of the LSA.
ADV RTR	IP address of advertising router.
Seq NO	Sequence number of the LSA.
Age	Age of LSA (in seconds).
Checksum	Checksum of LSA.

show ipv6 ospf statistics

To display Open Shortest Path First for IPv6 (OSPFv6) shortest path first (SPF) calculation statistics, use the show ipv6 ospf statistics command in user EXEC or privileged EXEC mode.

show ipv6 ospf statistics [detail]

Syntax Description


detail	(Optional) Displays statistics separately for each OSPF area and includes additional, more detailed statistics.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The show ipv6 ospf statistics command provides important information about SPF calculations and the events that trigger them. This information can be meaningful for both OSPF network maintenance and troubleshooting. For example, entering the show ipv6 ospf statistics command is recommended as the first troubleshooting step for link-state advertisement (LSA) flapping.

Examples

The following example provides detailed statistics for each OSPFv6 area:


Device# show ipv6 ospf statistics detail
  Area 0: SPF algorithm executed 3 times
SPF 1 executed 00:06:57 ago, SPF type Full
  SPF calculation time (in msec):
  SPT    Prefix D-Int  Sum    D-Sum  Ext    D-Ext  Total
  0      0      0      0      0      0      0      0
  RIB manipulation time (in msec):
  RIB Update    RIB Delete
  0             0             
  LSIDs processed R:1 N:0 Prefix:0 SN:0 SA:0 X7:0
  Change record R N SN SA L
  LSAs changed 1
  Changed LSAs. Recorded is Advertising Router, LSID and LS type:
  10.2.2.2/0(R)
SPF 2 executed 00:06:47 ago, SPF type Full
  SPF calculation time (in msec):
  SPT    Prefix D-Int  Sum    D-Sum  Ext    D-Ext  Total
  0      0      0      0      0      0      0      0
  RIB manipulation time (in msec):
  RIB Update    RIB Delete
  0             0             
  LSIDs processed R:1 N:0 Prefix:1 SN:0 SA:0 X7:0
  Change record R L P
  LSAs changed 4
  Changed LSAs. Recorded is Advertising Router, LSID and LS type:
  10.2.2.2/2(L) 10.2.2.2/0(R) 10.2.2.2/2(L) 10.2.2.2/0(P)

The table below describes the significant fields shown in the display.

Table 46. show ipv6 ospf statistics Field Descriptions
Field	Description
Area	OSPF area ID.
SPF	Number of SPF algorithms executed in the OSPF area. The number increases by one for each SPF algorithm that is executed in the area.
Executed ago	Time in milliseconds that has passed between the start of the SPF algorithm execution and the current time.
SPF type	SPF type can be Full or Incremental.
SPT	Time in milliseconds required to compute the first stage of the SPF algorithm (to build a short path tree). The SPT time plus the time required to process links to stub networks equals the Intra time.
Ext	Time in milliseconds for the SPF algorithm to process external and not so stubby area (NSSA) LSAs and to install external and NSSA routes in the routing table.
Total	Total duration time in milliseconds for the SPF algorithm process.
LSIDs processed	Number of LSAs processed during the SPF calculation: N--Network LSA. R--Router LSA. SA--Summary Autonomous System Boundary Router (ASBR) (SA) LSA. SN--Summary Network (SN) LSA. Stub--Stub links. X7--External Type-7 (X7) LSA.

show ipv6 ospf summary-prefix

To display a list of all summary address redistribution information configured under an OSPF process, use the show ipv6 ospf summary-prefix command in user EXEC or privileged EXEC mode.

show ipv6 ospf [process-id] summary-prefix

Syntax Description


`process-id`	(Optional) Internal identification. It is locally assigned and can be any positive integer. The number used here is the number assigned administratively when the OSPF routing process is enabled.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The process-id argument can be entered as a decimal number or as an IPv6 address format.

Examples

The following is sample output from the show ipv6 ospf summary-prefix command:


Device# show ipv6 ospf summary-prefix
 
OSPFv3 Process 1, Summary-prefix
FEC0::/24 Metric 16777215, Type 0, Tag 0

The table below describes the significant fields shown in the display.

Table 47. show ipv6 ospf summary-prefix Field Descriptions
Field	Description
OSPFv3 Process	Process ID of the router for which information is displayed.
Metric	Metric used to reach the destination router.
Type	Type of link-state advertisement (LSA).
Tag	LSA tag.

show ipv6 ospf timers rate-limit

To display all of the link-state advertisements (LSAs) in the rate limit queue, use the show ipv6 ospf timers rate-limit command in privileged EXEC mode.

show ipv6 ospf timers rate-limit

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the show ipv6 ospf timers rate-limit command to discover when LSAs in the queue will be sent.

Examples

The following is sample output from the show ipv6 ospf timers rate-limit command:


Device# show ipv6 ospf timers rate-limit
List of LSAs that are in rate limit Queue
    LSAID: 0.0.0.0 Type: 0x2001 Adv Rtr: 55.55.55.55 Due in: 00:00:00.500
    LSAID: 0.0.0.0 Type: 0x2009 Adv Rtr: 55.55.55.55 Due in: 00:00:00.500

The table below describes the significant fields shown in the display.

Table 48. show ipv6 ospf timers rate-limit Field Descriptions
Field	Description
LSAID	ID of the LSA.
Type	Type of LSA.
Adv Rtr	ID of the advertising router.
Due in:	When the LSA is scheduled to be sent (in hours:minutes:seconds).

show ipv6 ospf traffic

To display IPv6 Open Shortest Path First Version 3 (OSPFv3) traffic statistics, use the show ipv6 ospf traffic command in privileged EXEC mode.

show ipv6 ospf [process-id] traffic [interface-type interface-number]

Syntax Description


`process-id`	(Optional) OSPF process ID for which you want traffic statistics (for example, queue statistics, statistics for each interface under the OSPF process, and per OSPF process statistics).
`interface-type` `interface-number`	(Optional) Type and number associated with a specific OSPF interface.

Command Default

When the show ipv6 ospf traffic command is entered without any arguments, global OSPF traffic statistics are displayed, including queue statistics for each OSPF process, statistics for each interface, and per OSPF process statistics.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

You can limit the displayed traffic statistics to those for a specific OSPF process by entering a value for the process-id argument, or you can limit output to traffic statistics for a specific interface associated with an OSPF process by entering values for the interface-type and interface-number arguments. To reset counters and clear statistics, use the clear ipv6 ospf traffic command.

Examples

The following example shows the display output for the show ipv6 ospf traffic command for OSPFv3:


Device# show ipv6 ospf traffic 
OSPFv3 statistics:
  Rcvd: 32 total, 0 checksum errors
        10 hello, 7 database desc, 2 link state req
        9 link state updates, 4 link state acks
        0 LSA ignored
  Sent: 45 total, 0 failed
        17 hello, 12 database desc, 2 link state req
        8 link state updates, 6 link state acks
        OSPFv3 Router with ID (10.1.1.4) (Process ID 6)
OSPFv3 queues statistic for process ID 6
  Hello queue size 0, no limit, max size 2
  Router queue size 0, limit 200, drops 0, max size 2
Interface statistics:
    Interface Serial2/0
OSPFv3 packets received/sent
  Type          Packets              Bytes
  RX Invalid    0                    0
  RX Hello      5                    196
  RX DB des     4                    172
  RX LS req     1                    52
  RX LS upd     4                    320
  RX LS ack     2                    112
  RX Total      16                   852
  TX Failed     0                    0
  TX Hello      8                    304
  TX DB des     3                    144
  TX LS req     1                    52
  TX LS upd     3                    252
  TX LS ack     3                    148
  TX Total      18                   900
OSPFv3 header errors
  Length 0, Checksum 0, Version 0, No Virtual Link 0, 
  Area Mismatch 0, Self Originated 0, Duplicate ID 0, 
  Instance ID 0, Hello 0, MTU Mismatch 0, 
  Nbr Ignored 0, Authentication 0, 
OSPFv3 LSA errors
  Type 0, Length 0, Data 0, Checksum 0, 
    Interface Ethernet0/0
OSPFv3 packets received/sent
  Type          Packets              Bytes
  RX Invalid    0                    0
  RX Hello      6                    240
  RX DB des     3                    144
  RX LS req     1                    52
  RX LS upd     5                    372
  RX LS ack     2                    152
  RX Total      17                   960
  TX Failed     0                    0
  TX Hello      11                   420
  TX DB des     9                    312
  TX LS req     1                    52
  TX LS upd     5                    376
  TX LS ack     3                    148
  TX Total      29                   1308
OSPFv3 header errors
  Length 0, Checksum 0, Version 0, No Virtual Link 0, 
  Area Mismatch 0, Self Originated 0, Duplicate ID 0, 
  Instance ID 0, Hello 0, MTU Mismatch 0, 
  Nbr Ignored 0, Authentication 0, 
OSPFv3 LSA errors
  Type 0, Length 0, Data 0, Checksum 0, 
Summary traffic statistics for process ID 6:
OSPFv3 packets received/sent
  Type          Packets              Bytes
  RX Invalid    0                    0
  RX Hello      11                   436
  RX DB des     7                    316
  RX LS req     2                    104
  RX LS upd     9                    692
  RX LS ack     4                    264
  RX Total      33                   1812
  TX Failed     0                    0
  TX Hello      19                   724
  TX DB des     12                   456
  TX LS req     2                    104
  TX LS upd     8                    628
  TX LS ack     6                    296
  TX Total      47                   2208
OSPFv3 header errors
  Length 0, Checksum 0, Version 0, No Virtual Link 0, 
  Area Mismatch 0, Self Originated 0, Duplicate ID 0, 
  Instance ID 0, Hello 0, MTU Mismatch 0, 
  Nbr Ignored 0, Authentication 0, 
OSPFv3 LSA errors
  Type 0, Length 0, Data 0, Checksum 0,

The network administrator wants to start collecting new statistics, resetting the counters and clearing the traffic statistics by entering the clear ipv6 ospf traffic command as follows:

Device# clear ipv6 ospf traffic

The table below describes the significant fields shown in the display.

Table 49. show ipv6 ospf traffic Field Descriptions

Field

Description

OSPFv3 statistics

Traffic statistics accumulated for all OSPF processes running on the router. To ensure compatibility with the showiptraffic command, only checksum errors are displayed. Identifies the route map name.

OSPFv3 queues statistic for process ID

Queue statistics specific to Cisco IOS software.

Hello queue

Statistics for the internal Cisco IOS queue between the packet switching code (process IP Input) and the OSPF hello process for all received OSPF packets.

Router queue

Statistics for the internal Cisco IOS queue between the OSPF hello process and the OSPF router for all received OSPF packets except OSPF hellos.

queue size

Actual size of the queue.

queue limit

Maximum allowed size of the queue.

queue max size

Maximum recorded size of the queue.

Interface statistics

Per-interface traffic statistics for all interfaces that belong to the specific OSPFv3 process ID.

OSPFv3 packets received/sent

Number of OSPFv3 packets received and sent on the interface, sorted by packet types.

OSPFv3 header errors

Packet appears in this section if it was discarded because of an error in the header of an OSPFv3 packet. The discarded packet is counted under the appropriate discard reason.

OSPFv3 LSA errors

Packet appears in this section if it was discarded because of an error in the header of an OSPF link-state advertisement (LSA). The discarded packet is counted under the appropriate discard reason.

Summary traffic statistics for process ID

Summary traffic statistics accumulated for an OSPFv3 process.

Note

The OSPF process ID is a unique value assigned to the OSPFv3 process in the configuration.

The value for the received errors is the sum of the OSPFv3 header errors that are detected by the OSPFv3 process, unlike the sum of the checksum errors that are listed in the global OSPF statistics.

Related Commands


Command	Description
clear ip ospf traffic	Clears OSPFv2 traffic statistics.
clear ipv6 ospf traffic	Clears OSPFv3 traffic statistics.
show ip ospf traffic	Displays OSPFv2 traffic statistics.

show ipv6 ospf virtual-links

To display parameters and the current state of Open Shortest Path First (OSPF) virtual links, use the s how ipv6 ospf virtual-links command in user EXEC or privileged EXEC mode.

show ipv6 ospf virtual-links

Syntax Description

This command has no arguments or keywords.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The information displayed by the show ipv6 ospf virtual-links command is useful in debugging OSPF routing operations.

