ip

ip

Configures IPv4 routing components, such as default gateway, DHCP, DNS server forwarding, name server, domain name, routing standards, etc.

Supported in the following platforms:

  • Access Points — AP505i, AP510i/e, AP560i/h
  • Service Platforms — NX5500, NX7500, NX9500, NX9600, VX9000

Syntax

ip [default-gateway|dhcp|dns-server-forward|domain-lookup|domain-name|igmp|name-server|nat|route|routing]
ip default-gateway [<IP>|<HOST-ALIAS-NAME>|failover|priority [dhcp-client <1-1800>|static-route <1-1800>]]
ip [dns-server-forward|domain-lookup|domain-name <DOMAIN-NAME>|name-server <IP>| routing]
ip dhcp client [hostname|persistent-lease]
ip igmp snooping {fast-leave|forward-unknown-multicast|querier}
ip igmp snooping {fast-leave|forward-unknown-multicast}
ip igmp snooping {querier} {max-response-time <1-25>|query-interval <1-18000>| robustness-variable <1-7>|timer expiry <60-300>|version <1-3>}
Note

Note

The command ‘ip igmp snooping‘ can be configured under bridge VLAN context also. For example: rfs7000-37FABE(config-device 00-15-70-37-FA-BE-bridge-vlan-1)#ip igmp snooping forward-unknown-multicast
ip nat [crypto|inside|outside|pool]
ip nat [crypto source pool|pool] <NAT-POOL-NAME>
ip nat [inside|outside] [destination|source]
ip nat [inside|outside] destination static <ACTUAL-IP> <1-65535> [tcp|udp] [(<NATTED-IP> {<1-65535>})]
ip nat [inside|outside] source [list|static]
ip nat [inside|outside] source static <ACTUAL-IP> <1-65535> [tcp|udp] [(<NATTED-IP> {<1-65535>})]
ip nat [inside|outside] source list <IP-ACCESS-LIST-NAME> interface [<INTERFACE-NAME>|pppoe1|vlan <1-4094>|wwan1] [(address <IP>|interface <L3-IF-NAME>|overload|pool <NAT-POOL-NAME>)]
ip route <IP/M> [<IP>|<HOST-ALIAS-NAME>]

Parameters

ip default-gateway [<IP>|<HOST-ALIAS-NAME>|failover|priority [dhcp-client <1-1800>|static-route <1-1800>]]
ip Configures IPv4 routing components
default-gateway Configures default gateway (next-hop router) parameters
<IP> Configures default gateway‘s IP address
  • <IP> – Specify the default gateway‘s IP address.
failover Configures failover to the gateway (with next higher priority) when the current default gateway is unreachable (In case of multiple default gateways). This option is enabled by default.
<HOST-ALIAS-NAME> Configures the host alias mapped to the required default gateway
  • <HOST-ALIAS-NAME> – Specify the host alias name (should be existing and configured). Host alias names begin with a ‘$‘.
priority [dhcp-client <1-1800>| static-route <1-1800>] Configures default gateway priority
  • dhcp-client <1-1800> – Defines a priority for the default gateway acquired by the DHCP client on the VLAN interface. The default setting is 1000.
  • static-route <1-1800> – Defines the weight (priority) assigned to this static route versus others that have been defined to avoid potential congestion. The default setting is 100.

The following keyword is common to ‘dhcp-client‘ and ‘static-route‘ parameters:

