-
Cisco IOS Wide-Area Networking Command Reference
-
Introduction
-
accelerator through cpu-threshold
-
de-bit through exp
-
fdl through frame-relay lapf n200
-
frame-relay lapf n201 through fr-atm connect dlci
-
hello through lz entropy-check
-
mace enable through rtcp-regenerate
-
sequence-interval through show platform software otv fp
-
show smds addresses through waas export
-
x25 accept-reverse through x25 pvc XOT
-
x25 pvc rbp local through xot access-group
-
Index
-
Feedback
Contents
x25 pvc rbp local through xot access-group
- x25 pvc rbp local
- x25 pvc rbp remote
- x25 relay-vc-number
- x25 remote-red
- x25 retry
- x25 roa
- x25 rotary
- x25 route
- x25 routing
- x25 security call-conf address out
- x25 security clamn
- x25 security crcdn
- x25 subscribe cug-service
- x25 subscribe flow-control
- x25 subscribe local-cug
- x25 subscribe packetsize
- x25 subscribe throughput
- x25 subscribe windowsize
- x25 suppress-called-address
- x25 suppress-calling-address
- x25 t10
- x25 t11
- x25 t12
- x25 t13
- x25 t20
- x25 t21
- x25 t22
- x25 t23
- x25 threshold
- x25 use-source-address
- x25 version
- x25 win
- x25 wout
- x28 no-padding
- x29 access-list
- x29 profile
- x29 inviteclear-time
- xconnect
- xconnect backup force-switchover
- xconnect encapsulation mpls
- xconnect logging redundancy
- xot access-group
x25 pvc rbp local
To configure a router to accept an incoming TCP connection on a specified TCP port, and to use record boundary preservation (RBP) over that session to transfer data between the TCP host and an X.25 permanent virtual circuit (PVC), use the x25 map rbp localcommand in interface configuration mode. To delete the PVC, use the noform of this command.
x25 pvc circuit rbp local port port [ packetsize in-size out-size ] [ recordsize size ] [ windowsize in-size out-size ] [q-bit]
no x25 pvc circuit
Syntax Description
circuit
Virtual-circuit channel number, which must be less than the virtual circuits assigned to the switched virtual circuits (SVCs).
port port
TCP port number on which the router should listen.
packetsize in-size out-size
(Optional) Maximum input packet size (in-size) and output packet size (out-size) for the PVC. The two values are typically the same and must be one of the following: 16, 32, 64, 128, 256, 512, 1024, 2048, or 4096.
recordsize size
(Optional) Maximum length of a record.
windowsize in-size out-size
(Optional) Packet count for input window (in-size) and output window (out-size) for the PVC. The two values are typically the same, must be in the range from 1 to 127, and must be less than the value set for the x25 modulo command.
q-bit
(Optional) Supports conveyance of Q-bit data packets between X.25 and TCP/IP hosts.
Command Default
No PVC is configured.
The PVC window and maximum packet sizes default to the interface default values.
Usage Guidelines
RBP enables X.25 hosts to exchange data with TCP/IP hosts via TCP sessions while maintaining X.25 packet boundaries.
When the Q-bit option is included in this command, X.25 Q-bit data packets can be received by the TCP/IP host; otherwise. transmission of X.25 Q-bit data packets would bring down the TCP and X.25 sessions.
When connections that will be established by the TCP/IP host are configured, the local TCP port number must be unique, with the exception that the same TCP port number may be configured once on each of multiple X.25 interfaces that will not be active simultaneously. This includes situations in which one X.25 interface is configured as a backup interface for another X.25 interface.
When the x25 pvc rbp localcommand is configured, the router will listen for a TCP connection request to the configured TCP port. Until the connection request is received, the router will acknowledge any X.25 reset packets on the circuit. When the TCP connection request is received, the connection will be accepted, and the router will send an X.25 reset packet over the configured X.25 destination circuit. If the reset packet is not acknowledged, the TCP connection will be closed.
Since this command is associated with a specific X.25 circuit, only one connection may be active per command.
When a PVC is configured, the virtual circuit must be unique. Multiple commands referencing the same virtual circuit (matching logical channel identifier and interface) are not permitted.
When connections that will be established by the TCP/IP host are configured, the local TCP port number must be unique, with the exception that the same TCP port number may be configured once on each of multiple X.25 interfaces that will not be active simultaneously. This includes the case in which one X.25 interface is configured as a backup interface for another X.25 interface.
Examples
The following example shows the configuration of a PVC with RBP. In this example, the router will listen for a TCP connection request on port 9999. When a TCP connection is established, the router will send an X.25 reset over the configured X.25 destination circuit.
Interface serial2/1 encapsulation x25 x25 pvc 2 rbp local port 9999Related Commands
Command
Description
show x25 map
Displays information about configured address maps.
show x25 vc
Displays information about active SVCs and PVCs.
x25 map rbp local
Establishes X.25 circuits in response to incoming TCP connections and uses RBP to transfer data between the TCP session and the X.25 circuit.
x25 map rbp remote
Establishes TCP sessions in response to incoming X.25 calls and uses RBP to transfer data between the X.25 circuit and the TCP session.
x25 pvc rbp remote
Establishes TCP sessions in response to incoming data on an X.25 PVC, and uses RBP to transfer data between the X.25 host and the TCP session.
x25 pvc rbp remote
To configure a router to establish a TCP session in response to data received on an X.25 permanent virtual circuit (PVC) and to use record boundary preservation (RBP) to transfer data between the X.25 host and the TCP session, use the x25 pvc rbp remotecommand in interface configuration mode. To delete the PVC, use the noform of this command.
x25 pvc circuit rbp remote host ip-address port port [ packetsize in-size out-size ] [ source-interface interface ] [ recordsize size ] [ windowsize in-size out-size ] q-bit
no x25 pvc circuit
Syntax Description
circuit
Virtual-circuit channel number, which must be less than the virtual circuits assigned to the switched virtual circuits (SVCs).
host ip-address
Remote IP address for the TCP connection.
port port
TCP port number on which the router should listen.
packetsize in-size out-size
(Optional) Maximum input packet size (in-size) and output packet size (out-size) for the PVC. The two values are typically the same and must be one of the following: 16, 32, 64, 128, 256, 512, 1024, 2048, or 4096.
source-interface interface
(Optional) Name of an interface whose IP address will be used as the local IP address for the TCP connection.
recordsize size
(Optional) Maximum length of a record.
windowsize in-size out-size
(Optional) Packet count for input window (in-size) and output window (out-size) for the PVC. The two values are typically the same, must be in the range from 1 to 127, and must be less than the value set for the x25 modulo command.
q-bit
(Optional) Supports conveyance of Q-bit data packets between X.25 and TCP/IP hosts.
Usage Guidelines
RBP enables X.25 hosts to exchange data with TCP/IP hosts via TCP sessions while maintaining X.25 packet boundaries.
When a PVC is configured, the virtual circuit must be unique. Multiple commands referencing the same virtual circuit (matching logical channel identifier and interface) are not permitted.
When the x25 pvc rbp remotecommand is configured, the router will wait until a data packet is received on a specific X.25 PVC. Until it receives a data packet, the router will acknowledge any X.25 reset packets on the circuit. When a data packet is received, the router will attempt to establish a TCP connection to a configured IP address and TCP port, using a dynamically assigned local TCP port number. If the connection attempt fails, the router will reset the PVC and wait for another data packet before reattempting to establish the TCP connection.
Since the x25 pvc rbp remotecommand is associated with a specific X.25 circuit, at most one connection may be active per command.
Examples
The following example shows an X.25 host configured to use a PVC with RBP. When PVC 1 receives a data packet, the router will attempt to establish a TCP connection to port 9999 at the TCP/IP host that has the IP address 10.0.0.1.
interface serial1/0 encapsulation x25 x25 pvc 1 rbp remote host 10.0.0.1 port 9999Related Commands
Command
Description
show x25 map
Displays information about configured address maps.
show x25 vc
Displays information about active SVCs and PVCs.
x25 map rbp local
Establishes X.25 circuits in response to incoming TCP connections on a specified TCP port, and uses RBP to transfer data between the TCP session and the X.25 circuit.
x25 map rbp remote
Establishes TCP sessions in response to incoming X.25 calls and uses RBP to transfer data between the X.25 circuit and the TCP session.
x25 pvc rbp local
Accepts incoming TCP connections on a specified TCP port, and uses RBP to transfer data between the TCP host and an X.25 PVC.
x25 relay-vc-number
To enable the relay of a virtual circuit (VC) number for switched calls between X.25 over TCP (XOT) and the interface on which the command is configured, use the x25 relay-vc-numbercommand in interface configuration or X.25 profile configuration mode. To disable the relay of the VC number, use the no form of this command.
Usage Guidelines
Use the x25 relay-vc-number command to enable the relay of the VC number for the switched calls between the XOT and the configured interface.
X.25 is a method of packet switching that is used for communication between user devices (such as routers, bridges, and host machines) and network devices (such as switching nodes and modems). User devices are called data terminal equipment (DTE), and network devices are called data circuit-terminating equipment (DCE).
Examples
The following examples show how to set the x25 relay-vc-number command for a Fast Ethernet interface and a serial interface.
Router(config)# interface fastethernet0/0 Router(config-if)# cmns enable Router(config-if)# x25 relay-vc-number Router(config)# interface serial1/0 Router(config-if)# x25 relay-vc-numberx25 remote-red
NoteEffective with Cisco IOS Release 12.2, the x25 remote-redcommand is not available in Cisco IOS Software.
