Table Of Contents

I Commands

ip address

ip arp

ip arp gratuitous

ip arp timeout

ip directed-broadcast

interface ethernet (Layer 3)

ip local-proxy-arp

interface loopback

interface port-channel

ip port-unreachable

ip proxy-arp

ip tcp path-mtu-discovery

ip tcp synwait-time

ip unreachables

ipv6 nd

I Commands

---

This chapter describes the Cisco NX-OS Layer 3 interfaces commands that begin with I.

ip address

To set a primary or secondary IP address for an interface, use the ip address command. To remove an IP address or disable IP processing, use the no form of this command.

ip address ip-address mask [secondary]

no ip address ip-address mask [secondary]

Syntax Description

ip-address	IPv4 address in the format A.B.C.D or A.B.C.D/length.
mask	Mask for the associated IP subnet.
secondary	(Optional) Specifies that the configured address is a secondary IP address. If this keyword is omitted, the configured address is the primary IP address.

Command Default

No IP address is defined for the interface.

Command Modes

Interface configuration mode
Subinterface configuration mode

Command History

Release	Modification
5.2(1)N1(1)	This command was introduced.

Usage Guidelines

---

Note Before you use this command, make sure that you use the no switchport command on the interface to use the Layer 3 features.

---

An interface can have one primary IP address and one secondary IP address.

You can disable IP processing on a particular interface by removing its IP address with the no ip address command.

The optional secondary keyword allows you to specify a secondary IP address. Secondary addresses are treated like primary addresses, except the system never generates datagrams other than routing updates with secondary source addresses. IP broadcasts and Address Resolution Protocol (ARP) requests are handled, as are interface routes in the IP routing table.

---

Note When you are routing using the Open Shortest Path First (OSPF) algorithm, ensure that the secondary address of an interface fall into the same OSPF area as the primary addresses.

---

Examples

This example shows how to configure the IP address 192.168.0.27 as the primary address and 192.168.0.5 as the secondary address for Ethernet interface 1/5:

switch(config)# interface ethernet 1/5 

switch(config-if)# no switchport

switch(config-if)# ip address 192.168.0.27 255.255.255.0

switch(config-if )# ip address 192.168.0.5 255.255.255.0 secondary

switch(config-if)# 

Related Commands

Command	Description
copy running-config startup-config	Saves the configuration change to the startup configuration file.
no switchport	Enables an interface for Layer 3 configuration.
show ip interface	Displays interfaces configured for IPv4.

ip arp

To configure a static Address Resolution Protocol (ARP) entry, use the ip arp command. To remove a static ARP entry, use the no form of this command.

ip arp ip-address mac-address

no ip arp ip-address

Syntax Description

ip-address	IPv4 address, in A.B.C.D format.
mac-address	MAC address in one of the following formats: •E.E.E •EE-EE-EE-EE-EE-EE •EE:EE:EE:EE:EE:EE •EEEE.EEEE.EEEE

Command Default

None

Command Modes

Command HistoryInterface configuration mode
Subinterface configuration mode

Release	Modification
5.2(1)N1(1)	This command was introduced.

Usage Guidelines

Use this command on Layer 3 interfaces and Layer 3 subinterfaces.

Examples

This example shows how to configure a static ARP entry on interface Ethernet 1/2:

switch(config)# interface ethernet 1/2

switch(config-if)# no switchport

switch(config-if)# ip arp 192.0.2.1 0150.5a03.efab 

switch(config-if)#

This example shows how to configure a static ARP entry on a subinterface:

switch(config)# interface ethernet 1/5

switch(config-if)# no switchport

switch(config-if)# interface ethernet 1/1.1

switch(config-subif)# ip arp 192.0.2.1 0150.5a03.efab 

switch(config-subif)#

Related Commands

Command	Description
show ip arp	Displays ARP entries.

ip arp gratuitous

To enable gratuitous Address Resolution Protocol (ARP), use the ip arp gratuitous command. To disable gratuitous ARP, use the no form of this command.

ip arp gratuitous {request | update}

no ip arp gratuitous {request | update}

Syntax Description

request	Enables sending gratuitous ARP requests when a duplicate address is detected.
update	Enables ARP cache updates for gratuitous ARP.