  • <1-1800> – Specify the priority from 1 - 18000 (lower the value higher is the priority).
ip [dns-server-forward|domain-lookup|domain-name <DOMAIN-NAME>|name-server <IP>|routing]
ip Configures IPv4 routing components
dns-server-forward Enables DNS forwarding. This command enables the forwarding of DNS queries to DNS servers outside of the network. This option is disabled by default.
domain-lookup Enables domain lookup. When enabled, human friendly domain names are converted into numerical IP destination addresses. The option is enabled by default.
domain-name <DOMAIN-NAME> Configures a default domain name
  • <DOMAIN-NAME> – Specify a name for the DNS (should not exceed 64 characters in length).
name-server <IP> Configures the name server‘s IP address
  • <IP> – Specify the IP address of the name server.
routing Enables IP routing of logically addressed packets from their source to their destination. IPv4 routing is enabled by default.
ip dhcp client [hostname|persistent-lease]
ip Configures IPv4 routing components
dhcp Configures the DHCP client and host
client [hostname| persistent-lease] Sets the DHCP client
  • hostname – Includes the hostname in the DHCP lease for the requesting client. This option is enabled by default.
  • persistent-lease – Retains the last lease across reboots if the DHCP server is unreachable. A persistent DHCP lease assigns the same IP address and other network information to the device each time it renews its DHCP lease. This option is disabled by default.
ip igmp snooping {fast-leave|forward-unknown-multicast}
ip Configures IPv4 routing components
fats-leave Optional. Enables fast leave processing. When enabled, leave messages are processed quickly, preventing the host from receiving further traffic. Should be configured for one (wired) host network only. This option is disabled by default.

This feature is supported only on the AP7502, AP8533 model access points.