To set up the table that lists the Blacker Front End (BFE) nodes (host or gateways) to which the router will send packets, use the x25 remote-red command in interface configuration mode.
Usage Guidelines
The table that results from this command provides the address translation information that the router sends to the BFE when it is in emergency mode.
x25 retry
To activate a secondary route while also retrying a failed primary route, use the x25 retryinterface configuration command in conjunction with the ip route or backup interface commands. To discontinue implementing secondary X.25 routes and retrying of primary X.25 routes, use the no form of this command.
Command History
Release
Modification
12.0(5)T
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
The x25 retry command is triggered when no switched virtual circuits (SVCs) are up, and an outgoing call fails.
The retry attempts will continue until any of the following happens:
- The configured retry attempts limit is reached.
- The attempt to reestablish the link is successful.
- An incoming call is received on the subinterface.
- The X.25 packet layer on the interface is restarted.
If the number of retry attempts exceeds the configured limit, the interface will remain marked “down” until any of the following happens:
- An incoming call is received on the subinterface.
- The X.25 packet layer on the interface is restarted.
x25 roa
To specify a sequence of packet network carriers, use the x25 roa command in global configuration mode. To remove the specified name, use the noform of this command.
Syntax Description
name
Recognized Operating Agency (ROA, formerly called a Recognized Private Operating Agency, or RPOA), which must be unique with respect to all other ROA names. It is used in the x25 facility and x25 map interface configuration commands.
number
A sequence of 1 or more numbers used to describe an ROA; up to 10 numbers are accepted.
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
x25 rotary
To assign an X.121 address to a rotary group (and optionally, to specify that address to be the source address of calls originating from lines within the group), use the x25 rotary command in global configuration mode. To remove an X.121 address from a rotary group, use the no form of this command.
x25 rotary group-num x121-address [ calling-address [ rotary | line ] ]
x25 rotary group-num x121-address [ calling-address [ rotary | line ] ]
Syntax Description
group-num
A number from 1 through 127, assigned to identify the rotary group.
x121-address
X.121 address. The address must be a numerical string no longer than 20 digits.
calling-address
(Optional) The source address of outgoing calls from members of this group. The default calling address is each line’s X.121 address.
rotary
(Optional) Makes the rotary’s X.121 address the source address of outgoing calls.
line
(Optional) Uses each line’s absolute address as the source address of outgoing calls.
Usage Guidelines
Each X.121 address can be associated with only one rotary group.
A rotary group cannot be configured with an X.121 address if it has “queued” or “queued-by-role” selection type.
x25 route
To create an entry in the X.25 routing table (to be consulted for forwarding incoming calls and for placing outgoing packet assembler/disassembler (PAD) or protocol translation calls), use the x25 route command in global configuration mode. To remove an entry from the table, use the noform of the command.
x25 route [ #position ] [ selection-options ] [ modification-options ] disposition-options [ xot-keepalive-options ]
no x25 route [ #position ] [ selection-options ] [ modification-options ] disposition-options [ xot-keepalive-options ]
Syntax Description
#position
(Optional) A pound sign (#) followed by a number designates the position in the routing table at which to insert the new entry. If no value for the position argument is given, the entry is appended to the end of the routing table.
selection-options
(Optional) The selection options identify when the subsequent modification and disposition options apply to an X.25 call; any or all variables may be specified for a route. For selection keyword and argument options, see the table in the “Usage Guidelines” section.
For selection and modification pattern and character matching and replacement see the tables in the “Usage Guidelines” section.
Although each individual selection criterion is optional, at least one selection or modification option must be specified in the x25 route command.
modification-options
(Optional) The modification options modify the source or destination addresses of the selected calls. The standard regular expression substitution rules are used, where a match pattern and rewrite string direct the construction of a new string. For modification keyword and argument options, see the table in the “Usage Guidelines” section.
For selection and modification pattern and character matching and replacement see the tables in the “Usage Guidelines” section.
Although each individual modification is optional, at least one selection or modification option must be specified in the x25 route command.
disposition-options
Specifies the disposition of a call matching the specified selection pattern. For disposition keyword and argument options, see the table in the “Usage Guidelines” section.
xot-keepalive-options
(Optional) The XOT-keepalive options specify an X.25 over TCP (XOT) keepalive period and number of XOT-keepalive retries. XOT relies on TCP to detect when the underlying connection is dead. TCP detects a dead connection when sent data goes unacknowledged for a given number of attempts over a period of time. For XOT-keepalive keyword and argument options, see the table in the “Usage Guidelines” section.
Command History
Usage Guidelines
The enhanced x25 route command replaces the x25 map cmns command. The x25 route alias form of this command (supported in earlier releases) has been replaced by the x25 alias command.
The modification options are long-standing but newly applicable to all dispositions in Cisco IOS Release 11.3 and later.
NoteThe entire command must be entered on one line.
Selection Options
Selection arguments specify match criteria. When a call matches all selection criteria in an X.25 route, then the specified modification and disposition are used for the call.
As many as four selection options can be used to determine the route:
- Called X.121 network interface address (destination or source host address)
- Called address extension (destination NSAP address)
- X.25 packet’s call user data (CUD) field
- Input interface from which the call was received (input-interface option)
The following table lists the selection options for the x25 route command. At least one selection or modification option must be specified.
NoteThe X.121 and NSAP addresses are specified as regular expressions. A common error is to specify the address digits without anchoring them to the beginning and end of the address. For example, the regular expression 1111 will match an X.121 address that has four successive 1s somewhere in the address; to specify the single X.121 address, the form ^1111$ must be used.
Regular expressions are used to allow pattern-matching operations on the addresses and user data. A common operation is to use prefix matching on the X.121 Data Network Identification Code (DNIC) field and route accordingly. The caret (^) is a special regular expression character that anchors the match at the beginning of the pattern. For example, the pattern ^3306 will match all X.121 addresses with a DNIC of 3306.
Modification Options
Addresses typically need to be modified when traffic from a private network that uses arbitrary X.121 addresses must transit a public data network, which must use its own X.121 addresses. The easiest way to meet the requirement is to specify in the x25 route command a way to modify the private address into a network X.121 address, or to modify a network X.121 address into a private address. The addresses are modified so that no change to the private addressing scheme is required.
The modification options use the standard UNIX regular expression substitution operations to change an X.25 field. A pattern match is applied to an address field, which is rewritten as directed by a rewrite pattern.
The following table lists the modification options for the x25 route command. At least one selection or modification option must be specified.
Table 2 x25 route Modification Options Modification Option
Description
substitute-dest rewrite-dest
(Optional) Called X.121 address rewrite pattern.
The destination address, destination-pattern, and this rewrite-dest pattern are used to form a new destination address. If no destination-pattern is specified, a default match pattern of .* is used.
See the first two tables below for summaries of pattern and character matching, respectively. See the third table below for a summary of pattern rewrite elements.
substitute-source rewrite-source
(Optional) Calling X.121 address rewrite pattern.
The source address, source-pattern, and this rewrite-source pattern are used to form a new source address. If no source-pattern is specified, any destination-pattern match pattern is used. If neither match pattern is specified, a default match pattern of .* is used.
See the first two tables below for summaries of pattern and character matching, respectively. See the third table below for a summary of pattern rewrite elements.
NoteAs of Cisco IOS Release 11.3, the substitute-source and substitute-dest options also apply to PAD calls.
A modification of the source address is directed by the rewrite string using one of three possible match patterns. If the source source-pattern selection option is defined, it is used with the source-rewrite string to construct the new source address; otherwise, a destination-pattern regular expression is used (for backward compatibility) or a wildcard regular expression (.*) is used. In the rewrite-source argument, the backslash character (\) indicates that the digit immediately following the argument selects a portion of the matched address to be inserted into the new called address.
A modification of the destination address is directed by the rewrite string using one of two possible match patterns. If the destination-pattern selection option is defined, it is used with the destination-rewrite string to construct the new destination address; otherwise, a wildcard regular expression (.*) is used. In the rewrite-dest argument, the backslash character (\) indicates that the digit immediately following the argument selects a portion of the original called address to be inserted into the new called address.
Pattern and Character Matching and Replacement for Selection and Modification Options
See the three tables below, respectively, for summaries of pattern matching, character matching, and pattern replacement elements. Note that up to nine pairs of parentheses can be used to identify patterns to be included in the modified string. A more complete description of the pattern-matching characters is found in the “Regular Expressions”appendix in the Cisco IOS Terminal Services Configuration Guide.
Table 3 Pattern Matching for x25 route Selection and Modification Options Pattern
Description
*
Matches 0 or more occurrences of the preceding character.
+
Matches 1 or more occurrences of the preceding character.
?
Matches 0 or 1 occurrences of the preceding character.1
1 Precede the question mark with Ctrl-V to prevent the question mark from being interpreted as a help command.
Table 4 Character Matching for x25 route Selection and Modification Options Character
Description
^
Matches the beginning of the input string.
$
Matches the end of the input string.
\char
Matches the single character char specified.
.
Matches any single character.
Table 5 Pattern Replacements for x25 route Selection and Modification Options Pattern
Description
\0
The pattern is replaced by the entire original address.
\1...9
The pattern is replaced by strings that match the first through ninth parenthetical part of the X.121 address.
