CISCO IOS XE 17 IP Addressing Configuration User Guide
- June 15, 2024
- Cisco
Table of Contents
CISCO IOS XE 17 IP Addressing Configuration
IP Addressing Configuration Guide, Cisco IOS XE 17.x
Specifications
- Last Modified: 2023-07-20
- Americas Headquarters: Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA
- Website: http://www.cisco.com
- Tel: 408 526-4000
- 800 553-NETS (6387)
- Fax: 408 527-0883
Product Information
The IP Addressing Configuration Guide provides instructions for configuring IP addresses on Cisco IOS XE 17.x devices. It covers both IPv4 and IPv6 addressing, as well as troubleshooting tips and information about IP overlapping address pools. The guide aims to help users establish IP connectivity to a network by assigning IP addresses to interfaces.
Product Usage Instructions
Chapter 1: Configuring IPv4 Addresses
This chapter provides information about IP addresses, including binary
numbering, IP address structure, IP address classes, IP network subnetting,
and classless inter-domain routing. It also explains how to configure IP
addresses and establish IP connectivity to a network by assigning an IP
address to an interface.
Chapter 2: Troubleshooting Tips
This chapter offers troubleshooting tips for increasing the number of IP
hosts supported on a network using secondary IP addresses. It also covers IP
overlapping address pools, including restrictions, benefits, and configuration
examples.
Chapter 3: How IP Address Groups Work
This chapter explains how IP overlapping address pools work and provides
instructions for configuring and verifying a local pool group. It includes
configuration examples and additional references for configuring IP
overlapping address pools.
Chapter 4: Auto-IP
This chapter covers Auto-IP, including prerequisites, restrictions, and
information about Auto-IP. It provides an overview of Auto-IP, explains the
seed device concept, and offers instructions for configuring Auto-IP and
resolving conflicts using the Auto-Swap technique.
Chapter 5: Configuring a Seed Device
This chapter focuses on configuring a seed device for Auto-IP
functionality. It also provides instructions for configuring the Auto-IP
functionality on node interfaces for inclusion in an Auto-IP ring.
Configuration examples and additional references are included.
Chapter 6: IPv6 Addressing
This chapter discusses IPv6 addressing and basic connectivity. It covers
restrictions, IPv6 address formats, IPv6 address output display, simplified
IPv6 packet header, DNS for IPv6, Cisco
Discovery Protocol IPv6 address support, IPv6 prefix aggregation, IPv6 site
multihoming, IPv6 data links, and dual IPv4 and IPv6 protocol stacks. It also
provides instructions for configuring IPv6 addressing and basic connectivity.
FAQ
Q: What is the purpose of this guide?
A: The purpose of this guide is to provide instructions for configuring IP
addresses on Cisco IOS XE 17.x devices and establishing IP connectivity to a
network.
Q: Does this guide cover both IPv4 and IPv6 addressing?
A: Yes, this guide covers both IPv4 and IPv6 addressing.
Q: Are there troubleshooting tips included?
A: Yes, the guide includes troubleshooting tips for increasing the number
of IP hosts supported on a network and resolving IP overlapping address pool
conflicts.
IP Addressing Configuration Guide, Cisco IOS XE 17.x
Last Modified: 2023-07-20
Americas Headquarters
Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA
http://www.cisco.com Tel: 408 526-4000
800 553-NETS (6387) Fax: 408 527-0883
Contents
CONTENTS
PREFACE
PART I CHAPTER 1
Full Cisco Trademarks with Software License ?
Preface lxix Preface lxix Audience and Scope lxix Feature Compatibility lxx
Document Conventions lxx Communications, Services, and Additional Information
lxxi Documentation Feedback lxxii Troubleshooting lxxii
IPv4 Addressing 73
Configuring IPv4 Addresses 1 Reference the Chapter Map here 1 Information
About IP Addresses 1 Binary Numbering 1 IP Address Structure 3 IP Address
Classes 4 IP Network Subnetting 6 IP Network Address Assignments 7 Classless
Inter-Domain Routing 10 Prefixes 10 How to Configure IP Addresses 10
Establishing IP Connectivity to a Network by Assigning an IP Address to an
Interface 10
IP Addressing Configuration Guide, Cisco IOS XE 17.x ii
Contents
CHAPTER 2
Troubleshooting Tips 11 Increasing the Number of IP Hosts that Are Supported
on a Network by Using Secondary IP
Addresses 12 Troubleshooting Tips 13 What to Do Next 13 Maximizing the Number
of Available IP Subnets by Allowing the Use of IP Subnet Zero 13
Troubleshooting Tips 14 Specifying the Format of Network Masks 15 Specifying
the Format in Which Netmasks Appear for the Current Session 15 Specifying the
Format in Which Netmasks Appear for an Individual Line 15 Using IP Unnumbered
Interfaces on Point-to-Point WAN Interfaces to Limit Number of IP Addresses
Required 16 IP Unnumbered Feature 16 Troubleshooting Tips 18 Using IP
addresses with 31-Bit Prefixes on Point-to-Point WAN Interfaces to Limit
Number of IP Addresses Required 18 RFC 3021 18 Troubleshooting Tips 21
Configuration Examples for IP Addresses 21 Example Establishing IP
Connectivity to a Network by Assigning an IP Address to an Interface 21
Example Increasing the Number of IP Hosts that are Supported on a Network by
Using Secondary IP Addresses 21 Example Using IP Unnumbered Interfaces on
Point-to-Point WAN Interfaces to Limit Number of IP Addresses Required 22
Example Using IP addresses with 31-Bit Prefixes on Point-to-Point WAN
Interfaces to Limit Number of IP Addresses Required 22 Example Maximizing the
Number of Available IP Subnets by Allowing the Use of IP Subnet Zero 22 Where
to Go Next 23 Additional References 23 Feature Information for IP Addresses 24
IP Overlapping Address Pools 27 Restrictions for IP Overlapping Address Pools
27 Information About IP Overlapping Address Pools 27 Benefits 27
IP Addressing Configuration Guide, Cisco IOS XE 17.x iii
Contents
CHAPTER 3 CHAPTER 4
How IP Address Groups Work 27 How to Configure IP Overlapping Address Pools 28
Configuring and Verifying a Local Pool Group 28 Configuration Examples for
Configuring IP Overlapping Address Pools 29
Define Local Address Pooling as the Global Default Mechanism Example 29
Configure Multiple Ranges of IP Addresses into One Pool Example 29 Additional
References 29 Feature Information for Configuring IP Overlapping Address Pools
30 Glossary 31
IP Unnumbered Ethernet Polling Support 33 Information About IP Unnumbered
Ethernet Polling Support 33 IP Unnumbered Ethernet Polling Support Overview 33
How to Configure IP Unnumbered Ethernet Polling Support 33 Enabling Polling on
an Ethernet Interface 33 Configuring the Queue Size and the Packet Rate for IP
ARP Polling for Unnumbered Interfaces 35 Verifying IP Unnumbered Ethernet
Polling Support 35 Configuration Examples for IP Unnumbered Ethernet Polling
Support 37 Example: Enabling Polling on an Ethernet Interface 37 Example:
Configuring the Queue Size and the Packet Rate for IP ARP Polling for
Unnumbered Interfaces 37 Additional References 38 Feature Information for IP
Unnumbered Ethernet Polling Support 38
Auto-IP 41 Prerequisites for Auto-IP 41 Restrictions for Auto-IP 42
Information About Auto-IP 42 Auto-IP Overview 42 Seed Device 44 Auto-IP
Configuration for Inserting a Device into an Auto-IP Ring 45 Device Removal
from an Auto-IP Ring 47 Conflict Resolution Using the Auto-Swap Technique 48
How to Configure Auto-IP 49
IP Addressing Configuration Guide, Cisco IOS XE 17.x iv
Contents
CHAPTER 5
PART II CHAPTER 6
Configuring a Seed Device 49 Configuring the Auto-IP Functionality on Node
Interfaces (for Inclusion in an Auto-IP Ring) 51 Verifying and Troubleshooting
Auto-IP 53 Configuration Examples for Auto-IP 55 Example: Configuring a Seed
Device 55 Example: Configuring the Auto-IP Functionality on Node Interfaces
(for Inclusion in an Auto-IP
Ring) 55 Additional References for Auto-IP 56 Feature Information for Auto-IP
56
Zero Touch Auto-IP 59 Finding Feature Information 59 Prerequisites for Zero
Touch Auto-IP 59 Restrictions for Zero Touch Auto-IP 60 Information About Zero
Touch Auto-IP 60 How to Configure Zero Touch Auto-IP 62 Associating an Auto-IP
Server with an Autonomic Network 62 Enabling Auto Mode on Auto-IP Ring Ports
64 Configuring an Auto-IP Server and Reserving a Pool of IP Addresses on the
Server 65 Configuring a Seed Port 66 Verifying and Troubleshooting Zero Touch
Auto-IP 67 Configuration Examples for Zero Touch Auto-IP 70 Example:
Associating an Auto-IP Server with an Autonomic Network 70 Example: Enabling
Auto Mode on Auto-IP Ring Ports 70 Example: Configuring an Auto-IP Server and
Reserving a Pool of IP Addresses on the Server 71 Example: Configuring a Seed
Port 71 Additional References for Zero Touch Auto-IP 71 Feature Information
for Auto-IP 72
IPv6 Addressing 73
IPv6 Addressing and Basic Connectivity 75 Restrictions for Implementing IPv6
Addressing and Basic Connectivity 75 Information About IPv6 Addressing and
Basic Connectivity 75
IP Addressing Configuration Guide, Cisco IOS XE 17.x v
Contents
CHAPTER 7 CHAPTER 8
IPv6 for Cisco Software 75 Large IPv6 Address Space for Unique Addresses 76
IPv6 Address Formats 76 IPv6 Address Output Display 77 Simplified IPv6 Packet
Header 78 DNS for IPv6 81 Cisco Discovery Protocol IPv6 Address Support 82
IPv6 Prefix Aggregation 82 IPv6 Site Multihoming 82 IPv6 Data Links 83 Dual
IPv4 and IPv6 Protocol Stacks 83 How to Configure IPv6 Addressing and Basic
Connectivity 84 Configuring IPv6 Addressing and Enabling IPv6 Routing 84
Mapping Hostnames to IPv6 Addresses 86
Hostname-to-Address Mappings 86 Displaying IPv6 Redirect Messages 88
Configuration Examples for IPv6 Addressing and Basic Connectivity 89 Example:
IPv6 Addressing and IPv6 Routing Configuration 89 Example: Dual-Protocol
Stacks Configuration 89 Example: Hostname-to-Address Mappings Configuration 90
Additional References for IPv6 Services: AAAA DNS Lookups 90 Feature
Information for IPv6 Addressing and Basic Connectivity 91
IPv6 Anycast Address 93 Information About IPv6 Anycast Address 93 IPv6 Address
Type: Anycast 93 How to Configure IPv6 Anycast Address 94 Configuring IPv6
Anycast Addressing 94 Configuration Examples for IPv6 Anycast Address 95
Example: Configuring IPv6 Anycast Addressing 95 Additional References 95
Feature Information for IPv6 Anycast Address 96
IPv6 Switching: Cisco Express Forwarding Support 97
IP Addressing Configuration Guide, Cisco IOS XE 17.x vi
Contents
CHAPTER 9
CHAPTER 10 CHAPTER 11
Prerequisites for IPv6 Switching: Cisco Express Forwarding 97 Information
About IPv6 Switching: Cisco Express Forwarding Support 98
Cisco Express Forwarding for IPv6 98 How to Configure IPv6 Switching: Cisco
Express Forwarding Support 98
Configuring Cisco Express Forwarding 98 Configuration Examples for IPv6
Switching: Cisco Express Forwarding Support 99
Example: Cisco Express Forwarding Configuration 99 Additional References 100
Feature Information for IPv6 Switching: Cisco Express Forwarding and
Distributed Cisco Express
Forwarding Support 101
Unicast Reverse Path Forwarding for IPv6 103 Prerequisites for Unicast Reverse
Path Forwarding for IPv6 103 Information About Unicast Reverse Path Forwarding
for IPv6 104 Unicast Reverse Path Forwarding 104 How to Configure Unicast
Reverse Path Forwarding for IPv6 104 Configuring Unicast RPF 104 Configuration
Examples for Unicast Reverse Path Forwarding for IPv6 106 Example: Configuring
Unicast Reverse Path Forwarding for IPv6 106 Additional References 106 Feature
Information for Unicast Reverse Path Forwarding for IPv6 107
IPv6 Services: AAAA DNS Lookups over an IPv4 Transport 109 Information About
IPv6 Services: AAAA DNS Lookups over an IPv4 Transport 109 DNS for IPv6 109
Additional References for IPv6 Services: AAAA DNS Lookups 110 Feature
Information for IPv6 Services: AAAA DNS Lookups over an IPv4 Transport 111
IPv6 MTU Path Discovery 113 Information About IPv6 MTU Path Discovery 113 IPv6
MTU Path Discovery 113 ICMP for IPv6 114 How to Configure IPv6 MTU Path
Discovery 114 Enabling Flow-Label Marking in Packets that Originate from the
Device 114
IP Addressing Configuration Guide, Cisco IOS XE 17.x vii
Contents
CHAPTER 12 CHAPTER 13 CHAPTER 14
Configuration Examples for IPv6 MTU Path Discovery 115 Example: Displaying
IPv6 Interface Statistics 115
Additional References 116 Feature Information for IPv6 MTU Path Discovery 117
ICMP for IPv6 119 Information About ICMP for IPv6 119 ICMP for IPv6 119 IPv6
Neighbor Solicitation Message 119 IPv6 Router Advertisement Message 121
Additional References for IPv6 Neighbor Discovery Multicast Suppress 123
Feature Information for ICMP for IPv6 123
IPv6 ICMP Rate Limiting 125 Information About IPv6 ICMP Rate Limiting 125 ICMP
for IPv6 125 IPv6 ICMP Rate Limiting 126 How to Configure IPv6 ICMP Rate
Limiting 126 Customizing IPv6 ICMP Rate Limiting 126 Configuration Examples
for IPv6 ICMP Rate Limiting 127 Example: IPv6 ICMP Rate Limiting Configuration
127 Example: Displaying Information About ICMP Rate-Limited Counters 127
Additional References 128 Feature Information for IPv6 ICMP Rate Limiting 129
ICMP for IPv6 Redirect 131 Information About ICMP for IPv6 Redirect 131 ICMP
for IPv6 131 IPv6 Neighbor Redirect Message 132 How to Display IPv6 Redirect
Messages 133 Displaying IPv6 Redirect Messages 133 Configuration Examples for
ICMP for IPv6 Redirect 134 Example: Displaying IPv6 Interface Statistics 134
Additional References 135
IP Addressing Configuration Guide, Cisco IOS XE 17.x viii
Contents
CHAPTER 15 CHAPTER 16 CHAPTER 17
Feature Information for ICMP for IPv6 Redirect 136
IPv6 Neighbor Discovery Cache 137 Information About IPv6 Static Cache Entry
for Neighbor Discovery 137 IPv6 Neighbor Discovery 137 Per-Interface Neighbor
Discovery Cache Limit 137 How to Configure IPv6 Neighbor Discovery Cache 138
Configuring a Neighbor Discovery Cache Limit on a Specified Interface 138
Configuring a Neighbor Discovery Cache Limit on All Device Interfaces 138
Configuration Examples for IPv6 Neighbor Discovery Cache 139 Example:
Configuring a Neighbor Discovery Cache Limit 139 Additional References 139
Feature Information for IPv6 Neighbor Discovery Cache 140
IPv6 Neighbor Discovery Cache 143 Information About IPv6 Static Cache Entry
for Neighbor Discovery 143 IPv6 Neighbor Discovery 143 Per-Interface Neighbor
Discovery Cache Limit 143 How to Configure IPv6 Neighbor Discovery Cache 144
Configuring a Neighbor Discovery Cache Limit on a Specified Interface 144
Configuring a Neighbor Discovery Cache Limit on All Device Interfaces 144
Configuration Examples for IPv6 Neighbor Discovery Cache 145 Example:
Configuring a Neighbor Discovery Cache Limit 145 Additional References 145
Feature Information for IPv6 Neighbor Discovery 146
IPv6 Default Router Preference 149 Information About IPv6 Default Router
Preference 149 Default Router Preferences for Traffic Engineering 149 How to
Configure IPv6 Default Router Preference 150 Configuring the DRP Extension for
Traffic Engineering 150 Configuration Examples for IPv6 Default Router
Preference 151 Example: IPv6 Default Router Preference 151 Additional
References 151
IP Addressing Configuration Guide, Cisco IOS XE 17.x ix
Contents
CHAPTER 18
CHAPTER 19 PART III CHAPTER 20
Feature Information for IPv6 Default Router Preference 152
IPv6 Stateless Autoconfiguration 155 Information About IPv6 Stateless
Autoconfiguration 155 IPv6 Stateless Autoconfiguration 155 Simplified Network
Renumbering for IPv6 Hosts 155 How to Configure IPv6 Stateless
Autoconfiguration 156 Enabling IPv6 Stateless Autoconfiguration 156
Configuration Examples for IPv6 Stateless Autoconfiguration 157 Example:
Displaying IPv6 Interface Statistics 157 Additional References 157 Feature
Information for IPv6 Stateless Autoconfiguration 158
IPv6 RFCs 161
IP Application Services 167
Configuring Enhanced Object Tracking 169 Restrictions for Enhanced Object
Tracking 169 Information About Enhanced Object Tracking 169 Feature Design of
Enhanced Object Tracking 169 Interface State Tracking 170 Scaled Route Metrics
171 IP SLA Operation Tracking 172 Enhanced Object Tracking and Embedded Event
Manager 172 Benefits of Enhanced Object Tracking 172 How to Configure Enhanced