igmp snooping forward-unknown-multicast Optional. Enables unknown multicast data packets to be flooded in the specified VLAN. This option is disabled by default.
ip igmp snooping {querier} {max-response-time <1-25>|query-interval <1-18000>| robustness-variable <1-7>|timer expiry <60-300>|version <1-3>}
ip Configures IPv4 routing components
igmp snooping querier Optional. Enables the IGMP querier functionality for the specified VLAN. By default IGMP snooping querier is disabled.
max-response-time <1-25> Configures the IGMP maximum query response interval used in IGMP V2/V3 queries for the given VLAN. The default is 10 seconds.
query-interval <1-18000> Configures the IGMP querier query interval in seconds. Specify a value from 1 - 18000 seconds. The default is 60 seconds.
robustness-variable <1-7> Configures the IGMP robustness variable from 1 - 7. The default is 2.
timer expiry <60-300> Configures the other querier time out value for the given VLAN. The default is 60 seconds.
version <1-3> Configures the IGMP query version for the given VLAN. The default is 3.
ip nat [crypto source pool|pool <NAT-POOL-NAME>]
ip Configures IPv4 routing components
nat Configures the NAT parameters
crypto source pool <NAT-POOL-NAME> Configures the NAT source address translation settings for IPSec tunnels
  • <NAT-POOL-NAME> – Specify a NAT pool name.
pool <NAT-POOL-NAME> Configures a pool of IP addresses for NAT
  • <NAT-POOL-NAME> – Specify a name for the NAT pool.
ip nat [inside|outside] destination static <ACTUAL-IP> <1-65535> [tcp|udp] 
[(<NATTED-IP> {<1-65535>})]
ip Configures IPv4 routing components
nat Configures the NAT parameters
[inside|outside] Configures inside and outside address translation for the destination
  • inside – Configures inside address translation
  • outside – Configures outside address translation
destination static <ACTUAL-IP> The following keywords are common to the ‘inside‘ and ‘outside‘ parameters:
  • destination – Specifies destination address translation parameters
    • static – Specifies static NAT local to global mapping
      • <ACTUAL-IP> – Specify the actual outside IP address to map.
<1-65535> [tcp|udp]
  • <1-65535> – Configures the actual outside port. Specify a value from 1 - 65535.
    • tcp – Configures Transmission Control Protocol (TCP) port
    • udp – Configures User Datagram Protocol (UDP) port
<NATTED-IP> <1-65535> Enables configuration of the outside natted IP address
  • <NATTED-IP> – Specify the outside natted IP address.
    • <1-65535> – Optional. Configures the outside natted port. Specify a value from 1 - 65535.
ip nat [inside|outside] source static <ACTUAL-IP> <1-65535> [tcp|udp] 
[(<NATTED-IP> {<1-65535>})]
ip Configures IPv4 routing components
nat Configures the NAT parameters
[inside|outside] Configures inside and outside address translation for the source
  • inside – Configures inside address translation
  • outside – Configures outside address translation
source static <ACTUAL-IP> The following keywords are common to the‘ inside‘ and ‘outside‘ parameters:
  • source – Specifies source address translation parameters
    • static – Specifies static NAT local to global mapping
      • <ACTUAL-IP> – Specify the actual inside IP address to map.
<1-65535> [tcp|udp]
  • <1-65535> – Configures the actual outside port. Specify a value from 1 - 65535.
    • tcp – Configures the TCP port
    • udp – Configures the UDP port
<NATTED-IP> <1-65535> Enables configuration of the outside natted IP address
  • <NATTED-IP> – Specify the outside natted IP address.
    • <1-65535> – Optional. Configures the outside natted port. Specify a value from 1 - 65535.
ip nat [inside|outside] source list <IP-ACCESS-LIST-NAME> interface 
[<INTERFACE-NAME>|pppoe1|vlan <1-4094>|wwan1] [(address <IP>|interface <L3-IF-NAME>|overload|
pool <NAT-POOL-NAME>)]
ip Configures IPv4 routing components
nat Configures the NAT parameters
[inside|outside] Configures inside and outside IP access list
source list <IP-ACCESS-LIST-NAME> Configures an access list describing local addresses
  • <IP-ACCESS-LIST-NAME> – Specify a name for the IP access list.
interface [<INTERFACE-NAME>| pppoe1| vlan <1-4094>| wwan1] Selects an interface to configure. Select a layer 3 router interface or a VLAN interface.
  • <INTERFACE-NAME> – Selects a layer 3 interface. Specify the layer 3 router interface name.
  • vlan – Selects a VLAN interface
    • <1-4094> – Set the SVI VLAN ID of the interface.
  • pppoe1 – Selects PPP over Ethernet interface
  • wwan1 – Selects Wireless WAN interface
address <IP> The following keyword is recursive and common to all interface types:
  • address <IP> – Configures the interface IP address used with NAT
interface <L3-IF-NAME> The following keyword is recursive and common to all interface types:
  • interface <L3-IF-NAME> – Configures a wireless controller or service platform‘s VLAN interface
    • <L3IFNAME> – Specify the SVI VLAN ID of the interface.
overload The following keyword is recursive and common to all interface types:
  • overload – Enables use of global address for many local addresses
pool <NAT-POOL-NAME> The following keyword is recursive and common to all interface types:
  • pool <NAT-POOL-NAME> – Specifies the NAT pool
    • <NAT-POOL-NAME> – Specify the NAT pool name.
ip route <IP/M> [<IP>|<HOST-ALIAS-NAME>]
ip Configures IPv4 routing components
route Configures the static routes
<IP/M> Specify the IP destination prefix in the A.B.C.D/M format.
<IP> Specify the IP address of the gateway.
<HOST-ALIAS-NAME> Configures the host alias mapped to the required default gateway
  • <HOST-ALIAS-NAME> – Specify the host alias name (should be existing and configured). Host alias names begin with a ‘$‘.

Example

NOC-NX9500(config-profile-testNX9000)#ip default-gateway 10.234.160.5
NOC-NX9500(config-profile-testNX9000)#ip dns-server-forward
NOC-NX9500(config-profile-testNX9000)#ip nat inside source list BROADCAST-MULTIC
AST-CONTROL precedence 1 interface vlan 1 pool NATPool1 overload


NOC-NX9500(config-profile-testNX9000-nat-pool-NATPool1)#?
Nat Policy Mode commands:
  address  Specify addresses for the nat pool
  no       Negate a command or set its defaults

  clrscr   Clears the display screen
  commit   Commit all changes made in this session
  do       Run commands from Exec mode
  end      End current mode and change to EXEC mode
  exit     End current mode and down to previous mode
  help     Description of the interactive help system
  revert   Revert changes
  service  Service Commands
  show     Show running system information
  write    Write running configuration to memory or terminal

NOC-NX9500(config-profile-testNX9000-nat-pool-NATPool1)#

Related Commands

no Disables or reverts settings to their default