Disposition Option
The xot-source disposition option can improve the resilience of the TCP connection if, for instance, a loopback interface is specified. By default, a TCP connection’s source IP address is that of the interface used to initiate the connection; a TCP connection will fail if either the source or destination IP address is no longer valid. Because a loopback interface never goes down, its IP address is always valid. Any TCP connections originated using a loopback interface can be maintained as long as a path exists to the destination IP address, which may also be the IP address of a loopback interface.
Using the continue keyword provides flexibility by reducing the number of X.25 route configurations necessary in the route table by breaking them into separate, simpler, and more manageable tasks. It allows the x25 route command to cumulatively hold all specified route entries and carry whatever selection or modification options you may have just specified on the command line. The route table lookup terminates when a matching route is found among the remaining entries in the route table. The continue disposition must be the last option on the x25 route command line.
The table below lists the disposition options for the x25 route command. You must select one of these options.
Table 6 x25 route Disposition Options Disposition Option
Description
clear
Terminates the call.
continue
(Optional) Combines sequential route table lookups, holding onto any “selections” and “modifications” specified on the x25 route statement.
hunt-group name
Routes the selected call to the X.25 hunt group. The chosen route may vary depending on the hunt group configuration.
interface interface number
Routes the selected call to the specified X.25 serial interface.
interface interface number dlci number
(Optional) Routes the X.25 call to the specified Annex G link. You must include the interface number and enter the data link connection identifier (DLCI) number. You only need to do this if you want the router to accept switched calls, as well as originate them.
interface cmns-interface mac mac-address
Routes the selected call out the specified broadcast interface via CMNS to the LAN destination station. The broadcast interface type can be Ethernet, Token Ring, or FDDI. The interface numbering scheme depends on the router interface hardware.
xot ip-address [ip2-address[...[ip6-address]]] [xot-source interface
Routes the selected call to the XOT host at the specified IP address. Subsequent IP addresses are tried, in sequence, only if XOT is unable to establish a TCP connection with a prior address.
xot dns pattern
Used with DNS-based X.25 routing, this option consults the DNS to get up to six destination IP addresses using whatever lookup pattern you choose (see the table above).
XOT-Keepalive Options
TCP maintains each connection using a keepalive mechanism that starts with a default time period and number of retry attempts. If a received XOT connection is dispatched using a route with explicit keepalive parameters, those values will be used for the TCP connection. If an XOT connection is sent using a route with explicit keepalive parameters, those values will be used for the TCP connection.
The table below lists and describes the xot-keepalive optionsfor the x25 route command.
Table 7 x25 route XOT-Keepalive Options XOT-Keepalive Option
Description
xot-keepalive-period seconds
Number of seconds between keepalives for XOT connections. The default is 60 seconds.
xot-keepalive-tries count
Number of times TCP keepalives should be sent before dropping the connection. The default value is 4 times.
X.25 Routing Action When a Match Is Found
If a matching route is found, the incoming call is forwarded to the next hop depending on the routing entry. If no match is found, the call is cleared. If the route specifies a serial interface running X.25 or a broadcast interface running CMNS, the router attempts to forward the call to that host. If the interface is not operational, the subsequent routes are checked for forwarding to an operational interface. If the interface is operational but out of available virtual circuits, the call is cleared. Otherwise, the expected Clear Request or Call Accepted packet is forwarded back toward the originator. A call cannot be forwarded out the interface on which it arrived.
If the matching route specifies an XOT disposition, a TCP connection is established to port 1998 at the specified IP address, which must be an XOT host. The Call Request packet is forwarded to the remote host, which applies its own criteria to handle the call. If, upon receiving an XOT call on the remote host, a routing table entry is not present, or the destination is unavailable, a Clear Request is sent back and the TCP connection is closed. Otherwise, the call is handled and the expected Clear Request or Call Accepted packet is returned. Incoming calls received via XOT connections that match a routing entry specifying an XOT destination are cleared. This restriction prevents Cisco routers from establishing an XOT connection to another router that would establish yet another XOT connection.
X.25 Routing Action When No Match Is Found
If no match is found, the action taken is specific to the application. X.25 switching will clear the call if there is no match in the routing table. X.25 PAD and PAD-related applications, such as protocol translation using X.25, will route the call to the default X.25 interface, which is the first X.25 interface configured.
Examples
The following example uses regular expression pattern matching characters to match just the initial portion of the complete X.25 address. Any call with a destination address beginning with 3107 that is received on an interface other than serial 0 is forwarded to serial 0.
x25 route ^3107 interface serial 0The following Annex G example routes the X.25 call to the specified Annex G DLCI link. You must include both interface number and DLCI number. It is this combination of both these numbers that indicates the logical X.25 interface over Frame Relay.
x25 route ^2222 interface serial 1 dlci 20The following example prevents X.25 routing for calls that do not specify a source address:
x25 route source ^$ clearThe following example configures alternate XOT hosts for the routing entry. If the first address listed is not available, subsequent addresses are tried until a connection is made. If no connection can be formed, the call is cleared.
x25 route ^3106$ xot 172.20.2.5 172.20.7.10 172.10.7.9The following example clears calls that contain a 3 in the source address. The disposition keyword clear is new.
x25 route source 3 clearThe following example clears calls that contain 33 in the source address:
x25 route source 33 clearThe following example clears a call to the destination address 9999:
x25 route ^9999$ clearThe following example specifies a route for specific source and destination addresses. (The ability to combine source and destination patterns is a new feature.)
x25 route ^9999$ source ^333$ interface serial 0The following example routes the call to the XOT host at the specified IP address. The disposition keyword xot is new. In prior releases the keyword ip was used.
x25 route ^3333$ xot 172.21.53.61The following DNS-based X.25 routing example shows an X.25 request to the DNS. The \0pattern indicates that the entire incoming X.121 address is being used as the index into the DNS, which will return the required IP address.
x25 route ^.* xot dns \0The following example routes calls containing the destination extension address preamble 11.1234:
x25 route dest-ext ^11.1234.* interface serial 0The following example rewrites the destination address as 9999. There must be a minimum of four 8s in the address. (8888888 will change to 9999.)
x25 route 8888 substitute-dest 9999 interface serial 0The following example substitutes only part of the destination address. “^88” specifies the original destination string must begin with 88. “(.*)” indicates the string can end with any number, 0-9, and can be more than one digit. “99\1” changes the destination address to 99 plus whatever matches “.*” in the original destination address. For example, 8881 will change to 9981.
x25 route ^88(.*) substitute-dest 99\1 interface serial 0The following example substitutes only part of the destination address and also removes a specified number of digits from the address. “^88” specifies the original destination string must begin with 88. “(..)” matches any two digits. “(.*)” specifies the string can end with any number, 0-9, and can occur zero or more times. Thus any address that starts with 88 and has four or more digits will be rewritten to start with 99 and omit the third and fourth digits. For example, 881234 will change to 9934.
x25 route ^88(..)(.*) substitute-dest 99\2 interface serial 0The following example looks for a specified destination address and changes the source address. “9999” is the destination address. The original source address changes to “2222” because the call is made to the destination 9999.
x25 route ^9999$ substitute-source 2222 interface serial 0The following example shows insertions and removals in the X.121 address as calls from the X.25 network get routed to X.25 devices. For a call coming from interface serial 0 with a called address starting with 2, the 2 is stripped off the called address and the call forwarded to serial interface 2. For a call coming from interface serial 2 with any calling address, a 2 will be inserted to its calling address and the call forwarded to serial interface 0.
x25 route ^02(.*) input-interface serial0 substitute-dest \1 interface serial2 x25 route input-interface serial2 source .* substitute-source 2\0 interface serial0The following example shows how to insert the X.121 address to forward calls among local X.25 devices. For a call on interface 1 with a called address of 0255 and any calling address, the call is forwarded to serial interface 2 with a called address of 55 and a calling address inserted with 01. The continue keyword continues address substitution without address forwarding.
x25 route input-interface serial1 source .* substitute-source 01\0 continue x25 route input-interface serial2 source .* substitute-source 02\0 continue x25 route ^01(.*) substitute-dest \1 interface serial1 x25 route ^02(.*) substitute-dest \1 interface serial2The following example rewrites the source address based on the source address. “9999” matches any destination address with four consecutive 9s. “^...(.*)” matches any source address with at least three digits; the command removes the first three digits and rewrites any digits after the first three as the new source address. For example, a call to 9999 from the source address 77721 will be forwarded using the calling address 21 and the called address 9999.
x25 route 9999 source ^...(.*) substitute-source \1 interface serial 0The following example adds a digit to the source and destination addresses patterns. “09990” is the destination address pattern. The source can be any address. “9\0” specifies to add a leading 9 to the destination address pattern. “3\0” specifies to add a leading 3 to the source address pattern. For example, a call using source 03330 and destination 09990 will change to 303330 and 909990, respectively.
x25 route 09990 source .* substitute-dest 9\0 substitute-source 3\0 interface serial 0x25 routing
To enable X.25 switching or tunneling, use the x25 routing command in global configuration mode. To disable the forwarding of X.25 calls, use the noform of this command.
x25 routing [ acknowledge local | acknowledge end-to-end ] [tcp-use-if-defs]
no x25 routing [ acknowledge local | acknowledge end-to-end ] [tcp-use-if-defs]
Command History
Release
Modification
10.0
This command was introduced.