Object Tracking 173 Tracking the Line-Protocol State of an Interface 173
Tracking the IP-Routing State of an Interface 174 Tracking IP-Route
Reachability 176 Tracking the Threshold of IP-Route Metrics 178 Tracking the
State of an IP SLAs Operation 180 Tracking the Reachability of an IP SLAs IP
Host 181 Configuring a Tracked List and Boolean Expression 182
IP Addressing Configuration Guide, Cisco IOS XE 17.x x
CHAPTER 21
Configuring a Tracked List and Threshold Weight 184 Configuring a Tracked List
and Threshold Percentage 185 Configuring Track List Defaults 187 Configuring
Tracking for Mobile IP Applications 188 Configuration Examples for Enhanced
Object Tracking 189 Example: Interface Line Protocol 189 Example: Interface IP
Routing 190 Example: IP-Route Reachability 190 Example: IP-Route Threshold
Metric 191 Example: IP SLAs IP Host Tracking 191 Example: Boolean Expression
for a Tracked List 192 Example: Threshold Weight for a Tracked List 193
Example: Threshold Percentage for a Tracked List 193 Additional References 194
Feature Information for Enhanced Object Tracking 195 Glossary 196
Configuring IP Services 199 Information About IP Services 199 IP Source
Routing 199 ICMP Overview 200 ICMP Unreachable Error Messages 200 ICMP Mask
Reply Messages 201 ICMP Redirect Messages 201 Denial of Service Attack 201
Path MTU Discovery 202 Show and Clear Commands for IOS Sockets 203 How to
Configure IP Services 203 Protecting Your Network from DOS Attacks 203
Configuring ICMP Unreachable Rate Limiting User Feedback 205 Setting the MTU
Packet Size 206 Configuring IP Accounting With NetFlow 207 Configuration
Examples for IP Services 212 Example: Protecting Your Network from DOS Attacks
212
Contents
IP Addressing Configuration Guide, Cisco IOS XE 17.x xi
Contents
CHAPTER 22
Example: Configuring ICMP Unreachable Destination Counters 212 Example:
Setting the MTU Packet Size 212 Example: Configuring IP Accounting with
NetFlow 212 Verifying IP Accounting with NetFlow 213 Additional References For
IP Services 214 Feature Information for IP Services 215
Configuring IPv4 Broadcast Packet Handling 217 Information About IPv4
Broadcast Packet Handling 217 IP Unicast Address 217 IP Broadcast Address 217
IP Network Broadcast 218 IP Directed Broadcast Address 218 IP Directed
Broadcasts 219 IP Multicast Addresses 219 Early IP Implementations 220 DHCP
and IPv4 Broadcast Packets 220 UDP Broadcast Packet Forwarding 220 UDP
Broadcast Packet Flooding 221 IP Broadcast Flooding Acceleration 221 Default
UDP Port Numbers 222 Default IP Broadcast Address 222 UDP Broadcast Packet
Case Study 222 UDP Broadcast Packet Forwarding 223 UDP Broadcast Packet
Flooding 225 Feature Information for IP Broadcast Packet Handling 228 How to
Configure IP Broadcast Packet Handling 228 Enable IP Network Broadcast 228
Enabling IP Directed Broadcasts Without an Access List 229 Enabling IP
Directed Broadcasts with an Access List 230 Enabling Forwarding of UDP
Broadcast Packets to a Specific Host 231 Enabling Forwarding of UDP Broadcast
Packets to a Range of Hosts 233 Changing the Default IP Broadcast Address for
All Interfaces to 0.0.0.0 on Routers Without Nonvolatile Memory 235
IP Addressing Configuration Guide, Cisco IOS XE 17.x xii
Contents
CHAPTER 23 CHAPTER 24
Changing the Default IP Broadcast Address for All Interfaces to 0.0.0.0 on
Routers with Nonvolatile Memory 235
Changing the IP Broadcast Address to Any IP Address on One or More Interfaces
in a Router 236 Configuring UDP Broadcast Packet Flooding 237 Configuration
Examples for IP Broadcast Packet Handling 239 Example: Enabling IP Directed
Broadcasts with an Access List 239 Example: Configuring UDP Broadcast Packet
Flooding 240 Additional References for WCCP–Configurable Router ID 240
Object Tracking: IPv6 Route Tracking 243 Restrictions for Object Tracking:
IPv6 Route Tracking 243 Information About Object Tracking: IPv6 Route Tracking
243 Enhanced Object Tracking and IPv6 Route Tracking 243 How to Configure
Object Tracking: IPv6 Route Tracking 244 Tracking the IPv6-Routing State of an
Interface 244 Tracking the Threshold of IPv6-Route Metrics 245 Tracking
IPv6-Route Reachability 246 Configuration Examples for Object Tracking: IPv6
Route Tracking 248 Example: Tracking the IPv6-Routing State of an Interface
248 Example: Tracking the Threshold of IPv6-Route Metrics 248 Example:
Tracking IPv6-Route Reachability 248 Additional References for Object
Tracking: IPv6 Route Tracking 249 Feature Information for Object Tracking:
IPv6 Route Tracking 249
IPv6 Static Route Support for Object Tracking 251 Information About IPv6
Static Route Support for Object Tracking 251 IPv6 Static Route Support for
Object Tracking Overview 251 Routing Table Insertion 251 Routing Table
Insertion Criteria 252 How to Configure IPv6 Static Route Support for Object
Tracking 252 Configuring the IPv6 Static Routing Support for Object Tracking
252 Configuration Examples for IPv6 Static Route Support for Object Tracking
254 Example: IPv6 Static Route Object Tracking 254 Additional References for
IPv6 Static Route Support for Object Tracking 254
IP Addressing Configuration Guide, Cisco IOS XE 17.x xiii
Contents
CHAPTER 25 CHAPTER 26
Feature Information for IPv6 Static Route Support for Object Tracking 255
Configuring TCP 257 Prerequisites for TCP 257 Information About TCP 257 TCP
Services 257 TCP Connection Establishment 258 TCP Connection Attempt Time 258
TCP Selective Acknowledgment 259 TCP Time Stamp 259 TCP Maximum Read Size 259
TCP Path MTU Discovery 259 TCP Window Scaling 260 TCP Sliding Window 260 TCP
Outgoing Queue Size 261 TCP MSS Adjustment 261 TCP Applications Flags
Enhancement 261 TCP Show Extension 262 TCP MIB for RFC 4022 Support 262 Zero-
Field TCP Packets 262 How to Configure TCP 262 Configuring TCP Performance
Parameters 262 Configuring the MSS Value and MTU for Transient TCP SYN Packets
264 Configuring the MSS Value for IPv6 Traffic 265 Verifying TCP Performance
Parameters 266 Configuration Examples for TCP 270 Example: Verifying the
Configuration of TCP ECN 270 Example: Configuring the TCP MSS Adjustment 272
Example: Configuring the TCP Application Flags Enhancement 273 Example:
Displaying Addresses in IP Format 273 Additional References 274 Feature
Information for TCP 275
Configuring WCCP 279
IP Addressing Configuration Guide, Cisco IOS XE 17.x xiv
Prerequisites for WCCP 279 Restrictions for WCCP 279 Information About WCCP
281
WCCP Overview 281 Layer 2 Forwarding Redirection and Return 281 WCCP Mask
Assignment 282 Hardware Acceleration 282 WCCPv1 Configuration 283 WCCPv2
Configuration 284 WCCPv2 Support for Services Other Than HTTP 285 WCCPv2
Support for Multiple Routers 285 WCCPv2 MD5 Security 285 WCCPv2 Web Cache
Packet Return 286 WCCPv2 Load Distribution 286 WCCP VRF Support 286 WCCP VRF
Tunnel Interfaces 287 WCCP Bypass Packets 289 WCCP Closed Services and Open
Services 289 WCCP Outbound ACL Check 290 WCCP Service Groups 290 WCCP–Check
All Services 291 WCCP Interoperability with NAT 292 WCCP Troubleshooting Tips
292 How to Configure WCCP 292 Configuring WCCP 292 Configuring Closed Services
294 Registering a Router to a Multicast Address 296 Using Access Lists for a
WCCP Service Group 297 Enabling the WCCP Outbound ACL Check 299 Enabling WCCP
Interoperability with NAT 300 Verifying and Monitoring WCCP Configuration
Settings 302 Configuration Examples for WCCP 303 Example: Changing the Version
of WCCP on a Router 303 Example: Configuring a General WCCPv2 Session 304
Contents
IP Addressing Configuration Guide, Cisco IOS XE 17.x xv
Contents
CHAPTER 27 CHAPTER 28
Example: Setting a Password for a Router and Content Engines 304 Example:
Configuring a Web Cache Service 304 Example: Running a Reverse Proxy Service
304 Example: Registering a Router to a Multicast Address 305 Example: Using
Access Lists 305 Example: WCCP Outbound ACL Check Configuration 305 Example:
Verifying WCCP Settings 306 Example: Enabling WCCP Interoperability with NAT
308 Additional References 308 Feature Information for WCCP 309
WCCP–Configurable Router ID 315 Restrictions for WCCP–Configurable Router ID
315 Information About WCCP–Configurable Router ID 315 WCCP–Configurable Router
ID Overview 315 How to Configure WCCP–Configurable Router ID 316 Configuring a
Preferred WCCP Router ID 316 Configuration Examples for WCCP–Configurable
Router ID 317 Example: Configuring a Preferred WCCP Router ID 317 Additional
References for WCCP–Configurable Router ID 317 Feature Information for
WCCP–Configurable Router ID 318
WCCPv2–IPv6 Support 319 Prerequisites for WCCPv2–IPv6 Support 319 Restrictions
for WCCPv2–IPv6 Support 319 Information About WCCPv2–IPv6 Support 320 WCCP
Overview 320 Layer 2 Forwarding Redirection and Return 320 WCCP Mask
Assignment 321 WCCP Hash Assignment 321 WCCPv2 Configuration 322 WCCPv2
Support for Services Other Than HTTP 323 WCCPv2 Support for Multiple Routers
323 WCCPv2 MD5 Security 323
IP Addressing Configuration Guide, Cisco IOS XE 17.x xvi
Contents
CHAPTER 29
WCCPv2 Web Cache Packet Return 323 WCCPv2 Load Distribution 324 WCCP VRF
Support 324 IPv6 WCCP Tunnel Interface 324 WCCP Bypass Packets 327 WCCP Closed
Services and Open Services 327 WCCP Outbound ACL Check 327 WCCP Service Groups
328 WCCP–Check All Services 329 WCCP–Configurable Router ID Overview 329 WCCP
Troubleshooting Tips 329 How to Configure WCCPv2–IPv6 Support 330 Configuring
a General WCCPv2–IPv6 Session 330 Configuring Services for WCCPv2–IPv6 332
Registering a Router to a Multicast Address for WCCPv2– IPv6 333 Using Access
Lists for WCCPv2–IPv6 Service Group 335 Enabling the WCCP–IPv6 Outbound ACL
Check 337 Verifying and Monitoring WCCPv2–IPv6 Configuration Settings 338
Configuration Examples for WCCPv2–IPv6 Support 339 Example: Configuring a
General WCCPv2–IPv6 Session 339 Example: WCCPv2–IPv6–Setting a Password for a
Router and Content Engines 339 Example: WCCPv2–IPv6–Configuring a Web Cache
Service 339 Example: WCCPv2–IPv6–Running a Reverse Proxy Service 340 Example:
WCCPv2–IPv6–Registering a Router to a Multicast Address 340 Example:
WCCPv2–IPv6–Using Access Lists for a WCCPv2 IPv6 Service Group 340 Example:
WCCPv2–IPv6–Configuring Outbound ACL Check 341 Example: WCCPv2–IPv6–Verifying
WCCP Settings 341 Example: WCCPv2–IPv6–Cisco ASR 1000 Platform Specific
Configuration 343 Additional References 344 Feature Information for
WCCPv2–IPv6 Support 344
WCCP with Generic GRE Support 347 Restrictions for WCCP with Generic GRE
Support 347 Information About WCCP with Generic GRE Support 347
IP Addressing Configuration Guide, Cisco IOS XE 17.x xvii
Contents
PART IV CHAPTER 30
CHAPTER 31
WCCP with Generic GRE Support 347 Cisco WAAS AppNav Solution 348 How to
Configure WCCP with Generic GRE Support 348 Configure WCCP Redirection with
Generic GRE Configured on the Device Using a Loopback
Interface 348 Configure WCCP Redirection with Generic GRE Configured on a
Device Using a Physical
Interface 351 Configuration Examples for WCCP with Generic GRE Support 353
Example: Configure WCCP Redirection with Generic GRE Configured on Device
Using a Loopback Interface 353
Example: Configure WCCP Redirection with Generic GRE Configured on a Device
Using a Physical Interface 354
Additional References for WCCP with Generic GRE Support 355 Feature
Information for WCCP with Generic GRE Support 355
IP SLAs 357
IP SLAs Overview 359 Information About IP SLAs 359 IP SLAs Technology Overview
359 Service Level Agreements 360 Benefits of IP SLAs 361 Restriction for IP
SLAs 362 Network Performance Measurement Using IP SLAs 362 IP SLAs Responder
and IP SLAs Control Protocol 363 Response Time Computation for IP SLAs 364 IP
SLAs Operation Scheduling 364 IP SLAs Operation Threshold Monitoring 365 MPLS
VPN Awareness 365 History Statistics 365 Additional References 366
Configuring IP SLAs UDP Jitter Operations 369 Prerequisites for IP SLAs UDP
Jitter Operations 369 Restrictions for IP SLAs UDP Jitter Operations 369
IP Addressing Configuration Guide, Cisco IOS XE 17.x xviii
Contents
CHAPTER 32 CHAPTER 33
Information About IP SLAs UDP Jitter Operations 370 IP SLAs UDP Jitter
Operation 370
How to Configure IP SLAs UDP Jitter Operations 371 Configuring the IP SLAs
Responder on a Destination Device 371 Configuring and Scheduling a UDP Jitter
Operation on a Source Device 372 Configuring a Basic UDP Jitter Operation on a
Source Device 372 Configuring a UDP Jitter Operation with Additional
Characteristics 374 Scheduling IP SLAs Operations 377 Troubleshooting Tips 379
What to Do Next 379
Verifying IP SLAs UDP Jitter Operations 379 Configuration Examples for IP SLAs
UDP Jitter Operations 382
Example: Configuring a UDP Jitter Operation 382 Additional References for IP
SLAs UDP Jitter Operations 383 Feature Information for IP SLAs UDP Jitter
Operations 383
IP SLAs Multicast Support 385 Prerequisites for IP SLAs Multicast Support 385
Restrictions for IP SLAs Multicast Support 385 Information About IP SLAs
Multicast Support 386 Multicast UDP Jitter Operations 386 How to Configure IP
SLAs Multicast Support 386 Configuring the IP SLAs Responder on a Destination
Device 386 Creating a List of Multicast Responders on the Source Device 387
Configuring Multicast UDP Jitter Operations 389 Scheduling IP SLAs Operations
393 Troubleshooting Tips 394 What to Do Next 394 Configuration Examples for IP
SLAs Multicast Support 395 Example: Multicast UDP Jitter Operation 395
Additional References for IP SLAs Multicast Support 396 Feature Information
for IPSLA Multicast Support 396
Configuring IP SLAs UDP Jitter Operations for VoIP 399
IP Addressing Configuration Guide, Cisco IOS XE 17.x xix
Contents
CHAPTER 34
Restrictions for IP SLAs UDP Jitter Operations for VoIP 399 Information About
IP SLAs UDP Jitter Operations for VoIP 400
The Calculated Planning Impairment Factor (ICPIF) 400 Mean Opinion Scores
(MOS) 401 Voice Performance Monitoring Using IP SLAs 401 Codec Simulation
Within IP SLAs 402 The IP SLAs ICPIF Value 403 The IP SLAs MOS Value 404 How
to Configure IP SLAs UDP Jitter Operations for VoIP 405 Configuring the IP
SLAs Responder on a Destination Device 405 Configuring and Scheduling an IP
SLAs VoIP UDP Jitter Operation 406 Scheduling IP SLAs Operations 409
Troubleshooting Tips 411 What to Do Next 411 Configuration Examples for IP
SLAs UDP Jitter Operations for VoIP 411 Example IP SLAs VoIP UDP Operation
Configuration 411 Example IP SLAs VoIP UDP Operation Statistics Output 413
Additional References 413 Feature Information for IP SLAs VoIP UDP Jitter
Operations 415 Glossary 415
IP SLAs QFP Time Stamping 417 Prerequisites for IP SLAs QFP Time Stamping 417
Restrictions for IP SLA QFP Time Stamping 417 Information About IP SLAs QFP
Time Stamping 418 IP SLAs UDP Jitter Operation 418 QFP Time Stamping 419 How
to Configure IP SLAs QFP Time Stamping 420 Configuring the IP SLAs Responder
on the Destination Device 420 Configuring and Scheduling a UDP Jitter
Operation on a Source Device 421 Configuring a Basic UDP Jitter Operation with
QFP Time Stamping 421 Configuring a UPD Jitter Operation with QFP Time
Stamping and Additional Characteristics 423 Scheduling IP SLAs Operations 426
Troubleshooting Tips 428
IP Addressing Configuration Guide, Cisco IOS XE 17.x xx
Contents
CHAPTER 35
What to Do Next 428 Configuration Examples for IP SLAs QFP Time Stamping 429
Example: Configuring a UDP Operation with QFP Time Stamping 429 Additional
References 429 Feature Information for IP SLAs QFP Time Stamping 430
Configuring IP SLAs LSP Health Monitor Operations 431 Prerequisites for LSP
Health Monitor Operations 431 Restrictions for LSP Health Monitor Operations
432 Information About LSP Health Monitor Operations 432 Benefits of the LSP
Health Monitor 432 How the LSP Health Monitor Works 432 Discovery of
Neighboring PE Devices 434 LSP Discovery 435 LSP Discovery Groups 436 IP SLAs
LSP Ping and LSP Traceroute 438 Proactive Threshold Monitoring for the LSP
Health Monitor 438 Multioperation Scheduling for an LSP Health Monitor 439 How
to Configure LSP Health Monitor Operations 440 Configuring an LSP Health
Monitor Operation 440 Configuring an LSP Health Monitor Operation without LSP
Discovery on a PE Device 440 Configuring the LSP Health Monitor Operation with
LSP Discovery on a PE Device 444 Scheduling LSP Health Monitor Operations 448