Command Default

Enabled

Command Modes

Interface configuration mode

Command History

Release	Modification
5.2(1)N1(1)	This command was introduced.

Examples

This example shows how to disable gratuitous ARP request on interface Ethernet 2/1:

switch(config)# interface ethernet 1/2

switch(config-if)# no switchport

switch(config-if)# ip arp gratuitous

switch(config-if)# 

Related Commands

Command	Description
ip arp	Configures a static ARP entry.
show ip arp	Displays ARP configuration information.

ip arp timeout

To configure an Address Resolution Protocol (ARP) timeout, use the ip arp timeout command. To revert to the default value, use the no form of this command.

ip arp timeout timeout-value

no ip arp timeout

Syntax Description

timeout-value

Time (in seconds) that an entry remains in the ARP cache. Valid values are from 60 to 28800, and the default is 1500.

Command Default

1500 seconds

Command Modes

Global configuration mode

Command History

Release	Modification
5.0(2)N1(1)	This command was introduced.

Examples

This example shows how to configure the ARP timeout value to 120 seconds:

switch(config)# ip arp timeout 120 

switch(config)#

This example shows how to revert to the default ARP timeout value of 1500 seconds:

switch(config)# no ip arp timeout 

switch(config)#

Related Commands

Command	Description
show running-config arp all	Displays the ARP configuration, including the default configurations.

ip directed-broadcast

To enable the translation of a directed broadcast to physical broadcasts, use the ip directed-broadcast command. To disable this function, use the no form of this command.

ip directed-broadcast

no ip directed-broadcast

Syntax Description

This command has no arguments or keywords.

Command Default

Disabled; all IP directed broadcasts are dropped.

Command Modes

Interface configuration mode

Subinterface configuration mode

Command History

Release	Modification
5.2(1)N1(1)	This command was introduced.

Usage Guidelines

An IP directed broadcast is an IP packet whose destination address is a valid broadcast address for some IP subnet but which originates from a node that is not itself part of that destination subnet.

A device that is not directly connected to its destination subnet forwards an IP directed broadcast in the same way it would forward unicast IP packets destined to a host on that subnet. When a directed broadcast packet reaches a device that is directly connected to its destination subnet, that packet is broadcast on the destination subnet. The destination address in the IP header of the packet is rewritten to the configured IP broadcast address for the subnet, and the packet is sent as a link-layer broadcast.

If directed broadcast is enabled for an interface, incoming IP packets whose addresses identify them as directed broadcasts intended for the subnet to which that interface is attached are broadcast on that subnet.

If the no ip directed-broadcast command has been configured for an interface, directed broadcasts destined for the subnet to which that interface is attached are dropped, rather than being broadcast.

---

Note Because directed broadcasts, and particularly Internet Control Message Protocol (ICMP) directed broadcasts, have been abused by malicious persons, we recommend that you disable the ip directed-broadcast command on any interface where directed broadcasts are not needed. We also recommend that you use access lists to limit the number of broadcast packets.

---

Examples

This example shows how to enable forwarding of IP directed broadcasts on Ethernet interface 2/1:

switch(config)# interface ethernet 2/1

switch(config-if)# no switchport

switch(config-if)# ip directed-broadcast

switch(config-if)# 

Related Commands

Command	Description
show ip interface	Displays IP information for an interface.

interface ethernet (Layer 3)

To configure a Layer 3 Ethernet IEEE 802.3 routed interface, use the interface ethernet command.

interface ethernet [chassis_ID/] slot/[QSFP-module/]port[.subintf-port-no]

Syntax Description

chassis_ID	(Optional) Specifies the Fabric Extender chassis ID. The chassis ID is from 100 to 199. Note This argument is not optional when addressing the host interfaces of a Cisco Nexus 2000 Series Fabric Extender.
slot	Slot from 1 to 4. The following list defines the slots available: •Slot 1 includes all the fixed ports. A Fabric Extender only has one slot. •Slots 2 to 4 include the ports on the Generic Expansion Module (if populated).
QSFP-module	The QSFP-module number is from 1 to 4. Note The QSFP-module number applies only to the QSFP+ Generic Expansion Module (GEM).
port	Port number within a particular slot. The port number is from 1 to 128.
.	(Optional) Specifies the subinterface separator.
subintf-port-no	(Optional) Port number for the subinterface. The range is from 1 to 48.