12.0(7)T
The following keywords were added:
- acknowledge end-to-end
- acknowledge local
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
The x25 routing command enables X.25 switching between the X.25 services (X.25, Connection-Mode Network Service [CMNS] and X.25 over TCP [XOT], and Annex G). X.25 calls will not be forwarded until this command is issued.
The acknowledge localand acknowledge end-to-end keywords are optional, with acknowledge end-to-end being the default. To confirm what type of acknowledgment has been set, use the show protocol command.
The tcp-use-if-defs keyword may be needed for receiving XOT calls from routers using older software versions. Normally, calls received over a TCP connection (remote routing reception) will have the flow control parameters (window sizes and maximum packet sizes) indicated, because proper operation of routed X.25 requires that these values match at both ends of the connection.
Some previous versions of Cisco IOS software, however, do not ensure that these values are present in all calls. In this case, the Cisco IOS software normally forces universally acceptable flow control values (window sizes of 2 and maximum packet sizes of 128) on the connection. Because some equipment disallows modification of the flow control values in the call confirm, the tcp-use-if-defs keyword causes the router to use the default flow control values of the outgoing interface and indicate the resulting values in the call confirm. This modified behavior may allow easier migration to newer versions of the Cisco IOS software.
x25 security call-conf address out
To suppress the addresses in transmitted X.25 Call Confirm packets or to specify that the addresses originally received in a Call packet are to be encoded in the Call Confirm packet, use the no x25 security call-conf address outcommand in interface configuration or X.25 profile configuration mode. To reenable standard X.25 procedure for handling addresses in Call Confirm packets, use the x25 security call-conf address out command.
x25 security call-conf address out
no x25 security call-conf address out source { suppress | unmodified } dest { suppress | unmodified }
Command Default
Addresses presented in X.25 Call Confirm packets are determined according to X.25 protocol standards.
Usage Guidelines
Network devices that implement nonstandard X.25 service may have special requirements for address encoding in Call Confirm packets. The no x25 security call-conf address outcommand enables you to control the source and destination addresses that are encoded in outgoing Call Confirm packets. You can suppress the addresses completely, or you can specify that the addresses originally presented in the received Call packet be encoded unmodified in the Call Confirm packet.
Caution
X.25 specifies address signaling behavior as a security measure to ensure that connecting devices are given clear notice of a call setup that encountered redirection, deflection, or distribution to an alternate destination. Disabling these security features should be done only when the risks of doing so are understood and acceptable.
When address suppression is configured, any address block in the Call Confirm packet will specify the null address (zero digits) for the suppressed addresses.
X.25 Call Confirm address control can be configured on a main interface or an X.25 profile. When this functionality is configured on an interface, all Call Confirm packets sent over the services that use that interface will be affected, including SVCs that use a configuration from a subinterface. When this functionality is configured on an X.25 profile, all services using that profile will be affected.
x25 security clamn
To reenable the Called Line Address Modified Notification (CLAMN) security signaling facility when it has been disabled, use the x25 security clamn command in interface configuration mode. To disable the (CLAMN) security signaling facility in X.25 Call Confirm packets, use the noform of thiscommand.
Usage Guidelines
The X.25-class services use the CLAMN security signaling facility in X.25 Call Confirm packets to notify the originator of the Call that a security event occurred during X.25 Call setup. The encoding of this facility specifies the reason for the signal, and the X.25 Recommendation also permits the Call Confirm packet to encode a different destination address when it encodes this facility. There are a number of reasons that can be encoded by the CLAMN facility. The Cisco X.25 hunt group implementation will cause the router to signal the hunt group event back to the X.25 Call originator using the CLAMN facility.
Caution
X.25 security signaling facilities are used to explicitly notify the connecting stations of events that might raise security issues if they were not signaled. Suppression of these facilities should be configured only when the attached equipment and network configurations are sufficiently secure that the signaled information is unnecessary.
If no X.25 security issues apply, a network administrator may configure an X.25-class service to suppress the signaling of the CLAMN facility in Call Confirm packets using the no x25 security clamncommand on an interface or x25 profile. This configuration may be necessary if the attached device or eventual recipient of the Call Confirm will not participate in a connection when the CLAMN security facility is encoded.
The X.25 Recommendations specify that the CLAMN facility must be present in the X.25 Call Confirm packet if that packet encodes a destination address that is not the null address and that differs from the address encoded in the Call packet. Therefore, when the no x25 security clamn command is used to suppress the encoding of the CLAMN facility, it will also suppress the encoding of the destination address; that is, if the address block is encoded in the Call Confirm packet, the destination address will be encoded as the null address (zero digits).
This command can be configured with the International Telecommunication Union Telecommunication Standardization Sector (ITU-T) 1980 X.25 recommendation mode with no error, although the 1980 mode does not define the CLAMN facility.
x25 security crcdn
To reenable the Call Redirection/Call Deflection Notification (CRCDN) security signaling facility when it has been disabled, use the x25 security crcdncommand in interface configuration mode. To disable the CRCDN security signaling facility in X.25 Call packets, use the no form of this command.
Usage Guidelines
The X.25-class services use the CRCDN security signaling facility in X.25 call packets to notify the destination of the Call that a security event occurred during call processing. The encoding of this facility specifies the reason for the signal and the destination address that originally occurred in the call. There are a number of reasons that can be encoded by the CRCDN facility. The Cisco X.25 hunt group implementation will cause the router to signal the hunt group event to the X.25 call destination using the CRCDN facility.
Caution
X.25 security signaling facilities are used to explicitly notify the connecting stations of events that might raise security issues if they were not signaled. Suppression of these facilities should be configured only when the attached equipment and network configurations are sufficiently secure that the signaled information is unnecessary.
If no X.25 security issues apply, a network administrator may configure an X.25-class service to suppress the signaling of the CRCN facility in call packets using the no x25 security crcdncommand on an interface or X.25 profile. This configuration may be necessary if the attached device or eventual recipient of the X.25 call will not participate in a connection when the CRCDN security facility is encoded.
This command can be configured with the International Telecommunication Union Telecommunication Standardization Sector (ITU-T) 1980 X.25 recommendation mode with no error, although the 1980 mode will always suppress the CRCDN facility.
x25 subscribe cug-service
To enable and control standard closed user group (CUG) service, use the x25 subscribe cug-service command in the appropriate interface, line, or X.25 profile configuration mode. To disable standard CUG service, use the noform of this command.
x25 subscribe cug-service [incoming-access] [outgoing-access] [ suppress preferential | suppress all ]
no x25 subscribe cug-service [ incoming-access | outgoing-access ] [ suppress preferential | suppress all ]
Syntax Description
incoming-access
(Optional) Allows incoming access from the open network to the data terminal equipment (DTE) device.
outgoing-access
(Optional) Allows outgoing access from the data terminal equipment (DTE) device to the open network.
suppress preferential
(Optional) Suppresses CUG selection facility for the preferred CUG. This option is not available when configuring terminal lines.
suppress all
(Optional) Suppresses CUG selection facility for all CUGs. This option is not available when configuring terminal lines.
Command Default
No incoming access and no outgoing access. (This is the most restrictive setting.) CUG selection facilities are not suppressed.
Command History
Release
Modification
12.0(7)T
This command was introduced.
12.1(5)T
The suppress preferential and suppress all keywords were added to enable CUG selection facility suppression.
12.2(13)T
This command was modified to configure support for X.25 CUG service on terminal lines.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
When entering this command, specify the incoming-access or the outgoing-accesskeyword or both, unless you intend to have neither incoming nor outgoing access on the interface.
This command assumes that an X.25 network connection is being implemented and observes rules defined by X.25 and X.301 for CUG access. This command is enabled on a per-interface or per-line basis. Use this command to modify existing specified options without otherwise affecting the CUGs already defined.
The x25 subscribe cug-service command can be used to configure CUG security on synchronous X.25 data communications equipment (DCE) interfaces or terminal lines. A CUG service can be applied to console lines, auxiliary lines, standard asynchronous lines, and virtual terminal lines. A line configured for CUG service will apply CUG security to packet assembler/disassembler (PAD), X.28 mode, and protocol translation sessions. CUG protection is applied to incoming calls destined for the terminal line and call requests specified from the line.
The CUG selection facility suppression options are not available for terminal lines because incoming PAD calls are terminated by the line.
Use the x25 subscribe cug-service command with the suppress preferential or suppress all keywords to configure CUG selection facility suppression. The CUG selection facility suppression options are available on synchronous X.25 DCE interfaces only; they are not available on terminal lines because incoming PAD calls are terminated by the line.
The following restrictions apply to the x25 subscribe cug-servicecommand:
- Disabling this command deconfigures all the CUGs defined for the device and disables all CUG-related commands, but it does not terminate the associated CUG switched virtual circuit (SVC) connections.
- The DTE cannot call the open part of the network unless the outgoing-access option is configured. Even if outgoing-access is permitted, the DCE will enforce any additional CUG requirements when handling an outgoing call (call request) from the DTE.
- The DTE will not receive calls from the open part of the network unless the incoming-access option is configured. Even if incoming-access is permitted, the DCE will enforce any additional CUG requirements before presenting an incoming call to the DTE.