Troubleshooting Tips 449 What to Do Next 449 Manually Configuring and
Scheduling an IP SLAs LSP Ping or LSP Traceroute Operation 449 Troubleshooting
Tips 452 What to Do Next 452 Verifying and Troubleshooting LSP Health Monitor
Operations 453 Configuration Examples for LSP Health Monitors 455 Example
Configuring and Verifying the LSP Health Monitor Without LSP Discovery 455
Example Configuring and Verifying the LSP Health Monitor with LSP Discovery
458 Example Manually Configuring an IP SLAs LSP Ping Operation 461 Additional
References 461
IP Addressing Configuration Guide, Cisco IOS XE 17.x xxi
Contents
CHAPTER 36 CHAPTER 37 CHAPTER 38
Feature Information for LSP Health Monitor Operations 463
IP SLAs for MPLS Psuedo Wire via VCCV 465 Restrictions for IP SLAs for MPLS
Pseudo Wire via VCCV 465 Information About IP SLAs for MPLS Pseudo Wire via
VCCV 465 IP SLAs VCCV Operation 465 Proactive Threshold Monitoring for the LSP
Health Monitor 466 How to Configure IP SLAs for MPLS Pseudo Wire via VCCM 467
Manually Configuring and Scheduling an IP SLAs VCCV Operation 467
Troubleshooting Tips 470 What to Do Next 470 Configuration Examples for IP
SLAs for MPLS Pseudo Wire via VCCM 470 Example Manually Configuring an IP SLAs
VCCV Operation 470 Additional References 471 Feature Information for IP SLAs
for MPLS PWE3 via VCCM 472
Configuring IP SLAs for Metro-Ethernet 475 Prerequisites for IP SLAs for
Metro-Ethernet 475 Restrictions for IP SLAs for Metro-Ethernet 475 Information
About IP SLAs for Metro-Ethernet 476 IP SLAs Ethernet Operation Basics 476 How
to Configure IP SLAs for Metro-Ethernet 477 Configuring an IP SLAs Auto
Ethernet Operation with Endpoint Discovery on the Source Device 477 Manually
Configuring an IP SLAs Ethernet Ping or Jitter Operation on the Source Device
479 Scheduling IP SLAs Operations 482 Troubleshooting Tips 483 What to Do Next
483 Configuration Examples for IP SLAs for Metro-Ethernet 484 Example IP SLAs
Auto Ethernet Operation with Endpoint Discovery 484 Example Individual IP SLAs
Ethernet Ping Operation 484 Additional References 485 Feature Information for
IP SLAs for Metro-Ethernet 486
Configuring IP SLAs Metro-Ethernet 3.0 (ITU-T Y.1731) Operations 487
IP Addressing Configuration Guide, Cisco IOS XE 17.x xxii
Contents
CHAPTER 39 CHAPTER 40
Prerequisites for ITU-T Y.1731 Operations 487 Restrictions for IP SLAs Metro-
Ethernet 3.0 (ITU-T Y.1731) 487 How to Configure IP SLAs Metro-Ethernet 3.0
(ITU-T Y.1731) Operations 488
Configuring a Dual-Ended Ethernet Delay or Delay Variation Operation 488
Configuring a Receiver MEP on the Destination Device 488 Configuring the
Sender MEP on the Source Router 491
Configuring a Sender MEP for a Single-Ended Ethernet Delay or Delay Variation
Operation 493 Configuring a Sender MEP for a Single-Ended Ethernet Frame Loss
Ratio Operation 496 Scheduling IP SLAs Operations 498 Configuration Examples
for IP SLAs Metro-Ethernet 3.0 (ITU-T Y.1731) Operations 500 Example: Dual-
Ended Ethernet Delay Operation 500 Example: Frame Delay and Frame Delay
Variation Measurement Configuration 501 Example: Sender MEP for a Single-Ended
Ethernet Delay Operation 502 Example: Sender MEP for a Single-Ended Ethernet
Frame Loss Operation 503 Additional References for IP SLAs Metro-Ethernet 3.0
(ITU-T Y.1731) Operations 504 Feature Information for IP SLAs Metro-Ethernet
3.0 (ITU-T Y.1731) Operations 505
IPSLA Y1731 On-Demand and Concurrent Operations 507 Prerequisites for ITU-T
Y.1731 Operations 507 Restrictions for IP SLAs Y.1731 On-Demand Operations 507
Information About IP SLAs Y.1731 On-Demand and Concurrent Operations 508 IPSLA
Y1731 SLM Feature Enhancements 508 How to Configure IP SLAs Y.1731 On-Demand
and Concurrent Operations 509 Configuring a Direct On-Demand Operation on a
Sender MEP 509 Configuring a Referenced On-Demand Operation on a Sender MEP
510 Configuring an IP SLAs Y.1731 Concurrent Operation on a Sender MEP 510
Configuration Examples for IP SLAs Y.1731 On-Demand and Concurrent Operations
511 Example: On-Demand Operation in Direct Mode 511 Example: On-Demand
Operation in Referenced Mode 512 IP SLA Reconfiguration Scenarios 513
Additional References for IP SLAs Y.1731 On-Demand and Concurrent Operations
514 Feature Information for IP SLAs Y.1731 On-Demand and Concurrent Operations
515
Configuring IP SLAs UDP Echo Operations 517
IP Addressing Configuration Guide, Cisco IOS XE 17.x xxiii
Contents
CHAPTER 41
Restrictions for IP SLAs UDP Echo Operations 517 Information About IP SLAs UDP
Echo Operations 517
UDP Echo Operation 517 How to Configure IP SLAs UDP Echo Operations 518
Configuring the IP SLAs Responder on a Destination Device 518 Configuring a
UDP Echo Operation on the Source Device 519
Configuring a Basic UDP Echo Operation on the Source Device 519 Configuring a
UDP Echo Operation with Optional Parameters on the Source Device 521
Scheduling IP SLAs Operations 524 Troubleshooting Tips 526 What to Do Next 526
Configuration Examples for IP SLAs UDP Echo Operations 526 Example Configuring
a UDP Echo Operation 526 Additional References 527 Feature Information for the
IP SLAs UDP Echo Operation 527
Configure IP SLAs HTTPS Operations 529 Restrictions for IP SLAs HTTP
Operations 529 Information About IP SLAs HTTPS Operations 529 HTTPS Operation
529 How to Configure IP SLAs HTTP Operations 530 Configure an HTTPS GET
Operation on the Source Device 530 Configure a Basic HTTPS GET Operation on
the Source Device 530 Configure an HTTPS GET Operation with Optional
Parameters on the Source Device 531 Configuring an HTTP RAW Operation on the
Source Device 532 Scheduling IP SLAs Operations 533 Troubleshooting Tips 535
What to Do Next 535 Configuration Examples for IP SLAs HTTPS Operations 535
Example Configuring an HTTPS GET Operation 535 Example Configuring an HTTPS
HEAD Operation 536 Example Configuring an HTTP RAW Operation Through a Proxy
Server 536 Example Configuring an HTTP RAW Operation with Authentication 536
Additional References 536
IP Addressing Configuration Guide, Cisco IOS XE 17.x xxiv
Contents
CHAPTER 42 CHAPTER 43 CHAPTER 44
Feature Information for IP SLAs HTTP Operations 537
Configuring IP SLAs TCP Connect Operations 539 Information About the IP SLAs
TCP Connect Operation 539 TCP Connect Operation 539 How to Configure the IP
SLAs TCP Connect Operation 540 Configuring the IP SLAs Responder on the
Destination Device 540 Configuring and Scheduling a TCP Connect Operation on
the Source Device 541 Prerequisites 541 Configuring a Basic TCP Connect
Operation on the Source Device 541 Configuring a TCP Connect Operation with
Optional Parameters on the Source Device 542 Scheduling IP SLAs Operations 545
Troubleshooting Tips 547 What to Do Next 547 Configuration Examples for IP
SLAs TCP Connect Operations 547 Example Configuring a TCP Connect Operation
547 Additional References 548 Feature Information for the IP SLAs TCP Connect
Operation 548
Configuring Cisco IP SLAs ICMP Jitter Operations 551 Restrictions for IP SLAs
ICMP Jitter Operations 551 Information About IP SLAs ICMP Jitter Operations
551 Benefits of the IP SLAs ICMP Jitter Operation 551 Statistics Measured by
the IP SLAs ICMP Jitter Operation 552 How to Configure IP SLAs ICMP Jitter
Operations 553 Scheduling IP SLAs Operations 553 Troubleshooting Tips 554 What
to Do Next 555 Additional References 555 Feature Information for IP SLAs –
ICMP Jitter Operation 556
Configuring IP SLAs ICMP Echo Operations 557 Restrictions for IP SLAs ICMP
Echo Operations 557 Information About IP SLAs ICMP Echo Operations 557
IP Addressing Configuration Guide, Cisco IOS XE 17.x xxv
Contents
CHAPTER 45 CHAPTER 46
ICMP Echo Operation 557 How to Configure IP SLAs ICMP Echo Operations 558
Configuring an ICMP Echo Operation 558 Configuring a Basic ICMP Echo Operation
on the Source Device 558 Configuring an ICMP Echo Operation with Optional
Parameters 559
Scheduling IP SLAs Operations 563 Troubleshooting Tips 565 What to Do Next 565
Configuration Examples for IP SLAs ICMP Echo Operations 565 Example
Configuring an ICMP Echo Operation 565
Additional References for IP SLAs ICMP Echo Operations 565 Feature Information
for IP SLAs ICMP Echo Operations 566
Configuring IP SLAs ICMP Path Echo Operations 567 Restrictions for IP SLAs
ICMP Path Echo Operations 567 Information About IP SLAs ICMP Path Echo
Operations 567 ICMP Path Echo Operation 567 How to Configure IP SLAs ICMP Path
Echo Operations 568 Configuring an ICMP Path Echo Operation on the Source
Device 568 Configuring a Basic ICMP Path Echo Operation on the Source Device
568 Configuring an ICMP Path Echo Operation with Optional Parameters on the
Source Device 569 Scheduling IP SLAs Operations 573 Troubleshooting Tips 574
What to Do Next 575 Configuration Examples for IP SLAs ICMP Path Echo
Operations 575 Example Configuring an ICMP Path Echo Operation 575 Additional
References for IP SLAs ICMP Echo Operations 576 Feature Information for IP
SLAs ICMP Path Echo Operations 576
Configuring IP SLAs ICMP Path Jitter Operations 579 Prerequisites for ICMP
Path Jitter Operations 579 Restrictions for ICMP Path Jitter Operations 579
Information About IP SLAs ICMP Path Jitter Operations 580 ICMP Path Jitter
Operation 580
IP Addressing Configuration Guide, Cisco IOS XE 17.x xxvi
Contents
CHAPTER 47 CHAPTER 48
How to Configure the IP SLAs ICMP Path Jitter Operation 581 Configuring the IP
SLAs Responder on a Destination Device 581 Configuring an ICMP Path Jitter
Operation on the Source Device 582 Configuring a Basic ICMP Path Jitter
Operation 582 Configuring an ICMP Path Jitter Operation with Additional
Parameters 583 Scheduling IP SLAs Operations 585 Troubleshooting Tips 587 What
to Do Next 587
Configuration Examples for IP SLAs ICMP Path Jitter Operations 587 Example
Configuring a Path Jitter Operation 587
Additional References 588 Feature Information for IP SLAs ICMP Path Jitter
Operations 588
Configuring IP SLAs FTP Operations 591 Restrictions for IP SLAs FTP Operations
591 Information About IP SLAs FTP Operations 591 FTP Operation 591 How to
Configure IP SLAs FTP Operations 592 Configuring an FTP Operation on a Source
Device 592 Configuring a Basic FTP Operation on the Source Device 593
Configuring an FTP Operation with Optional Parameters on the Source Device 594
Scheduling IP SLAs Operations 596 Troubleshooting Tips 598 What to Do Next 598
Configuration Examples for IP SLAs FTP Operations 598 Example: Configuring an
FTP Operation 598 Additional References 599 Feature Information for
Configuring IP SLAs FTP Operations 600
Configuring IP SLAs DNS Operations 601 Information About IP SLAs DNS
Operations 601 DNS Operation 601 How to Configure IP SLAs DNS Operations 602
Configuring an IP SLAs DNS Operation on the Source Device 602
IP Addressing Configuration Guide, Cisco IOS XE 17.x
xxvii
Contents
CHAPTER 49 CHAPTER 50
Configuring a Basic DNS Operation on the Source Device 602 Configuring a DNS
Operation with Optional Parameters on the Source Device 603 Scheduling IP SLAs
Operations 606 Troubleshooting Tips 608 What to Do Next 608 Configuration
Examples for IP SLAs DNS Operations 608 Example Configuring a DNS Operation
608 Additional References 608 Feature Information for Configuring IP SLAs DNS
Operation 609
Configuring IP SLAs DHCP Operations 611 Information About IP SLAs DHCP
Operations 611 DHCP Operation 611 IP SLAs DHCP Relay Agent Options 611 How to
Configure IP SLAs DHCP Operations 612 Configuring a DHCP Operation on the
Source Device 612 Configuring a Basic DHCP Operation 612 Configuring a DHCP
Operation with Optional Parameters 613 Scheduling IP SLAs Operations 615
Troubleshooting Tips 617 What to Do Next 617 Configuration Examples for IP
SLAs DHCP Operations 617 Example Configuration for an IP SLAs DHCP Operation
617 Additional References 618 Feature Information for IP SLAs DHCP Operations
618
Configuring an IP SLAs Multioperation Scheduler 621 Restrictions for an IP
SLAs Multioperation Scheduler 621 Prerequisites for an IP SLAs Multioperation
Scheduler 621 Information About an IP SLAs Multioperation Scheduler 622 IP
SLAs Multioperations Scheduler 622 Default Behavior of IP SLAs Multiple
Operations Scheduling 623 IP SLAs Multiple Operations Scheduling with
Scheduling Period Less Than Frequency 624
xxviii
IP Addressing Configuration Guide, Cisco IOS XE 17.x
Contents
CHAPTER 51 CHAPTER 52
Multiple Operations Scheduling When the Number of IP SLAs Operations Are
Greater Than the Schedule Period 625
IP SLAs Multiple Operations Scheduling with Scheduling Period Greater Than
Frequency 626 IP SLAs Random Scheduler 628 How to Configure an IP SLAs
Multioperation Scheduler 629 Scheduling Multiple IP SLAs Operations 629
Enabling the IP SLAs Random Scheduler 630 Verifying IP SLAs Multiple
Operations Scheduling 631 Configuration Examples for an IP SLAs Multioperation
Scheduler 633 Example Scheduling Multiple IP SLAs Operations 633 Example
Enabling the IP SLAs Random Scheduler 633 Additional References 634 Feature
Information for a IP SLAs Multioperation Scheduler 634
Configuring Proactive Threshold Monitoring for IP SLAs Operations 637
Information About Proactive Threshold Monitoring 637 IP SLAs Reaction
Configuration 637 Supported Reactions by IP SLAs Operation 637 IP SLAs
Threshold Monitoring and Notifications 640 RTT Reactions for Jitter Operations
641 How to Configure Proactive Threshold Monitoring 642 Configuring Proactive
Threshold Monitoring 642 Configuration Examples for Proactive Threshold
Monitoring 644 Example Configuring an IP SLAs Reaction Configuration 644
Example Verifying an IP SLAs Reaction Configuration 645 Example Triggering
SNMP Notifications 645 Additional References 646 Feature Information for IP
SLAs Proactive Threshold Monitoring 647
IP SLAs TWAMP Responder 649 Prerequisites for IP SLAs TWAMP Responder 649
Restrictions for IP SLAs TWAMP Responder 649 IP SLAs TWAMP Architecture 650
Two-Way Active Measurement Protocol (TWAMP) 650
IP Addressing Configuration Guide, Cisco IOS XE 17.x xxix
Contents
PART V CHAPTER 53
IP SLAs TWAMP Responder 651 Configure an IP SLAs TWAMP Responder 651
Configuring the TWAMP Server 651 Configuring the Session Reflector 653
Configuration Examples for IP SLAs TWAMP Responder 654 IP SLAs TWAMP Responder
v1.0 Example 654 Additional References 654 Feature Information for IP SLAs
TWAMP Responder 655
ARP 657
Address Resolution Protocol 659 Information About the Address Resolution
Protocol 659 Layer 2 and Layer 3 Addressing 659 Overview of the Address
Resolution Protocol 660 ARP Caching 661 Static and Dynamic Entries in the ARP
Cache 662 Devices That Do Not Use ARP 662 Inverse ARP 662 Reverse ARP 663
Proxy ARP 663 Serial Line Address Resolution Protocol 664 Authorized ARP 664
Security (ARP/NDP cache entries) Enhancements 664 How to Configure the Address
Resolution Protocol 665 Enabling the Interface Encapsulation 665 Defining
Static ARP Entries 666 Setting an Expiration Time for Dynamic Entries in the
ARP Cache 667 Globally Disabling Proxy ARP 668 Disabling Proxy ARP on an
Interface 670 Clearing the ARP Cache 671 Configuring Security (ARP/NDP cache
entries) Enhancements 671 Verifying the ARP Configuration 672 Configuration
Examples for the Address Resolution Protocol 674
IP Addressing Configuration Guide, Cisco IOS XE 17.x xxx
PART VI CHAPTER 54
Example: Static ARP Entry Configuration 674 Example: Encapsulation Type
Configuration 674 Example: Proxy ARP Configuration 674 Examples: Clearing the
ARP Cache 674 Additional References 674 Feature Information for the Address
Resolution Protocol 675
DHCP 677
Configuring the Cisco IOS XE DHCP Server 679 Prerequisites for Configuring the
DHCP Server 679 Information About the Cisco IOS XE DHCP Server 680 Overview of
the DHCP Server 680 Database Agents 680 Address Conflicts 680 DHCP Address
Pool Conventions 680 DHCP Address Pool Selection 680 Address Bindings 681 Ping
Packet Settings 681 DHCP Attribute Inheritance 681 DHCP Server Address
Allocation Using Option 82 682 DHCP Address Allocation Using Option 82 Feature
Design 683 Usage Scenario for DHCP Address Allocation Using Option 82 683 DHCP
Class Capability 684 How to Configure the Cisco IOS XE DHCP Server 685
Configuring a DHCP Database Agent or Disabling Conflict Logging 685 Excluding
IP Addresses 686 Configuring DHCP Address Pools 687 Configuring a DHCP Address