Examples

The following is sample output from the show ipv6 ospf virtual-links command:

Device# show ipv6 ospf virtual-links 
Virtual Link OSPF_VL0 to router 172.16.6.6 is up
  Interface ID 27, IPv6 address FEC0:6666:6666::
  Run as demand circuit
  DoNotAge LSA allowed.
  Transit area 2, via interface ATM3/0, Cost of using 1
  Transmit Delay is 1 sec, State POINT_TO_POINT,
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 00:00:06

The table below describes the significant fields shown in the display.

Table 50. show ipv6 ospf virtual-links Field Descriptions
Field	Description
Virtual Link OSPF_VL0 to router 172.16.6.6 is up	Specifies the OSPF neighbor, and if the link to that neighbor is up or down.
Interface ID	Interface ID and IPv6 address of the router.
Transit area 2	The transit area through which the virtual link is formed.
via interface ATM3/0	The interface through which the virtual link is formed.
Cost of using 1	The cost of reaching the OSPF neighbor through the virtual link.
Transmit Delay is 1 sec	The transmit delay (in seconds) on the virtual link.
State POINT_TO_POINT	The state of the OSPF neighbor.
Timer intervals...	The various timer intervals configured for the link.
Hello due in 0:00:06	When the next hello is expected from the neighbor.

The following sample output from the show ipv6 ospf virtual-links command has two virtual links. One is protected by authentication, and the other is protected by encryption.


Device# show ipv6 ospf virtual-links 
Virtual Link OSPFv3_VL1 to router 10.2.0.1 is up
   Interface ID 69, IPv6 address 2001:0DB8:11:0:A8BB:CCFF:FE00:6A00
   Run as demand circuit 
   DoNotAge LSA allowed. 
   Transit area 1, via interface Serial12/0, Cost of using 64 
   NULL encryption SHA-1 auth SPI 3944, secure socket UP (errors: 0) 
   Transmit Delay is 1 sec, State POINT_TO_POINT, 
   Timer intervals configured, Hello 2, Dead 10, Wait 40, Retransmit 5 
     Adjacency State FULL (Hello suppressed) 
     Index 1/2/4, retransmission queue length 0, number of retransmission 1 
     First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0) 
     Last retransmission scan length is 1, maximum is 1 
     Last retransmission scan time is 0 msec, maximum is 0 msec 
Virtual Link OSPFv3_VL0 to router 10.1.0.1 is up 
   Interface ID 67, IPv6 address 2001:0DB8:13:0:A8BB:CCFF:FE00:6700 
   Run as demand circuit 
   DoNotAge LSA allowed. 
   Transit area 1, via interface Serial11/0, Cost of using 128 
   MD5 authentication SPI 940, secure socket UP (errors: 0) 
   Transmit Delay is 1 sec, State POINT_TO_POINT, 
   Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 
     Adjacency State FULL (Hello suppressed) 
     Index 1/1/3, retransmission queue length 0, number of retransmission 1 
First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0) 
     Last retransmission scan length is 1, maximum is 1 
     Last retransmission scan time is 0 msec, maximum is 0 msec

show ipv6 pim anycast-RP

To verify IPv6 PIM anycast RP operation, use the show ipv6 pim anycast-RP command in user EXEC or privileged EXEC mode.

show ipv6 pim anycast-RP rp-address

Syntax Description


`rp-address`	RP address to be verified.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Examples

Device# show ipv6 pim anycast-rp 110::1:1:1 

Anycast RP Peers For 110::1:1:1   Last Register/Register-Stop received
  20::1:1:1 00:00:00/00:00:00

Related Commands


Command	Description
ipv6 pim anycast-RP	Configures the address of the PIM RP for an anycast group range.

show ipv6 pim bsr

To display information related to Protocol Independent Multicast (PIM) bootstrap router (BSR) protocol processing, use the show ipv6 pim bsr command in user EXEC or privileged EXEC mode.

show ipv6 pim [vrf vrf-name] bsr {election | rp-cache | candidate-rp}

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
election	Displays BSR state, BSR election, and bootstrap message (BSM)-related timers.
rp-cache	Displays candidate rendezvous point (C-RP) cache learned from unicast C-RP announcements on the elected BSR.
candidate-rp	Displays C-RP state on devices that are configured as C-RPs.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the show ipv6 pim bsr command to display details of the BSR election-state machine, C-RP advertisement state machine, and the C-RP cache. Information on the C-RP cache is displayed only on the elected BSR device, and information on the C-RP state machine is displayed only on a device configured as a C-RP.

Examples

The following example displays BSM election information:


Device# show ipv6 pim bsr election
PIMv2 BSR information
BSR Election Information
Scope Range List: ff00::/8
This system is the Bootstrap Router (BSR)
BSR Address: 60::1:1:4
Uptime: 00:11:55, BSR Priority: 0, Hash mask length: 126
RPF: FE80::A8BB:CCFF:FE03:C400,Ethernet0/0
BS Timer: 00:00:07
This system is candidate BSR
Candidate BSR address: 60::1:1:4, priority: 0, hash mask length: 126

The table below describes the significant fields shown in the display.

Table 51. show ipv6 pim bsr election Field Descriptions
Field	Description
Scope Range List	Scope to which this BSR information applies.
This system is the Bootstrap Router (BSR)	Indicates this device is the BSR and provides information on the parameters associated with it.
BS Timer	On the elected BSR, the BS timer shows the time in which the next BSM will be originated. On all other devices in the domain, the BS timer shows the time at which the elected BSR expires.
This system is candidate BSR	Indicates this device is the candidate BSR and provides information on the parameters associated with it.

The following example displays information that has been learned from various C-RPs at the BSR. In this example, two candidate RPs have sent advertisements for the FF00::/8 or the default IPv6 multicast range:


Device# show ipv6 pim bsr rp-cache
PIMv2 BSR C-RP Cache
BSR Candidate RP Cache
Group(s) FF00::/8, RP count 2
  RP 10::1:1:3
    Priority 192, Holdtime 150
    Uptime: 00:12:36, expires: 00:01:55
  RP 20::1:1:1
    Priority 192, Holdtime 150
    Uptime: 00:12:36, expires: 00:01:5

The following example displays information about the C-RP. This RP has been configured without a specific scope value, so the RP will send C-RP advertisements to all BSRs about which it has learned through BSMs it has received.


Device# show ipv6 pim bsr candidate-rp
PIMv2 C-RP information
    Candidate RP: 10::1:1:3
      All Learnt Scoped Zones, Priority 192, Holdtime 150
      Advertisement interval 60 seconds
      Next advertisement in 00:00:33

The following example confirms that the IPv6 C-BSR is PIM-enabled. If PIM is disabled on an IPv6 C-BSR interface, or if a C-BSR or C-RP is configured with the address of an interface that does not have PIM enabled, the show ipv6 pim bsr command used with the election keyword would display that information instead.


Device# show ipv6 pim bsr election

PIMv2 BSR information

BSR Election Information
  Scope Range List: ff00::/8
     BSR Address: 2001:DB8:1:1:2
     Uptime: 00:02:42, BSR Priority: 34, Hash mask length: 28
     RPF: FE80::20:1:2,Ethernet1/0
     BS Timer: 00:01:27

show ipv6 pim df

To display the designated forwarder (DF)-election state of each interface for each rendezvous point (RP), use the show ipv6 pim df command in user EXEC or privileged EXEC mode.

show ipv6 pim [vrf vrf-name] df [interface-type interface-number] [rp-address]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`interface-type` `interface-number`	(Optional) Interface type and number. For more information, use the question mark (?) online help function.
`rp-address`	(Optional) RP IPv6 address.

Command Default

If no interface or RP address is specified, all DFs are displayed.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the show ipv6 pim df command to display the state of the DF election for each RP on each Protocol Independent Multicast (PIM)-enabled interface if the bidirectional multicast traffic is not flowing as expected.

Examples

The following example displays the DF-election states:

Device# show ipv6 pim df
Interface          DF State     Timer         Metrics
Ethernet0/0        Winner       4s 8ms        [120/2]
    RP :200::1
Ethernet1/0        Lose         0s 0ms        [inf/inf]
    RP :200::1

The following example shows information on the RP:

Device# show ipv6 pim df
Interface          DF State     Timer         Metrics
Ethernet0/0        None:RP LAN 0s 0ms        [inf/inf]
    RP :200::1
Ethernet1/0        Winner       7s 600ms      [0/0]
    RP :200::1
Ethernet2/0        Winner       9s 8ms        [0/0]
    RP :200::1

The table below describes the significant fields shown in the display.

Table 52. show ipv6 pim df Field Descriptions
Field	Description
Interface	Interface type and number that is configured to run PIM.
DF State	The state of the DF election on the interface. The state can be: Offer Winner Backoff Lose None:RP LAN The None:RP LAN state indicates that no DF election is taking place on this LAN because the RP is directly connected to this LAN.
Timer	DF election timer.
Metrics	Routing metrics to the RP announced by the DF.
RP	The IPv6 address of the RP.

Related Commands


Command	Description
debug ipv6 pim df-election	Displays debug messages for PIM bidirectional DF-election message processing.
ipv6 pim rp-address	Configures the address of a PIM RP for a particular group range.
show ipv6 pim df winner	Displays the DF-election winner on each interface for each RP.

show ipv6 pim group-map

To display an IPv6 Protocol Independent Multicast (PIM) group mapping table, use the show ipv6 pim group-map command in user EXEC or privileged EXEC mode.

{show ipv6 pim [vrf vrf-name] group-map [group-name | group-address] | [group-range | group-mask] [info-source {bsr | default | embedded-rp | static}]}

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`group-name` \| `group-address`	(Optional) IPv6 address or name of the multicast group.
`group-range` \| `group-mask`	(Optional) Group range list. Includes group ranges with the same prefix or mask length.
info-source	(Optional) Displays all mappings learned from a specific source, such as the bootstrap router (BSR) or static configuration.
bsr	Displays ranges learned through the BSR.
default	Displays ranges enabled by default.
embedded-rp	Displays group ranges learned through the embedded rendezvous point (RP).
static	Displays ranges enabled by static configuration.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the show ipv6 pim group-map command to find all group mappings installed by a given source of information, such as BSR or static configuration.

You can also use this command to find which group mapping a router at a specified IPv6 group address is using by specifying a group address, or to find an exact group mapping entry by specifying a group range and mask length.

Examples

The following is sample output from the show ipv6 pim group-map command:


Device# show ipv6 pim group-map
FF33::/32*
      SSM
      Info source:Static
      Uptime:00:08:32, Groups:0
  FF34::/32*
      SSM
      Info source:Static
      Uptime:00:09:42, Groups:0

The table below describes the significant fields shown in the display.

Table 53. show ipv6 pim group-map Field Descriptions
Field	Description
RP	Address of the RP router if the protocol is sparse mode or bidir.
Protocol	Protocol used: sparse mode (SM), Source Specific Multicast (SSM), link-local (LL), or NOROUTE (NO). LL is used for the link-local scoped IPv6 address range (ff[0-f]2::/16). LL is treated as a separate protocol type, because packets received with these destination addresses are not forwarded, but the router might need to receive and process them. NOROUTE or NO is used for the reserved and node-local scoped IPv6 address range (ff[0-f][0-1]::/16). These addresses are nonroutable, and the router does not need to process them.
Groups	How many groups are present in the topology table from this range.
Info source	Mappings learned from a specific source; in this case, static configuration.
Uptime	The uptime for the group mapping displayed.

The following example displays the group mappings learned from BSRs that exist in the PIM group-to-RP or mode-mapping cache. The example shows the address of the BSR from which the group mappings have been learned and the associated timeout.