Command Default

None

Command Modes

Global configuration mode
Interface configuration mode

Command History

Release	Modification
6.0(2)N1(2)	Support for the QSFP+ GEM was added.
5.2(1)N1(1)	This command was introduced.

Usage Guidelines

You must use the no switchport command in the interface configuration mode to configure the interface as a Layer 3 routed interface. When you configure the interface as a Layer 3 interface, all Layer 2 specific configurations on this interface are deleted.

Use the switchport command to convert a Layer 3 interface into a Layer 2 interface. When you configure the interface as a Layer 2 interface, all Layer 3 specific configurations on this interface are deleted.

Examples

This example shows how to enter configuration mode for a Layer 3 Ethernet interface 1/5:

switch(config)# interface ethernet 1/5 

switch(config-if)# no switchport 

switch(config-if)# ip address 10.1.1.1/24 

switch(config-if)# 

This example shows how to enter configuration mode for a host interface on a Fabric Extender:

switch(config)# interface ethernet 101/1/1 

switch(config-if)# no switchport 

switch(config-if)# ip address 10.1.1.1/24 

switch(config-if)# 

This example shows how to configure a Layer 3 subinterface for Ethernet interface 1/5 in the global configuration mode:

switch(config)# interface ethernet 1/5.2 

switch(config-if)# no switchport 

switch(config-subif)# ip address 10.1.1.1/24 

switch(config-subif)# 

This example shows how to configure a Layer 3 subinterface in interface configuration mode:

switch(config)# interface ethernet 1/5 

switch(config-if)# interface ethernet 1/5.1 

switch(config-if)# no switchport

switch(config-subif)# ip address 10.1.1.1/24 

switch(config-subif)# 

This example shows how to convert a Layer 3 interface to a Layer 2 interface:

switch(config)# interface ethernet 1/5 

switch(config-if)# no switchport 

switch(config-if)# ip address 10.1.1.1/24 

switch(config-if)# switchport

switch(config-if)# 

Related Commands

Command	Description
bandwidth	Sets the bandwidth parameters for an interface.
delay	Configures the interface throughput delay value.
encapsulation	Sets the encapsulation type for an interface.
ip address	Sets a primary or secondary IP address for an interface.
inherit	Assigns a port profile to an interface.
interface vethernet	Configures a virtual Ethernet interface.
no switchport	Configures an interface as a Layer 3 interface.
service-policy	Configures a service policy for an interface.
show fex	Displays all configured Fabric Extender chassis connected to the switch.
show interface ethernet	Displays various parameters of an Ethernet IEEE 802.3 interface.

ip local-proxy-arp

To enable the local proxy Address Resolution Protocol (ARP) feature, use the ip local-proxy-arp command. To disable this feature, use the no form of this command.

ip local-proxy-arp

no ip local-proxy-arp

Syntax Description

This command has no arguments or keywords.

Command Default

Disabled

Command Modes

Interface configuration mode
Subinterface configuration mode

Command History

Release	Modification
5.2(1)N1(1)	This command was introduced.

Usage Guidelines

Before the local proxy ARP feature can be used, you must enable the IP proxy ARP feature by using the ip proxy-arp command. The IP proxy ARP feature is disabled by default.

---

Note This command is not applicable to Layer 3 loopback interfaces.