Examples
The following example shows the configuration of CUG behavior on asynchronous line 1 and virtual terminal lines 0 to 9. The users of virtual terminal lines 0 to 9 have access only within the corporate CUGs designated for engineering (CUG 1102 or 1103); any call from a network X.25-class service destined for the line will be refused unless the inbound point of presence (POP) has validated it as a member of one of those two CUGs.
line vty 0 9 Location Company A. Engineering Access x25 subscribe cug-service x25 subscribe local-cug 2 network-cug 1102 preferential x25 subscribe local-cug 3 network-cug 1103Examples
In the following example, CUG selection facility suppression and incoming access are configured for all CUGs, including the preferred CUG on the X.25 profile:
x25 profile CUG-SUPRS-ALL dce x25 subscribe cug-service incoming-access suppress all x25 subscribe local-cug 0 network-cug 10 preferential x25 subscribe local-cug 20 network-cug 202 x25 subscribe local-cug 40 network-cug 40Examples
The following example shows subscribing to both incoming and outgoing CUG service on the interface:
interface serial0 encapsulation x25 dce x25 subscribe cug-service incoming-access outgoing-accessRelated Commands
Command
Description
show x25 cug
Displays information about all CUGs or specific CUGs.
x25 facility
Forces facilities on a per-call basis for calls originated by the router.
x25 map
Sets the maximum number of virtual circuits that a protocol can have open simultaneously to one host.
x25 subscribe local-cug
Configures subscription to a specific CUG.
x25 subscribe flow-control
To control flow control parameter negotiation facilities in call setup packets, use the x25 subscribe flow-controlcommand in interface or X.25 profile configuration mode. To have flow control parameter negotiation facilities included in call setup (outgoing) packets only when their values differ from the default values, use the no form of this command.
Syntax Description
always
Flow control parameter negotiation facilities are enabled and the flow control parameters are always included with call setup packets and are optional on inbound packets.
never
Flow control parameter negotiation facilities are disabled and the flow control parameters are never included with call setup packets, and are not permitted on inbound packets. Negotiation of flow control parameters is disabled.
Command Default
Flow control parameter negotiation facilities are included only when the parameter values differ from the default values.
Command History
Release
Modification
12.0(7)T
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
This command has three states--default behavior (no x25 subscribe flow-control), facilities always included, or facilities never included (flow control parameter negotiation is not enabled).
This command controls inclusion of the X.25 flow control parameter negotiation facilities in call setup packets. By default, these facilities are included in call setup packets only when their values differ from the default values.
Configuring the no x25 subscribe flow-control command restores the default behavior. This only includes facilities outbound call setup packets when the requested values do not match the interface defaults.
This command can also be used in X.25 profile configuration mode.
Examples
The following example shows flow control parameter negotiation disabled on serial interface 1/4:
Router(config)# interface serial 1/4 Router(config-if)# x25 subscribe flow-control neverRelated Commands
Command
Description
x25 profile
Configures an X.25 profile without allocating any hardware-specific information.
x25 routing
Enables X.25 switching or tunneling.
x25 subscribe packetsize
Sets permitted and target ranges for packet size during flow control negotiation.
x25 subscribe windowsize
Sets permitted and target ranges for window size during flow control negotiation.
x25 subscribe local-cug
To configure subscription to a specific closed user group (CUG), use the x25 subscribe local-cug command in interface configuration or line configuration mode. To remove the CUG subscription, use the no form of this command.
x25 subscribe local-cug number network-cug number [ no-incoming | no-outgoing | preferential ]
no x25 subscribe local-cug number network-cug number [ no-incoming | no-outgoing | preferential ]
Syntax Description
number
Specific local CUG number (0 to 9999).
network-cug
Network translated CUG identifier.
number
Specific network CUG number (0 to 9999).
no-incoming
(Optional) Bars calls to data terminal equipment (DTE) within the specified CUG, unless x25 subscribe cug-service incoming-access is configured.
no-outgoing
(Optional) Bars calls from DTE within the specified CUG, unless x25 subscribe cug-service outgoing-access is configured.
preferential
(Optional) Specified on only one CUG, which is the assumed CUG when none is provided in call setup. (A single CUG listed at the interface is automatically considered a preferred CUG.)
Command History
Release
Modification
12.0(7)T
This command was introduced.
12.2(13)T
This command was modified to configure X.25 CUG subscription on terminal lines.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
The first x25 subscribe local-cug command in a group of configurations will automatically enable CUG service behavior on the interface or line, if it is not already enabled, with the default setting of no public access.
The x25 subscribe cug-service command can be used to configure CUG subscription on X.25 synchronous data communications equipment (DCE) interfaces, console lines, auxiliary lines, standard asynchronous lines, and virtual terminal lines. A line configured for CUG service will apply CUG security to packet assembler/disassembler (PAD), X.28 mode, and protocol translation sessions. CUG protection is applied to incoming calls destined for the terminal line and call requests specified from the line.
A CUG number has only local significance. Because CUG service is a cooperative process among the network attachments (DCE devices), the local CUG number may have to be translated into a number that is significant to the network as a whole. For instance, two DTE devices may use CUG numbers 1 and 5 to refer to the global CUG number 1043 of the network. In this instance, both DCE devices would be configured to translate between the local CUG number of their DTE and the network CUG number. Duplicate network CUG identifiers are permitted for different local CUG identifiers.
A DTE subscription to a CUG that also includes the no-incoming option prevents incoming calls on that CUG (however, the DTE may still receive calls within other CUGs to which it is subscribed, or from the open network if incoming public access is subscribed).
CUG subscription of a DTE will not permit an outgoing call (call request) from the CUG if the no-outgoingoption is configured.
The CUG will be assumed to be set to preferential (preferred) if there is only one CUG subscribed on that interface.
Examples
The following example subscribes local CUGs 5000, 100, 200, and 300 to networks 55, 11, 22, and 33, respectively, with local CUG 5000 being set as the preferred CUG:
Router(config)# interface serial0 Router(config-if)# encapsulation x25 dce Router(config-if)# x25 subscribe cug-service incoming-access outgoing-access Router(config-if)# x25 subscribe local-cug 5000 network-cug 55 preferential Router(config-if)# x25 subscribe local-cug 100 network-cug 11 Router(config-if)# x25 subscribe local-cug 200 network-cug 22 Router(config-if)# x25 subscribe local-cug 300 network-cug 33Examples
The following example shows the configuration of CUG behavior on asynchronous line 1 and virtual terminal lines 0 to 9. The users of virtual terminal lines 0 to 9 have access only within the corporate CUGs designated for engineering (CUG 1102 or 1103); any call from a network X.25-class service destined for the line will be refused unless the inbound POP has validated it as a member of one of those two CUGs.
Router(config)# line vty 0 9 Router(config-line)# Location Company A. Engineering Access Router(config-line)# x25 subscribe cug-service Router(config-line)# x25 subscribe local-cug 2 network-cug 1102 preferential Router(config-line)# x25 subscribe local-cug 3 network-cug 1103Related Commands
Command
Description
show x25 cug
Displays information about all or specific (defined by the local or network CUG number) CUGs.
x25 facility
Forces facilities on a per-call basis for calls originated by the router (switched calls are not affected).
x25 map
Sets the maximum number of virtual circuits a protocol can have open simultaneously to one host.
x25 subscribe cug-service
Enables and controls standard CUG behavior on an X.25 DCE interface.
x25 subscribe packetsize
To set permitted and target ranges for packet size during flow control negotiation, use the x25 subscribe packetsizecommand in interface configuration mode. To revert to the default packet size ranges, use the noform of this command.
x25 subscribe packetsize [ permit wmin wmax ] [ target wmin wmax ]
no x25 subscribe packetsize [ permit wmin wmax ] [ target wmin wmax ]
Command History
Release
Modification
12.0(7)T
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
The x25 subscribe packetsize command lets you specify the range of permitted and target values for packet size. These are called flow control parameter negotiation facilities. You can specify the permitted minimum and maximum packet sizes and target values for packet transmission (16 to 4096 as a power of two). Setting these values outside the permitted range will result in connection failure. The router attempts to negotiate values within the target range, but will only allow values outside the target range to be negotiated as long as the negotiation complies with the procedure defined in X.25 recommendations.
This command should be configured separately on both the data terminal equipment (DTE) and data circuit-terminating equipment (DCE), so that the permit range will be compatible and calls will be able to pass through the network. The target range is less critical. It only needs to be set on the Cisco router conducting the switching.
The effective ranges will be further constrained by other configuration options including the selection of normal (modulo 8) or extended (modulo 128) sequence numbers, the maximum packet size supported by the interface, and the x25 subscribe flow-control command.
Examples
The following example shows X.25 local acknowledgment being configured on serial interface 1/4, with packet size ranges being set at a permitted rate of 64 (minimum) and 1024 (maximum) and target rate of 128 (minimum) and 1024 (maximum):
Router(config)# x25 routing acknowledge local Router(config)# interface serial 1/4 Router(config-if)# encapsulation x25 dte Router(config-if)# x25 subscribe packetsize permit 64 1024 target 128 1024x25 subscribe throughput
To enable a router to negotiate X.25 throughput for end devices, use the x25 subscribe throughput command in interface configuration mode. To disable this feature, use the no form of this command.
Syntax Description
never
Use this keyword for devices connected to the router that never expect the throughput facility field to be in the incoming call setup packets.
basic
Use this keyword for devices connected to the router that always expect the throughput facility field to be present in the incoming call setup packets.