Pool 687 Configuring a DHCP Address Pool with Secondary Subnets 691
Troubleshooting Tips 696 Verifying the DHCP Address Pool Configuration 696
Configuring Manual Bindings 698 Troubleshooting Tips 700
Contents
IP Addressing Configuration Guide, Cisco IOS XE 17.x xxxi
Contents
CHAPTER 55
Configuring DHCP Static Mapping 700 Configuring the DHCP Server to Read a
Static Mapping Text File 702
Customizing DHCP Server Operation 704 Configuring a Remote Device to Import
DHCP Server Options from a Central DHCP Server 706
Configuring the Central DHCP Server to Update DHCP Options 706 Configuring the
Remote Device to Import DHCP Options 707 Configuring DHCP Address Allocation
Using Option 82 709 Restrictions for DHCP Address Allocation Using Option 82
709 Enabling Option 82 for DHCP Address Allocation 709 Troubleshooting Tips
710 Defining the DHCP Class and Relay Agent Information Patterns 710
Troubleshooting Tips 711 Defining the DHCP Address Pool 711 Configuring a
Static Route with the Next-Hop Dynamically Obtained Through DHCP 712 Clearing
DHCP Server Variables 714 Configuration Examples for the Cisco IOS XE DHCP
Server 715 Example: Configuring the DHCP Database Agent 715 Example: Excluding
IP Addresses 715 Example: Configuring DHCP Address Pools 715 Example:
Configuring a DHCP Address Pool with Multiple Disjoint Subnets 717 Configuring
Manual Bindings Example 719 Example: Configuring Static Mapping 719 Importing
DHCP Options Example 719 Configuring DHCP Address Allocation Using Option 82
Example 720 Configuring a Static Route with the Next-Hop Dynamically Obtained
Through DHCP Example 721 Additional References 722 Feature Information for the
Cisco IOS XE DHCP Server 723
Configuring the DHCP Server On-Demand Address Pool Manager 725 Prerequisites
for Configuring the DHCP Server On-Demand Address Pool Manager 725
Restrictions for Configuring the DHCP Server On-Demand Address Pool Manager
726 Information About the DHCP Server On-Demand Address Pool Manager 726 ODAP
Manager Operation 726 Subnet Allocation Server Operation 728
xxxii
IP Addressing Configuration Guide, Cisco IOS XE 17.x
Contents
Benefits of Using ODAPs 728 How to Configure the DHCP Server On-Demand Address
Pool Manager 729
Defining DHCP ODAPs as the Global Default Mechanism 729 Defining DHCP ODAPs on
an Interface 729 Configuring the DHCP Pool as an ODAP 730 Configuring ODAPs to
Obtain Subnets Through IPCP Negotiation 732 Configuring AAA 733 Configuring
RADIUS 735
ODAP AAA Profile 735 Disabling ODAPs 737 Verifying ODAP Operation 737
Troubleshooting Tips 740 Monitoring and Maintaining the ODAP 740 How to
Configure DHCP ODAP Subnet Allocation Server Support 742 Configuring a Global
Pool on a Subnet Allocation Server 742
Global Subnet Pools 742 Configuring a VRF Subnet Pool on a Subnet Allocation
Server 743
VRF Subnet Pools 743 Using a VPN ID to Configure a VRF Subnet Pool on a Subnet
Allocation Server 744
VRF Pools and VPN IDs 744 Verifying the Subnet Allocation and DHCP Bindings
747 Troubleshooting the DHCP ODAP Subnet Allocation Server 748 Configuration
Examples for DHCP Server On-Demand Address Pool Manager 749 Defining DHCP
ODAPs as the Global Default Mechanism Example 749 Defining DHCP ODAPs on an
Interface Example 749 Configuring the DHCP Pool as an ODAP Example 749
Configuring the DHCP Pool as an ODAP for Non-MPLS VPNs Example 752 Configuring
AAA and RADIUS Example 752 Configuring a Global Pool for a Subnet Allocation
Server Example 753 Configuring a VRF Pool for a Subnet Allocation Server
Example 753 Using a VPN ID to Configure a VRF Pool on a Subnet Allocation
Server Example 754 Verifying Local Configuration on a Subnet Allocation Server
Example 754 Verifying Address Pool Allocation Information Example 754
Verifying Subnet Allocation and DHCP Bindings Example 755
IP Addressing Configuration Guide, Cisco IOS XE 17.x
xxxiii
Contents
CHAPTER 56 CHAPTER 57
Additional References 755 Feature Information for the DHCP Server On-Demand
Address Pool Manager 757 Glossary 758
IPv6 Access Services: DHCPv6 Relay Agent 761 DHCPv6 Relay Agent 761 DHCPv6
Relay Agent Notification for Prefix Delegation 763 DHCPv6 Relay Options:
Remote ID for Ethernet Interfaces 763 DHCPv6 Relay Options: Reload Persistent
Interface ID Option 763 DHCPv6 Relay Chaining 764 How to Configure IPv6 Access
Services: DHCPv6 Relay Agent 764 Configuring the DHCPv6 Relay Agent 764
Configuration Examples for IPv6 Access Services: DHCPv6 Relay Agent 765
Example: Configuring the DHCPv6 Relay Agent 765 Additional References 766
Feature Information for IPv6 Access Services: DHCPv6 Relay Agent 766
DHCP Relay Server ID Override and Link Selection Option 82 Suboptions 769
Restrictions for DHCP Relay Server ID Override and Link Selection Option 82
Suboptions 769 Information About DHCP Relay Server ID Override and Link
Selection Option 82 Suboptions 770 Server ID Override Suboption 770 Link
Selection Suboption 770 DHCP Relay Server ID Override and Link Selection
Option 82 Suboptions Feature Design 770 How to Configure Support for the DHCP
Relay Server ID Override and Link Selection Suboptions 772 Configuring the
DHCP Relay Agent to Insert the DHCP Server ID Override and Link Selection
Suboptions into Option 82 772 Configuration Examples for DHCP Relay Server ID
Override and Link Selection Option 82 Suboptions 774 Example: DHCP Relay
Server ID Override and Link Selection Option 82 Suboptions 774 Additional
References for DHCP Relay Server ID Override and Link Selection Option 82
Suboptions 775 Feature Information for DHCP Relay Server ID Override and Link
Selection Option 82 Suboptions 776 Glossary 776
xxxiv
IP Addressing Configuration Guide, Cisco IOS XE 17.x
Contents
CHAPTER 58 CHAPTER 59
DHCP Server RADIUS Proxy 777 Prerequisites for DHCP Server RADIUS Proxy 777
Restrictions for DHCP Server RADIUS Proxy 777 Information About DHCP Server
RADIUS Proxy 777 DHCP Server RADIUS Proxy Overview 777 DHCP Server RADIUS
Proxy Architecture 778 DHCP Server and RADIUS Translations 779 RADIUS Profiles
for DHCP Server RADIUS Proxy 780 How to Configure DHCP Server RADIUS Proxy 780
Configuring the DHCP Server for RADIUS-based Authorization 780 Monitoring and
Maintaining the DHCP Server 786 Configuration Examples for DHCP Server Radius
Proxy 787 Configuring the DHCP Server Example 787 Configuring RADIUS Profiles
Example 788 Additional References 788 Technical Assistance 789 Feature
Information for DHCP Server RADIUS Proxy 789 Glossary 789
Configuring the Cisco IOS XE DHCP Client 791 Feature Information for the Cisco
IOS XE DHCP Client 791 Information About the DHCP Client 792 DHCP Client
Operation 792 DHCP Client Overview 793 How to Configure the DHCP Client 794
Configuring the DHCP Client 794 Troubleshooting Tips 795 Configure
Administrative Distance 795 Configuration Examples for the DHCP Client 796
Configuring the DHCP Client Example 796 Customizing the DHCP Client
Configuration Example 797 Example: Configuring the DHCP Client in Unicast Mode
798 Additional References 799
IP Addressing Configuration Guide, Cisco IOS XE 17.x xxxv
Contents
CHAPTER 60 CHAPTER 61
Technical Assistance 800
Configuring DHCP Services for Accounting and Security 801 Prerequisites for
Configuring DHCP Services for Accounting and Security 801 Information About
DHCP Services for Accounting and Security 801 DHCP Operation in Public
Wireless LANs 801 Security Vulnerabilities in Public Wireless LANs 802 DHCP
Services for Security and Accounting Overview 802 DHCP Lease Limits 802 How to
Configure DHCP Services for Accounting and Security 803 Configuring AAA and
RADIUS for DHCP Accounting 803 Troubleshooting Tips 805 Configuring DHCP
Accounting 806 Verifying DHCP Accounting 807 Securing ARP Table Entries to
DHCP Leases 808 Troubleshooting Tips 809 Configuring a DHCP Lease Limit to
Control the Number of Subscribers on an Interface 809 Troubleshooting Tips 811
Configuration Examples for DHCP Services for Accounting and Security 811
Example: Configuring AAA and RADIUS for DHCP Accounting 811 Example:
Configuring DHCP Accounting 811 Example: Verifying DHCP Accounting 812
Example: Configuring a DHCP Lease Limit 813 Additional References 813
Technical Assistance 814 Feature Information for DHCP Services for Accounting
and Security 814
ISSU and SSO–DHCP High Availability Features 817 Prerequisites for DHCP High
Availability 817 Restrictions for DHCP High Availability 818 Information About
DHCP High Availability 818 ISSU 818 SSO 818 ISSU and SSO–DHCP Server 818
xxxvi
IP Addressing Configuration Guide, Cisco IOS XE 17.x
Contents
CHAPTER 62 CHAPTER 63
ISSU and SSO–DHCP Relay on Unnumbered Interface 819 ISSU and SSO–DHCP Proxy
Client 820 ISSU and SSO–DHCP ODAP Client and Server 821 How to Configure DHCP
High Availability 822 Configuration Examples for DHCP High Availability 822
Additional References 822 Feature Information for DHCP High Availability
Features 824 Glossary 824
DHCPv6 Relay and Server – MPLS VPN Support 827 Information About DHCPv6 Relay
and Server – MPLS VPN Support 827 DHCPv6 Server and Relay–MPLS VPN Support 827
How to Configure DHCPv6 Relay and Server – MPLS VPN Support 828 Configuring a
VRF-Aware Relay and Server for MPLS VPN Support 828 Configuring a VRF-Aware
Relay 828 Configuring a VRF-Aware Server 829 Configuration Examples for DHCPv6
Server – MPLS VPN Support 830 Example: Configuring a VRF-Aware Relay 830
Example: Configuring a VRF-Aware Server 830 Additional References 831 Feature
Information for DHCPv6 Relay and Server – MPLS VPN Support 832
Information About IPv6 Access Services: DHCPv6 Relay Agent 833 DHCPv6 Relay
Agent 833 DHCPv6 Relay Agent Notification for Prefix Delegation 835 DHCPv6
Relay Options: Remote ID for Ethernet Interfaces 835 DHCPv6 Relay Options:
Reload Persistent Interface ID Option 835 DHCPv6 Relay Chaining 836 How to
Configure IPv6 Access Services: DHCPv6 Relay Agent 836 Configuring the DHCPv6
Relay Agent 836 Configuration Examples for IPv6 Access Services: DHCPv6 Relay
Agent 837 Example: Configuring the DHCPv6 Relay Agent 837 Additional
References 838 Feature Information for IPv6 Access Services: DHCPv6 Relay
Agent 838
IP Addressing Configuration Guide, Cisco IOS XE 17.x
xxxvii
Contents
CHAPTER 64 CHAPTER 65
IPv6 Access Services: Stateless DHCPv6 841 Information About IPv6 Access
Services: Stateless DHCPv6 841 Information Refresh Server Option 841 SIP
Server Options 841 SNTP Server Option 841 How to Configure IPv6 Access
Services: Stateless DHCPv6 842 Configuring the Stateless DHCPv6 Function 842
Configuring the Stateless DHCPv6 Server 842 Configuring the Stateless DHCPv6
Client 843 Enabling Processing of Packets with Source Routing Header Options
844 Importing Stateless DHCPv6 Server Options 845 Configuration Examples for
IPv6 Access Services: Stateless DHCPv6 849 Example: Configuring the Stateless
DHCPv6 Function 849 Additional References 849 Feature Information for IPv6
Access Services: Stateless DHCPv6 850
IPv6 Access Services: DHCPv6 Prefix Delegation 853 Information About IPv6
Access Services: DHCPv6 Prefix Delegation 853 DHCPv6 Prefix Delegation 853
Configuring Nodes Without Prefix Delegation 854 Client and Server
Identification 854 Rapid Commit 854 DHCPv6 Client, Server, and Relay Functions
854 How to Configure IPv6 Access Services: DHCPv6 Prefix Delegation 858
Configuring the DHCPv6 Server Function 858 Configuring the DHCPv6
Configuration Pool 858 Configuring a Binding Database Agent for the Server
Function 860 Configuring the DHCPv6 Client Function 861 Deleting Automatic
Client Bindings from the DHCPv6 Binding Table 862 Configuration Examples for
IPv6 Access Services: DHCPv6 Prefix Delegation 862 Example: Configuring the
DHCPv6 Server Function 862 Example: Configuring the DHCPv6 Configuration Pool
863 Example: Configuring the DHCPv6 Client Function 864
xxxviii
IP Addressing Configuration Guide, Cisco IOS XE 17.x
Contents
CHAPTER 66 CHAPTER 67
Example: Configuring a Database Agent for the Server Function 865 Example:
Displaying DHCP Server and Client Information on the Interface 865 Additional
References 866 Feature Information for IPv6 Access Services: DHCPv6 Prefix
Delegation 867
Asymmetric Lease for DHCPv6 Relay Prefix Delegation 869 Restrictions for
Asymmetric Lease for DHCPv6 Prefix Delegation 869 Information about Asymmetric
Lease for DHCPv6 Relay Prefix Delegation 869 DHCPv6 Prefix Delegation with
Asymmetric Lease 870 Deriving IA-PD Option T1 and T2 Values 872 Renewing and
Rebinding Scenarios 873 Configuring Asymmetric Lease 878 Configuring
Asymmetric Lease on an Interface 878 Configuring Asymmetric Lease in Global
Configuration Mode 879 Configuration Examples for the Asymmetric Lease 879
Example: Configuring the Asymmetric Lease on an Interface 879 Verifying the
Configuration 880 DHCPv6 Short Lease Performance Scaling 881 Feature
Information for Asymmetric Lease for DHCPv6 Relay Prefix Delegation 881
Configuration Examples for DHCP for IPv6 Broadband 883 Information About DHCP
for IPv6 Broadband 883 Prefix Delegation 883 Accounting Start and Stop
Messages 883 Forced Release of a Binding 883 How to Configure DHCP for IPv6
Broadband 884 Enabling the Sending of Accounting Start and Stop Messages 884
Removing Delegated Prefix Bindings 885 Configuration Examples for DHCP for
IPv6 Broadband 886 Example: Enabling the Sending of Accounting Start and Stop
Messages 886 Example: Configuration for a Prefix Allocated from a Local Pool
886 Additional References 886 Feature Information for DHCP for IPv6 Broadband
887
IP Addressing Configuration Guide, Cisco IOS XE 17.x
xxxix
Contents
CHAPTER 68 CHAPTER 69 CHAPTER 70
DHCPv6 Server Stateless Autoconfiguration 889 Information About DHCPv6 Server
Stateless Autoconfiguration 889 DHCPv6 Server Stateless Autoconfiguration 889
How to Configure DHCPv6 Server Stateless Autoconfiguration 890 Configuring the
Stateless DHCPv6 Server 890 Configuring the Stateless DHCPv6 Server 892
Enabling Processing of Packets with Source Routing Header Options 894
Configuration Examples for DHCPv6 Server Stateless Autoconfiguration 894
Example: Configuring the Stateless DHCPv6 Function 894 Additional References
for DHCP Overview 895 Feature Information for DHCPv6 Server Stateless
Autoconfiguration 896
DHCP Server MIB 897 Prerequisites for the DHCP Server MIB 897 Information
About the DHCP Server MIB 897 SNMP Overview 897 DHCP Server Trap Notifications
898 Tables and Objects in the DHCP Server MIB 898 How to Enable DHCP Trap
Notifications 902 Configuring the Router to Send SNMP Trap Notifications About
DHCP 902 Troubleshooting Tips 903 Configuration Examples for the DHCP Server
MIB 904 DHCP Server MIB–Secondary Subnet Trap Example 904 DHCP Server
MIB–Address Pool Trap Example 905 DHCP Server MIB–Lease Limit Violation Trap
Example 905 Additional References 905 Feature Information for DHCP Server MIB
906
Asymmetric Lease for DHCPv4 Relay 909 Restrictions for Asymmetric Lease for
DHCPv4 Relay 909 Information about Asymmetric Lease for DHCPv4 Relay 909
DHCPv4 IP Assignment with Asymmetric Lease 910 Derivation of Short Lease T1′
and T2′ values 910
IP Addressing Configuration Guide, Cisco IOS XE 17.x xl
Contents
PART VII CHAPTER 71
Renewing and Rebinding Scenarios 910 SSO and ISSU Support 913 Configuring
Asymmetric Lease for DHCPv4 Relay 913 Configuring Asymmetric Lease on an
Interface for DHCPv4 Relay 914 Configuring Asymmetric Lease in Global
Configuration Mode for DHCPv4 Relay 914 Configuration Examples for the
Asymmetric Lease for DHCPv4 Relay 915 Example: Configuring the Asymmetric
Lease on an Interface for DHCPv4 Relay 915 Example: Configuring the Asymmetric
Lease in Global Configuration Mode for DHCPv4 Relay 916 Verifying the
Configuration 916 Feature Information for Asymmetric Lease for DHCPv4 Relay
917
DNS 919
Configuring DNS 921 Prerequisites for Configuring DNS 921 Information About
DNS 921 DNS Overview 921 DNS Views 923 Restricted View Use Queries from the
Associated VRF 923 Parameters for Resolving Internally Generated DNS Queries
924 Parameters for Forwarding Incoming DNS Queries 924 DNS View Lists 925 DNS
Name Groups 926 DNS View Groups 927 How to Configure DNS 927 Mapping Host
Names to IP Addresses 927 Disabling DNS Queries for ISO CLNS Addresses 929
Verifying DNS 930 Defining a DNS View 931 Verifying DNS Views 934 Defining a
