8/9/2019 122sxscg2
1/1012
Corporate Headquarters
Cisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAhttp://www.cisco.comTel: 408 526-4000
800 553-NETS (6387)Fax: 408 526-4100
Cisco 7600 Series RouterCisco IOS Software Configuration GuideRelease 12.2(18)SXF and Rebuilds and Earlier Releases
Text Part Number: OL-4266-08
http://www.cisco.com/http://www.cisco.com/8/9/2019 122sxscg2
2/1012
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALLSTATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUTWARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSEOR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCBs publicdomain version of the UNIX operating system. All rights reserved. Copyright 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED AS IS WITHALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUTLIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OFDEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO D ATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCOOR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
CCDE, CCENT, Cisco Eos, Cisco Lumin, Cisco Nexus, Cisco StadiumVision, Cisco TelePresence, the Cisco logo, DCE, and Welcome to the Human Network aretrademarks; Changing the Way We Work, Live, Play, and Learn and Cisco Store are servi ce marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You,Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems l ogo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing,FormShare, GigaDrive, HomeLink, Internet Quotient, IO S, iPhone, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, IronPort, the IronPort l ogo,LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking A cademy, Network Registrar, PCNow, PIX, PowerPanels,ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Q uotient, TransPath, WebEx, and theWebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationshipbetween Cisco and any other company. (0807R)
Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SXF and Rebuilds and Erarlier Releases 20012008, Cisco Systems, Inc. All rights reserved.
8/9/2019 122sxscg2
3/1012
1Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
C O N T E N T S
Preface 30
Audience 30
Organization 30
Related Documentation 33
Conventions 34
Product Overview 1
Supported Hardware and Software 1
User Interfaces 1
Configuring Embedded CiscoView Support 2Understanding Embedded CiscoView 2Installing and Configuring Embedded CiscoView 2Displaying Embedded CiscoView Information 3
Software Features Supported in Hardware by the PFC and DFC 3
Command-Line Interfaces 1
Accessing the CLI 1Accessing the CLI through the EIA/TIA-232 Console Interface 2
Accessing the CLI through Telnet 2Performing Command Line Processing 3
Performing History Substitution 3
Cisco IOS Command Modes 4
Displaying a List of Cisco IOS Commands and Syntax 5
ROM-Monitor Command-Line Interface 6
Configuring the Switch for the First Time 1
Default Configuration 1
Configuring the Switch 2Using the Setup Facility or the setup Command 2Using Configuration Mode 10Checking the Running Configuration Before Saving 10Saving the Running Configuration Settings 11
8/9/2019 122sxscg2
4/1012
Contents
2Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Reviewing the Configuration 11Configuring a Default Gateway 11Configuring a Static Route 12Configuring a BOOTP Server 13
Protecting Access to Privileged EXEC Commands 15Setting or Changing a Static Enable Password 15Using the enable password and enable secret Commands 15Setting or Changing a Line Password 16Setting TACACS+ Password Protection for Privileged EXEC Mode 16Encrypting Passwords 17Configuring Multiple Privilege Levels 17
Recovering a Lost Enable Password 19
Modifying the Supervisor Engine Startup Configuration 20
Understanding the Supervisor Engine Boot Configuration 20Configuring the Software Configuration Register 21Specifying the Startup System Image 24Understanding Flash Memory 24CONFIG_FILE Environment Variable 25Controlling Environment Variables 26
Configuring a Supervisor Engine 720 1
Using the Bootflash or Bootdisk on a Supervisor Engine 720 1
Using the Slots on a Supervisor Engine 720 1
Configuring Supervisor Engine 720 Ports 2
