IP Commands
  • 12 Sep 2023
  • 9 Minutes to read
  • Contributors
  • PDF

IP Commands

  • PDF

Article summary

An IP (Internet Protocol) is an identifier for a computer or device on a TCP/IP network. Networks using the TCP/IP protocol route messages based on the destination's IP address.

The format of an IP address is a 32-bit numeric address written as four numbers separated by periods. Each number can be 0 to 255.

Example: 10.5.25.180.

Internet Protocol CLI commands are categorized as follows:

Configuration Commands

This section includes IP configuration commands.

arp timeout

Command Objective:
This command sets the ARP (Address Resolution Protocol) cache timeout. The arp timeout defines the time period an arp entry remains in the cache. When a new timeout value is assigned, it only affects the new arp entries. All the older entries retain their old timeout values.

The no form of this command sets the ARP cache timeout to its default value.

Syntax:
arp [vrf ] timeout <seconds (30-86400)>

no arp [vrf ] timeout

Parameter Description:

  • vrf < vrf-name > - Sets the ARP cache timeout for the specified VRF (Virtual Routing and Forwarding) instance. This value represents unique name of the VRF instance. This value is a string of maximum size 32.
  • timeout < seconds (30-86400) > - Configures the Address resolution protocol cache timeout value. This value ranges from 30 to 86400 seconds. The timeout values can be assigned to dynamic arp entries only. All static arp entries remain unaltered by the timeout value.

Mode:
Global Configuration Mode

Default:
7200

Prerequisites:
Virtual Routing and Forwarding instance should be created, before executing this command to configure ARP cache timeout for the context.

Example:

Your Product(config)# arp timeout 35

ip route

Command Objective:

This command adds a static route. The Route defines the IP address or interface through which the destination can be reached.

The no form of this command deletes a static route.

Syntax:

ip route [vrf < vrf-name >] < prefix > < mask > {< next-hop > | Vlan < vlan-id/vfi-id > [switch < switch-name >] [next-hop] | < interface-type > < interface-id > [next-hop] | Linuxvlan < interface-name > | Cpu0 | tunnel < tunnel-id (0-128) > | < IP-interface-type > < IP-interface-number > | ppp < 1-10 > } [< distance (1-255) >] | [ private ] | null0 [ permanent ] [ name < nexthop-name >]

no ip route [vrf < vrf-name >] < prefix > < mask > {< next-hop > | Vlan < vlan-id/vfi-id > [switch < switch-name >] [next-hop] | < interface-type > < interface-id > [next-hop] | Linuxvlan < interface-name > | Cpu0 | tunnel < tunnel-id (0-128) > | < IP-interface-type > < IP-interface-number > | ppp < 1-10 > } [< distance (1-255) >] | [ private ] | null0 [ permanent ] [ name < nexthop-name >]

Parameter Description:

  • vrf< vrf-name > - Configures thestatic route for the specified VRF (Virtual Routing and Forwarding) instance. This value represents unique name of the VRF instance. This value is a string of maximum size 32.
  • < prefix > - Configures the number of high-order bits in the IP address. These bits are common among all hosts within a network.
  • < mask > - Configures the subnet mask for the IP address. This is a 32-bit number which is used to divide the IP address into network address and host address.
  • < next-hop > - Configures the IP address or IP alias of the next hop that can be used to reach that network.
  • < Vlan < vlan-id/vfi-id > - Configures the static route for the specified VLAN / VFI ID. This value ranges from 1 to 65535.
    • < vlan –id > - VLAN ID is a unique value that represents the specific VLAN. This value ranges from 1 to 4094.
    • < vfi-id > - VFI ID is a VLAN created in the system which contains Pseudo wires and Attachment Circuits as member ports. This creates a logical LAN for the VPLS service. This value ranges from 4096 to 65535.
      Notes:

      The VLAN ID 4095 is reserved and may be used to indicate a wildcard match for the VID in management operations or Filtering Database entries.

      VFI IDs 4096 and 4097 are reserved identifiers used in MPLS PW.

      The theoretical maximum for the maximum number of VFI is 65535 but the actual number of VFI supported is a sizing constant. Based on this, the maximum number of VFI ID accepted in the management interface is restricted. For example if 100 VFIs are supported, the maximum number of VFI supported will be restricted to maximum number of VLANs + 100. An error message is displayed for any value beyond this range.


  • switch < switch-name > - Configures the static route for the specified context. This value represents unique name of the switch context. feature. This value is a string of maximum size 32.
  • < interface-type > - Configures the static route for the specified type of interface. The interface can be:
    • fastethernet - Officially referred to as 100BASE-T standard. This is a version of LAN standard architecture that supports data transfer upto 100 Megabits per second.
    • gigabitethernet - A version of LAN standard architecture that supports data transfer upto 1 Gigabit per second.
    • extreme-ethernet - A version of Ethernet that supports data transfer upto 10 Gigabits per second. This Ethernet supports only full duplex links.
    • i-lan - Internal LAN created on a bridge per IEEE 802.1ap.
  • < interface-id > - Configures the static route for the specified interface/L3SubInterface identifier. This is a unique value that represents the specific interface/L3SubInterface. This value is a combination of slot number and port number separated by a slash. For example: 0/1 represents that the slot number is 0 and port number is 1. For example for subinterface: Slot number followed by port number followed by period and a logical number.
  • Linuxvlan < interface-name > - Configures the Interface name of the Linux VLAN Interface.
  • Cpu0 - Sets the Out of Band Management Interface for the route.
  • tunnel < tunnel-id (0-128) > - Configures the static route for the specified Tunnel Identifier. This value ranges from 0 to 128.
  • < IP-interface-type > - Configures the static route for the specified L3 Psuedo wire interface in the system.
  • < IP-interface-number > - Configures the static route for the specified L3 Psuedo wire interface identifier. This is a unique value that represents the specific interface . This value ranges from 1 to 65535 for Psuedowire interface. Maximum number of PseudoWire interfaces supported in the system is 100.
  • ppp < 1-10 > - Configures the ppp(point to point protocol) interface for the route. The value ranges from 1 to 10.
  • < distance (1-255) > - Configures the Administrative distance for the specified next hop address or the interface. This value ranges from 1 to 255.
  • private - Sets the Private route.
  • null0 - Sets the Null Interface for the route.
  • permanent - Sets the permenant route.
  • name < nexthop-name > - Configures next hop name for the newly added static route.