Router# show ipv6 pim group-map info-source bsr
FF00::/8*
    SM, RP: 20::1:1:1
    RPF: Et1/0,FE80::A8BB:CCFF:FE03:C202
    Info source: BSR From: 60::1:1:4(00:01:42), Priority: 192
    Uptime: 00:19:51, Groups: 0
FF00::/8*
    SM, RP: 10::1:1:3
    RPF: Et0/0,FE80::A8BB:CCFF:FE03:C102
    Info source: BSR From: 60::1:1:4(00:01:42), Priority: 192
    Uptime: 00:19:51, Groups: 0

show ipv6 pim interface

To display information about interfaces configured for Protocol Independent Multicast (PIM), use the show ipv6 pim interface command in privileged EXEC mode.

show ipv6 pim [vrf vrf-name] interface [state-on] [state-off] [type number]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
state-on	(Optional) Displays interfaces with PIM enabled.
state-off	(Optional) Displays interfaces with PIM disabled.
`type` `number`	(Optional) Interface type and number.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
	This command was introduced.

Usage Guidelines

The show ipv6 pim interface command is used to check if PIM is enabled on an interface, the number of neighbors, and the designated router (DR) on the interface.

Examples

The following is sample output from the show ipv6 pim interface command using the state-on keyword:


Device# show ipv6 pim interface state-on
Interface          PIM  Nbr   Hello  DR
                        Count Intvl  Prior
Ethernet0          on   0     30     1     
    Address:FE80::208:20FF:FE08:D7FF
    DR     :this system
POS1/0             on   0     30     1     
    Address:FE80::208:20FF:FE08:D554
    DR     :this system
POS4/0             on   1     30   1     
    Address:FE80::208:20FF:FE08:D554
    DR     :FE80::250:E2FF:FE8B:4C80
POS4/1             on   0     30   1     
    Address:FE80::208:20FF:FE08:D554
    DR     :this system
Loopback0          on   0     30     1     
    Address:FE80::208:20FF:FE08:D554
    DR     :this system

The table below describes the significant fields shown in the display.

Table 54. show ipv6 pim interface Field Descriptions
Field	Description
Interface	Interface type and number that is configured to run PIM.
PIM	Whether PIM is enabled on an interface.
Nbr Count	Number of PIM neighbors that have been discovered through this interface.
Hello Intvl	Frequency, in seconds, of PIM hello messages.
DR	IP address of the designated router (DR) on a network.
Address	Interface IP address of the next-hop router.

The following is sample output from the show ipv6 pim interface command, modified to display passive interface information:


Device(config)# show ipv6 pim interface gigabitethernet0/0/0

    Interface              PIM   Nbr   Hello  DR		BFD
                           Count Intvl Prior

    GigabitEthernet0/0/0   on/P  0     30     1			On     
       Address: FE80::A8BB:CCFF:FE00:9100
       DR     : this system

The table below describes the significant change shown in the display.

Table 55. show ipv6 pim interface Field Description
Field	Description
PIM	Whether PIM is enabled on an interface. When PIM passive mode is used, a "P" is displayed in the output.

Related Commands


Command	Description
show ipv6 pim neighbor	Displays the PIM neighbors discovered by the Cisco IOS software.

show ipv6 pim join-prune statistic

To display the average join-prune aggregation for the most recently aggregated 1000, 10,000, and 50,000 packets for each interface, use the show ipv6 pim join-prune statistic command in user EXEC or privileged EXEC mode.

show ipv6 pim [vrf vrf-name] join-prune statistic [interface-type]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`interface-type`	(Optional) Interface type. For more information, use the question mark (? ) online help function.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

When Protocol Independent Multicast (PIM) sends multiple joins and prunes simultaneously, it aggregates them into a single packet. The show ipv6 pim join-prune statistic command displays the average number of joins and prunes that were aggregated into a single packet over the last 1000 PIM join-prune packets, over the last 10,000 PIM join-prune packets, and over the last 50,000 PIM join-prune packets.

Examples

The following example provides the join/prune aggregation on Ethernet interface 0/0/0:


Device# show ipv6 pim join-prune statistic Ethernet0/0/0
PIM Average Join/Prune Aggregation for last (1K/10K/50K) packets
Interface             Transmitted             Received
Ethernet0/0/0      0    / 0    / 0         1    / 0    / 0

The table below describes the significant fields shown in the display.

Table 56. show ipv6 pim join-prune statistics Field Descriptions
Field	Description
Interface	The interface from which the specified packets were transmitted or on which they were received.
Transmitted	The number of packets transmitted on the interface.
Received	The number of packets received on the interface.

show ipv6 pim limit

To display Protocol Independent Multicast (PIM) interface limit, use the show ipv6 pim limit command in privileged EXEC mode.

show ipv6 pim [vrf vrf-name] limit [interface]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`interface`	(Optional) Specific interface for which limit information is provided.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The show ipv6 pim limit command checks interface statistics for limits. If the optional interface argument is enabled, only information for the specified interface is shown.

Examples

The following example displays s PIM interface limit information:


Device# show ipv6 pim limit

Related Commands


Command	Description
ipv6 multicast limit	Configures per-interface mroute state limiters in IPv6.
ipv6 multicast limit cost	Applies a cost to mroutes that match per interface mroute state limiters in IPv6.

show ipv6 pim neighbor

To display the Protocol Independent Multicast (PIM) neighbors discovered by the Cisco software, use the show ipv6 pim neighbor command in privileged EXEC mode.

show ipv6 pim [vrf vrf-name ]neighbor [detail ] [interface-type interface-number | count]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
detail	(Optional) Displays the additional addresses of the neighbors learned, if any, through the routable address hello option.
`interface-type interface-number`	(Optional) Interface type and number.
count	(Optional) Displays neighbor counts on each interface.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The show ipv6 pim neighbor command displays which routers on the LAN are configured for PIM.

Examples

The following is sample output from the show ipv6 pim neighbor command using the detail keyword to identify the additional addresses of the neighbors learned through the routable address hello option:

Device# show ipv6 pim neighbor detail 

Neighbor Address(es)       Interface          Uptime    Expires DR pri Bidir

FE80::A8BB:CCFF:FE00:401   Ethernet0/0        01:34:16  00:01:16 1      B
60::1:1:3

FE80::A8BB:CCFF:FE00:501   Ethernet0/0        01:34:15  00:01:18 1      B
60::1:1:4

The table below describes the significant fields shown in the display.

Table 57. show ipv6 pim neighbor Field Descriptions
Field	Description
Neighbor addresses	IPv6 address of the PIM neighbor.
Interface	Interface type and number on which the neighbor is reachable.
Uptime	How long (in hours, minutes, and seconds) the entry has been in the PIM neighbor table.
Expires	How long (in hours, minutes, and seconds) until the entry will be removed from the IPv6 multicast routing table.
DR	Indicates that this neighbor is a designated router (DR) on the LAN.
pri	DR priority used by this neighbor.
Bidir	The neighbor is capable of PIM in bidirectional mode.

Related Commands


Command	Description
show ipv6 pim interfaces	Displays information about interfaces configured for PIM.

show ipv6 pim range-list

To display information about IPv6 multicast range lists, use the show ipv6 pim range-list command in privileged EXEC mode.

show ipv6 pim [vrf vrf-name] range-list [config] [rp-address | rp-name]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
config	(Optional) The client. Displays the range lists configured on the router.
rp-address \| rp-name	(Optional) The address of a Protocol Independent Multicast (PIM) rendezvous point (RP).

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The show ipv6 pim range-list command displays IPv6 multicast range lists on a per-client and per-mode basis. A client is the entity from which the specified range list was learned. The clients can be config, and the modes can be Source Specific Multicast (SSM) or sparse mode (SM).

Examples

The following is sample output from the show ipv6 pim range-list command:


Device# show ipv6 pim range-list
config SSM Exp:never Learnt from :::
 FF33::/32 Up:00:26:33
 FF34::/32 Up:00:26:33
 FF35::/32 Up:00:26:33
 FF36::/32 Up:00:26:33
 FF37::/32 Up:00:26:33
 FF38::/32 Up:00:26:33
 FF39::/32 Up:00:26:33
 FF3A::/32 Up:00:26:33
 FF3B::/32 Up:00:26:33
 FF3C::/32 Up:00:26:33
 FF3D::/32 Up:00:26:33
 FF3E::/32 Up:00:26:33
 FF3F::/32 Up:00:26:33
config SM RP:40::1:1:1 Exp:never Learnt from :::
 FF13::/64 Up:00:03:50
config SM RP:40::1:1:3 Exp:never Learnt from :::
 FF09::/64 Up:00:03:50

The table below describes the significant fields shown in the display.

Table 58. show ipv6 pim range-list Field Descriptions
Field	Description
config	Config is the client.
SSM	Protocol being used.
FF33::/32	Group range.
Up:	Uptime.

show ipv6 pim topology

To display Protocol Independent Multicast (PIM) topology table information for a specific group or all groups, use the show ipv6 pim topology command in user EXEC or privileged EXEC mode.

show ipv6 pim [vrf vrf-name] topology [group-name | group-address [source-address | source-name] | link-local]route-count [detail]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`group-name` \| `group-address`	(Optional) IPv6 address or name of the multicast group.
`source-address` \| `source-name`	(Optional) IPv6 address or name of the source.
link-local	(Optional) Displays the link-local groups.
route-count	(Optional) Displays the number of routes in PIM topology table.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

This command shows the PIM topology table for a given group--(*, G), (S, G), and (S, G) Rendezvous Point Tree (RPT)-- as internally stored in a PIM topology table. The PIM topology table may have various entries for a given group, each with its own interface list. The resulting forwarding state is maintained in the Multicast Routing Information Base (MRIB) table, which shows which interface the data packet should be accepted on and which interfaces the data packet should be forwarded to for a given (S, G) entry. Additionally, the Multicast Forwarding Information Base (MFIB) table is used during forwarding to decide on per-packet forwarding actions.

The route-count keyword shows the count of all entries, including link-local entries.

PIM communicates the contents of these entries through the MRIB, which is an intermediary for communication between multicast routing protocols (such as PIM), local membership protocols (such as Multicast Listener Discovery [MLD]), and the multicast forwarding engine of the system.

For example, an interface is added to the (*, G) entry in PIM topology table upon receipt of an MLD report or PIM (*, G) join message. Similarly, an interface is added to the (S, G) entry upon receipt of the MLD INCLUDE report for the S and G or PIM (S, G) join message. Then PIM installs an (S, G) entry in the MRIB with the immediate olist (from (S, G)) and the inherited olist (from (*, G)). Therefore, the proper forwarding state for a given entry (S, G) can be seen only in the MRIB or the MFIB, not in the PIM topology table.

Examples

The following is sample output from the show ipv6 pim topology command:


Device# show ipv6 pim topology
IP PIM Multicast Topology Table
Entry state:(*/S,G)[RPT/SPT] Protocol Uptime Info
Entry flags:KAT - Keep Alive Timer, AA - Assume Alive, PA - Probe Alive,
    RA - Really Alive, LH - Last Hop, DSS - Don't Signal Sources,
    RR - Register Received, SR - Sending Registers, E - MSDP External,
    DCC - Don't Check Connected
Interface state:Name, Uptime, Fwd, Info
Interface flags:LI - Local Interest, LD - Local Dissinterest,
II - Internal Interest, ID - Internal Dissinterest,
LH - Last Hop, AS - Assert, AB - Admin Boundary
(*,FF05::1)
SM UP:02:26:56 JP:Join(now) Flags:LH 
RP:40::1:1:2
RPF:Ethernet1/1,FE81::1 
  Ethernet0/1          02:26:56  fwd LI LH 
(50::1:1:200,FF05::1)
SM UP:00:00:07 JP:Null(never) Flags:
RPF:Ethernet1/1,FE80::30:1:4 
  Ethernet1/1          00:00:07  off LI

The table below describes the significant fields shown in the display.