Configuring and Monitoring the Switch Fabric Functionality 2Understanding How the Switch Fabric Functionality Works 2Configuring the Switch Fabric Functionality 4Monitoring the Switch Fabric Functionality 4
Configuring a Supervisor Engine 32 1
Flash Memory on a Supervisor Engine 32 1
Supervisor Engine 32 Ports 2
Configuring the Supervisor Engine 2 and the Switch Fabric Module 1
Using the Slots on a Supervisor Engine 2 1
Understanding How the Switch Fabric Module Works 1
8/9/2019 122sxscg2
5/1012
Contents
3Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Switch Fabric Module Overview 2Switch Fabric Module Slots 2Switch Fabric Redundancy 2Forwarding Decisions for Layer 3-Switched Traffic 2Switching Modes 3
Configuring the Switch Fabric Module 3Configuring the Switching Mode 4Configuring Fabric-Required Mode 4Configuring an LCD Message 5
Monitoring the Switch Fabric Module 5Displaying the Module Information 6Displaying the Switch Fabric Module Redundancy Status 6Displaying Fabric Channel Switching Modes 6
Displaying the Fabric Status 7Displaying the Fabric Utilization 7Displaying Fabric Errors 7
Configuring NSF with SSO Supervisor Engine Redundancy 1
Understanding NSF with SSO Supervisor Engine Redundancy 1NSF with SSO Supervisor Engine Redundancy Overview 2SSO Operation 2NSF Operation 3Cisco Express Forwarding 3
Multicast MLS NSF with SSO 4Routing Protocols 4NSF Benefits and Restrictions 8
Supervisor Engine Configuration Synchronization 9Supervisor Engine Redundancy Guidelines and Restrictions 9Redundancy Configuration Guidelines and Restrictions 9Hardware Configuration Guidelines and Restrictions 10Configuration Mode Restrictions 10
NSF Configuration Tasks 11
Configuring SSO 11Configuring Multicast MLS NSF with SSO 12Verifying Multicast NSF with SSO 12Configuring CEF NSF 13Verifying CEF NSF 13Configuring BGP NSF 13
8/9/2019 122sxscg2
6/1012
Contents
4Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Verifying BGP NSF 14Configuring OSPF NSF 14Verifying OSPF NSF 15Configuring IS-IS NSF 16Verifying IS-IS NSF 16Configuring EIGRP NSF 18Verifying EIGRP NSF 18Synchronizing the Supervisor Engine Configurations 19
Copying Files to the Redundant Supervisor Engine 19
Configuring RPR and RPR+ Supervisor Engine Redundancy 1
Understanding RPR and RPR+ 1Supervisor Engine Redundancy Overview 2RPR Operation 2RPR+ Operation 3Supervisor Engine Configuration Synchronization 3
Supervisor Engine Redundancy Guidelines and Restrictions 4Redundancy Guidelines and Restrictions 4RPR+ Guidelines and Restrictions 5Hardware Configuration Guidelines and Restrictions 6Configuration Mode Restrictions 6
Configuring Supervisor Engine Redundancy 6Configuring Redundancy 7Synchronizing the Supervisor Engine Configurations 7Displaying the Redundancy States 8
Performing a Fast Software Upgrade 8
Copying Files to an MSFC 10
Configuring Interfaces 1
Understanding Interface Configuration 1
Using the Interface Command 2
Configuring a Range of Interfaces 4
Defining and Using Interface-Range Macros 5Configuring Optional Interface Features 6
Configuring Ethernet Interface Speed and Duplex Mode 7Configuring Jumbo Frame Support 10
8/9/2019 122sxscg2
7/1012
Contents
5Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Configuring IEEE 802.3x Flow Control 13Configuring the Port Debounce Timer 14Adding a Description for an Interface 15
Understanding Online Insertion and Removal 16
Monitoring and Maintaining Interfaces 16Monitoring Interface Status 17Clearing Counters on an Interface 17Resetting an Interface 18Shutting Down and Restarting an Interface 18
Checking the Cable Status Using the TDR 19
Configuring LAN Ports for Layer 2 Switching 1
Understanding How Layer 2 Switching Works 1
Understanding Layer 2 Ethernet Switching 1Understanding VLAN Trunks 2Layer 2 LAN Port Modes 4
Default Layer 2 LAN Interface Configuration 5
Layer 2 LAN Interface Configuration Guidelines and Restrictions 5
Configuring LAN Interfaces for Layer 2 Switching 6Configuring a LAN Port for Layer 2 Switching 7Configuring a Layer 2 Switching Port as a Trunk 7Configuring a LAN Interface as a Layer 2 Access Port 14
Configuring a Custom IEEE 802.1Q EtherType Field Value 15
Configuring Flex Links 1
Understanding Flex Links 1