Examples
In this example, the end device never expects the throughput facility field to be present in incoming call setup packets:
Router> enable Router# configure terminal Router(config)# interface serial2/0 Router(config-if)# x25 subscribe throughput never Router(config-if)# exitIn this example, the end device always expects the throughput facility field to be present in incoming call setup packets:
Router> enable Router# configure terminal Router(config)# interface serial0/0 Router(config-if)# x25 subscribe throughput basic Router(config-if)# exitIn this example, the active throughput negotiation capability on the just-illustrated interface (Serial 0/0) is disabled:
Router(config)# interface serial0/0 Router(config-if)# no x25 subscribe throughput Router(config-if)# exitRelated Commands
Command
Description
x25 facility throughput
Specifies the input and output bit rate values that the router should insert into the call setup packets’ throughput-facility field.
x25 subscribe flow-control
Configures inclusion of X.25 flow-control parameter negotiation facilities in call setup packets.
x25 subscribe windowsize
To set permitted and target ranges for window size during flow control negotiation, use the x25 subscribe windowsizecommand in interface configuration mode. To revert to the default window size ranges, use the noform of this command.
x25 subscribe windowsize [ permit wmin wmax ] [ target wmin wmax ]
no x25 subscribe windowsize [ permit wmin wmax ] [ target wmin wmax ]
Command History
Release
Modification
12.0(7)T
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
The x25 subscribe windowsize command lets you specify the range of permitted and target values for window size. These are called flow control values. You can specify the permitted minimum and maximum window size permitted and target values for packet transmission (1 to 127) at one time. Setting these values outside the permitted range may result in connection failure. The router attempts to negotiate values within the target range, but will only allow values outside the target range to be negotiated as long as the negotiation complies with the procedure defined in X.25 recommendations.
The effective ranges will be further constrained by other configuration options including the selection of normal (modulo 8) or extended (modulo 128) sequence numbers, the maximum window size supported by the interface, and the x25 subscribe flow-controlcommand.
Examples
The following example shows X.25 local acknowledgment being configured on serial interface 1/4, with window size ranges being set at a permitted rate of 1 (minimum) and 7 (maximum) and target rate of 2 (minimum) and 4 (maximum):
Router(config)# x25 routing acknowledge local Router(config)# interface serial 1/4 Router(config-if)# encapsulation x25 dte Router(config-if)# x25 subscribe windowsize permit 1 7 target 2 4x25 suppress-called-address
To omit the destination address in outgoing calls, use the x25 suppress-called-addresscommand in interface configuration mode. To reset this command to the default state, use the noform of this command.
Command History
Release
Modification
10.0
This command was introduced.
11.3
This command was modified to include packet assembler/disassembler (PAD) calls.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
x25 suppress-calling-address
To omit the source address in outgoing calls, use the x25 suppress-calling-address command in interface configuration mode. To reset this command to the default state, use the noform of this command.
Command History
Release
Modification
10.0
This command was introduced.
11.3
This command was modified to include packet assembler/disassembler (PAD) calls.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
x25 t10
To set the value of the Restart Indication retransmission timer (T10) on data communications equipment (DCE) devices, use the x25 t10 command in interface configuration mode.
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
x25 t11
To set the value of the Incoming Call timer (T11) on data communications equipment (DCE) devices, use the x25 t11 command in interface configuration mode.
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
x25 t12
To set the value of the Reset Indication retransmission timer (T12) on data communications equipment (DCE) devices, use the x25 t12command in interface configuration mode.
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
x25 t13
To set the value of the Clear Indication retransmission timer (T13) on data communications equipment (DCE) devices, use the x25 t13 command in interface configuration mode.
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
x25 t20
To set the value of the Restart Request retransmission timer (T20) on data terminal equipment (DTE) devices, use the x25 t20 command in interface configuration mode.
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
x25 t21
To set the value of the Call Request timer (T21) on data terminal equipment (DTE) devices, use the x25 t21 command in interface configuration mode.
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
x25 t22
To set the value of the Reset Request retransmission timer (T22) on data terminal equipment (DTE) devices, use the x25 t22 command in interface configuration mode.
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
x25 t23
To set the value of the Clear Request retransmission timer (T23) on data terminal equipment (DTE) devices, use the x25 t23 command in interface configuration mode.
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
x25 threshold
To set the data packet acknowledgment threshold, use the x25 threshold command in interface configuration mode.
Command History
Release
Modification
11.2
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
This command instructs the router to send acknowledgment packets when it is not busy sending other packets, even if the number of input packets has not reached the input window size count.
The router sends an acknowledgment packet when the number of input packets reaches the count you specify, providing there are no other packets to send. For example, if you specify a count of 1, the router will send an acknowledgment per input packet if it is unable to “piggyback” the acknowledgment of an outgoing data packet. This command improves line responsiveness at the expense of bandwidth.
This command only applies to encapsulated traffic over X.25 (datagram transport), not to routed traffic.
x25 use-source-address
To override the X.121 addresses of outgoing calls forwarded over a specific interface, use the x25 use-source-address command in interface configuration mode. To prevent updating the source addresses of outgoing calls, use the noform of this command.
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
x25 version
To specify the X.25 behavior set that is to be used for X.25-class services (X.25, Annex G, and CMNS) and X.25 profiles, use the x25 version command in interface configuration mode or X.25 profile configuration mode. To restore the default value (the 1984 X.25 behavior set), use the no form of this command.
Usage Guidelines
The x25 version command is typically used to access functionality that is available in other X.25 behavior sets and to prevent problems that arise when a network is attached to X.25 devices that use nonstandard or older behavior sets. The table below describes some common problems that can be solved by specifying a particular X.25 behavior set.
Table 8 Common Problems That Are Solved by the x25 version Command Problem
Cause
Solution
Some X.25 hosts reject calls that include Internetwork Call Redirection and Deflection Notification (ICRD) or Called Line Address Modification Notification (CLAMN).
X.25 hosts may conform to the 1980 standard, which does not support these facilities, or the host may be nonstandard.
Specify the 1980 X.25 behavior set on the interface or X.25 profile.
An incoming call that includes Protection QoS facilities (an ITU-T-specified DTE facility) is cleared by the Cisco router.
The interface defaults to the 1984 X.25 behavior set, which does not define the Protection QoS facility.
Specify the 1988 or 1993 behavior sets to allow Protection QoS facilities to be encoded and passed through transparently by the router.
Incoming calls requesting a throughput of 64,000 bits per second (bps) are rejected while other calls requesting a throughput of 48,000 bps are accepted.
The throughput facility in the 1984 recommendation defines a maximum value of 48,000 bps.
Specify the 1988 behavior set for services where you need throughput facility values up to 64,000 bps, and the 1993 behavior set for services where you need throughput facility values up to 2,048,000 bps.
After a packet assembler/disassembler (PAD) call is initiated over X.25 over TCP (XoT), the Call is cleared by the router when the Call Confirm packet includes a modified destination address.
The called X.25 address has been modified on the Call Confirm by the remote X.25 host without signaling the fact by also encoding a CLAMN facility--a potential security issue.
If the security risks are acceptable, specify the 1980 behavior set on an X.25 profile configured for the XoT connection.
Examples
The following example configures an interface to use the 1980 X.25 behavior set:
Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# interface serial 3/2 Router(config-if)# x25 version 1980 Router(config-if)# endThe following example enables CMNS on Ethernet interface 0/0 and configures the interface to use the 1988 X.25 behavior set:
Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# interface Ethernet0/0 Router(config-if)# cmns enable Router(config-if)# x25 version 1988 Router(config-if)# endThe following example configures an X.25 profile to use the 1993 X.25 behavior set:
Router(config)# x25 profile annexg dxe Router(config-if)# x25 version 1993 Router(config-if)# endx25 win
To change the default incoming window size to match that of the network, use the x25 win command in interface configuration mode.
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
This command determines the default number of packets a virtual circuit can receive before sending an X.25 acknowledgment. To maintain high bandwidth utilization, assign this limit the largest number that the network allows.
NoteSet x25 win and x25 wout to the same value unless your network supports asymmetric input and output window sizes.
x25 wout
To change the default outgoing window size to match that of the network, use the x25 wout command in interface configuration mode.
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
This command determines the default number of packets a virtual circuit can send before waiting for an X.25 acknowledgment. To maintain high bandwidth utilization, assign this limit the largest number that the network allows.
NoteSet x25 win and x25 wout to the same value unless your network supports asymmetric input and output window sizes.
x28 no-padding
To prevent the padding character from being sent to the Point of Sale (POS) terminal, use the x28 no-padding command in privileged EXEC mode.
Usage Guidelines
A padding character is sent when the POS terminal operates at a speed below 9600 bps. With the autocommand in a line configuration mode, you can automatically call the executable x28 no-padding command to prevent the padding character from being sent to the POS terminal.
x29 access-list
To limit access to the access server f rom certain X.25 hosts, use the x29 access-list command in global configuration mode. To delete an entire access list, use the no form of this command.
x29 access-list access-list-number { deny | permit } x121-address
no x29 access-list access-list-number
Syntax Description
access-list-number
Number of the access list. It can be a value between 1 and 199.
deny
Denies access and clears call requests immediately.
permit
Permits access to the protocol translator.
x121-address
If applied as an inbound access class, specifies the X.121 address that can or cannot have access (with or without regular expression pattern-matching characters). The X.121 address is the source address of the incoming packet.
If applied as an outbound access class, then the address specifies a destination to where connections are allowed.
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
The service pad global configuration command must be configured before the x29 access-list command can be used.
An access list can contain any number of access list items. The list items are processed in the order in which you entered them, with the first match causing the permit or deny condition. If an X.121 address does not match any of the regular expressions in the access list, access is denied.