Table 59. show ipv6 pim topology Field Descriptions
Field	Description
Entry flags: KAT	The keepalive timer (KAT) associated with a source is used to keep track of two intervals while the source is alive. When a source first becomes active, the first-hop router sets the keepalive timer to 3 minutes and 30 seconds, during which time it does not probe to see if the source is alive. Once this timer expires, the router enters the probe interval and resets the timer to 65 seconds, during which time the router assumes the source is alive and starts probing to determine if it actually is. If the router determines that the source is alive, the router exits the probe interval and resets the keepalive timer to 3 minutes and 30 seconds. If the source is not alive, the entry is deleted at the end of the probe interval.
AA, PA	The assume alive (AA) and probe alive (PA) flags are set when the router is in the probe interval for a particular source.
RR	The register received (RR) flag is set on the (S, G) entries on the Route Processor (RP) as long as the RP receives registers from the source Designated Router (DR), which keeps the source state alive on the RP.
SR	The sending registers (SR) flag is set on the (S, G) entries on the DR as long as it sends registers to the RP.

Related Commands


Command	Description
show ipv6 mrib client	Displays information about the clients of the MRIB.
show ipv6 mrib route	Displays MRIB route information.

show ipv6 pim traffic

To display the Protocol Independent Multicast (PIM) traffic counters, use the show ipv6 pim traffic command in user EXEC or privileged EXEC mode.

show ipv6 pim [vrf vrf-name] traffic

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the show ipv6 pim traffic command to check if the expected number of PIM protocol messages have been received and sent.

Examples

The following example shows the number of PIM protocol messages received and sent.


Device# show ipv6 pim traffic
 
PIM Traffic Counters
Elapsed time since counters cleared:00:05:29
                              Received     Sent
Valid PIM Packets               22          22        
Hello                           22          22        
Join-Prune                      0           0         
Register                        0           0         
Register Stop                   0           0         
Assert                          0           0         
Bidir DF Election               0           0         
Errors:
Malformed Packets                           0         
Bad Checksums                               0         
Send Errors                                 0         
Packet Sent on Loopback Errors              0         
Packets Received on PIM-disabled Interface  0         
Packets Received with Unknown PIM Version   0

The table below describes the significant fields shown in the display.

Table 60. show ipv6 pim traffic Field Descriptions
Field	Description
Elapsed time since counters cleared	Indicates the amount of time (in hours, minutes, and seconds) since the counters cleared.
Valid PIM Packets	Number of valid PIM packets received and sent.
Hello	Number of valid hello messages received and sent.
Join-Prune	Number of join and prune announcements received and sent.
Register	Number of PIM register messages received and sent.
Register Stop	Number of PIM register stop messages received and sent.
Assert	Number of asserts received and sent.

show ipv6 pim tunnel

To display information about the Protocol Independent Multicast (PIM) register encapsulation and de-encapsulation tunnels on an interface, use the show ipv6 pim tunnel command in privileged EXEC mode.

show ipv6 pim [vrf vrf-name] tunnel [interface-type interface-number]

Syntax Description


vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
`interface-type` `interface-number`	(Optional) Tunnel interface type and number.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

If you use the show ipv6 pim tunnel command without the optional interface keyword, information about the PIM register encapsulation and de-encapsulation tunnel interfaces is displayed.

The PIM encapsulation tunnel is the register tunnel. An encapsulation tunnel is created for every known rendezvous point (RP) on each router. The PIM decapsulation tunnel is the register decapsulation tunnel. A decapsulation tunnel is created on the RP for the address that is configured to be the RP address.

Examples

The following is sample output from the show ipv6 pim tunnel command on the RP:


Device# show ipv6 pim tunnel 
Tunnel0*
 Type  :PIM Encap
 RP    :100::1
 Source:100::1
Tunnel0*
 Type  :PIM Decap
 RP    :100::1
 Source: -

The following is sample output from the show ipv6 pim tunnel command on a non-RP:


Device# show ipv6 pim tunnel
Tunnel0*
 Type  :PIM Encap
 RP    :100::1
 Source:2001::1:1:1

The table below describes the significant fields shown in the display.

Table 61. show ipv6 pim tunnel Field Descriptions
Field	Description
Tunnel0*	Name of the tunnel.
Type	Type of tunnel. Can be PIM encapsulation or PIM de-encapsulation.
source	Source address of the router that is sending encapsulating registers to the RP.

show ipv6 policy

To display the IPv6 policy-based routing (PBR) configuration, use the show ipv6 policy command in user EXEC or privileged EXEC mode.

show ipv6 policy

Syntax Description

This command has no arguments or keywords.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

IPv6 policy matches will be counted on route maps, as is done in IPv4. Therefore, IPv6 policy matches can also be displayed on the show route-map command.

Examples

The following example displays the PBR configuration:


Device# show ipv6 policy

Interface                 Routemap
Ethernet0/0               src-1

The table below describes the significant fields shown in the display.


Field	Description
Interface	Interface type and number that is configured to run Protocol-Independent Multicast (PIM).
Routemap	The name of the route map on which IPv6 policy matches were counted.

Related Commands


Command	Description
show route-map	Displays all route maps configured or only the one specified.

show ipv6 prefix-list

To display information about an IPv6 prefix list or IPv6 prefix list entries, use the show ipv6 prefix-list command in user EXEC or privileged EXEC mode.

show ipv6 prefix-list [detail | summary] [list-name]

show ipv6 prefix-list list-name ipv6-prefix/prefix-length [longer | first-match]

show ipv6 prefix-list list-name seq seq-num

Syntax Description


detail \| summary	(Optional) Displays detailed or summarized information about all IPv6 prefix lists.
`list-name`	(Optional) The name of a specific IPv6 prefix list.
`ipv6-prefix`	All prefix list entries for the specified IPv6 network. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons.
/ `prefix-length`	The length of the IPv6 prefix. A decimal value that indicates how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). A slash mark must precede the decimal value.
longer	(Optional) Displays all entries of an IPv6 prefix list that are more specific than the given `ipv6-prefix` / `prefix-length` values`.`
first-match	(Optional) Displays the entry of an IPv6 prefix list that matches the given `ipv6-prefix` / `prefix-length` values.
seq `seq-num`	The sequence number of the IPv6 prefix list entry.

Command Default

Displays information about all IPv6 prefix lists.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The show ipv6 prefix-list command provides output similar to the show ip prefix-list command, except that it is IPv6-specific.

Examples

The following example shows the output of the show ipv6 prefix-list command with the detail keyword:


Device# show ipv6 prefix-list detail
Prefix-list with the last deletion/insertion: bgp-in
ipv6 prefix-list 6to4:
   count: 1, range entries: 0, sequences: 5 - 5, refcount: 2
   seq 5 permit 2002::/16 (hit count: 313, refcount: 1)
ipv6 prefix-list aggregate:
   count: 2, range entries: 2, sequences: 5 - 10, refcount: 30
   seq 5 deny 3FFE:C00::/24 ge 25 (hit count: 568, refcount: 1)
   seq 10 permit ::/0 le 48 (hit count: 31310, refcount: 1)
ipv6 prefix-list bgp-in:
   count: 6, range entries: 3, sequences: 5 - 30, refcount: 31
   seq 5 deny 5F00::/8 le 128 (hit count: 0, refcount: 1)
   seq 10 deny ::/0 (hit count: 0, refcount: 1)
   seq 15 deny ::/1 (hit count: 0, refcount: 1)
   seq 20 deny ::/2 (hit count: 0, refcount: 1)
   seq 25 deny ::/3 ge 4 (hit count: 0, refcount: 1)
   seq 30 permit ::/0 le 128 (hit count: 240664, refcount: 0)

The table below describes the significant fields shown in the display.

Table 62. show ipv6 prefix-list Field Descriptions
Field	Description
Prefix list with the latest deletion/insertion:	Prefix list that was last modified.
count	Number of entries in the list.
range entries	Number of entries with matching range.
sequences	Sequence number for the prefix entry.
refcount	Number of objects currently using this prefix list.
seq	Entry number in the list.
permit, deny	Granting status.
hit count	Number of matches for the prefix entry.

The following example shows the output of the show ipv6 prefix-list command with the summary keyword:


Device# show ipv6 prefix-list summary
Prefix-list with the last deletion/insertion: bgp-in
ipv6 prefix-list 6to4:
   count: 1, range entries: 0, sequences: 5 - 5, refcount: 2
ipv6 prefix-list aggregate:
   count: 2, range entries: 2, sequences: 5 - 10, refcount: 30
ipv6 prefix-list bgp-in:
   count: 6, range entries: 3, sequences: 5 - 30, refcount: 31

Related Commands


Command	Description
clear ipv6 prefix-list	Resets the hit count of the prefix list entries.
distribute-list in	Filters networks received in updates.
distribute-list out	Suppresses networks from being advertised in updates.
ipv6 prefix-list	Creates an entry in an IPv6 prefix list.
ipv6 prefix-list description	Adds a text description of an IPv6 prefix list.
match ipv6 address	Distributes IPv6 routes that have a prefix permitted by a prefix list.
neighbor prefix-list	Distributes BGP neighbor information as specified in a prefix list.
remark (prefix-list)	Adds a comment for an entry in a prefix list.

show ipv6 protocols

To display the parameters and the current state of the active IPv6 routing protocol processes, use the show ipv6 protocols command in user EXEC or privileged EXEC mode.

show ipv6 protocols [summary]

Syntax Description


summary	(Optional) Displays the configured routing protocol process names.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The information displayed by the show ipv6 protocols command is useful in debugging routing operations.

Examples

The following sample output from the show ipv6 protocols command displays Intermediate System-to-Intermediate System (IS-IS) routing protocol information:


Device# show ipv6 protocols

IPv6 Routing Protocol is "connected"
IPv6 Routing Protocol is "static"
IPv6 Routing Protocol is "isis"
  Interfaces:
    Ethernet0/0/3
    Ethernet0/0/1
    Serial1/0/1
    Loopback1 (Passive)
    Loopback2 (Passive)
    Loopback3 (Passive)
    Loopback4 (Passive)
    Loopback5 (Passive)
  Redistribution:
    Redistributing protocol static at level 1
  Inter-area redistribution
    Redistributing L1 into L2 using prefix-list word
  Address Summarization:
    L2: 33::/16  advertised with metric 0
    L2: 44::/16  advertised with metric 20
    L2: 66::/16  advertised with metric 10
    L2: 77::/16  advertised with metric 10

The table below describes the significant fields shown in the display.

Table 63. show ipv6 protocols Field Descriptions for IS-IS Processes
Field	Description
IPv6 Routing Protocol is	Specifies the IPv6 routing protocol used.
Interfaces	Specifies the interfaces on which the IPv6 IS-IS protocol is configured.
Redistribution	Lists the protocol that is being redistributed.
Inter-area redistribution	Lists the IS-IS levels that are being redistributed into other levels.
using prefix-list	Names the prefix list used in the interarea redistribution.
Address Summarization	Lists all the summary prefixes. If the summary prefix is being advertised, "advertised with metric x" will be displayed after the prefix.

The following sample output from the show ipv6 protocols command displays the Border Gateway Protocol (BGP) information for autonomous system 30:


Device# show ipv6 protocols

IPv6 Routing Protocol is "bgp 30"
  IGP synchronization is disabled
  Redistribution:
    Redistributing protocol connected
  Neighbor(s):
    Address                    FiltIn FiltOut Weight RoutemapIn RoutemapOut
    2001:DB8:0:ABCD::1            5       7    200           
    2001:DB8:0:ABCD::2                               rmap-in    rmap-out
    2001:DB8:0:ABCD::3                               rmap-in    rmap-out

The table below describes the significant fields shown in the display.

Table 64. show ipv6 protocols Field Descriptions for BGP Process
Field	Description
IPv6 Routing Protocol is	Specifies the IPv6 routing protocol used.
Redistribution	Lists the protocol that is being redistributed.
Address	Neighbor IPv6 address.
FiltIn	AS-path filter list applied to input.
FiltOut	AS-path filter list applied to output.
Weight	Neighbor weight value used in BGP best path selection.
RoutemapIn	Neighbor route map applied to input.
RoutemapOut	Neighbor route map applied to output.