DNS View List 935 Modifying a DNS View List 936 Adding a Member to a DNS View
List Already in Use 936 Changing the Order of the Members of a DNS View List
Already in Use 938
IP Addressing Configuration Guide, Cisco IOS XE 17.x xli
Contents
CHAPTER 72 CHAPTER 73
Specifying the Default DNS View List for the DNS Server of the Device 939
Specifying a DNS View List for a Device Interface 940 Specifying a Source
Interface to Forward DNS Queries 941 Configuration Examples for DNS 942
Example: Creating a Domain List with Alternate Domain Names 942 Example:
Mapping Host Names to IP Addresses 942 Example: Customizing DNS 943 Example:
Split DNS View Lists Configured with Different View-use Restrictions 943
Additional References for Configuring DNS 944 Feature Information for
Configuring DNS 945
VRF-Aware DNS 947 Information About VRF-Aware DNS 947 Domain Name System 947
VRF Mapping and VRF-Aware DNS 948 How to Configure VRF-Aware DNS 948 Defining
a VRF Table and Assigning a Name Server to Enable VRF-Aware DNS 948 Mapping
VRF-Specific Hostnames to IP Addresses 949 Configuring a Static Entry in a
VRF-Specific Name Cache 950 Verifying the Name Cache Entries in the VRF Table
951 Configuration Examples for VRF-Aware DNS 952 Example: VRF-Specific Name
Server Configuration 952 Example: VRF-Specific Domain Name List Configuration
952 VRF-Specific Domain Name Configuration Example 953 VRF-Specific IP Host
Configuration Example 953 Additional References 953 Feature Information for
VRF-Aware DNS 954
Local Area Service Discovery Gateway 955 Information About Service Discovery
Gateway 955 Service Announcement Redistribution and Service Extension 955
Extending Services Across Subnets–An Overview 956 Set Filter Options to Extend
Services Across Subnets 957 Extend Services Across Subnets 959
IP Addressing Configuration Guide, Cisco IOS XE 17.x xlii
Contents
PART VIII CHAPTER 74
How to Configure Service Discovery Gateway 961 Setting Filter Options for
Service Discovery 961 Applying Service Discovery Filters and Configuring
Service Discovery Parameters 963 Applying Service Discovery Filters for an
Interface 965 Creating a Service Instance 966
Verifying and troubleshooting Service Discovery Gateway 968 Configuration
Examples for Service Discovery Gateway 970
Example: Setting Filter Options for Service Discovery 970 Example: Applying
Service Discovery Filters and Configuring Service Discovery Parameters 970
Example: Applying Service Discovery Filters for an Interface 970 Example:
Setting Multiple Service Discovery Filter Options 970 Example: Creating a
Service Instance 972 Additional References for Service Discovery Gateway 972
Feature Information for Service Discovery Gateway 973
NAT 975
Configuring NAT for IP Address Conservation 977 Prerequisites for Configuring
NAT for IP Address Conservation 977 Access Lists 977 NAT Requirements 978
Restrictions for Configuring NAT for IP Address Conservation 978 Information
About Configuring NAT for IP Address Conservation 980 Benefits of Configuring
NAT for IP Address Conservation 980 How NAT Works 981 Uses of NAT 981 Types of
NAT 981 NAT Inside and Outside Addresses 982 Inside Source Address Translation
982 Overloading of Inside Global Addresses 984 Address Translation of
Overlapping Networks 985 TCP Load Distribution for NAT 986 Static IP Address
Support 987 RADIUS 987
IP Addressing Configuration Guide, Cisco IOS XE 17.x xliii
Contents
Denial-of-Service Attacks 987 Viruses and Worms That Target NAT 987 How to
Configure NAT for IP Address Conservation 988 Configuring Inside Source
Addresses 988
Configuring Static Translation of Inside Source Addresses 988 Configuring
Dynamic Translation of Inside Source Addresses 990 Configuring the Same Global
Address for Static NAT and PAT 992 Using NAT to Allow Internal Users Access to
the Internet 993 Configuring Address Translation Timeouts 994 Changing the
Translation Timeout 995 Changing the Timeouts When Overloading Is Configured
995 Allowing Overlapping Networks to Communicate Using NAT 997 Configuring
Static Translation of Overlapping Networks 997 What to Do Next 999 Configuring
Server TCP Load Balancing 999 Enabling Route Maps on Inside Interfaces 1001
Enabling NAT Route Maps Outside-to-Inside Support 1002 Configuring NAT of
External IP Addresses Only 1003 Configuring the NAT Default Inside Server
Feature 1005 Reenabling RTSP on a NAT Router 1006 Configuring Support for
Users with Static IP Addresses 1006 Configuring the Rate Limiting NAT
Translation Feature 1008 Configuring Bypass NAT Functionality 1010
Configuration Examples for Configuring NAT for IP Address Conservation 1011
Example: Configuring Static Translation of Inside Source Addresses 1011
Example: Configuring Dynamic Translation of Inside Source Addresses 1012
Example: Using NAT to Allow Internal Users Access to the Internet 1012
Example: Allowing Overlapping Networks to Communicate Using NAT 1013 Example:
Configuring Static Translation of Overlapping Networks 1013 Example:
Configuring Dynamic Translation of Overlapping Networks 1013 Example:
Configuring Server TCP Load Balancing 1013 Example: Enabling Route Maps on
Inside Interfaces 1014 Example: Enabling NAT Route Maps Outside-to-Inside
Support 1014 Example: Configuring NAT of External IP Addresses Only 1014
IP Addressing Configuration Guide, Cisco IOS XE 17.x xliv
Contents
CHAPTER 75
Example: Configuring Support for Users with Static IP Addresses 1014 Example:
Configuring NAT Static IP Support 1014 Example: Creating a RADIUS Profile for
NAT Static IP Support 1014
Example: Configuring the Rate Limiting NAT Translation Feature 1015 Example:
Setting a Global NAT Rate Limit 1015 Example: Setting NAT Rate Limits for a
Specific VRF Instance 1015 Example: Setting NAT Rate Limits for All VRF
Instances 1015 Example: Setting NAT Rate Limits for Access Control Lists 1016
Example: Setting NAT Rate Limits for an IP Address 1016
Where to Go Next 1016 Additional References for Configuring NAT for IP Address
Conservation 1016
Using Application-Level Gateways with NAT 1019 Prerequisites for Using
Application Level Gateways with NAT 1019 Restrictions for Using Application-
Level Gateways with NAT 1020 Information About Using Application-Level
Gateways with NAT 1020 IPsec 1020 Benefits of Configuring NAT IPsec 1021 Voice
and Multimedia over IP Networks 1021 NAT Support of H.323 v2 RAS 1021 NAT
Support for H.323 v3 and v4 in v2 Compatibility Mode 1022 NAT H.245 Tunneling
Support 1022 NAT Support of Skinny Client Control Protocol 1022 NAT Support of
SCCP Fragmentation 1022 NAT Segmentation with Layer 4 Forwarding 1023 How to
Configure Application-Level Gateways with NAT 1024 Configuring IPsec Through
NAT 1024 Configuring IPsec ESP Through NAT 1024 Enabling the Preserve Port
1025 Enabling SPI Matching on the NAT Device 1026 Enabling SPI Matching on
Endpoints 1027 Enabling MultiPart SDP Support for NAT 1027 Configuring NAT
Between an IP Phone and Cisco CallManager 1028 Configuration Examples for
Using Application-Level Gateways with NAT 1029
IP Addressing Configuration Guide, Cisco IOS XE 17.x xlv
Contents
CHAPTER 76 CHAPTER 77
Example: Specifying a Port for NAT Translation 1029 Example: Enabling the
Preserve Port 1029 Example Enabling SPI Matching 1029 Example: Enabling SPI
Matching on Endpoints 1029 Example: Enabling MultiPart SDP Support for NAT
1030 Example: Specifying a Port for NAT Translation 1030 Where to Go Next 1030
Additional References for Using Application-Level Gateways with NAT 1030
Feature Information for Using Application-Level Gateways with NAT 1031
Carrier Grade Network Address Translation 1035 Restrictions for Carrier Grade
Network Address Translation 1035 Information About Carrier Grade Network
Address Translation 1036 Carrier Grade NAT Overview 1036 Carrier Grade NAT
Support for Broadband Access Aggregation 1037 How to Configure Carrier Grade
Network Address Translation 1037 Configuring Static Carrier Grade NAT 1037
Configuring Dynamic Carrier Grade NAT 1040 Configuring Dynamic Port Address
Carrier Grade NAT 1042 Logging Destination IP Address and Port Details in
Carrier Grade NAT (CGN) Mode 1044 Configuration Examples for Carrier Grade
Network Address Translation 1045 Example: Configuring Static Carrier Grade NAT
1045 Example: Configuring Dynamic Carrier Grade NAT 1045 Example: Configuring
Dynamic Port Address Carrier Grade NAT 1046 Additional References for Carrier
Grade Network Address Translation 1046 Feature Information for Carrier Grade
Network Address Translation 1047
Static NAT Mapping with HSRP 1049 Prerequisites for Static NAT Mapping with
HSRP 1049 Restrictions for Static NAT Mapping with HSRP 1049 Information About
Static NAT Mapping with HSRP 1050 Static Mapping Support with HSRP for High
Availability Feature Overview 1050 Address Resolution with ARP 1050 How to
Configure Static NAT Mapping with HSRP 1051
IP Addressing Configuration Guide, Cisco IOS XE 17.x xlvi
Contents
CHAPTER 78 CHAPTER 79
Configuring NAT Static Mapping Support for HSRP 1051 Enabling HSRP on the NAT
Interface 1051 Enabling Static NAT for HSRP 1053
Configuration Example for Static NAT Mapping with HSRP 1054 Example:
Configuring Static NAT in an HSRP Environment 1054
Additional References for Static NAT Mapping with HSRP 1055 Feature
Information for Static NAT Mapping with HSRP 1056
VRF-Aware Dynamic NAT Mapping with HSRP 1057 Prerequisites for VRF-Aware
Dynamic NAT Mapping with HSRP 1057 Restrictions for VRF-Aware Dynamic NAT
Mapping with HSRP 1057 Information About VRF-Aware Dynamic NAT Mapping with
HSRP 1058 VRF-Aware Dynamic NAT Mapping with HSRP Overview 1058 Address
Resolution with ARP 1058 How to Configure VRF-Aware Dynamic NAT Mapping with
HSRP 1059 Enabling HSRP for VRF-Aware Dynamic NAT 1059 Configuration Examples
for VRF-Aware Dynamic NAT Mapping with HSRP 1062 Example: Enabling HSRP for
VRF-Aware Dynamic NAT 1062 Verifying HSRP for VRF-Aware Dynamic NAT 1063
Additional References VRF-Aware Dynamic NAT Mapping with HSRP 1065 Feature
Information for VRF-Aware Dynamic NAT Mapping with HSRP 1065
Configuring Stateful Interchassis Redundancy 1067 Prerequisites for Stateful
Interchassis Redundancy 1067 Restrictions for Stateful Interchassis Redundancy
1067 Information About Stateful Interchassis Redundancy 1068 Stateful
Interchassis Redundancy Overview 1068 Stateful Interchassis Redundancy
Operation 1069 Associations with Firewalls and NAT 1070 LAN-LAN Topology 1070
How to Configure Stateful Interchassis Redundancy 1071 Configuring the Control
Interface Protocol 1071 Configuring a Redundancy Group 1073 Configuring a
Redundant Traffic Interface 1076
IP Addressing Configuration Guide, Cisco IOS XE 17.x xlvii
Contents
CHAPTER 80 CHAPTER 81
Configuring NAT with Stateful Interchassis Redundancy 1077 Managing and
Monitoring Stateful Interchassis Redundancy 1078 Configuration Examples for
Stateful Interchassis Redundancy 1080 Example: Configuring the Control
Interface Protocol 1080 Example: Configuring a Redundancy Group 1080 Example:
Configuring a Redundant Traffic Interface 1080 Example: Configuring NAT with
Stateful Interchassis Redundancy 1081 Additional References for Stateful
Interchassis Redundancy 1081
Mapping of Address and Port Using Encapsulation 1083 Feature Information for
Mapping of Address and Port Using Encapsulation 1083 Restrictions for Mapping
of Address and Port Using Encapsulation 1084 Information About Mapping of
Address and Port Using Encapsulation 1084 Mapping of Address and Port Using
Encapsulation 1084 How to Configure Mapping of Address Port Using
Encapsulation 1084 Configuring Mapping of Address and Port Using Encapsulation
1084 Verifying Mapping of Address and Port Using Encapsulation Configuration
1086 Configuration Examples for Mapping of Address and Port Using
Encapsulation 1087 Example: Mapping of Address and Port Using Encapsulation
1087 Additional References for Mapping of Address and Port Using Encapsulation
1088
Interchassis Asymmetric Routing Support for Zone-Based Firewall and NAT 1091
Restrictions for Interchassis Asymmetric Routing Support for Zone-Based
Firewall and NAT 1091 Information About Interchassis Asymmetric Routing
Support for Zone-Based Firewall and NAT 1092 Asymmetric Routing Overview 1092
Asymmetric Routing Support in Firewalls 1094 Asymmetric Routing in NAT 1094
Asymmetric Routing in a WAN-LAN Topology 1095 VRF-Aware Asymmetric Routing in
Zone-Based Firewalls 1095 VRF-Aware Asymmetric Routing in NAT 1096 How to
Configure Interchassis Asymmetric Routing Support for Zone-Based Firewall and
NAT 1096 Configuring a Redundancy Application Group and a Redundancy Group
Protocol 1096 Configuring Data, Control, and Asymmetric Routing Interfaces
1098 Configuring a Redundant Interface Identifier and Asymmetric Routing on an
Interface 1100
xlviii
IP Addressing Configuration Guide, Cisco IOS XE 17.x
Contents
CHAPTER 82 CHAPTER 83
Configuring Dynamic Inside Source Translation with Asymmetric Routing 1101
Configuration Examples for Interchassis Asymmetric Routing Support for Zone-
Based Firewall and
NAT 1104 Example: Configuring a Redundancy Application Group and a Redundancy
Group Protocol 1104 Example: Configuring Data, Control, and Asymmetric Routing
Interfaces 1104 Example: Configuring a Redundant Interface Identifier and
Asymmetric Routing on an Interface 1105 Example: Configuring Dynamic Inside
Source Translation with Asymmetric Routing 1105 Example: Configuring VRF-Aware
NAT for WAN-WAN Topology with Symmetric Routing
Box-to-Box Redundancy 1105 Example: Configuring Asymmetric Routing with VRF
1108 Additional References for Interchassis Asymmetric Routing Support for
Zone-Based Firewall and NAT 1108 Feature Information for Interchassis
Asymmetric Routing Support for Zone-Based Firewall and NAT 1109
VRF-Aware NAT for WAN-WAN Topology with Symmetric Routing Box-to-Box
Redundancy 1111 Restrictions for VRF-Aware NAT for WAN-WAN Topology with
Symmetric Routing Box-to-Box Redundancy 1111 Information About VRF-Aware NAT
for WAN-WAN Topology with Symmetric Routing Box-to-Box Redundancy 1112 VRF-
Aware Box-to-Box High Availability Support 1112 Stateful Interchassis
Redundancy Overview 1112 Stateful Interchassis Redundancy Operation in NAT
1112 How to Configure VRF-Aware NAT for WAN-WAN Topology with Symmetric
Routing Box-to-Box Redundancy 1114 Configuration Examples for VRF-Aware NAT
for WAN-WAN Topology with Symmetric Routing Box-to-Box Redundancy 1114
Example: Configuring VRF-Aware NAT for WAN-WAN Topology with Symmetric Routing
Box-to-Box Redundancy 1114 Additional References for VRF-Aware NAT for WAN-WAN
Topology with Symmetric Routing Box-to-Box Redundancy 1117 Feature Information
for VRF-Aware NAT for WAN-WAN Topology with Symmetric Routing Box-to-Box
Redundancy 1118
Integrating NAT with MPLS VPNs 1119 Prerequisites for Integrating NAT with
MPLS VPNs 1119 Restrictions for Integrating NAT with MPLS VPNs 1119
IP Addressing Configuration Guide, Cisco IOS XE 17.x xlix
Contents
CHAPTER 84
Information About Integrating NAT with MPLS VPNs 1120 Benefits of NAT
Integration with MPLS VPNs 1120 Implementation Options for Integrating Nat
with MPLS VPNs 1120 Scenarios for Implementing NAT on the PE Router 1120
How to Integrate NAT with MPLS VPNs 1121 Configuring Inside Dynamic NAT with
MPLS VPNs 1121 Configuring Inside Static NAT with MPLS VPNs 1123 Configuring
Outside Dynamic NAT with MPLS VPNs 1124 Configuring Outside Static NAT with
MPLS VPNs 1125
Configuration Examples for Integrating NAT with MPLS VPNs 1127 Configuring
Inside Dynamic NAT with MPLS VPNs Example 1127 Configuring Inside Static NAT
with MPLS VPNs Example 1127 Configuring Outside Dynamic NAT with MPLS VPNs
Example 1128 Configuring Outside Static NAT with MPLS VPNs Example 1128
Where to Go Next 1128 Additional References for Integrating NAT with MPLS VPNs
1129 Feature Information for Integrating NAT with MPLS VPNs 1129
Monitoring and Maintaining NAT 1131 Prerequisites for Monitoring and
Maintaining NAT 1131 Restrictions for Monitoring and Maintaining NAT 1131
Information About Monitoring and Maintaining NAT 1131 NAT Display Contents
1131 Translation Entries 1131 Statistical Information 1132 NAT-Forced Clear of
Dynamic NAT Half-Entries 1133 How to Monitor and Maintain NAT 1133 Displaying