Access lists take advantage of the message field defined by Recommendation X.29, which describes procedures for exchanging data between two PADs, or between a PAD and a DTE device.
The UNIX-style regular expression characters allow for pattern matching of characters and character strings in the address. Various pattern-matching constructions are available that allow many addresses to be matched by a single regular expressions. For more information, refer to the “Regular Expressions” appendix in the Cisco IOS Terminal Services Configuration Guide.
The access lists must be applied to a vty with the access-class command.
x29 profile
To create a packet assembler/disassembler (PAD) profile script for use by the translate command, use the x29 profile command in global configuration mode.
Command Default
The default PAD profile script is used. The default for inbound connections is:
2:0 4:1 15:0 7:21Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
The service pad global configuration command must be configured before the x29 profile command can be used.
When an X.25 connection is established, the access server acts as if an X.29 Set Parameter packet had been sent containing the parameters and values set by the x29 profile command and sets the access server accordingly.
For incoming PAD connections, the Protocol Translator uses a default PAD profile to set the remote X.3 PAD parameters unless a profile script is defined with the translate command.
NoteIf you set the X.29 profile to “default,” the profile is applied to all incoming X.25 PAD calls, including the calls used for protocol translation.
Examples
The following profile script turns local edit mode on when the connection is made and establishes local echo and line termination upon receipt of a Return packet. The name linemode is used with the translate command to effect use of this script.
x29 profile linemode 2:1 3:2 15:1To override the default PAD profile, create a PAD profile script named “default” by using the following command:
x29 profile default 2:1 4:1 15:0 4:0x29 inviteclear-time
To configure the time taken by the router to wait before responding to the X.29 invite clear message, use the x29 inviteclear-time command in global configuration mode. To disable the configuration, use the no form of this command.
xconnect
To bind an attachment circuit to a pseudowire, and to configure an Any Transport over MPLS (AToM) static pseudowire, use the xconnect command in one of the supported configuration modes. To restore the default values, use the no form of this command.
xconnect peer-ip-address vc-id { encapsulation { l2tpv3 [ manual ] | mpls [ manual ] } | pw-class pw-class-name } [ pw-class pw-class-name ] [ sequencing { transmit | receive | both } ]
no xconnect
Cisco uBR10012 Router and Cisco uBR7200 Series Universal Broadband Routers
xconnect peer-ip-address vc-id encapsulation mpls [pw-type]
no xconnect peer-ip-address vc-id encapsulation mpls [pw-type]
Syntax Description
peer-ip-address
IP address of the remote provider edge (PE) peer. The remote router ID can be any IP address, as long as it is reachable.
vc-id
The 32-bit identifier of the virtual circuit (VC) between the PE routers.
encapsulation
Specifies the tunneling method to encapsulate the data in the pseudowire:
- l2tpv3--Specifies Layer 2 Tunneling Protocol, version 3 (L2TPv3), as the tunneling method.
- mpls--Specifies Multiprotocol Label Switching (MPLS) as the tunneling method.
- manual--(Optional) Specifies that no signaling is to be used in the attachment circuit. This keyword places the router in xconnect configuration mode for manual configuration of the attachment circuit. Use this keyword to manually configure an AToM or L2TPv3 static pseudowire.
pw-class pw-class-name
(Optional) Specifies the pseudowire class for advanced configuration.
sequencing
(Optional) Sets the sequencing method to be used for packets received or sent. This keyword is not supported with the AToM Static Pseudowire Provisioning feature.
transmit
Sequences data packets received from the attachment circuit.
receive
Sequences data packets sent into the attachment circuit.
both
Sequences data packets that are both sent and received from the attachment circuit.
pw-type
(Optional) Pseudowire type. You can specify one of the following types:
Command Modes
Connect configuration (config-conn)
Interface configuration (config-if)
ATM PVC l2transport configuration (cfg-if-atm-l2trans-pvc)Command History
Release
Modification
12.0(23)S
This command was introduced.
12.0(28)S
Support was added for Multilink Frame Relay connections.
12.3(2)T
This command was integrated into Cisco IOS Release 12.3(2)T.
12.2(25)S
This command was integrated into Cisco IOS Release 12.2(25)S.
12.2(27)SBC
This command was integrated into Cisco IOS Release 12.2(27)SBC.
12.4(11)T
This command was integrated into Cisco IOS Release 12.4(11)T.
12.2(33)SRB
This command was updated to add support for AToM static pseudowires, and so that the remote router ID need not be the Label Distribution Protocol (LDP) router ID of the peer.
12.2(33)SCC
This command was integrated into Cisco IOS Release 12.2(33)SCC.
12.2(33)SXI5
This command was updated to add PFC3B or PFC3BXL restrictions for xconnect.
Cisco IOS XE Release 3.3S
This command was integrated into Cisco IOS XE Release 3.3S.
15.1(2)S
This command was updated to allow IPv6 address configurations in the ethernet sub-interface when the xconnect command is configured under a service instance on the main interface. This change only applies to platforms that support the service instance command on ethernet interfaces.
15.1(2)SNH
This command was implemented on the Cisco ASR 901 Series Aggregation Services Routers.
Usage Guidelines
The use of the xconnect command and the interface configuration mode bridge-group commands is not supported on the same physical interface.
The combination of the peer-ip-address and vcid arguments must be unique on the router. Each xconnect configuration must have a unique combination of peer-ip-address and vcid configuration.
NoteIf the remote router is a Cisco 12000 series Internet router, the peer-ip-address argument must specify a loopback address on that router.
The same vcid value that identifies the attachment circuit must be configured using the xconnect command on the local and remote PE router. The VC ID creates the binding between a pseudowire and an attachment circuit.
With the introduction of VPLS Autodiscovery in Cisco IOS Release 12.2(33)SRB, the remote router ID need not be the LDP router ID. The address you specify can be any IP address on the peer, as long as it is reachable. When VPLS Autodiscovery discovers peer routers for the VPLS, the peer router addresses might be any routable address.
NoteThe VPLS Autodiscovery feature is not supported with L2TPv3.
For L2TPv3, to manually configure the settings used in the attachment circuit, use the manual keyword in the xconnect command. This configuration is called a static session. The router is placed in xconnect configuration mode, and you can then configure the following options:
- Local and remote session identifiers (using the l2tp id command) for local and remote PE routers at each end of the session.
- Size of the cookie field used in the L2TPv3 headers of incoming (sent) packets from the remote PE peer router (using the l2tp cookie local command).
- Size of the cookie field used in the L2TPv3 headers of outgoing (received) L2TP data packets (using the l2tp cookie remote command).
- Interval used between sending hello keepalive messages (using the l2tp hello command).
For L2TPv3, if you do not enter the encapsulation l2tpv3 manual keywords in the xconnect command, the data encapsulation type for the L2TPv3 session is taken from the encapsulation type configured for the pseudowire class specified with the pseudowire-class pw-class-name command.
The pw-class keyword with the pw-class-name value binds the xconnect configuration of an attachment circuit to a specific pseudowire class. In this way, the pseudowire class configuration serves as a template that contains settings used by all attachment circuits bound to it with the xconnect command.
Software prior to Cisco IOS Release 12.2(33)SRB configured pseudowires dynamically using Label Distribution Protocol (LDP) or another directed control protocol to exchange the various parameters required for these connections. In environments that do not or cannot use directed control protocols, the xconnect command allows provisioning an AToM static pseudowire. Use the manual keyword in the xconnect command to place the router in xconnect configuration mode. MPLS pseudowire labels are configured using the mpls label and (optionally) mpls control-word commands in xconnect configuration mode.
The following restrictions apply only if EARL modes are either PFC3B or PFC3BXL and you are running Cisco IOS Release 12.2(33)SXI4 or later releases on your router:
- SPAN is not allowed on an inband port if any physical interface has xconnect configured.
- SPAN is not allowed on a physical interface that also has xconnect configured.
- If an inband port has SPAN configured, then configuring xconnect on any physical interface results in a warning message. You should not proceed with this configuration because it can create an infinite packet loop.
- If a physical port has SPAN configured and you add xconnect on that same interface, a warning message is displayed and we strongly recommend that you do not proceed with such a configuration.
Examples
The following example configures xconnect service for an Ethernet interface by binding the Ethernet circuit to the pseudowire named 123 with a remote peer 10.0.3.201. The configuration settings in the pseudowire class named vlan-xconnect are used.
Device(config)# interface Ethernet0/0.1 Device(config-if)# xconnect 10.0.3.201 123 pw-class vlan-xconnectThe following example enters xconnect configuration mode and manually configures L2TPv3 parameters for the attachment circuit:
Device(config)# interface Ethernet 0/0 Device(config-if)# xconnect 10.0.3.201 123 encapsulation l2tpv3 manual pw-class ether-pw Device(config-if-xconn) l2tp id 222 111 Device(config-if-xconn) l2tp cookie local 4 54321 Device(config-if-xconn) l2tp cookie remote 4 12345 Device(config-if-xconn) l2tp hello l2tp-defaultsThe following example enters xconnect configuration mode and manually configures an AToM static pseudowire. The example shows the configuration for only one side of the connection; the configurations on each side of the connection must be symmetrical.