The following is sample output from the show ipv6 protocols summary command:


Device# show ipv6 protocols summary

Index Process Name
0     connected
1     static
2     rip myrip
3     bgp 30

The following sample output from the show ipv6 protocols command displays the EIGRP information including the vector metric and EIGRP IPv6 NSF:


Device# show ipv6 protocols

IPv6 Routing Protocol is "connected"
IPv6 Routing Protocol is "bgp 1"
  IGP synchronization is disabled
  Redistribution:
    None
IPv6 Routing Protocol is "bgp multicast"
IPv6 Routing Protocol is "ND"
IPv6 Routing Protocol is "eigrp 1"
EIGRP-IPv6 VR(name) Address-Family Protocol for AS(1)
  Metric weight K1=1, K2=0, K3=1, K4=0, K5=0 K6=0
  Metric rib-scale 128
  Metric version 64bit
  NSF-aware route hold timer is 260
  EIGRP NSF enabled
     NSF signal timer is 15s
     NSF converge timer is 65s
  Router-ID: 10.1.2.2
  Topology : 0 (base) 
    Active Timer: 3 min
    Distance: internal 90 external 170
    Maximum path: 16
    Maximum hopcount 100
    Maximum metric variance 1
    Total Prefix Count: 0
    Total Redist Count: 0

  Interfaces:
  Redistribution:
    None

The following example displays IPv6 protocol information after configuring redistribution in an Open Shortest Path First (OSPF) domain:


Device# redistribute ospf 1 match internal
Device(config-rtr)# end
Device# show ipv6 protocols

IPv6 Routing Protocol is "connected"
IPv6 Routing Protocol is "ND"
IPv6 Routing Protocol is "rip 1"
  Interfaces:
    Ethernet0/1
    Loopback9
  Redistribution:
    Redistributing protocol ospf 1 (internal)
IPv6 Routing Protocol is "ospf 1"
  Interfaces (Area 0):
    Ethernet0/0
  Redistribution:
    None

show ipv6 rip

To display information about current IPv6 Routing Information Protocol (RIP) processes, use the show ipv6 rip command in user EXEC or privileged EXEC mode.

show ipv6 rip [name] [vrf vrf-name] [database | next-hops]

show ipv6 rip [name] [database | next-hops]

Syntax Description


`name`	(Optional) Name of the RIP process. If the name is not entered, details of all configured RIP processes are displayed.
vrf `vrf-name`	(Optional) Displays information about the specified Virtual Routing and Forwarding (VRF) instance.
database	(Optional) Displays information about entries in the specified RIP IPv6 routing table.
next-hops	(Optional) Displays information about the next hop addresses for the specified RIP IPv6 process. If no RIP process name is specified, the next-hop addresses for all RIP IPv6 processes are displayed.

Command Default

Information about all current IPv6 RIP processes is displayed.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Examples

The following is sample output from the show ipv6 rip command:


Device# show ipv6 rip

RIP process "one", port 521, multicast-group FF02::9, pid 55
     Administrative distance is 25. Maximum paths is 4
     Updates every 30 seconds, expire after 180
     Holddown lasts 0 seconds, garbage collect after 120
     Split horizon is on; poison reverse is off
     Default routes are not generated
     Periodic updates 8883, trigger updates 2
  Interfaces:
    Ethernet2
  Redistribution:
RIP process "two", port 521, multicast-group FF02::9, pid 61
     Administrative distance is 120. Maximum paths is 4
     Updates every 30 seconds, expire after 180
     Holddown lasts 0 seconds, garbage collect after 120
     Split horizon is on; poison reverse is off
     Default routes are not generated
     Periodic updates 8883, trigger updates 0
  Interfaces:
    None
  Redistribution:

The table below describes the significant fields shown in the display.

Table 65. show ipv6 rip Field Descriptions
Field	Description
RIP process	The name of the RIP process.
port	The port that the RIP process is using.
multicast-group	The IPv6 multicast group of which the RIP process is a member.
pid	The process identification number (pid) assigned to the RIP process.
Administrative distance	Used to rank the preference of sources of routing information. Connected routes have an administrative distance of 1 and are preferred over the same route learned by a protocol with a larger administrative distance value.
Updates	The value (in seconds) of the update timer.
expire	The interval (in seconds) in which updates expire.
Holddown	The value (in seconds) of the hold-down timer.
garbage collect	The value (in seconds) of the garbage-collect timer.
Split horizon	The split horizon state is either on or off.
poison reverse	The poison reverse state is either on or off.
Default routes	The origination of a default route into RIP. Default routes are either generated or not generated.
Periodic updates	The number of RIP update packets sent on an update timer.
trigger updates	The number of RIP update packets sent as triggered updates.

The following is sample output from the show ipv6 rip database command.


Device# show ipv6 rip one database

RIP process "one", local RIB
 2001:72D:1000::/64, metric 2
     Ethernet2/2001:DB8:0:ABCD::1, expires in 168 secs
 2001:72D:2000::/64, metric 2, installed
     Ethernet2/2001:DB8:0:ABCD::1, expires in 168 secs
 2001:72D:3000::/64, metric 2, installed
     Ethernet2/2001:DB8:0:ABCD::1, expires in 168 secs
     Ethernet1/2001:DB8::1, expires in 120 secs
 2001:72D:4000::/64, metric 16, expired, [advertise 119/hold 0]
     Ethernet2/2001:DB8:0:ABCD::1
 3004::/64, metric 2 tag 2A, installed
     Ethernet2/2001:DB8:0:ABCD::1, expires in 168 secs

The table below describes the significant fields shown in the display.

Table 66. show ipv6 rip database Field Descriptions
Field	Description
RIP process	The name of the RIP process.
2001:72D:1000::/64	The IPv6 route prefix.
metric	Metric for the route.
installed	Route is installed in the IPv6 routing table.
Ethernet2/2001:DB8:0:ABCD::1	Interface and LL next hop through which the IPv6 route was learned.
expires in	The interval (in seconds) before the route expires.
advertise	For an expired route, the value (in seconds) during which the route will be advertised as expired.
hold	The value (in seconds) of the hold-down timer.
tag	Route tag.

The following is sample output from the show ipv6 rip next-hops command.


Device# show ipv6 rip one next-hops

RIP process "one", Next Hops
  FE80::210:7BFF:FEC2:ACCF/Ethernet4/2 [1 routes]
  FE80::210:7BFF:FEC2:B286/Ethernet4/2 [2 routes]

The table below describes the significant fields shown in the display.

Table 67. show ipv6 rip next-hops Field Descriptions

Field

Description

RIP process

The name of the RIP process.

2001:DB8:0:1::1/Ethernet4/2

The next-hop address and interface through which it was learned. Next hops are either the addresses of IPv6 RIP neighbors from which we have learned routes or explicit next hops received in IPv6 RIP advertisements.

Note

An IPv6 RIP neighbor may choose to advertise all its routes with an explicit next hop. In this case the address of the neighbor would not appear in the next hop display.

[1 routes]

The number of routes in the IPv6 RIP routing table using the specified next hop.

The following is sample output from the show ipv6 rip vrf command:


Device# show ipv6 rip vrf red 
					
					RIP VRF "red", port 521, multicast-group 2001:DB8::/32, pid 295
     Administrative distance is 120. Maximum paths is 16
     Updates every 30 seconds, expire after 180
     Holddown lasts 0 seconds, garbage collect after 120
     Split horizon is on; poison reverse is off
     Default routes are not generated
     Periodic updates 99, trigger updates 3
     Full Advertisement 0, Delayed Events 0
  Interfaces:
    Ethernet0/1
    Loopback2
  Redistribution:
    None

The table below describes the significant fields shown in the display.

Table 68. show ipv6 rip vrf Field Descriptions
Field	Description
RIP VRF	The name of the RIP VRF.
port	The port that the RIP process is using.
multicast-group	The IPv6 multicast group of which the RIP process is a member.
Administrative distance	Used to rank the preference of sources of routing information. Connected routes have an administrative distance of 1 and are preferred over the same route learned by a protocol with a larger administrative distance value.
Updates	The value (in seconds) of the update timer.
expires after	The interval (in seconds) in which updates expire.
Holddown	The value (in seconds) of the hold-down timer.
garbage collect	The value (in seconds) of the garbage-collect timer.
Split horizon	The split horizon state is either on or off.
poison reverse	The poison reverse state is either on or off.
Default routes	The origination of a default route into RIP. Default routes are either generated or not generated.
Periodic updates	The number of RIP update packets sent on an update timer.
trigger updates	The number of RIP update packets sent as triggered updates.

The following is sample output from show ipv6 rip vrf next-hops command:

Device# show ipv6 rip vrf blue next-hops 
					
					RIP VRF "blue", local RIB
      AAAA::/64, metric 2, installed
     Ethernet0/0/FE80::A8BB:CCFF:FE00:7C00, expires in 177 secs

Table 69. show ipv6 rip vrf next-hops Field Descriptions

Field

Description

RIP VRF

The name of the RIP VRF.

metric

Metric for the route.

installed

Route is installed in the IPv6 routing table.

Ethernet0/0/FE80::A8BB:CCFF:FE00:7C00

The next hop address and interface through which it was learned. Next hops are either the addresses of IPv6 RIP neighbors from which we have learned routes, or explicit next hops received in IPv6 RIP advertisements.

Note

An IPv6 RIP neighbor may choose to advertise all its routes with an explicit next hop. In this case the address of the neighbor would not appear in the next hop display.

expires in

The interval (in seconds) before the route expires.

The following is sample output from show ipv6 rip vrf database command:


Device# show ipv6 rip vrf blue database
					
								RIP VRF "blue", Next Hops
							FE80::A8BB:CCFF:FE00:7C00/Ethernet0/0 [1 paths]

Table 70. show ipv6 rip vrf database Field Descriptions
Field	Description
RIP VRF	The name of the RIP VRF.
FE80::A8BB:CCFF:FE00:7C00/Ethernet0/0	Interface and LL next hop through which the IPv6 route was learned.
1 paths	Indicates the number of unique paths to this router that exist in the routing table.

Related Commands


Command	Description
clear ipv6 rip	Deletes routes from the IPv6 RIP routing table.
debug ipv6 rip	Displays the current contents of the IPv6 RIP routing table.
ipv6 rip vrf-mode enable	Enables VRF-aware support for IPv6 RIP.

show ipv6 route

To display contents of the IPv6 routing table, use the show ipv6 route command in user EXEC or privileged EXEC mode.

Syntax Description


`ipv6-address`	(Optional) Displays routing information for a specific IPv6 address.
`ipv6-prefix`	(Optional) Displays routing information for a specific IPv6 network.
/ `prefix-length`	(Optional) The length of the IPv6 prefix. A decimal value that indicates how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). A slash mark must precede the decimal value.
longer-prefixes	(Optional) Displays output for longer prefix entries.
`protocol`	(Optional) The name of a routing protocol or the keyword connected , local , mobile , or static . If you specify a routing protocol, use one of the following keywords: bgp , isis , eigrp , ospf , or rip .
repair	(Optional) Displays routes with repair paths.
updated	(Optional) Displays routes with time stamps.
boot-up	(Optional) Displays routing information since bootup.
`day` `month`	(Optional) Displays routes since the specified day and month.
`time`	(Optional) Displays routes since the specified time, in `hh:mm` format.
interface	(Optional) Displays information about the interface.
`type`	(Optional) Interface type.
`number`	(Optional) Interface number.
nd	(Optional) Displays only routes from the IPv6 Routing Information Base (RIB) that are owned by Neighbor Discovery (ND).
nsf	(Optional) Displays routes in the nonstop forwarding (NSF) state.
repair	(Optional)
table `table-id`	(Optional) Displays IPv6 RIB table information for the specified table ID. The table ID must be in hexadecimal format. The range is from 0 to 0-0xFFFFFFFF.
watch	(Optional) Displays information about route watchers.

Command Default

If none of the optional syntax elements is chosen, all IPv6 routing information for all active routing tables is displayed.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The show ipv6 route command provides output similar to the show ip route command, except that the information is IPv6-specific.

When the ipv6-address or ipv6-prefix/ prefix-length argument is specified, the longest match lookup is performed from the routing table, and only route information for that address or network is displayed. When a routing protocol is specified, only routes for that protocol are displayed. When the connected , local , mobile , or static keyword is specified, only the specified type of route is displayed. When the interface keyword and type and number arguments are specified, only routes for the specified interface are displayed.