NAT Translation Information 1133 Clearing NAT Entries Before the Timeout 1134
Examples for Monitoring and Maintaining NAT 1136 Example: Clearing UDP NAT
Translations 1136 Additional References for Monitoring and Maintaining NAT
1136 Feature Information for Monitoring and Maintaining NAT 1137
IP Addressing Configuration Guide, Cisco IOS XE 17.x l
Contents
CHAPTER 85 CHAPTER 86 CHAPTER 87
Information About NAT 44 Pool Exhaustion Alerts 1139 Define Thresholds for
Address Pool 1139 Thresholds Applicable for Different Address Pools 1139
Prerequisites for NAT 44 Pool Exhaustion Alerts 1140 Restrictions for NAT 44
Pool Exhaustion Alerts 1140 Use Case on How NAT 44 Pool Exhaustion Alerts Work
1140 Additional References for NAT 44 Pool Exhaustion Alerts 1140 Feature
Information for NAT 44 Pool Exhaustion Alerts 1141
Enabling NAT High-Speed Logging per VRF 1143 Information About Enabling NAT
High-Speed Logging per VRF 1143 High-Speed Logging for NAT 1143 How to
Configure Enabling NAT High-Speed Logging per VRF 1144 Enabling High-Speed
Logging of NAT Translations 1144 Disabling High-Speed Logging of NAT
Translations 1146 Configuration Examples for Enabling NAT High-Speed Logging
per VRF 1147 Example: Enabling High-Speed Logging of NAT Translations 1147
Additional References for Enabling NAT High-Speed Logging per VRF 1147 Feature
Information for Enabling NAT High-Speed Logging per VRF 1148
Stateless Network Address Translation 64 1149 Restrictions for Stateless
Network Address Translation 64 1149 Restrictions for Stateless Network Address
Translation 64 1150 Information About Stateless Network Address Translation 64
1150 Fragmentation of IP Datagrams in IPv6 and IPv4 Networks 1150 Translation
of ICMP for Stateless NAT64 Translation 1150 IPv4-Translatable IPv6 Address
1150 Prefixes Format 1151 Supported Stateless NAT64 Scenarios 1151 Multiple
Prefixes Support for Stateless NAT64 Translation 1152 Support to Map a VRF to
an IPv4 to IPv6 Prefix Mapping 1152 How to Configure Stateless Network Address
Translation 64 1153 Configuring a Routing Network for Stateless NAT64
Communication 1153
IP Addressing Configuration Guide, Cisco IOS XE 17.x li
Contents
CHAPTER 88
Configuring Multiple Prefixes for Stateless NAT64 Translation 1155 Monitoring
and Maintaining the Stateless NAT64 Routing Network 1158 Configuring a VRF for
Stateless NAT64 Translation 1161 Configuration Examples for Stateless Network
Address Translation 64 1164 Example Configuring a Routing Network for
Stateless NAT64 Translation 1164 Example: Configuring Multiple Prefixes for
Stateless NAT64 Translation 1164 Additional References for Stateless Network
Address Translation 64 1165 Glossary 1165
Stateful Network Address Translation 64 1167 Prerequisites for Configuring
Stateful Network Address Translation 64 1167 Restrictions for Configuring
Stateful Network Address Translation 64 1167 Information About Stateful
Network Address Translation 64 1168 Stateful Network Address Translation 64
1168 Prefixes Format for Stateful Network Address Translation 64 1169 Stateful
IPv4-to-IPv6 Packet Flow 1169 Stateful IPv6-to-IPv4 Packet Flow 1170 IP Packet
Filtering 1170 Differences Between Stateful NAT64 and Stateless NAT64 1170
High-Speed Logging for NAT64 1171 How to Configure Enabling NAT64 High-Speed
Logging per VRF 1172 FTP64 Application-Level Gateway Support 1174 FTP64 NAT
ALG Intrabox High Availability Support 1174 Stateful NAT64–Intrachassis
Redundancy 1175 Asymmetric Routing Support for NAT64 1176 How to Configure
Stateful Network Address Translation 64 1176 Configuring Static Stateful
Network Address Translation 64 1176 Configuring Dynamic Stateful Network
Address Translation 64 1178 Configuring Dynamic Port Address Translation
Stateful NAT64 1181 Restrictions for Enabling Stateful Network Address
Conversion using VRF 1184 Configuring VRF Aware Stateful NAT64 with Carrier
Grade NAT 1184 Verifying VRF Aware Stateful NAT64 with Carrier Grade NAT (CGN)
1187 Monitoring and Maintaining a Stateful NAT64 Routing Network 1188
Configuration Examples for Stateful Network Address Translation 64 1190
IP Addressing Configuration Guide, Cisco IOS XE 17.x lii
Contents
CHAPTER 89 CHAPTER 90
Example: Configuring Static Stateful Network Address Translation 64 1190
Example: Configuring Dynamic Stateful Network Address Translation 64 1190
Example: Configuring Dynamic Port Address Translation Stateful NAT64 1190
Example: Configuring Asymmetric Routing Support for NAT64 1191 Additional
References for Stateful Network Address Translation 64 1193 Feature
Information for Stateful Network Address Translation 64 1194 Glossary 1196
Stateful Network Address Translation 64 Interchassis Redundancy 1199
Restrictions for Stateful Network Address Translation 64 Interchassis
Redundancy 1199 Information About Stateful Network Address Translation 64
Interchassis Redundancy 1199 Stateful Interchassis Redundancy Operation 1199
Active/Active Failover 1201 Active/Standby Failover 1201 LAN-LAN Topology 1202
Redundancy Groups for Stateful NAT64 1202 Translation Filtering 1202 FTP64
Application-Level Gateway Support 1203 How to Configure Stateful Network
Translation 64 Interchassis Redundancy 1204 Configuring Redundancy Group
Protocols 1204 Configuring Redundancy Groups for Active/Standby Load Sharing
1205 Configuring Redundancy Groups for Active/Active Load Sharing 1206
Configuring a Traffic Interface for Stateful NAT64 Interchassis Redundancy
1209 Configuring Static Stateful NAT64 for Interchassis Redundancy 1210
Configuration Examples for Stateful Network Address Translation 64
Interchassis Redundancy 1213 Example: Configuring Redundancy Group Protocols
1213 Example: Configuring Redundancy Groups for Active/Standby Load Sharing
1213 Example: Configuring Redundancy Groups for Active/Active Load Sharing
1214 Example: Configuring a Traffic Interface for Stateful NAT64 Interchassis
Redundancy 1214 Additional References 1215
Connectivity Between IPv4 and IPv6 Hosts Using Stateless NAT 46 1217 Feature
Information for Connectivity Between IPv4 and IPv6 Hosts Using Stateless NAT
46 1217 Restrictions for NAT 46 1217
IP Addressing Configuration Guide, Cisco IOS XE 17.x liii
Contents
CHAPTER 91 CHAPTER 92
Information About NAT 46 1218 Overview of NAT 46 1218 Scalability on NAT 46
1218 NAT 46 Prefix 1218
Configuring Network Address Translation 46 1219 Verifying the NAT 46
Configuration 1221
Mapping of Address and Port Using Translation 1223 Restrictions for Mapping of
Address and Port Using Translation 1223 Information About Mapping of Address
and Port Using Translation 1223 Mapping of Address and Port Using Translation
Overview 1223 MAP-T Mapping Rules 1224 MAP-T Address Formats 1225 Packet
Forwarding in MAP-T Customer Edge Devices 1225 Packet Forwarding in Border
Routers 1226 ICMP/ICMPv6 Header Translation for MAP-T 1226 Path MTU Discovery
and Fragmentation in MAP-T 1227 How to Configure Mapping of Address and Port
Using Translation 1227 Configuring Mapping of Address and Port Using
Translation 1227 Configuration Examples for Mapping of Address and Port Using
Translation 1229 Example: Configuring Mapping of Address and Port Using
Translation 1229 Example: MAP-T Deployment Scenario 1229 Additional References
for Mapping of Address and Port Using Translation 1230 Feature Information for
Mapping of Address and Port Using Translation 1231 Glossary 1231
Disabling Flow Cache Entries in NAT and NAT64 1233 Restrictions for Disabling
Flow Cache Entries in NAT and NAT64 1233 Information About Disabling Flow
Cache Entries in NAT and NAT64 1234 Disabling of Flow Cache Entries Overview
1234 How to Disable Flow Cache Entries in NAT and NAT64 1235 Disabling Flow
Cache Entries in Dynamic NAT 1235 Disabling Flow Cache Entries in Static NAT64
1237 Disabling Flow Cache Entries in Static CGN 1239
IP Addressing Configuration Guide, Cisco IOS XE 17.x liv
Contents
CHAPTER 93 CHAPTER 94
Configuration Examples for Disabling Flow Cache Entries in NAT and NAT64 1241
Example: Disabling Flow Cache Entries in Dynamic NAT 1241 Example: Disabling
Flow Cache Entries in Static NAT64 1241 Example: Disabling Flow Cache Entries
in Static CGN 1241
Additional References for Disabling Flow Cache Entries in NAT and NAT64 1242
Feature Information for Disabling Flow Cache Entries in NAT and NAT64 1243
Paired-Address-Pooling Support in NAT 1245 Restrictions for Paired-Address-
Pooling Support in NAT 1245 Information About Paired-Address-Pooling Support
in NAT 1246 Paired-Address-Pooling Support Overview 1246 How to Configure
Paired-Address-Pooling Support 1247 Configuring Paired-Address-Pooling Support
in NAT 1247 How to Configure Paired-Address-Pooling Support For a NAT Pool
1249 Configuring Paired-Address-Pooling Support For a NAT Pool 1249
Configuration Examples for Paired-Address-Pooling Support in NAT 1251 Example:
Configuring Paired Address Pooling Support in NAT 1251 Additional References
for Paired-Address-Pooling Support in NAT 1252 Feature Information for Paired-
Address-Pooling Support in NAT 1252
Bulk Logging and Port Block Allocation 1253 Prerequisites for Bulk Logging and
Port Block Allocation 1253 Restrictions for Bulk Logging and Port Block
Allocation 1253 Information About Bulk Logging and Port Block Allocation 1254
Bulk Logging and Port Block Allocation Overview 1254 Port Size in Bulk Logging
and Port Block Allocation 1254 High-Speed Logging in Bulk Logging and Port
Block Allocation 1255 How to Configure Bulk Logging and Port Block Allocation
1256 Configuring Bulk Logging and Port-Block Allocation 1256 Configuration
Examples for Bulk Logging and Port Block Allocation 1258 Example: Configuring
Bulk Logging and Port Block Allocation 1258 Verifying Bulk Logging and Port
Block Allocation 1259 Additional References for Bulk Logging and Port Block
Allocation 1260
IP Addressing Configuration Guide, Cisco IOS XE 17.x lv
Contents
CHAPTER 95 CHAPTER 96
MSRPC ALG Support for Firewall and NAT 1261 Prerequisites for MSRPC ALG
Support for Firewall and NAT 1261 Restrictions for MSRPC ALG Support for
Firewall and NAT 1261 Information About MSRPC ALG Support for Firewall and NAT
1262 Application-Level Gateways 1262 MSRPC 1262 MSRPC ALG on Firewall 1262
MSRPC ALG on NAT 1263 MSRPC Stateful Parser 1263 How to Configure MSRPC ALG
Support for Firewall and NAT 1264 Configuring a Layer 4 MSRPC Class Map and
Policy Map 1264 Configuring a Zone Pair and Attaching an MSRPC Policy Map 1265
Enabling vTCP Support for MSRPC ALG 1267 Disabling vTCP Support for MSRPC ALG
1268 Configuration Examples for MSRPC ALG Support for Firewall and NAT 1268
Example: Configuring a Layer 4 MSRPC Class Map and Policy Map 1268 Example:
Configuring a Zone Pair and Attaching an MSRPC Policy Map 1269 Example:
Enabling vTCP Support for MSRPC ALG 1269 Example: Disabling vTCP Support for
MSRPC ALG 1269 Feature Information for MSRPC ALG Support for Firewall and NAT
1269
Sun RPC ALG Support for Firewalls and NAT 1271 Restrictions for Sun RPC ALG
Support for Firewalls and NAT 1271 Information About Sun RPC ALG Support for
Firewalls and NAT 1271 Application-Level Gateways 1271 Sun RPC 1272 How to
Configure Sun RPC ALG Support for Firewalls and NAT 1272 Configuring the
Firewall for the Sun RPC ALG 1273 Configuring a Layer 4 Class Map for a
Firewall Policy 1273 Configuring a Layer 7 Class Map for a Firewall Policy
1274 Configuring a Sun RPC Firewall Policy Map 1275 Attaching a Layer 7 Policy
Map to a Layer 4 Policy Map 1276 Creating Security Zones and Zone Pairs and
Attaching a Policy Map to a Zone Pair 1277
IP Addressing Configuration Guide, Cisco IOS XE 17.x lvi
Contents
CHAPTER 97 CHAPTER 98
Configuration Examples for Sun RPC ALG Support for Firewall and NAT 1280
Example: Configuring a Layer 4 Class Map for a Firewall Policy 1280 Example:
Configuring a Layer 7 Class Map for a Firewall Policy 1280 Example:
Configuring a Sun RPC Firewall Policy Map 1280 Example: Attaching a Layer 7
Policy Map to a Layer 4 Policy Map 1280 Example: Creating Security Zones and
Zone Pairs and Attaching a Policy Map to a Zone Pair 1280 Example: Configuring
the Firewall for the Sun RPC ALG 1281
Additional References for Sun RPC ALG Support for Firewall and NAT 1282
Feature Information for Sun RPC ALG Support for Firewalls and NAT 1283
vTCP for ALG Support 1285 Prerequisites for vTCP for ALG Support 1285
Restrictions for vTCP for ALG Support 1285 Information About vTCP for ALG
Support 1286 Overview of vTCP for ALG Support 1286 vTCP with NAT and Firewall
ALGs 1286 How to Configure vTCP for ALG Support 1286 Enabling RTSP to Activate
vTCP 1287 Troubleshooting Tips 1290 Configuration Examples for vTCP for ALG
Support 1290 Example RTSP Configuration 1290 Additional References for vTCP
for ALG Support 1291
ALG–H.323 vTCP with High Availability Support for Firewall and NAT 1293
Restrictions for ALG–H.323 vTCP with High Availability Support for Firewall
and NAT 1293 Information About ALG–H.323 vTCP with High Availability Support
for Firewall and NAT 1294 Application-Level Gateways 1294 Basic H.323 ALG
Support 1294 Overview of vTCP for ALG Support 1295 vTCP with NAT and Firewall
ALGs 1295 Overview of ALG–H.323 vTCP with High Availability Support 1295 How
to Configure ALG–H.323 vTCP with High Availability Support for Firewall and
NAT 1296 Configuring ALG-H.323 vTCP with High Availability Support for NAT
1296
IP Addressing Configuration Guide, Cisco IOS XE 17.x lvii
Contents
Configuration Examples for ALG–H.323 vTCP with High Availability Support for
Firewall and NAT 1298 Example: Configuring ALG-H.323 vTCP with High
Availability Support for NAT 1298
Additional References for ALG-H.323 vTCP with High Availability Support for
Firewall and NAT 1299 Feature Information for ALG–H.323 vTCP with High
Availability Support for Firewall and NAT 1299
CHAPTER 99
SIP ALG Hardening for NAT and Firewall 1301 Restrictions for SIP ALG Hardening for NAT and Firewall 1301 Information About SIP ALG Hardening for NAT and Firewall 1302 SIP Overview 1302 Application-Level Gateways 1302 SIP ALG Local Database Management 1302 SIP ALG Via Header Support 1303 SIP ALG Method Logging Support 1303 SIP ALG PRACK Call-Flow Support 1303 SIP ALG Record-Route Header Support 1304 How to Configure SIP ALG Hardening for NAT and Firewall 1304 Enabling NAT for SIP Support 1304 Enabling SIP Inspection 1305 Configuring a Zone Pair and Attaching a SIP Policy Map 1306 Configuration Examples for SIP ALG Hardening for NAT and Firewall 1309 Example: Enabling NAT for SIP Support 1309 Example: Enabling SIP Inspection 1309 Example: Configuring a Zone Pair and Attaching a SIP Policy Map 1309 Additional References for SIP ALG Hardening for NAT and Firewall 1309 Feature Information for SIP ALG Hardening for NAT and Firewall 1310
CHAPTER 100
SIP ALG Resilience to DoS Attacks 1311 Information About SIP ALG Resilience to DoS Attacks 1311 SIP ALG Resilience to DoS Attacks Overview 1311 SIP ALG Dynamic Blacklist 1312 SIP ALG Lock Limit 1312 SIP ALG Timers 1312 How to Configure SIP ALG Resilience to DoS Attacks 1313
IP Addressing Configuration Guide, Cisco IOS XE 17.x lviii
Contents
Configuring SIP ALG Resilience to DoS Attacks 1313 Verifying SIP ALG Resilience to DoS Attacks 1314 Configuration Examples for SIP ALG Resilience to DoS Attacks 1317 Example: Configuring SIP ALG Resilience to DoS Attacks 1317 Additional References for SIP ALG Resilience to DoS Attacks 1317
CHAPTER 101
Match-in-VRF Support for NAT 1319 Restrictions for Match-in-VRF Support for NAT 1319 Information About Match-in-VRF Support for NAT 1319 Match-in-VRF Support for NAT 1319 How to Configure Match-in-VRF Support for NAT 1321 Configuring Static NAT with Match-in-VRF 1321 Configuring Dynamic NAT with Match-in-VRF 1322 Configuration Examples for Match-in-VRF Support for NAT 1325 Example: Configuring Static NAT with Match-in-VRF 1325 Example: Configuring Dynamic NAT with Match-in-VRF 1325 Additional References for Static NAT Mapping with HSRP 1325 Feature Information for Match-in-VRF Support for NAT 1326
CHAPTER 102