---

Examples

This example shows how to enable the local proxy ARP:

switch(config)# interface ethernet 1/5

switch(config-if)# no switchport

switch(config-if)# ip arp local-proxy-arp 

switch(config-if)# 

Related Commands

Command	Description
copy running-config startup-config	Saves the configuration to the startup configuration file.
ip proxy-arp	Enables proxy ARP on an interface.
show ip arp	Displays ARP configuration information.

interface loopback

To create a loopback interface and enter interface configuration mode, use the interface loopback command. To remove a loopback interface, use the no form of this command.

interface loopback number

no interface loopback number

Syntax Description

number

Interface number; valid values are from 0 to 1023.

Command Default

None

Command Modes

Global configuration mode

Command History

Release	Modification
5.2(1)N1(1)	This command was introduced.

Usage Guidelines

Use the interface loopback command to create or modify loopback interfaces.

From the loopback interface configuration mode, the following parameters are available:

•description—Provides a description of the purpose of the interface.

•ip—Configures IP features, such as the IP address for the interface, Address Resolution Protocol (ARP) attributes, load balancing, Unicast Reverse Path Forwarding (RPF) or IP Source Guard.

•logging—Configure logging of events.

•shutdown—Shut down traffic on the interface.

This command does not require a license.

Examples

This example shows how to create a loopback interface:

switch(config)# interface loopback 50 

switch(config-if)# ip address 10.1.1.1/24

switch(config-if)# 

Related Commands

Command	Description
show interface loopback	Displays information about the traffic on the specified loopback interface.

interface port-channel

To create an EtherChannel interface and enter interface configuration mode, use the interface port-channel command. To remove an EtherChannel interface, use the no form of this command.

interface port-channel channel-number[.subintf-channel-no]

no interface port-channel channel-number[.subintf-channel-no]

Syntax Description

channel-number	Channel number that is assigned to this EtherChannel logical interface. The range is from 1 to 4096.
.	(Optional) Specifies the subinterface separator. Note Applies to Layer 3 interfaces.
subintf-channel-no	(Optional) Port number of the EtherChannel subinterface. The range is from 1 to 4093. Note Applies to Layer 3 interfaces.

Command Default

None

Command Modes

Global configuration mode
Interface configuration mode

Command History

Release	Modification
5.0(2)N1(1)	This command was introduced.
5.2(1)N1(1)	Support for Layer 3 interfaces and subinterfaces was added.

Usage Guidelines

A port can belong to only one channel group.

When you use the interface port-channel command for Layer 2 interfaces, follow these guidelines:

•If you are using CDP, you must configure it only on the physical interface and not on the EtherChannel interface.

•If you do not assign a static MAC address on the EtherChannel interface, a MAC address is automatically assigned. If you assign a static MAC address and then later remove it, the MAC address is automatically assigned.

•The MAC address of the EtherChannel is the address of the first operational port added to the channel group. If this first-added port is removed from the channel, the MAC address comes from the next operational port added, if there is one.

You must use the no switchport command in the interface configuration mode to configure the EtherChannel interface as a Layer 3 interface. When you configure the interface as a Layer 3 interface, all Layer 2 specific configurations on this interface are deleted.

Use the switchport command to convert a Layer 3 EtherChannel interface into a Layer 2 interface. When you configure the interface as a Layer 2 interface, all Layer 3 specific configurations on this interface are deleted.

You can configure one or more subinterfaces on a port channel made from routed interfaces.

Examples

This example shows how to create an EtherChannel group interface with channel-group number 50:

switch(config)# interface port-channel 50 

switch(config-if)# 

This example shows how to create a Layer 3 EtherChannel group interface with channel-group number 10:

switch(config)# interface port-channel 10 

switch(config-if)# no switchport 

switch(config-if)# ip address 192.0.2.1/24 

switch(config-if)#

This example shows how to configure a Layer 3 EtherChannel subinterface with channel-group number 1 in interface configuration mode:

switch(config)# interface port-channel 10 

switch(config-if)# no switchport 

switch(config-if)# interface port-channel 10.1 

switch(config-subif)# ip address 192.0.2.2/24 

switch(config-subif)#

This example shows how to configure a Layer 3 EtherChannel subinterface with channel-group number 20.1 in global configuration mode:

switch(config)# interface port-channel 20.1 

switch(config-subif)# ip address 192.0.2.3/24 

switch(config-subif)#

Related Commands

Command	Description
encapsulation	(Layer 3 interfaces) Sets the encapsulation type for an interface.
ip address	(Layer 3 interfaces) Sets a primary or secondary IP address for an interface.
no switchport	(Layer 3 interfaces) Configures an interface as a Layer 3 interface.
show interface	Displays configuration information about interfaces.
show lacp	Displays LACP information.
show port-channel summary	Displays information on the EtherChannels.
vtp (interface)	Enables VLAN Trunking Protocol (VTP) on an interface.