Examples

The following is sample output from the show ipv6 route command when no keywords or arguments are specified:


Device# show ipv6 route

IPv6 Routing Table - 9 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
       I1 - ISIS L1, I2 - ISIS L2, IA - IIS interarea
B   2001:DB8:4::2/48 [20/0]
     via FE80::A8BB:CCFF:FE02:8B00, Serial6/0
L   2001:DB8:4::3/48 [0/0]
     via ::, Ethernet1/0
C   2001:DB8:4::4/48 [0/0]
     via ::, Ethernet1/0
LC  2001:DB8:4::5/48 [0/0]
     via ::, Loopback0
L   2001:DB8:4::6/48 [0/0]
     via ::, Serial6/0
C   2001:DB8:4::7/48 [0/0]
     via ::, Serial6/0
S   2001:DB8:4::8/48 [1/0]
     via 2001:DB8:1::1, Null
L   FE80::/10 [0/0]
     via ::, Null0
L   FF00::/8 [0/0]
     via ::, Null0

The table below describes the significant fields shown in the display.

Table 71. show ipv6 route Field Descriptions
Field	Description
Codes:	Indicates the protocol that derived the route. Values are as follows: B—BGP derived C—Connected I1—ISIS L1—Integrated IS-IS Level 1 derived I2—ISIS L2—Integrated IS-IS Level 2 derived IA—ISIS interarea—Integrated IS-IS interarea derived L—Local R—RIP derived S—Static
2001:DB8:4::2/48	Indicates the IPv6 prefix of the remote network.
[20/0]	The first number in brackets is the administrative distance of the information source; the second number is the metric for the route.
via FE80::A8BB:CCFF:FE02:8B00	Specifies the address of the next device to the remote network.

When the ipv6-address or ipv6-prefix/ prefix-length argument is specified, only route information for that address or network is displayed. The following is sample output from the show ipv6 route command when IPv6 prefix 2001:DB8::/35 is specified. The fields in the display are self-explanatory.


Device# show ipv6 route 2001:DB8::/35

IPv6 Routing Table - 261 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
B 2001:DB8::/35 [20/3]
  via FE80::60:5C59:9E00:16, Tunnel1

When you specify a protocol, only routes for that particular routing protocol are shown. The following is sample output from the show ipv6 route bgp command. The fields in the display are self-explanatory.


Device# show ipv6 route bgp

IPv6 Routing Table - 9 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
       I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
B   2001:DB8:4::4/64 [20/0]
     via FE80::A8BB:CCFF:FE02:8B00, Serial6/0

The following is sample output from the show ipv6 route local command. The fields in the display are self-explanatory.


Device# show ipv6 route local

IPv6 Routing Table - 9 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
       I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
L   2001:DB8:4::2/128 [0/0]
     via ::, Ethernet1/0
LC  2001:DB8:4::1/128 [0/0]
     via ::, Loopback0
L   2001:DB8:4::3/128 [0/0]
     via ::, Serial6/0
L   FE80::/10 [0/0]
     via ::, Null0
L   FF00::/8 [0/0]
     via ::, Null0

The following is sample output from the show ipv6 route command when the 6PE multipath feature is enabled. The fields in the display are self-explanatory.


Device# show ipv6 route

IPv6 Routing Table - default - 19 entries
Codes:C - Connected, L - Local, S - Static, R - RIP, B - BGP
       U - Per-user Static route
       I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
       O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
.
.
.
B   2001:DB8::/64 [200/0]
     via ::FFFF:172.16.0.1
     via ::FFFF:172.30.30.1

Related Commands


Command	Description
ipv6 route	Establishes a static IPv6 route.
show ipv6 interface	Displays IPv6 interface information.
show ipv6 route summary	Displays the current contents of the IPv6 routing table in summary format.
show ipv6 tunnel	Displays IPv6 tunnel information.

show ipv6 routers

To display IPv6 router advertisement (RA) information received from on-link devices, use the show ipv6 routers command in user EXEC or privileged EXEC mode.

show ipv6 routers [interface-type interface-number] [conflicts] [vrf vrf-name] [detail]

Syntax Description


`interface` -`type`	(Optional) Specifies the Interface type.
`interface` -`number`	(Optional) Specifies the Interface number.
conflicts	(Optional) Displays RAs that differ from the RAs configured for a specified interface.
vrf `vrf-name`	(Optional) Specifies a virtual routing and forwarding (VRF) configuration.
detail	(Optional) Provides detail about the eligibility of the neighbor for election as the default device.

Command Default

When an interface is not specified, on-link RA information is displayed for all interface types. (The term onl-ink refers to a locally reachable address on the link.)

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Devices that advertise parameters that differ from the RA parameters configured for the interface on which the RAs are received are marked as conflicting.

Examples

The following is sample output from the show ipv6 routers command when entered without an IPv6 interface type and number:


Device# show ipv6 routers

Device FE80::83B3:60A4 on Tunnel5, last update 3 min
  Hops 0, Lifetime 6000 sec, AddrFlag=0, OtherFlag=0
  Reachable time 0 msec, Retransmit time 0 msec
  Prefix 3FFE:C00:8007::800:207C:4E37/96 autoconfig
    Valid lifetime -1, preferred lifetime -1
Device FE80::290:27FF:FE8C:B709 on Tunnel57, last update 0 min
  Hops 64, Lifetime 1800 sec, AddrFlag=0, OtherFlag=0
  Reachable time 0 msec, Retransmit time 0 msec

The following sample output shows a single neighboring device that is advertising a high default device preference and is indicating that it is functioning as a Mobile IPv6 home agent on this link.


Device# show ipv6 routers

IPV6 ND Routers (table: default)
  Device FE80::100 on Ethernet0/0, last update 0 min
  Hops 64, Lifetime 50 sec, AddrFlag=0, OtherFlag=0, MTU=1500
  HomeAgentFlag=1, Preference=High
  Reachable time 0 msec, Retransmit time 0 msec
  Prefix 2001::100/64 onlink autoconfig
    Valid lifetime 2592000, preferred lifetime 604800

The following table describes the significant fields shown in the displays.

Table 72. show ipv6 routers Field Descriptions
Field	Description
Hops	The configured hop limit value for the RA.
Lifetime	The configured lifetime value for the RA. A value of 0 indicates that the device is not a default device. A value other than 0 indicates that the device is a default device.
AddrFlag	If the value is 0, the RA received from the device indicates that addresses are not configured using the stateful autoconfiguration mechanism. If the value is 1, the addresses are configured using this mechanism.
OtherFlag	If the value is 0, the RA received from the device indicates that information other than addresses is not obtained using the stateful autoconfiguration mechanism. If the value is 1, other information is obtained using this mechanism. (The value of OtherFlag can be 1 only if the value of AddrFlag is 1.)
MTU	The maximum transmission unit (MTU).
HomeAgentFlag=1	The value can be either 0 or 1. A value of 1 indicates that the device from which the RA was received is functioning as a mobile IPv6 home agent on this link, and a value of 0 indicates it is not functioning as a mobile IPv6 home agent on this link.
Preference=High	The DRP value, which can be high, medium, or low.
Retransmit time	The configured RetransTimer value. The time value to be used on this link for neighbor solicitation transmissions, which are used in address resolution and neighbor unreachability detection. A value of 0 means the time value is not specified by the advertising device.
Prefix	A prefix advertised by the device. Also indicates if on-link or autoconfig bits were set in the RA message.
Valid lifetime	The length of time (in seconds) relative to the time the advertisement is sent that the prefix is valid for the purpose of on-link determination. A value of -1 (all ones, 0xffffffff) represents infinity.
preferred lifetime	The length of time (in seconds) relative to the time the advertisements is sent that addresses generated from the prefix via address autoconfiguration remain valid. A value of -1 (all ones, 0xffffffff) represents infinity.

When the interface-type and interface-number arguments are specified, RA details about that specific interface are displayed. The following is sample output from the show ipv6 routers command when entered with an interface type and number:


Device# show ipv6 routers tunnel 5

Device FE80::83B3:60A4 on Tunnel5, last update 5 min
  Hops 0, Lifetime 6000 sec, AddrFlag=0, OtherFlag=0
  Reachable time 0 msec, Retransmit time 0 msec
  Prefix 3FFE:C00:8007::800:207C:4E37/96 autoconfig
    Valid lifetime -1, preferred lifetime -1

Entering the conflicts keyword with the show ipv6 routers command displays information for devices that are advertising parameters different from the parameters configured for the interface on which the advertisements are being received, as the following sample output shows:


Device# show ipv6 routers conflicts

Device FE80::203:FDFF:FE34:7039 on Ethernet1, last update 1 min, CONFLICT
   Hops 64, Lifetime 1800 sec, AddrFlag=0, OtherFlag=0
   Reachable time 0 msec, Retransmit time 0 msec
   Prefix 2003::/64 onlink autoconfig
     Valid lifetime -1, preferred lifetime -1
Device FE80::201:42FF:FECA:A5C on Ethernet1, last update 0 min, CONFLICT
   Hops 64, Lifetime 1800 sec, AddrFlag=0, OtherFlag=0
   Reachable time 0 msec, Retransmit time 0 msec
   Prefix 2001::/64 onlink autoconfig
     Valid lifetime -1, preferred lifetime -1

Use of the detail keyword provides information about the preference rank of the device, its eligibility for election as default device, and whether the device has been elected:


Device# show ipv6 routers detail

Device FE80::A8BB:CCFF:FE00:5B00 on Ethernet0/0, last update 0 min
  Rank 0x811 (elegible), Default Router
  Hops 64, Lifetime 1800 sec, AddrFlag=0, OtherFlag=0, MTU=1500
  HomeAgentFlag=0, Preference=Medium, trustlevel = 0
  Reachable time 0 (unspecified), Retransmit time 0 (unspecified)
  Prefix 2001::/64 onlink autoconfig
    Valid lifetime 2592000, preferred lifetime 604800

show ipv6 rpf

To check Reverse Path Forwarding (RPF) information for a given unicast host address and prefix, use the show ipv6 rpf command in user EXEC or privileged EXEC mode.

show ipv6 rpf {source-vrf [access-list] | vrf receiver-vrf {source-vrf [access-list] | select}}

Syntax Description


`source-vrf`	Name or address of the virtual routing and forwarding (VRF) on which lookups are to be performed.
`receiver-vrf`	Name or address of the VRF in which the lookups originate.
`access-list`	Name or address of access control list (ACL) to be applied to the group-based VRF selection policy.
vrf	Displays information about the VRF instance.
select	Displays group-to-VRF mapping information.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The show ipv6 rpf command displays information about how IPv6 multicast routing performs Reverse Path Forwarding (RPF). Because the router can find RPF information from multiple routing tables (for example, unicast Routing Information Base [RIB], multiprotocol Border Gateway Protocol [BGP] routing table, or static mroutes), the show ipv6 rpf command to display the source from which the information is retrieved.

Examples

The following example displays RPF information for the unicast host with the IPv6 address of 2001::1:1:2:


Device# show ipv6 rpf 2001::1:1:2
RPF information for 2001::1:1:2
  RPF interface:Ethernet3/2
  RPF neighbor:FE80::40:1:3
  RPF route/mask:20::/64
  RPF type:Unicast
  RPF recursion count:0
  Metric preference:110
  Metric:30

The table below describes the significant fields shown in the display.

Table 73. show ipv6 rpf Field Descriptions
Field	Description
RPF information for 2001::1:1:2	Source address that this information concerns.
RPF interface:Ethernet3/2	For the given source, the interface from which the router expects to get packets.
RPF neighbor:FE80::40:1:3	For the given source, the neighbor from which the router expects to get packets.
RPF route/mask:20::/64	Route number and mask that matched against this source.
RPF type:Unicast	Routing table from which this route was obtained, either unicast, multiprotocol BGP, or static mroutes.
RPF recursion count	Indicates the number of times the route is recursively resolved.
Metric preference:110	The preference value used for selecting the unicast routing metric to the Route Processor (RP) announced by the designated forwarder (DF).
Metric:30	Unicast routing metric to the RP announced by the DF.

show ipv6 source-guard policy

To display the IPv6 source-guard policy configuration, use the show ipv6 source-guard policy command in user EXEC or privileged EXEC mode.

show ipv6 source-guard policy [source-guard-policy]

Syntax Description


`source-guard-policy`	User-defined name of the snooping policy. The policy name can be a symbolic string (such as Engineering) or an integer (such as 0).