Mode:
Global Configuration Mode

Default:
distance - -1


Notes:

When the next-hop object is unknown or not relevant its value must be set to zero.

Interface must be a router port.

Virtual Routing and Forwarding instance other then "Default" should be created, before executing this command to add static route for the context.

Virtual Routing and Forwarding instance should be mapped to the IPV4 / IPV6 interface, before executing this command to add the static routes for the context in the interface.

Vrf-route-leaking is enabled.


Example:

Your Product(config)# ip route 30.0.0.2  255.255.255.255  Vlan 1
Your Product(config)# ip route 30.0.0.2 255.255.255.255 gi 0/2 12.2

ip ssh

Command Objective:
This command configures the various parameters associated with SSH server. The standard port used by SSH is 22. SSH server allows remote and secure configuration of the switch.

The SSH server provides protocol version exchange, data integrity, cipher and key exchange algorithms negotiation between two communicating entities, key exchange mechanism, encryption and server authentication. The auth takes values as bit mask. Setting a bit indicates that the corresponding MAC-list will be used for authentication.

The no form of this command re-sets the various parameters associated with SSH server.

Syntax:
ip ssh {cipher ( [aes128-ctr] [aes192-ctr] [aes256-ctr]) | auth ([hmac-md5] [hmac-sha1] [hmac-sha256]) }

no ip ssh {cipher ( [aes128-ctr] [aes192-ctr] [aes256-ctr]) | auth ([hmac-md5] [hmac-sha1] [hmac-sha256]) }

Parameter Description:

  • cipher – Configures the Cipher List. This cipher list takes values as bit mask. Setting a bit indicates that the corresponding cipher-list is used for encryption.
    • aes128-ctr – This is a 0 bit cipher list aes128-ctr. Advanced Encryption Standard for 128 bits.
    • aes192-ctr – This is a -bit cipher list. Advanced Encryption Standard (AES) is a specification for the encryption of electronic data for 192 bits.
    • aes256-ctr – This is a 3-bit cipherlist. Advanced Encryption Standard (AES) is a specification for the encryption of electronic data for 256 bits.
  • auth – Configures Public key authentication for incoming SSH sessions.
    • hmac-md5 – Hash Message Authentication Code - Message-Digest algorithm 5.
    • hmac-sha1 – Hash Message Authentication Code - Secure Hash Algorithm 1.
    • hmac-sha256 – Hash Message Authentication Code - Secure Hash Algorithm 2.

Mode:
Global Configuration Mode

Default:

  • version compatibility - False
  • cipher - aes128-ctr
  • auth - hmac-sha256

Example:

Your Product (config)# ip ssh cipher aes-192ctr

Display Commands

This section includes IP display commands.

show ip route

Command Objective:
This command displays the IP routing table.

Syntax:
show ip route [vrf < vrf-name >] [ { [< mask >] | bgp | connected | ospf | rip | static | summary | details | isis} ]

Parameter Description:

  • vrf< vrf-name > – Displays the configured PMON port policy.
  • < ip-address > - Displays the IP routing table for the specified destination IP Address.
  • < mask > - Displays the IP routing table for the specified prefix mask address.
  • bgp - Displays the Border Gateway Protocol if it is used by the table to get route information.
  • connected - Displays the Directly Connected Network Routes.
  • ospf - Displays the OSPF (Open Shortest Path First) protocol if it is used for getting route information.
  • rip - Displays the RIP (Routing Information Protocol) if it is used for getting route information.
  • static - Displays the Static Routes in the table.
  • summary - Displays the Summary of all routes.
  • details - Displays the information about route status (Route in Hardware,Route Reachable,Best route)
  • isis - Displays the information about the ISIS routes.

Mode:
Privileged EXEC Mode

Default:
vrf - default

Example:

Your Product # show ip route
Codes: C - connected, S - static, R - rip, B - bgp, O - ospf

IA - OSPF inter area, N1 - OSPF NSSA external type 1,

N2 - OSPF NSSA external type 2, E1 - OSPF external type 1,

E2 - OSPF external type 2

Vrf Name:          default

---------

C 12.0.0.0/8  is directly connected, vlan1

O IA 15.0.0.0/8  [2] via 12.0.0.7
O E2 20.0.0.0/8  [10] via 12.0.0.7

© 2024 Cisco and/or its affiliates. All rights reserved.
 
For more information about trademarks, please visit: Cisco trademarks
For more information about legal terms, please visit: Cisco legal terms

For legal information about Accedian Skylight products, please visit: Accedian legal terms and tradmarks



Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.