ip port-unreachable

To enable the generation of Internet Control Message Protocol (ICMP) port unreachable messages, use the ip port-unreachable command. To disable this function, use the no form of this command.

ip port-unreachable

no ip port-unreachable

Syntax Description

This command has no arguments or keywords.

Command Default

Enabled

Command Modes

Interface configuration mode

Subinterface configuration mode

Command History

Release	Modification
5.2(1)N1(1)	This command was introduced.

Examples

This example shows how to enable the generation of ICMP port unreachable messages, as appropriate, on an interface:

switch# configure terminal

switch(config)# interface ethernet 2/1

switch(config-if)# no switchport

switch(config-if)# ip port-unreachable

Related Commands

Command	Description
ip unreachables	Sends ICMP unreachable messages.

ip proxy-arp

To enable proxy Address Resolution Protocol (ARP) on an interface, use the ip proxy-arp command. To disable proxy ARP on the interface, use the no form of this command.

ip proxy-arp

no ip proxy-arp

Syntax Description

This command has no arguments or keywords.

Command Default

Disabled

Command Modes

Interface configuration mode

Subinterface configuration mode

Command History

Release	Modification
5.2(1)N1(1)	This command was introduced.

Examples

This example shows how to enable proxy ARP:

switch(config)# interface ethernet 2/1

switch(config-if)# no switchport

switch(config-if)# ip proxy-arp

switch(config-if)#

Related Commands

Command	Description
copy running-config startup-config	Saves the configuration to the startup configuration file.
show ip arp	Displays ARP configuration information.

ip tcp path-mtu-discovery

To enable path maximum transmission unit (MTU) discovery on an IPv4 interface, use the ip tcp path-mtu discovery command. To disable this feature, use the no form of this command.

ip tcp path-mtu discovery

no ip tcp path-mtu discovery

Syntax Description

This command has no arguments or keywords.

Command Default

Disabled

Command Modes

Interface configuration mode

Command History

Release	Modification
5.2(1)N1(1)	This command was introduced.

Examples

This example shows how to enable path MTU discovery for IPv4:

switch# configure terminal

switch(config)# interface ethernet 2/1

switch(config-if)# no switchport

switch(config-if)# ip tcp path-mtu-discovery

switch(config-if)#

Related Commands

Command	Description
show ip arp	Displays ARP configuration information.

ip tcp synwait-time

To set a period of time the Cisco NX-OS software waits while attempting to establish a TCP connection before it times out, use the ip tcp synwait-time command. To restore the default time, use the no form of this command.

ip tcp synwait-time seconds

no ip tcp synwait-time

Syntax Description

seconds

Time, in seconds, the software waits while attempting to establish a TCP connection. It can be an integer from 5 to 300 seconds.

Command Default

5 seconds

Command Modes

Global configuration mode

Command History

Release	Modification
5.1(3)N1(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure the switch software to continue attempting to establish a TCP connection for 10 seconds:

switch# configure terminal

switch(config)# ip tcp synwait-time 10

Setting syn time to 10 seconds

switch(config)#

This example shows how to disable TCP synchronization on interfaces:

switch# configure terminal

switch(config)# no ip tcp synwait-time

switch(config)#

Related Commands

Command	Description
show running-config	Displays the running system configuration information.

ip unreachables

To enable the generation of Internet Control Message Protocol (ICMP) unreachable messages, use the ip unreachables command. To disable this function, use the no form of this command.

ip unreachables

no ip unreachables

Syntax Description

This command has no arguments or keywords.