Device# configure terminal Device(config)# interface Ethernet1/0 Device(config-if)# no ip address Device(config-if)# xconnect 10.131.191.252 100 encapsulation mpls manual pw-class mpls Device(config-if-xconn)# mpls label 100 150 Device(config-if-xconn)# exit Device(config-if)# exitThe following example shows how to bind an attachment circuit to a pseudowire and configure an AToM service on a Cisco uBR10012 router:
Device# configure terminal Device(config)# cable l2vpn 0000.396e.6a68 customer1 Device(config-l2vpn)# service instance 2000 Ethernet Device(config-ethsrv)# xconnect 101.1.0.2 221 encapsulation mpls pw-type 4Related Commands
Command
Description
l2tp cookie local
Configures the size of the cookie field used in the L2TPv3 headers of incoming packets received from the remote PE peer router.
l2tp cookie remote
Configures the size of the cookie field used in the L2TPv3 headers of outgoing packets sent from the local PE peer router.
l2tp hello
Specifies the use of a hello keepalive setting contained in a specified L2TP class configuration for a static L2TPv3 session.
l2tp id
Configures the identifiers used by the local and remote provider edge routers at each end of an L2TPv3 session.
l2tp class
Configures a template of L2TP control plane configuration settings that can be inherited by different pseudowire classes.
mpls control-word
Enables the MPLS control word in an AToM static pseudowire connection.
mpls label
Configures an AToM static pseudowire connection by defining local and remote pseudowire labels.
mpls label range
Configures the range of local labels available for use on packet interfaces.
pseudowire-class
Configures a template of pseudowire configuration settings used by the attachment circuits transported over a pseudowire.
show xconnect
Displays information about xconnect attachment circuits and pseudowires.
xconnect backup force-switchover
To manually force a switchover to an attachment circuit or a pseudowire peer, use the xconnect backup force-switchover command in privileged EXEC mode.
Command History
Release
Modification
12.0(31)S
This command was introduced.
12.2(28)SB
This command was integrated into Cisco IOS Release 12.2(28)SB.
12.4(11)T
This command was integrated into Cisco IOS Release 12.4(11)T.
12.2(33)SRB
This command was integrated into Cisco IOS Release 12.2(33)SRB.
12.2(33)SXI
This command was integrated into Cisco IOS Release 12.2(33)SXI.
Cisco IOS XE Release 3.3S
This command was integrated into Cisco IOS XE Release 3.3S.
Usage Guidelines
You can perform a switchover only to an available member in the redundancy group. That is, if the member being specified in the xconnect backup force-switchover command is not available, the command will be rejected.
Examples
The following example shows a Multiprotocol Label Switching (MPLS) xconnect with two redundant peers. The primary xconnect is using IP address 10.55.55.1, VC ID 500.
Router(config)# interface fastethernet1/0 Router(config-if)# xconnect 10.55.55.1 500 encapsulation mpls Router(config-if-xconn)# backup peer 10.55.55.2 501 ! Router# xconnect backup force-switchover peer 10.55.55.2 501Entering the xconnect backup force-switchovercommand will cause the router to switch to the pseudowire with an IP address of 10.55.55.2, VC ID 501.
To switch back to the primary pseudowire, enter the following command:
Router# xconnect backup force-switchover peer 10.55.55.1 500If the xconnect cannot be switched over to the redundant pseudowire specified by the user, the standard redundancy algorithm will run and select either the primary or the highest secondary VC, depending on current availability.
The following example shows a local switching connection with two redundant peers. The primary xconnect is VLAN subinterface FastEthernet0/1.1 using 802.1Q tag 10. The xconnect is currently established with one of the backup peers when the manual switchover is issued to the primary xconnect.
Router(config)# interface FastEthernet0/0 ! Router(config)# interface FastEthernet0/1.1 Router(config-if)# encapsulation dot1Q 10 ! Router(config)# connect eth-vln FastEthernet0/0 FastEthernet0/1.1 interworking ethernet Router(config-if)# backup peer 10.55.55.2 501 ! Router# xconnect backup force-switchover interface FastEthernet0/1.1Entering the xconnect backup force-switchover command will cause the router to switch back to the VLAN subinterface FastEthernet0/1.1. If the xconnect cannot be switched over to the primary VLAN subinterface specified by the user, the standard redundancy algorithm will run and select the highest secondary VC, depending on current availability.
xconnect encapsulation mpls
To configure scalable EoMPLS [SEoMPLS] on a service instance, use the xconnect encapsulation mpls command in service instance mode. To delete the scalable EoMPLS [SEoMPLS] on a service instance, use the no form of this command.
Usage Guidelines
On the ingress side, after proper encapsulation manipulations, packet is tunneled in a EoMPLS VC and transmitted on the core.
The xconnect under service instance is always Scalable EoMPLS. Under the main interface, the type is determined by the line card (hardware or Scalable EoMPLS). We recommend to keep the implementation as scalable EoMPLS for the main interface, to avoid differences in service. The main interface and the service instance xconnect can not coexist in the same physical interface.
xconnect logging redundancy
To enable system message log (syslog) reporting of the status of the xconnect redundancy group, use the xconnect logging redundancy command in global configuration mode. To disable syslog reporting of the status of the xconnect redundancy group, use the no form of this command.
Command History
Release
Modification
12.0(31)S
This command was introduced.
12.2(28)SB
This command was integrated into Cisco IOS Release 12.2(28)SB.
12.4(11)T
This command was integrated into Cisco IOS Release 12.4(11)T.
12.2(33)SRB
This command was integrated into Cisco IOS Release 12.2(33)SRB.
12.2(33)SXI
This command was integrated into Cisco IOS Release 12.2(33)SXI.
Cisco IOS XE Release 3.3S
This command was integrated into Cisco IOS XE Release 3.3S.
Usage Guidelines
Use this command to enable syslog reporting of the status of the xconnect redundancy group.
Examples
The following example enables syslog reporting of the status of the xconnect redundancy group and shows the messages that are generated during switchover events:
Router(config)# xconnect logging redundancyActivating the primary member:
00:01:07: %XCONNECT-5-REDUNDANCY: Activating primary member 10.55.55.2:1000Activating the backup member:
00:01:05: %XCONNECT-5-REDUNDANCY: Activating secondary member 10.55.55.3:1001xot access-group
To control access to X.25 over TCP (XOT) and allow IP addresses permitted by the access list to have unique X.25 configuration, use the xot access-group command in global configuration mode. To delete an XOT access group, use the no form of this command.
Command Default
No XOT access group is defined, and default X.25 parameter settings apply to XOT connections.
Usage Guidelines
The xot access-group command allows you to create XOT access groups by associating an IP access list with XOT. The access list provides a pass or fail indicator of whether a particular IP address is authorized.
Only standard IP access lists are supported.
XOT access groups are sorted by access-group number. When a new XOT connection is made, the IP address is tested against the access list of the first access group. If the IP address does not match the first list, the second list is tested, and so on.
The xot access-group command disables the legacy XOT functionality and enables the new XOT access behavior. If you enter the xot access-group after the legacy XOT context has been created, the message “Active connection(s) will terminate [confirm]” will be displayed if any XOT connections are active. If the message is confirmed, any active XOT connections using the legacy context will be detached. The legacy context will then be deleted.
Deleting an XOT access group by entering the no xot access-group command will cause the message “Active connection(s) will terminate [confirm]” to be displayed if any connections are active. Confirming the message will cause active connections using the access list to be detached and the associated XOT context to be deleted.
XOT access groups can be associated with X.25 profiles. By this means, the IP addresses specified in the access list can have a unique X.25 configuration. An access group can be associated with one X.25 profile. If an access group is not associated with an X.25 profile, then the XOT connections associated with the access group will use the default X.25 configuration.
The X.25 profile must already exist and must specify a data exchange equipment (DXE) station type before it can be associated with an XOT access group. The station type of a profile cannot be changed once the profile is created.
An X.25 profile can be associated with multiple access groups.
Examples
In the following example, an access list is defined to permit all XOT connections. All XOT connections will use the X.25 configuration defined in the X.25 profile called “NEW-DEFAULT”.
! Create a DXE station type profile with any name and configure the X.25 parameters under ! the named profile ! x25 profile NEW-DEFAULT dxe x25 address 12345 x25 modulo 128 x25 win 15 x25 wout 15 x25 ips 256 x25 ops 256 ! ! Define an IP standard access list to permit any XOT connection ! access-list 10 permit any ! ! Apply the access list and X.25 profile to all XOT connections ! xot access-group 10 profile NEW-DEFAULTExamples
In the following example, XOT connections permitted by access list 10 will use the default X.25 configuration. XOT connections permitted by access list 22 will use the X.25 configuration that is defined in the X.25 profile “TRANSPAC”.
! Define the IP access lists by specifying an IP access list number and access condition ! ip access-list standard 10 permit 10.0.155.9 deny any ip access-list standard 22 permit 171.69.0.0 0.0.255.255 log deny any ! ! Apply the default X.25 configuration to XOT connections permitted by access list 10 ! xot access-group 10 ! ! Configure an X.25 profile with station type DXE ! x25 profile TRANSPAC dxe x25 modulo 128 x25 win 80 x25 wout 80 x25 default pad ! Apply the X.25 profile to XOT connections permitted by access list 22 ! xot access-group 22 profile TRANSPACRelated Commands
Command
Description
access-list (IP standard)
Defines a standard IP access list.
show x25 context
Displays operating configuration status details of an X.25 link.
show x25 profile
Displays details of X.25 profiles on your router.
show x25 xot
Displays information for all XOT virtual circuits that match a given criterion.
x25 profile
Configures an X.25 profile without allocating any hardware-specific information.