Information About Stateless Static NAT 1327 NAT Mappings and Translation Entry 1327 Restrictions for Stateless Static Network Address Translation 1328 Configuring Stateless Static NAT 1328 Configuring Stateless Static Inside and Outside NAT 1328 Configuring Stateless Static NAT Port Forwarding 1329 Configuring Stateless Static NAT Network 1330 Configuring Stateless Static NAT with VRF 1331 Configuring Stateless Static NAT with Static Stateless Static NAT Port Forwarding 1332 Configuring Static Stateful NAT with Static Stateless NAT in Redundant Device 1334 Example: Configuring Stateless Static NAT 1335 Feature Information for Statless Static NAT 1336
CHAPTER 103
IP Multicast Dynamic NAT 1337 Restrictions for IP Multicast Dynamic NAT 1337
IP Addressing Configuration Guide, Cisco IOS XE 17.x lix
Contents
Information About IP Multicast Dynamic NAT 1338 How NAT Works 1338 Uses of NAT
1338 NAT Inside and Outside Addresses 1338 Dynamic Translation of Addresses
1339
How to Configure IP Multicast Dynamic NAT 1340 Configuring IP Multicast
Dynamic NAT 1340
Configuration Examples for IP Multicast Dynamic NAT 1342 Example: Configuring
IP Multicast Dynamic NAT 1342
Additional References 1343 Feature Information for IP Multicast Dynamic NAT
1344
CHAPTER 104
PPTP Port Address Translation 1345 Restrictions for PPTP Port Address Translation 1345 Information About PPTP Port Address Translation 1345 PPTP ALG Support Overview 1345 How to Configure PPTP Port Address Translation 1346 Configuring PPTP ALG for Port Address Translation 1346 Configuration Examples for PPTP Port Address Translation 1348 Example: Configuring PPTP ALG for Port Address Translation 1348 Additional References for PPTP Port Address Translation 1348 Feature Information for PPTP Port Address Translation 1349
CHAPTER 105
NPTv6 Support 1351 Information About NPTv6 support 1351 Benefits of Using NPTv6 support 1351 Restrictions for NPTv6 support 1352 IPv6 Prefix Format 1352 NPTv6 Translation Inside to Outside Network 1352 NPTv6 Translation Outside to Inside Network 1352 Configuring NPTv6 1352 Troubleshooting Tips 1353 Use Cases for NPTv6 support 1354 Additional References for NPTv6 support 1355
IP Addressing Configuration Guide, Cisco IOS XE 17.x lx
Contents
CHAPTER 106
NAT Stick Overview 1357 Prerequisites for Configuring NAT Stick 1357 Restrictions for Configuring NAT Stick 1357 Information About Configuring NAT Stick 1357 Configuring NAT Stick 1357 Verifying NAT Stick Configuration 1358 NAT Stick Configuration Example 1358
PART IX CHAPTER 107
NHRP 1359
Configuring NHRP 1361 Information About NHRP 1361 How NHRP and NBMA Networks
Interact 1361 Dynamically Built Hub-and-Spoke Networks 1362 Next Hop Server
Selection 1362 NHRP Registration 1364 NHRP Used with a DMVPN 1364 Dynamic
Spoke-to-Spoke Tunnels 1364 Developmental Phases of DMVPN and NHRP 1365 Spoke
Refresh Mechanism for Spoke-to-Spoke Tunnels 1366 Process Switching 1366 CEF
Switching 1366 How to Configure NHRP 1367 Configuring a GRE Tunnel for
Multipoint Operation 1367 Enabling NHRP on an Interface 1368 Configuring a
Static IP-to-NBMA Address Mapping on a Station 1369 Statically Configuring a
Next Hop Server 1371 Changing the Length of Time NBMA Addresses Are Advertised
as Valid 1372 Specifying the NHRP Authentication String 1373 Configuring NHRP
Server-Only Mode 1375 Controlling the Triggering of NHRP 1376 Triggering NHRP
on a Per-Destination Basis 1376 Triggering NHRP on a Packet Count Basis 1377
IP Addressing Configuration Guide, Cisco IOS XE 17.x lxi
Contents
Triggering NHRP Based on Traffic Thresholds 1378 Changing the Rate for
Triggering SVCs 1378 Changing the Sampling Time Period and Sampling Rate 1380
Applying the Triggering and Teardown Rates to Specific Destinations 1381
Controlling the NHRP Packet Rate 1382 Suppressing Forward and Reverse Record
Options 1383 Specifying the NHRP Responder IP Address 1384 Clearing the NHRP
Cache 1385 Configuration Examples for NHRP 1386 Physical Network Designs for
Logical NBMA Examples 1386 Applying NHRP Rates to Specific Destinations
Example 1388 NHRP on a Multipoint Tunnel Example 1389 Show NHRP Examples 1389
Additional References 1391 Feature Information for Configuring NHRP 1392
CHAPTER 108
Shortcut Switching Enhancements for NHRP in DMVPN Networks 1393 Information About Shortcut Switching Enhancements for NHRP 1393 DMVPN Phase 3 Networks Overview 1393 Benefits of NHRP Shortcut Switching Enhancements 1394 NHRP as a Route Source 1394 Next Hop Overrides 1395 NHRP Route Watch Infrastructure 1396 NHRP Purge Request Reply 1396 How to Configure Shortcut Switching for NHRP 1396 Enabling NHRP Shortcut Switching on an Interface 1397 Clearing NHRP Cache Entries on an Interface 1398 Configuration Examples for Shortcut Switching Enhancements for NHRP 1399 Configuring NHRP Shortcut Switching Example 1399 Additional References 1403 Feature Information for Shortcut Switching Enhancements for NHRP in DMVPN Networks 1404
PART X
Easy Virtual Network 1407
IP Addressing Configuration Guide, Cisco IOS XE 17.x lxii
Contents
CHAPTER 109
Overview of Easy Virtual Network 1409 Prerequisites for Configuring EVN 1409 Restrictions for EVN 1409 Information About EVN 1410 Benefits of EVN 1410 Virtual Network Tags Provide Path Isolation 1411 Virtual Network Tag 1413 vnet Global 1413 Edge Interfaces and EVN Trunk Interfaces 1414 Identifying Trunk Interfaces in Display Output 1415 Single IP Address on Trunk Interfaces 1415 Relationship Between VRFs Defined and VRFs Running on a Trunk Interface 1416 VRF Awareness 1416 Routing Protocols Supported by EVN 1417 Packet Flow in a Virtual Network 1417 Command Inheritance on EVN Trunk Interfaces 1419 Overriding Command Inheritance Virtual Network Interface Mode 1419 Example: Overriding Command Inheritance 1419 Example: Enabling an Attribute to vnet Global Only 1420 Removing Overrides and Restoring Values Inherited from EVN Trunk 1420 Determining if No Form of Command Appears in Configuration File 1421 EXEC Commands Routing Context 1421 EVN Compatibility with VRF-Lite 1422 Multiaddress Family VRF Structure 1423 QoS Functionality with EVN 1423 Commands Whose Values Can be Inherited Or Overridden by a Virtual Network on an Interface 1423 Additional References 1427 Feature Information for Overview of Easy Virtual Network 1428
CHAPTER 110
Configuring Easy Virtual Network 1429 Prerequisites for Configuring EVN 1429 How to Configure EVN 1429 Configuring an Easy Virtual Network Trunk Interface 1429
IP Addressing Configuration Guide, Cisco IOS XE 17.x lxiii
Contents
Enabling a Subset of VRFs over a Trunk Interface 1434 Configuring an EVN Edge
Interface 1436
What to Do Next 1437 Verifying EVN Configurations 1437 Configuration Examples
for Configuring EVN 1438 Example: Virtual Networks Using OSPF with network
Commands 1438 Example: Virtual Networks Using OSPF with ip ospf vnet area
Command 1439 Example: Command Inheritance and Virtual Network Interface Mode
Override in an EIGRP
Environment 1439 Example: Command Inheritance and Virtual Network Interface
Mode Override in a Multicast
Environment 1442 Example: EVN Using IP Multicast 1443 Additional References
1444 Feature Information for Configuring Easy Virtual Network 1445
CHAPTER 111
Easy Virtual Network Management and Troubleshooting 1447 Prerequisites for EVN Management and Troubleshooting 1447 Information About EVN Management and Troubleshooting 1447 Routing Context for EXEC Mode Reduces Repetitive VRF Specification 1447 Output of traceroute Command Indicates VRF Name and VRF Tag 1448 Debug Output Filtering Per VRF 1448 CISCO-VRF-MIB 1449 How to Manage and Troubleshoot EVN 1449 Setting the Routing Context for EXEC Mode to a Specific VRF 1449 Enabling Debug Output for VRFs 1450 Setting SNMP v2c Context for Virtual Networks 1451 Setting SNMP v3 Context for Virtual Networks 1452 Additional References 1453 Feature Information for EVN Management and Troubleshooting 1454
CHAPTER 112
Configuring Easy Virtual Network Shared Services 1455 Prerequisites for Virtual IP Network Shared Services 1455 Restrictions for Virtual IP Network Shared Services 1455 Information About Easy Virtual Network Shared Services 1456
IP Addressing Configuration Guide, Cisco IOS XE 17.x lxiv
Contents
Shared Services in an Easy Virtual Network 1456 Easy Virtual Network Shared
Services Easier than VRF-Lite 1456 Route Replication Process in Easy Virtual
Network 1456
Where to Implement Route Replication 1457 Route Replication Behavior for Easy
Virtual Network 1457 Route Preference Rules After Route Replication in Easy
Virtual Network 1458 How to Share Services Using Easy Virtual Network 1458
Configuring Route Replication to Share Services in Easy Virtual Network 1458
Example 1464 What to Do Next 1464 Configuring Redistribution to Share Services
in Easy Virtual Network 1465 Configuration Example for Easy Virtual Network
Shared Services 1467 Example: Easy Virtual Network Route Replication and Route
Redistribution in a Multicast Environment 1467 Additional References 1473
Feature Information for Easy Virtual Network Shared Services 1474
PART XI CHAPTER 113
Addressing Fragmentation and Reassembly 1475
Virtual Fragmentation Reassembly 1477 Restrictions for Virtual Fragmentation
Reassembly 1477 Performance Impact 1477 VFR Configuration 1478 Information
About Virtual Fragmentation Reassembly 1478 VFR Detection of Fragment Attacks
1478 VFR Enablement 1478 VFR Disablement 1479 VFR on Outbound Interfaces 1480
How to Configure Virtual Fragmentation Reassembly 1480 Configuring VFR 1480
Enabling VFR Manually on Outbound Interface Traffic 1481 Troubleshooting Tips
1482 Configuration Examples for Virtual Fragmentation Reassembly 1482 Example:
Configuring VFR on Outbound Interface Traffic 1482
IP Addressing Configuration Guide, Cisco IOS XE 17.x lxv
Contents
Additional References for Virtual Fragmentation Reassembly 1483 Feature Information for Virtual Fragmentation Reassembly 1484
CHAPTER 114
IPv6 Virtual Fragmentation Reassembly 1485 Information About IPv6 Virtual Fragmentation Reassembly 1485 IPv6 Virtual Fragmentation Reassembly 1485 How to Implement IPv6 Virtual Fragmentation Reassembly 1485 Configuring IPv6 Virtual Fragmentation Reassembly 1485 Configuration Example for IPv6 Virtual Fragmentation Reassembly 1487 Example: Configuring IPv6 Virtual Fragmentation Reassembly 1487 Additional References 1487 Feature Information for IPv6 Virtual Fragmentation Reassembly 1488
CHAPTER 115
GRE Fragment and Reassembly Performance Tuning 1489 Restrictions for GRE Fragment and Reassembly 1489 Information About GRE Fragment and Reassembly 1489 Fragmentation and Reassembly 1489 Out of Order Packet Processing 1490 How to Use GRE Fragment and Reassembly 1490 Configuring GRE Fragment and Reassembly (GFR) 1490 Configuration Examples for GRE Fragment and Reassembly 1492 Example: Configuring GFR 1492 Additional References for GRE Fragment and Reassembly 1492 Feature Information for GRE Fragment and Reassembly 1493
IP Addressing Configuration Guide, Cisco IOS XE 17.x lxvi
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE
SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND
RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED
WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL
RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET
FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE
INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE
SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A
COPY.
The Cisco implementation of TCP header compression is an adaptation of a
program developed by the University of California, Berkeley (UCB) as part of
UCB’s public domain version of the UNIX operating system. All rights reserved.
Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF
THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-
NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING,
WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE
PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL,
CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST
PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE
THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
Any Internet Protocol (IP) addresses and phone numbers used in this document
are not intended to be actual addresses and phone numbers. Any examples,
command display output, network topology diagrams, and other figures included
in the document are shown for illustrative purposes only. Any use of actual IP
addresses or phone numbers in illustrative content is unintentional and
coincidental.
All printed copies and duplicate soft copies of this document are considered
uncontrolled. See the current online version for the latest version.
Cisco has more than 200 offices worldwide. Addresses and phone numbers are
listed on the Cisco website at www.cisco.com/go/offices.
The documentation set for this product strives to use bias-free language. For
purposes of this documentation set, bias-free is defined as language that does
not imply discrimination based on age, disability, gender, racial identity,
ethnic identity, sexual orientation, socioeconomic status, and
intersectionality. Exceptions may be present in the documentation due to
language that is hardcoded in the user interfaces of the product software,
language used based on standards documentation, or language that is used by a
referenced third-party product.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco
and/or its affiliates in the U.S. and other countries. To view a list of Cisco
trademarks, go to this URL:
https://www.cisco.com/c/en/us/about/legal/trademarks.html. Third-party
trademarks mentioned are the property of their respective owners. The use of
the word partner does not imply a partnership relationship between Cisco and
any other company. (1721R)
© 2022 Cisco Systems, Inc. All rights reserved.
Preface
Preface
This preface describes the audience, organization, and conventions of this
document. It also provides information on how to obtain other documentation.
This preface includes the following sections:
· Preface, on page lxix · Audience and Scope, on page lxix · Feature
Compatibility, on page lxx · Document Conventions, on page lxx ·
Communications, Services, and Additional Information, on page lxxi ·
Documentation Feedback, on page lxxii · Troubleshooting, on page lxxii
This preface describes the audience, organization, and conventions of this
document. It also provides information on how to obtain other documentation.
This preface includes the following sections:
Audience and Scope
This document is designed for the person who is responsible for configuring
your Cisco Enterprise router. This document is intended primarily for the
following audiences:
· Customers with technical networking background and experience.
· System administrators familiar with the fundamentals of router-based
internetworking but who might not be familiar with Cisco IOS software.
· System administrators who are responsible for installing and configuring
internetworking equipment, and who are familiar with Cisco IOS software.
IP Addressing Configuration Guide, Cisco IOS XE 17.x lxix
Feature Compatibility
Preface
Feature Compatibility
For more information about the Cisco IOS XE software, including features
available on your device as described in the configuration guides, see the
respective router documentation set.
To verify support for specific features, use the Cisco Feature Navigator tool.
This tool enables you to determine the Cisco IOS XE software images that
support a specific software release, feature set, or a platform.
Document Conventions
This documentation uses the following conventions:
Convention
Description
^ or Ctrl
The ^ and Ctrl symbols represent the Control key. For example, the key combination ^D or Ctrl-D means hold down the Control key while you press the D key. Keys are indicated in capital letters but are not case sensitive.
string
A string is a nonquoted set of characters shown in italics. For example, when setting an SNMP community string to public, do not use quotation marks around the string or the string will include the quotation marks.
The command syntax descriptions use the following conventions:
Convention
Description
bold
Bold text indicates commands and keywords that you
enter exactly as shown.
italics
Italic text indicates arguments for which you supply values.
[x]
Square brackets enclose an optional element (keyword
or argument).
|
A vertical line indicates a choice within an optional
or required set of keywords or arguments.