Command Default

Enabled

Command Modes

Interface configuration mode

Subinterface configuration mode

Command History

Release	Modification
5.2(1)N1(1)	This command was introduced.

Examples

This example shows how to enable the generation of ICMP unreachable messages on an interface:

switch# configure terminal

switch(config)# interface ethernet 2/1

switch(config-if)# no switchport

switch(config-if)# ip unreachables

Related Commands

Command	Description
ip port-unreachable	Sends ICMP port unreachable messages.

ipv6 nd

To configure IPv6 neighbor discovery (ND), use the ipv6 nd command. To remove the IPv6 ND configuration, use the no form of this command.

ipv6 nd {hop-limit hop-limit | managed-config-flag | mtu | ns-interval ns-interval | other-config-flag | prefix {A:B::C:D/LEN | default {0-4294967295 | infinite {infinite [no-autoconfig | no-onlink | off-link]}| no-advertise}} | ra-interval ra-interval | ra-lifetime ra-lifetime | reachable-time reachable-time | redirects | retrans-timer retrans-timer | suppress-ra [mtu]}

no ipv6 nd {hop-limit hop-limit | managed-config-flag | mtu mtu-size | ns-interval ns-interval | other-config-flag | prefix {A:B::C:D/LEN | default {0-4294967295 | infinite {infinite [no-autoconfig | no-onlink | off-link]}| no-advertise}} | ra-interval ra-interval | ra-lifetime ra-lifetime | reachable-time reachable-time | redirects | retrans-timer retrans-timer | suppress-ra [mtu]}

Syntax Description

hop-limit	Specifies the hop limit in the IPv6 header.
hop-limit	Hop limit. The range is from 0 to 255.
managed-config-flag	Informs hosts to use stateful address autoconfiguration to obtain address information.
mtu	Specifies the MTU size.
mtu-size	MTU size. The range is from 1280 to 65535.
ns-interval	Specifies the retransmission interval between sending the neighbor-solicitation messages.
ns-interval	Interval in milliseconds. The range is from 1000 to 3600000.
other-config-flag	Informs hosts to use stateful autoconfiguration to obtain non-address related information.
prefix	Specifies the IPv6 prefix to advertise in the router-advertisement message.
A:B::C:D/LEN	Specifies the IPv6 address prefix.
default	Specifies the prefix default parameters.
0-4294967295	Valid value for the life time.
infinite	Specifies the indefinite lifetime.
no-autoconfig	(Optional) Specifies no to use the prefix for autoconfiguration.
no-onlink	(Optional) Specifies not use the prefix for the onlink determination.
off-link	Indicates the prefix is offlink.
no-advertise	Specifies not to advertise the prefix.
ra-interval	Specifies the interval between sending the router-advertisement message.
ra-interval	Router-advertisement message interval. The range is from 4 to 1800.
ra-lifetime	Specifies the router lifetime of a default router.
ra-lifetime	Router-advertisement message lifetime. The range is from 4 to 1800. The value for the default router cannot be 0.
reachable-time	Specifies the advertised time when a node considers a neighbor is up after receiving a reachability confirmation.
reachable-time	Reachable time. The range is from 0 to 3600000.
redirects	Enables sending ICMPv6 Redirect messages.
retrans-timer	Specifies the advertised time between NS messages.
retrans-timer	Time between messages. The range is from 0 to 4294967295.
suppress-ra	Disables sending router-advertisement messages.

Defaults

hop-limit-64
mtu-1500
ns-interval-1000
ra-interval-600
reachable-time-0
retrans-timer-0

Command Modes

Interface configuration mode

Command History

Release	Modification
5.2(1)U3(1)	This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure IPv6 neighbor discovery:

switch# configure terminal

switch(config)# interface ethernet 1/5

switch(config-if)# ipv6 nd

switch(config-if)# ipv6 nd reachable time 30

This example shows how to remove IPv6 neighbor discovery:

switch(config-if)# no ipv6 nd reachable time 30

switch(config-if)#

Related Commands

Command	Description
show ipv6 nd interface	Displays neighbor discovery interface information.