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The show ipv6 source-guard policy command displays the IPv6 source-guard policy configuration, as well as all the interfaces on which the policy is applied. The command also displays IPv6 prefix guard information if the IPv6 prefix guard feature is enabled on the device.

Examples

Device# show ipv6 source-guard policy policy1

Policy policy1 configuration: 
data-glean
prefix-guard
address-guard

Policy policy1 is applied on the following targets: 
Target           Type  Policy               Feature        Target range
Et0/0            PORT   policy1             source-guard   vlan all
vlan 100         VLAN   policy1             source-guard   vlan all

Related Commands


Command	Description
ipv6 source-guard attach-policy	Applies IPv6 source guard on an interface.
ipv6 source-guard policy	Defines an IPv6 source-guard policy name and enters source-guard policy configuration mode.

show ipv6 spd

To display the IPv6 Selective Packet Discard (SPD) configuration, use the show ipv6 spd command in privileged EXEC mode.

show ipv6 spd

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use the show ipv6 spd command to display the SPD configuration, which may provide useful troubleshooting information.

Examples

The following is sample output from the show ipv6 spd command:


Device# show ipv6 spd
Current mode: normal
Queue max threshold: 74, Headroom: 100, Extended Headroom: 10
IPv6 packet queue: 0

The table below describes the significant fields shown in the display.

Table 74. show ipv6 spd Field Description
Field	Description
Current mode: normal	The current SPD state or mode.
Queue max threshold: 74	The process input queue maximum.

Related Commands


Command	Description
ipv6 spd queue max-threshold	Configures the maximum number of packets in the SPD process input queue.

show ipv6 static

To display the current contents of the IPv6 routing table, use the show ipv6 static command in user EXEC or privileged EXEC mode.

show ipv6 static [ipv6-address | ipv6-prefix/ prefix-length] [interface type number | recursive] [detail]

Syntax Description


`ipv6-address`	(Optional) Provides routing information for a specific IPv6 address. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons.
`ipv6-prefix`	(Optional) Provides routing information for a specific IPv6 network. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons.
/ `prefix-length`	(Optional) The length of the IPv6 prefix. A decimal value that indicates how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). A slash mark must precede the decimal value.
interface	(Optional) Name of an interface.
`type`	(Optional, but required if the interface keyword is used) Interface type. For a list of supported interface types, use the question mark (?) online help function.
`number`	(Optional, but required if the interface keyword is used) Interface number. For specific numbering syntax for supported interface types, use the question mark (?) online help function.
recursive	(Optional) Allows the display of recursive static routes only.
detail	(Optional) Specifies the following additional information: For valid recursive routes, the output path set and maximum resolution depth. For invalid recursive routes, the reason why the route is not valid. For invalid direct or fully specified routes, the reason why the route is not valid.

Command Default

All IPv6 routing information for all active routing tables is displayed.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The show ipv6 static command provides output similar to the show ip route command, except that it is IPv6-specific.

When the ipv6-address or ipv6-prefix / prefix-length argument is specified, a longest match lookup is performed from the routing table and only route information for that address or network is displayed. Only the information matching the criteria specified in the command syntax is displayed. For example, when the type number arguments are specified, only the specified interface-specific routes are displayed.

Examples

When no options specified in the command, those routes installed in the IPv6 Routing Information Base (RIB) are marked with an asterisk, as shown in the following example:


Device# show ipv6 static
 
IPv6 Static routes
Code: * - installed in RIB
* 3000::/16, interface Ethernet1/0, distance 1
* 4000::/16, via nexthop 2001:1::1, distance 1
  5000::/16, interface Ethernet3/0, distance 1
* 5555::/16, via nexthop 4000::1, distance 1
  5555::/16, via nexthop 9999::1, distance 1
* 5555::/16, interface Ethernet2/0, distance 1
* 6000::/16, via nexthop 2007::1, interface Ethernet1/0, distance 1

The table below describes the significant fields shown in the display.

Table 75. show ipv6 static Field Descriptions
Field	Description
via nexthop	Specifies the address of the next Device in the path to the remote network.
distance 1	Indicates the administrative distance to the specified route.

Examples

When the ipv6-address or ipv6-prefix/ prefix-length argument is specified, only information about static routes for that address or network is displayed. The following is sample output from the show ipv6 route command when entered with the IPv6 prefix 2001:200::/35:


Device# show ipv6 static 2001:200::/35
 
IPv6 Static routes
Code: * - installed in RIB
* 2001:200::/35, via nexthop 4000::1, distance 1
  2001:200::/35, via nexthop 9999::1, distance 1
* 2001:200::/35, interface Ethernet2/0, distance 1

Examples

When an interface is supplied, only those static routes with the specified interface as the outgoing interface are displayed. The interface keyword may be used with or without the IPv6 address and prefix specified in the command statement.


Device# show ipv6 static interface ethernet 3/0

IPv6 Static routes Code: * - installed in RIB 5000::/16, interface Ethernet3/0, distance 1

Examples

When the recursive keyword is specified, only recursive static routes are displayed:


Device# show ipv6 static recursive

IPv6 Static routes Code: * - installed in RIB * 4000::/16, via nexthop 2001:1::1, distance 1 * 5555::/16, via nexthop 4000::1, distance 1 5555::/16, via nexthop 9999::1, distance 1

Examples

When the detail keyword is specified, the following additional information is displayed:

For valid recursive routes, the output path set and maximum resolution depth.
For invalid recursive routes, the reason why the route is not valid.
For invalid direct or fully specified routes, the reason why the route is not valid.


Device# show ipv6 static detail
 
IPv6 Static routes
Code: * - installed in RIB
* 3000::/16, interface Ethernet1/0, distance 1
* 4000::/16, via nexthop 2001:1::1, distance 1
     Resolves to 1 paths (max depth 1)
     via Ethernet1/0
  5000::/16, interface Ethernet3/0, distance 1
     Interface is down
* 5555::/16, via nexthop 4000::1, distance 1
     Resolves to 1 paths (max depth 2)
     via Ethernet1/0
  5555::/16, via nexthop 9999::1, distance 1
     Route does not fully resolve
* 5555::/16, interface Ethernet2/0, distance 1
* 6000::/16, via nexthop 2007::1, interface Ethernet1/0, distance 1

Related Commands


Command	Description
ipv6 route	Establishes a static IPv6 route.
show ip route	Displays the current state of the routing table.
show ipv6 interface	Displays IPv6 interface information.
show ipv6 route summary	Displays the current contents of the IPv6 routing table in summary format.
show ipv6 tunnel	Displays IPv6 tunnel information.

show ipv6 traffic

To display statistics about IPv6 traffic, use the show ipv6 traffic command in user EXEC or privileged EXEC mode.

show ipv6 traffic [interface [interface type number]]

Syntax Description


interface	(Optional) All interfaces. IPv6 forwarding statistics for all interfaces on which IPv6 forwarding statistics are being kept will be displayed.
`interface` `type` `number`	(Optional) Specified interface. Interface statistics that have occurred since the statistics were last cleared on the specific interface are displayed.

Command Modes

User EXEC (>)

Privileged EXEC (#)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The show ipv6 traffic command provides output similar to the show ip traffic command, except that it is IPv6-specific.

Examples

The following is sample output from the show ipv6 traffic command:


Device# show ipv6 traffic
IPv6 statistics:
  Rcvd:  0 total, 0 local destination
         0 source-routed, 0 truncated
         0 format errors, 0 hop count exceeded
         0 bad header, 0 unknown option, 0 bad source
         0 unknown protocol, 0 not a device
         0 fragments, 0 total reassembled
         0 reassembly timeouts, 0 reassembly failures
         0 unicast RPF drop, 0 suppressed RPF drop
  Sent:  0 generated, 0 forwarded
         0 fragmented into 0 fragments, 0 failed
         0 encapsulation failed, 0 no route, 0 too big
  Mcast: 0 received, 0 sent
ICMP statistics:
  Rcvd: 0 input, 0 checksum errors, 0 too short
        0 unknown info type, 0 unknown error type
        unreach: 0 routing, 0 admin, 0 neighbor, 0 address, 0 port
        parameter: 0 error, 0 header, 0 option
        0 hopcount expired, 0 reassembly timeout,0 too big
        0 echo request, 0 echo reply
        0 group query, 0 group report, 0 group reduce
        0 device solicit, 0 device advert, 0 redirects

The following is sample output for the show ipv6 interface command without IPv6 CEF running:


Device# show ipv6 interface ethernet 0/1/1
Ethernet0/1/1 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::203:FDFF:FE49:9
  Description: sat-2900a f0/12
  Global unicast address(es):
    7::7, subnet is 7::/32
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FF00:7
    FF02::1:FF49:9
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  Input features: RPF
  Unicast RPF access-list MINI
    Process Switching: 
      0 verification drops
      0 suppressed verification drops
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds

The following is sample output for the show ipv6 interface command with IPv6 CEF running:


Device# show ipv6 interface ethernet 0/1/1
Ethernet0/1/1 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::203:FDFF:FE49:9
  Description: sat-2900a f0/12
  Global unicast address(es):
    7::7, subnet is 7::/32
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FF00:7
    FF02::1:FF49:9
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  Input features: RPF
  Unicast RPF access-list MINI
    Process Switching:
      0 verification drops
      0 suppressed verification drops
    CEF Switching: 
      0 verification drops 
      0 suppressed verification drops 
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds
  ND advertised reachable time is 0 milliseconds
  ND advertised retransmit interval is 0 milliseconds
  ND router advertisements are sent every 200 seconds
  ND router advertisements live for 1800 seconds
  Hosts use stateless autoconfig for addresses.

The table below describes the significant fields shown in the display.

Table 76. show ipv6 traffic Field Descriptions
Field	Description
source-routed	Number of source-routed packets.
truncated	Number of truncated packets.
format errors	Errors that can result from checks performed on header fields, the version number, and packet length.
not a device	Message sent when IPv6 unicast routing is not enabled.
0 unicast RPF drop, 0 suppressed RPF drop	Number of unicast and suppressed reverse path forwarding (RPF) drops.
failed	Number of failed fragment transmissions.
encapsulation failed	Failure that can result from an unresolved address or try-and-queue packet.
no route	Counted when the software discards a datagram it did not know how to route.
unreach	Unreachable messages received are as follows: routing--Indicates no route to the destination. admin--Indicates that communication with the destination is administratively prohibited. neighbor--Indicates that the destination is beyond the scope of the source address. For example, the source may be a local site or the destination may not have a route back to the source. address--Indicates that the address is unreachable. port--Indicates that the port is unreachable.
Unicast RPF access-list MINI	Unicast RPF access-list in use.
Process Switching	Displays process RPF counts, such as verification and suppressed verification drops.
CEF Switching	Displays CEF switching counts, such as verification drops and suppressed verification drops.

show key chain

To display the keychain, use the show key chain command.

show key chain [ name-of-chain]

Syntax Description


`name-of-chain`	(Optional) Name of the key chain to display, as named in the key chain command.

Command Default

If the command is used without any parameters, then it lists out all the key chains.

Command Modes

Privileged EXEC (#)

Examples

The following is sample output from the show key chain command:

show key chain
Device# show key chain

Key-chain AuthenticationGLBP:
    key 1 -- text "Thisisasecretkey"
        accept lifetime (always valid) - (always valid) [valid now]
        send lifetime (always valid) - (always valid) [valid now]
Key-chain glbp2:
    key 100 -- text "abc123"
        accept lifetime (always valid) - (always valid) [valid now]
        send lifetime (always valid) - (always valid) [valid now]

Related Commands


Command	Description
key-string	Specifies the authentication string for a key.
send-lifetime	Sets the time period during which an authentication key on a key chain is valid to be sent.

show track

To display information about objects that are tracked by the tracking process, use the show track command in privileged EXEC mode.