[x | y]
Square brackets enclosing keywords or arguments separated by a vertical line indicate an optional choice.
{x | y}
Braces enclosing keywords or arguments separated by a vertical line indicate a required choice.
Nested sets of square brackets or braces indicate optional or required choices within optional or required elements. For example, see the following table.
IP Addressing Configuration Guide, Cisco IOS XE 17.x lxx
Preface
Communications, Services, and Additional Information
Convention [x {y | z}] Examples use the following conventions: Convention
screen bold screen
Description
Braces and a vertical line within square brackets indicate a required choice
within an optional element.
Description
Examples of information displayed on the screen are set in Courier font.
Examples of text that you must enter are set in Courier bold font.
Angle brackets enclose text that is not printed to the screen, such as
passwords.
An exclamation point at the beginning of a line indicates a comment line.
Exclamation points are also displayed by the Cisco IOS XE software for certain
processes.
Square brackets enclose default responses to system prompts.
Caution Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data.
Note Means reader take note. Notes contain helpful suggestions or references
to materials that may not be contained in this manual.
Communications, Services, and Additional Information
· To receive timely, relevant information from Cisco, sign up at Cisco Profile
Manager. · To get the business impact you’re looking for with the technologies
that matter, visit Cisco Services. · To submit a service request, visit Cisco
Support. · To discover and browse secure, validated enterprise-class apps,
products, solutions and services, visit
Cisco Marketplace. · To obtain general networking, training, and certification
titles, visit Cisco Press. · To find warranty information for a specific
product or product family, access Cisco Warranty Finder.
IP Addressing Configuration Guide, Cisco IOS XE 17.x lxxi
Documentation Feedback
Preface
Cisco Bug Search Tool Cisco Bug Search Tool (BST) is a web-based tool that
acts as a gateway to the Cisco bug tracking system that maintains a
comprehensive list of defects and vulnerabilities in Cisco products and
software. BST provides you with detailed defect information about your
products and software.
Documentation Feedback
To provide feedback about Cisco technical documentation, use the feedback form
available in the right pane of every online document.
Troubleshooting
For the most up-to-date, detailed troubleshooting information, see the Cisco
TAC website at https://www.cisco.com/en/US/support/index.html. Go to Products
by Category and choose your product from the list, or enter the name of your
product. Look under Troubleshoot and Alerts to find information for the issue
that you are experiencing.
IP Addressing Configuration Guide, Cisco IOS XE 17.x lxxii
I P A R T
IPv4 Addressing
· Configuring IPv4 Addresses, on page 1 · IP Overlapping Address Pools, on
page 27 · IP Unnumbered Ethernet Polling Support, on page 33 · Auto-IP, on
page 41 · Zero Touch Auto-IP, on page 59
1 C H A P T E R
Configuring IPv4 Addresses
This chapter contains information about, and instructions for configuring IPv4
addresses on interfaces that are part of a networking device.
Note All further references to IPv4 addresses in this document use only IP in
the text, not IPv4. · Reference the Chapter Map here, on page 1 · Information
About IP Addresses, on page 1 · How to Configure IP Addresses, on page 10 ·
Configuration Examples for IP Addresses, on page 21 · Where to Go Next, on
page 23 · Additional References, on page 23 · Feature Information for IP
Addresses, on page 24
Reference the Chapter Map here
Information About IP Addresses
Binary Numbering
IP addresses are 32 bits long. The 32 bits are divided into four octets
(8-bits). A basic understanding of binary numbering is very helpful if you are
going to manage IP addresses in a network because changes in the values of the
32 bits indicate either a different IP network address or IP host address. A
value in binary is represented by the number (0 or 1) in each position
multiplied by the number 2 to the power of the position of the number in
sequence, starting with 0 and increasing to 7, working right to left. The
figure below is an example of an 8-digit binary number.
IP Addressing Configuration Guide, Cisco IOS XE 17.x 1
Binary Numbering Figure 1: Example of an 8-digit Binary Number
IPv4 Addressing
The figure below provides binary to decimal number conversion for 0 through
134.
Figure 2: Binary to Decimal Number Conversion for 0 to 134
The figure below provides binary to decimal number conversion for 135 through
255.
IP Addressing Configuration Guide, Cisco IOS XE 17.x 2
IPv4 Addressing Figure 3: Binary to Decimal Number Conversion for 135 to 255
IP Address Structure
IP Address Structure
An IP host address identifies a device to which IP packets can be sent. An IP
network address identifies a specific network segment to which one or more
hosts can be connected. The following are characteristics of IP addresses:
· IP addresses are 32 bits long
· IP addresses are divided into four sections of one byte (octet) each
· IP addresses are typically written in a format known as dotted decimal
The table below shows some examples of IP addresses.
Table 1: Examples of IP Addresses
IP Addresses in Dotted Decimal IP Addresses in Binary
10.34.216.75
00001010.00100010.11011000.01001011
172.16.89.34
10101100.00010000.01011001.00100010
192.168.100.4
11000000.10101000.01100100.00000100
IP Addressing Configuration Guide, Cisco IOS XE 17.x 3
IP Address Classes
IPv4 Addressing
Note The IP addresses in the table above are from RFC 1918, Address Allocation
for Private Internets . These IP addresses are not routable on the Internet.
They are intended for use in private networks. For more information on
RFC1918, see http://www.ietf.org/rfc/rfc1918.txt .
IP addresses are further subdivided into two sections known as network and
host. The division is accomplished by arbitrarily ranges of IP addresses to
classes. For more information see RFC 791 Internet Protocol at
http://www.ietf.org/rfc/rfc0791.txt .
IP Address Classes
In order to provide some structure to the way IP addresses are assigned, IP
addresses are grouped into classes. Each class has a range of IP addresses.
The range of IP addresses in each class is determined by the number of bits
allocated to the network section of the 32-bit IP address. The number of bits
allocated to the network section is represented by a mask written in dotted
decimal or with the abbreviation /n where n = the numbers of bits in the mask.
The table below lists ranges of IP addresses by class and the masks associated
with each class. The digits in bold indicate the network section of the IP
address for each class. The remaining digits are available for host IP
addresses. For example, IP address 10.90.45.1 with a mask of 255.0.0.0 is
broken down into a network IP address of 10.0.0.0 and a host IP address of
0.90.45.1.
Table 2: IP Address Ranges by Class with Masks
Class
Range
A (range/mask in dotted decimal) 0 .0.0.0 to 127.0.0.0/8 (255.0.0.0)
A (range in binary)
00000000 .00000000.00000000.00000000 to01111111.00000000.00000000.00000000
A (mask in binary)
11111111.00000000.00000000.00000000/8
B (range/mask in dotted decimal) 128 .0.0.0 to 191.255.0.0/16 (255.255.0.0)
B (range in binary)
10000000 .00000000.00000000.00000000 to10111111.11111111.00000000.00000000
B (mask in binary)
11111111 .11111111.00000000.00000000/16
C (range/mask in dotted decimal) 192 .0.0.0 to 223.255.255.0/24 (255.255.255.0)
C (range in binary)
11000000 .00000000.00000000.00000000 to11011111.11111111.11111111.00000000
C (mask in binary)
11111111.11111111.11111111.0000000/24
D1 (range/mask in dotted decimal) 224 .0.0.0 to 239.255.255.255/32 (255.255.255.255)
D (range in binary)
11100000 .00000000.00000000.00000000 to11101111.11111111.11111111.11111111
IP Addressing Configuration Guide, Cisco IOS XE 17.x 4
IPv4 Addressing
IP Address Classes
Class
Range
D (mask in binary)
11111111.11111111.11111111.11111111/32
E2 (range/mask in dotted decimal) 240 .0.0.0 to 255.255.255.255/32 (255.255.255.255)
E (range in binary)
11110000 .00000000.00000000.00000000 to11111111.11111111.11111111.11111111
E (mask in binary)
11111111.11111111.11111111.11111111/32
1 Class D IP addresses are reserved for multicast applications. 2 Class E IP addresses are reserved for broadcast traffic.
Note Some IP addresses in these ranges are reserved for special uses. For more
information refer to RFC 3330, Special-Use IP Addresses , at
http://www.ietf.org/rfc/rfc3330.txt .
When a digit that falls within the network mask changes from 1 to 0 or 0 to 1
the network address is changed. For example, if you change
10101100.00010000.01011001.00100010/16 to
10101100.00110000.01011001.00100010/16 you have changed the network address
from 172.16.89.34/16 to 172.48.89.34/16.
When a digit that falls outside the network mask changes from 1 to 0 or 0 to 1
the host address is changed. For example, if you change
10101100.00010000.01011001.00100010/16 to
10101100.00010000.01011001.00100011/16 you have changed the host address from
172.16.89.34/16 to 172.16.89.35/16.
Each class of IP address supports a specific range of IP network addresses and
IP host addresses. The range of IP network addresses available for each class
is determined with the formula 2 to the power of the number of available bits.
In the case of class A addresses, the value of the first bit in the 1st octet
(as shown in the table above) is fixed at 0. This leaves 7 bits for creating
additional network addresses. Therefore there are 128 IP network addresses
available for class A (27 = 128).
The number of IP host addresses available for an IP address class is
determined by the formula 2 to the power of the number of available bits minus
2. There are 24 bits available in a class A addresses for IP host addresses.
Therefore there are 16,777,214 IP hosts addresses available for class A ((224)
– 2 = 16,777,214)).
Note The 2 is subtracted because there are 2 IP addresses that cannot be used for a host. The all 0’s host address cannot be used because it is the same as the network address. For example, 10.0.0.0 cannot be both a IP network address and an IP host address. The all 1’s address is a broadcast address that is used to reach all hosts on the network. For example, an IP datagram addressed to 10.255.255.255 will be accepted by every host on network 10.0.0.0.
The table below shows the network and host addresses available for each class
of IP address.
Table 3: Network and Host Addresses Available for Each Class of IP Address
Class Network Addresses Host Addresses
A 128
16,777,214
IP Addressing Configuration Guide, Cisco IOS XE 17.x 5
IP Network Subnetting
IPv4 Addressing
Class Network Addresses Host Addresses
B 16,3843
65534
C 2,097,1524
254
3 Only 14 bits are available for class B IP network addresses because the
first 2 bits are fixed at 10 as shown in Table 2 .
4 Only 21 bits are available for class C IP network addresses because the
first 3 bits are fixed at 110 as shown in Table 2 .
IP Network Subnetting
The arbitrary subdivision of network and host bits in IP address classes
resulted in an inefficient allocation of IP space. For example, if your
network has 16 separate physical segments you will need 16 IP network
addresses. If you use 16 class B IP network addresses, you would be able to
support 65,534 hosts on each of the physical segments. Your total number of
supported host IP addresses is 1,048,544 (16 * 65,534 = 1,048,544). Very few
network technologies can scale to having 65,534 hosts on a single network
segment. Very few companies need 1,048,544 IP host addresses. This problem
required the development of a new strategy that permitted the subdivision of
IP network addresses into smaller groupings of IP subnetwork addresses. This
strategy is known as subnetting.
If your network has 16 separate physical segments you will need 16 IP
subnetwork addresses. This can be accomplished with one class B IP address.
For example, start with the class B IP address of 172.16.0.0 you can reserve 4
bits from the third octet as subnet bits. This gives you 16 subnet IP
addresses 24 = 16. The table below shows the IP subnets for 172.16.0.0/20.
Table 4: Examples of IP Subnet Addresses using 172.16.0.0/20
Number IP Subnet Addresses in Dotted Decimal IP Subnet Addresses in Binary
05
172.16.0.0
10101100.00010000.00000000.00000000
1
172.16.16.0
10101100.00010000.00010000.00000000
2
172.16.32.0
10101100.00010000.00100000.00000000
3
172.16.48.0
10101100.00010000.00110000.00000000
4
172.16.64.0
10101100.00010000.01000000.00000000
5
172.16.80.0
10101100.00010000.01010000.00000000
6
172.16.96.0
10101100.00010000.01100000.00000000
7
172.16.112.0
10101100.00010000.01110000.00000000
8
172.16.128.0
10101100.00010000.10000000.00000000
9
172.16.144.0
10101100.00010000.10010000.00000000
10
172.16.160.0
10101100.00010000.10100000.00000000
11
172.16.176.0
10101100.00010000.10110000.00000000
IP Addressing Configuration Guide, Cisco IOS XE 17.x 6
IPv4 Addressing
IP Network Address Assignments
Number IP Subnet Addresses in Dotted Decimal IP Subnet Addresses in Binary
12
172.16.192.0
10101100.00010000.11000000.00000000
13
172.16.208.0
10101100.00010000.11010000.00000000
14
172.16.224.0
10101100.00010000.11100000.00000000
15
172.16.240.0
10101100.00010000.11110000.00000000
5 The first subnet that has all of the subnet bits set to 0 is referred to as
subnet 0 . It is indistinguishable from the network address and must be used
carefully.
When a digit that falls within the subnetwork (subnet) mask changes from 1 to
0 or 0 to 1 the subnetwork address is changed. For example, if you change
10101100.00010000.01011001.00100010/20 to
10101100.00010000.01111001.00100010/20 you have changed the network address
from 172.16.89.34/20 to 172.16.121.34/20.
When a digit that falls outside the subnet mask changes from 1 to 0 or 0 to 1
the host address is changed. For example, if you change
10101100.00010000.01011001.00100010/20 to
10101100.00010000.01011001.00100011/20 you have changed the host address from
172.16.89.34/20 to 172.16.89.35/20.
Timesaver To avoid having to do manual IP network, subnetwork, and host
calculations, use one of the free IP subnet calculators available on the
Internet.
Some people get confused about the terms network address and subnet or
subnetwork addresses and when to use them. In the most general sense the term
network address means “the IP address that routers use to route traffic to a
specific network segment so that the intended destination IP host on that
segment can receive it”. Therefore the term network address can apply to both
non-subnetted and subnetted IP network addresses. When you are troubleshooting
problems with forwarding traffic from a router to a specific IP network
address that is actually a subnetted network address, it can help to be more
specific by referring to the destination network address as a subnet network
address because some routing protocols handle advertising subnet network
routes differently from network routes. For example, the default behavior for
RIP v2 is to automatically summarize the subnet network addresses that it is
connected to their non-subnetted network addresses (172.16.32.0/24 is
advertised by RIP v2 as 172.16.0.0/16) when sending routing updates to other
routers. Therefore the other routers might have knowledge of the IP network
addresses in the network, but not the subnetted network addresses of the IP
network addresses.
Tip The term IP address space is sometimes used to refer to a range of IP
addresses. For example, “We have to allocate a new IP network address to our
network because we have used all of the available IP addresses in the current
IP address space”.
IP Network Address Assignments
Routers keep track of IP network addresses to understand the network IP
topology (layer 3 of the OSI reference model) of the network to ensure that IP
traffic can be routed properly. In order for the routers to understand
IP Addressing Configuration Guide, Cisco IOS XE 17.x 7
IP Network Address Assignments
IPv4 Addressing
the network layer (IP) topology, every individual physical network segment
that is separated from any other physical network segment by a router must
have a unique IP network address.
The figure below shows an example of a simple network with correctly
configured IP network addresses. The routing table in R1 looks like the table
below.
Table 5: Routing Table for a Correctly Configured Network
Interface Ethernet 0
Interface Ethernet 1
172.31.32.0/24 (Connected) 172.31.16.0/24 (Connected)
Figure 4: Correctly Configured Network
The figure below shows an example of a simple network with incorrectly
configured IP network addresses. The routing table in R1 looks like the table
below. If the PC with IP address 172.31.32.3 attempts to send IP traffic to
the PC with IP address 172.31.32.54, router R1 cannot determine which
interface that the PC with IP address 172.31.32.54 is connected to.
Table 6: Routing Table in Router R1 for an Incorrectly Configured Network
(Example 1)
Ethernet 0
Ethernet 1
172.31.32.0/24 (Connected) 172.31.32.0/24 (Connected)
IP Addressing Configuration Guide, Cisco IOS XE 17.x 8
IPv4 Addressing Figure 5: Incorrectly Configured Network (Example 1)
IP Network Address Assignments
To help prevent mistakes as shown in the figure above, Cisco IOS-based
networking devices will not allow you to configure the same IP network address
on two or more interfaces in the router when IP routing is enabled.
The only way to prevent the mistake shown in the figure below, where
172.16.31.0/24 is used in R2 and R3, is to have very accurate network
documentation that shows where you have assigned IP network addresses.
Table 7: Routing Table in Router R1 for an Incorrectly Configured Network
(Example 2)
Ethernet 0
Serial 0
172.16.32.0/24 (Connected) 192.168.100.4/29 (Connected) 172.16.31.0/24 RIP
Serial 1
192.168.100.8/29 (Connected) 172.16.31.0/24 RIP
IP Addressing Configuration Guide, Cisco IOS XE 17.x 9
Classless Inter-Domain Routing Figure 6: Incorrectly Configured Network (Example 2)
IPv4 Addressing
For a more thorough explanation of IP routing, see the “Related Documents” section for a list of documents related to IP routing.
Classless Inter-Domain Routing
Due to the continuing increase in internet use and the limitations on how IP
addresses can be assigned using the class structure shown in the table above,
a more flexible method for allocating IP addresses was required. The new
method is documented in RFC 1519 Classless Inter-Domain Routing (CIDR): an
Address Assignment and Aggregation Strategy. CIDR allows network
administrators to apply arbitrary masks to IP addresses to create an IP
addressing plan that meets the requirements of the networks that they
administrate.
For more information on CIDR, refer to RFC 1519 at
http://www.ietf.org/rfc/rfc1519.txt.
Prefixes
The term prefix is often used to refer to the number of bits of an IP network address that are of importance for build
Read User Manual Online (PDF format)
Read User Manual Online (PDF format) >>