Syntax Description


`object-number`	(Optional) Object number that represents the object to be tracked. The range is from 1 to 1000.
brief	(Optional) Displays a single line of information related to the preceding argument or keyword.
application	(Optional) Displays tracked application objects.
interface	(Optional) Displays tracked interface objects.
ip route	(Optional) Displays tracked IP route objects.
ip sla	(Optional) Displays tracked IP SLA objects.
ipv6 route	(Optional) Displays tracked IPv6 route objects.
list	(Optional) Displays the list of boolean objects.
resolution	(Optional) Displays resolution of tracked parameters.
summary	(Optional) Displays the summary of the specified object.
timers	(Optional) Displays polling interval timers.

Command Modes

Privileged EXEC (#)

Command History


Release	Modification
	This command was introduced.

Usage Guidelines

Use this command to display information about objects that are tracked by the tracking process. When no arguments or keywords are specified, information for all objects is displayed.

A maximum of 1000 objects can be tracked. Although 1000 tracked objects can be configured, each tracked object uses CPU resources. The amount of available CPU resources on a device is dependent upon variables such as traffic load and how other protocols are configured and run. The ability to use 1000 tracked objects is dependent upon the available CPU. Testing should be conducted on site to ensure that the service works under the specific site traffic conditions.

Examples

The following example shows information about the state of IP routing on the interface that is being tracked:


Device# show track 1

Track 1
 Interface GigabitEthernet 1/0/1 ip routing
 IP routing is Down (no IP addr)
  1 change, last change 00:01:08

The table below describes the significant fields shown in the displays.

Table 77. show track Field Descriptions
Field	Description
Track	Object number that is being tracked.
Interface GigabitEthernet 1/0/1 ip routing	Interface type, interface number, and object that is being tracked.
IP routing is	State value of the object, displayed as Up or Down. If the object is down, the reason is displayed.
1 change, last change	Number of times that the state of a tracked object has changed and the time (in hh:mm:ss ) since the last change.

Related Commands


Command	Description
show track resolution	Displays the resolution of tracked parameters.
track interface	Configures an interface to be tracked and enters tracking configuration mode.
track ip route	Tracks the state of an IP route and enters tracking configuration mode.

track

To configure an interface to be tracked where the Gateway Load Balancing Protocol (GLBP) weighting changes based on the state of the interface, use the track command in global configuration mode. To remove the tracking, use the no form of this command.

track object-number interface type number {line-protocol | ip routing | ipv6 routing}

no track object-number interface type number {line-protocol | ip routing | ipv6 routing}

Syntax Description


`object-number`	Object number in the range from 1 to 1000 representing the interface to be tracked.
interface `type` `number`	Interface type and number to be tracked.
line-protocol	Tracks whether the interface is up.
ip routing	Tracks whether IP routing is enabled, an IP address is configured on the interface, and the interface state is up, before reporting to GLBP that the interface is up.
ipv6 routing	Tracks whether IPv6 routing is enabled, an IP address is configured on the interface, and the interface state is up, before reporting to GLBP that the interface is up.

Command Default

The state of the interfaces is not tracked.

Command Modes

Global configuration (config)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced..

Usage Guidelines

Use the track command in conjunction with the glbp weighting and glbp weighting track commands to configure parameters for an interface to be tracked. If a tracked interface on a GLBP device goes down, the weighting for that device is reduced. If the weighting falls below a specified minimum, the device will lose its ability to act as an active GLBP virtual forwarder.

A maximum of 1000 objects can be tracked. Although 1000 tracked objects can be configured, each tracked object uses CPU resources. The amount of available CPU resources on a device is dependent upon variables such as traffic load and how other protocols are configured and run. The ability to use 1000 tracked objects is dependent upon the available CPU. Testing should be conducted on site to ensure that the service works under the specific site traffic conditions.

Examples

In the following example, TenGigabitEthernet interface 0/0/1 tracks whether GigabitEthernet interfaces 1/0/1 and 1/0/3 are up. If either of the GigabitEthernet interface goes down, the GLBP weighting is reduced by the default value of 10. If both GigabitEthernet interfaces go down, the GLBP weighting will fall below the lower threshold and the device will no longer be an active forwarder. To resume its role as an active forwarder, the device must have both tracked interfaces back up, and the weighting must rise above the upper threshold.


Device(config)# track 1 interface GigabitEthernet 1/0/1 line-protocol 
Device(config-track)# exit
Device(config)# track 2 interface GigabitEthernet 1/0/3 line-protocol 
Device(config-track)# exit
Device(config)# interface TenGigabitEthernet 0/0/1 
Device(config-if)# ip address 10.21.8.32 255.255.255.0 
Device(config-if)# glbp 10 weighting 110 lower 95 upper 105 
Device(config-if)# glbp 10 weighting track 1
Device(config-if)# glbp 10 weighting track 2

Related Commands


Command	Description
glbp weighting	Specifies the initial weighting value of a GLBP gateway.
glbp weighting track	Specifies an object to be tracked that affects the weighting of a GLBP gateway.

vrrp

To create a Virtual Router Redundancy Protocol version 3 (VRRPv3) group and enter VRRPv3 group configuration mode, use the vrrp . To remove the VRRPv3 group, use the no form of this command.

vrrp group-id address-family { ipv4 | ipv6}

no vrrp group-id address-family { ipv4 | ipv6}

Syntax Description


`group-id`	Virtual router group number. The range is from 1 to 255.
address-family	Specifies the address-family for this VRRP group.
ipv4	(Optional) Specifies IPv4 address.
ipv6	(Optional) Specifies IPv6 address.

Command Default

None

Command Modes

Interface configuration (config-if)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced..

Usage Guidelines

Examples

The following example shows how to create a VRRPv3 group and enter VRRP configuration mode:


Device(config-if)# vrrp 3 address-family ipv4

Related Commands


Command	Description
timers advertise	Sets the advertisement timer in milliseconds.

vrrp description

To assign a description to the Virtual Router Redundancy Protocol (VRRP) group, use the vrrp description command in interface configuration mode. To remove the description, use the no form of this command.

description text

no description

Syntax Description


`text`	Text (up to 80 characters) that describes the purpose or use of the group.

Command Default

There is no description of the VRRP group.

Command Modes

VRRP configuration (config-if-vrrp)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Examples

The following example enables VRRP. VRRP group 1 is described as Building A – Marketing and Administration.


Device(config-if-vrrp)# description Building A - Marketing and Administration

Related Commands


Command	Description
vrrp	Creates a VRRPv3 group and enters VRRPv3 group configuration mode.

vrrp preempt

To configure the device to take over as primary virtual router for a Virtual Router Redundancy Protocol (VRRP) group if it has higher priority than the current primary virtual router, use the preempt command in VRRP configuration mode. To disable this function, use the no form of this command.

preempt [delay minimum seconds]

no preempt

Syntax Description


delay minimum `seconds`	(Optional) Number of seconds that the device will delay before issuing an advertisement claiming primary ownership. The default delay is 0 seconds.

Command Default

This command is enabled.

Command Modes

VRRP configuration (config-if-vrrp)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

By default, the device being configured with this command will take over as primary virtual router for the group if it has a higher priority than the current primary virtual router. You can configure a delay, which will cause the VRRP device to wait the specified number of seconds before issuing an advertisement claiming primary ownership.

Note

The device that is the IP address owner will preempt, regardless of the setting of this command.

Examples

The following example configures the device to preempt the current primary virtual router when its priority of 200 is higher than that of the current primary virtual router. If the device preempts the current primary virtual router, it waits 15 seconds before issuing an advertisement claiming it is the primary virtual router.


Device(config-if-vrrp)#preempt delay minimum 15

Related Commands


Command	Description
vrrp	Creates a VRRPv3 group and enters VRRPv3 group configuration mode.
priority	Sets the priority level of the device within a VRRP group.

vrrp priority

To set the priority level of the device within a Virtual Router Redundancy Protocol (VRRP) group, use the priority command in interface configuration mode. To remove the priority level of the device, use the no form of this command.

priority level

no priority level

Syntax Description


`level`	Priority of the device within the VRRP group. The range is from 1 to 254. The default is 100.

Command Default

The priority level is set to the default value of 100.

Command Modes

VRRP configuration (config-if-vrrp)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

Use this command to control which device becomes the primary virtual router.

Examples

The following example configures the device with a priority of 254:

Device(config-if-vrrp)# priority 254

Related Commands


Command	Description
vrrp	Creates a VRRPv3 group and enters VRRPv3 group configuration mode.
vrrp preempt	Configures the device to take over as primary virtual router for a VRRP group if it has higher priority than the current primary virtual router.

vrrp timers advertise

To configure the interval between successive advertisements by the primary virtual router in a Virtual Router Redundancy Protocol (VRRP) group, use the timers advertise command in VRRP configuration mode. To restore the default value, use the no form of this command.

timers advertise [msec] interval

no timers advertise [msec] interval

Syntax Description


`group`	Virtual router group number. The group number range is from 1 to 255.
msec	(Optional) Changes the unit of the advertisement time from seconds to milliseconds. Without this keyword, the advertisement interval is in seconds.
`interval`	Time interval between successive advertisements by the primary virtual router. The unit of the interval is in seconds, unless the msec keyword is specified. The default is 1 second. The valid range is 1 to 255 seconds. When the msec keyword is specified, the valid range is 50 to 999 milliseconds.

Command Default

The default interval of 1 second is configured.

Command Modes

VRRP configuration (config-if-vrrp)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Usage Guidelines

The advertisements being sent by the primary virtual router communicate the state and priority of the current primary virtual router.

The vrrp timers advertise command configures the time between successive advertisement packets and the time before other routers declare the primary router to be down. Routers or access servers on which timer values are not configured can learn timer values from the primary router. The timers configured on the primary router always override any other timer settings. All routers in a VRRP group must use the same timer values. If the same timer values are not set, the devices in the VRRP group will not communicate with each other and any misconfigured device will change its state to primary.

Examples

The following example shows how to configure the primary virtual router to send advertisements every 4 seconds:


Device(config-if-vrrp)# timers advertise 4

Related Commands


Command	Description
vrrp	Creates a VRRPv3 group and enters VRRPv3 group configuration mode.
timers learn	Configures the device, when it is acting as backup virtual router for a VRRP group, to learn the advertisement interval used by the primary virtual router.

vrrs leader

To specify a leader’s name to be registered with Virtual Router Redundancy Service (VRRS), use the vrrs leader command. To remove the specified VRRS leader, use the no form of this command.

vrrs leader vrrs-leader-name

no vrrs leader vrrs-leader-name

Syntax Description


`vrrs-leader-name`	Name of VRRS Tag to lead.

Command Default

A registered VRRS name is unavailable by default.

Command Modes

VRRP configuration (config-if-vrrp)

Command History


Release	Modification
Cisco IOS XE Everest 16.6.1	This command was introduced.

Examples

The following example specifies a leader's name to be registered with VRRS:


Device(config-if-vrrp)# vrrs leader leader-1

Related Commands


Command	Description
vrrp	Creates a VRRP group and enters VRRP configuration mode.

Bias-Free Language

Results

Chapter: IP Addressing Services Commands

IP Addressing Services Commands

clear ip nhrp

Syntax Description

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

clear ipv6 access-list

Syntax Description

Command Default

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

clear ipv6 dhcp

Syntax Description

Command Modes

Command History

Usage Guidelines

Examples

clear ipv6 dhcp binding

Syntax Description

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

clear ipv6 dhcp client

Syntax Description

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

clear ipv6 dhcp conflict

Syntax Description

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

clear ipv6 dhcp relay binding

Syntax Description

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

clear ipv6 eigrp

Syntax Description

Command Modes

Command History

Usage Guidelines

Examples

clear ipv6 mfib counters

Syntax Description

Command Modes

Command History

Usage Guidelines

Examples

clear ipv6 mld counters

Syntax Description

Command Modes

Command History

Usage Guidelines

Examples

Related Commands

clear ipv6 mld traffic

Syntax Description

Command Modes

Command History

Usage Guidelines

Examples

clear ipv6 mtu