Configuring Flex Links 2Flex Links Default Configuration 2Flex Links Configuration Guidelines and Restrictions 2Configuring Flex Links 3
Monitoring Flex Links 3
Configuring EtherChannels 1
Understanding How EtherChannels Work 1EtherChannel Feature Overview 1Understanding How EtherChannels Are Configured 2
8/9/2019 122sxscg2
8/1012
Contents
6Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Understanding Port Channel Interfaces 4Understanding Load Balancing 5
EtherChannel Feature Configuration Guidelines and Restrictions 5
Configuring EtherChannels 6Configuring Port Channel Logical Interfaces for Layer 3 EtherChannels 7Configuring Channel Groups 8Configuring the LACP System Priority and System ID 10Configuring EtherChannel Load Balancing 11Configuring the EtherChannel Min-Links Feature 12
Configuring VTP 1
Understanding How VTP Works 1Understanding the VTP Domain 2
Understanding VTP Modes 2Understanding VTP Advertisements 3Understanding VTP Version 2 3Understanding VTP Pruning 3
VTP Default Configuration 5
VTP Configuration Guidelines and Restrictions 5
Configuring VTP 6Configuring VTP Global Parameters 6Configuring the VTP Mode 8Displaying VTP Statistics 10
Configuring VLANs 1
Understanding How VLANs Work 1VLAN Overview 1VLAN Ranges 2Configurable VLAN Parameters 3Understanding Token Ring VLANs 3
VLAN Default Configuration 6
VLAN Configuration Guidelines and Restrictions 8
Configuring VLANs 9VLAN Configuration Options 9Creating or Modifying an Ethernet VLAN 10Assigning a Layer 2 LAN Interface to a VLAN 12
8/9/2019 122sxscg2
9/1012
Contents
7Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Configuring the Internal VLAN Allocation Policy 12Configuring VLAN Translation 13Mapping 802.1Q VLANs to ISL VLANs 16
Configuring Private VLANs 1Understanding How Private VLANs Work 1
Private VLAN Domains 2Private VLAN Ports 3Primary, Isolated, and Community VLANs 3Private VLAN Port Isolation 4IP Addressing Scheme with Private VLANs 4Private VLANs Across Multiple Switches 5Private VLAN Interaction with Other Features 5
Private VLAN Configuration Guidelines and Restrictions 6Secondary and Primary VLAN Configuration 7Private VLAN Port Configuration 9Limitations with Other Features 9
Configuring Private VLANs 11Configuring a VLAN as a Private VLAN 11Associating Secondary VLANs with a Primary VLAN 12Mapping Secondary VLANs to the Layer 3 VLAN Interface of a Primary VLAN 13Configuring a Layer 2 Interface as a Private VLAN Host Port 14Configuring a Layer 2 Interface as a Private VLAN Promiscuous Port 15
Monitoring Private VLANs 17
Configuring Cisco IP Phone Support 1
Understanding Cisco IP Phone Support 1Cisco IP Phone Connections 1Cisco IP Phone Voice Traffic 2Cisco IP Phone Data Traffic 3Cisco IP Phone Power Configurations 3
Default Cisco IP Phone Support Configuration 4
Cisco IP Phone Support Configuration Guidelines and Restrictions 4Configuring Cisco IP Phone Support 5
Configuring Voice Traffic Support 5Configuring Data Traffic Support 7
8/9/2019 122sxscg2
10/1012
Contents
8Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Configuring Inline Power Support 8
Configuring IEEE 802.1Q Tunneling 1
Understanding How 802.1Q Tunneling Works 1
802.1Q Tunneling Configuration Guidelines and Restrictions 3Configuring 802.1Q Tunneling 6
Configuring 802.1Q Tunnel Ports 6Configuring the Switch to Tag Native VLAN Traffic 6
Configuring Layer 2 Protocol Tunneling 1
Understanding How Layer 2 Protocol Tunneling Works 1
Configuring Support for Layer 2 Protocol Tunneling 2
Configuring Standard-Compliant IEEE MST 1
Understanding MST 1MST Overview 2MST Regions 2IST, CIST, and CST 3Hop Count 6Boundary Ports 6Standard-Compliant MST Implementation 7Interoperability with IEEE 802.1D-1998 STP 9
Understanding RSTP 9
Port Roles and the Active Topology 10Rapid Convergence 11Synchronization of Port Roles 12Bridge Protocol Data Unit Format and Processing 13Topology Changes 15
Configuring MST 15Default MST Configuration 16MST Configuration Guidelines and Restrictions 16Specifying the MST Region Configuration and Enabling MST 17Configuring the Root Bridge 19Configuring a Secondary Root Bridge 20Configuring Port Priority 21Configuring Path Cost 22Configuring the Switch Priority 23Configuring the Hello Time 24
8/9/2019 122sxscg2
11/1012
Contents
9Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Configuring the Forwarding-Delay Time 25Configuring the Transmit Hold Count 25Configuring the Maximum-Aging Time 26Configuring the Maximum-Hop Count 26Specifying the Link Type to Ensure Rapid Transitions 26Designating the Neighbor Type 27Restarting the Protocol Migration Process 28
Displaying the MST Configuration and Status 28
Configuring STP and Prestandard IEEE 802.1s MST 1
Understanding How STP Works 1STP Overview 2Understanding the Bridge ID 2Understanding Bridge Protocol Data Units 4Election of the Root Bridge 4STP Protocol Timers 5Creating the Spanning Tree Topology 5STP Port States 6STP and IEEE 802.1Q Trunks 12
Understanding How IEEE 802.1w RSTP Works 13IEEE 802.1w RSTP Overview 13RSTP Port Roles 13RSTP Port States 14
Rapid-PVST 14
Understanding How Prestandard IEEE 802.1s MST Works 14IEEE 802.1s MST Overview 15MST-to-PVST Interoperability 16Common Spanning Tree 18MST Instances 18MST Configuration Parameters 18MST Regions 19Message Age and Hop Count 20
Default STP Configuration 21STP and MST Configuration Guidelines and Restrictions 21
Configuring STP 22Enabling STP 22
8/9/2019 122sxscg2
12/1012
Contents
10Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Enabling the Extended System ID 24Configuring the Root Bridge 24Configuring a Secondary Root Bridge 26Configuring STP Port Priority 26Configuring STP Port Cost 28Configuring the Bridge Priority of a VLAN 30Configuring the Hello Time 31Configuring the Forward-Delay Time for a VLAN 32Configuring the Maximum Aging Time for a VLAN 32Enabling Rapid-PVST 33
Configuring Prestandard IEEE 802.1s MST 33Enabling MST 34Displaying MST Configurations 35
Configuring MST Instance Parameters 39Configuring MST Instance Port Parameters 40Restarting Protocol Migration 40
Configuring Optional STP Features 1
Understanding How PortFast Works 2
Understanding How BPDU Guard Works 2
Understanding How PortFast BPDU Filtering Works 2
Understanding How UplinkFast Works 3
Understanding How BackboneFast Works 4
Understanding How EtherChannel Guard Works 6
Understanding How Root Guard Works 6
Understanding How Loop Guard Works 6
Enabling PortFast 8
Enabling PortFast BPDU Filtering 10
Enabling BPDU Guard 11
Enabling UplinkFast 12
Enabling BackboneFast 13
Enabling EtherChannel Guard 14Enabling Root Guard 14
Enabling Loop Guard 15
8/9/2019 122sxscg2
13/1012
Contents
11Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Configuring Layer 3 Interfaces 1
Layer 3 Interface Configuration Guidelines and Restrictions 1
Configuring Subinterfaces on Layer 3 Interfaces 2
Configuring IPv4 Routing and Addresses 4Configuring IPX Routing and Network Numbers 7
Configuring AppleTalk Routing, Cable Ranges, and Zones 8
Configuring Other Protocols on Layer 3 Interfaces 9
Configuring UDE and UDLR 1
Understanding UDE and UDLR 1UDE and UDLR Overview 1Supported Hardware 2Understanding UDE 2
Understanding UDLR 3
Configuring UDE and UDLR 3Configuring UDE 3Configuring UDLR 6
Configuring PFC3BXL and PFC3B Mode Multiprotocol Label Switching 1
PFC3BXL and PFC3B Mode MPLS Label Switching 1Understanding MPLS 2Understanding PFC3BXL and PFC3B Mode MPLS Label Switching 2Supported Hardware Features 4Supported Cisco IOS Features 5MPLS Guidelines and Restrictions 7PFC3BXL and PFC3B Mode MPLS Supported Commands 7Configuring MPLS 7MPLS Per-Label Load Balancing 7MPLS Configuration Examples 8
PFC3BXL or PFC3B Mode VPN Switching 9PFC3BXL or PFC3B Mode VPN Switching Operation 10MPLS VPN Guidelines and Restrictions 11
PFC3BXL or PFC3B Mode MPLS VPN Supported Commands 11Configuring MPLS VPN 11MPLS VPN Sample Configuration 12
Any Transport over MPLS 13AToM Load Balancing 14
8/9/2019 122sxscg2
14/1012
Contents
12Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Understanding EoMPLS 14EoMPLS Guidelines and Restrictions 14Configuring EoMPLS 16
Configuring IPv4 Multicast VPN Support 1Understanding How MVPN Works 1
MVPN Overview 1Multicast Routing and Forwarding and Multicast Domains 2Multicast Distribution Trees 2Multicast Tunnel Interfaces 5PE Router Routing Table Support for MVPN 6Multicast Distributed Switching Support 6Hardware-Assisted IPv4 Multicast 6
MVPN Configuration Guidelines and Restrictions 7
Configuring MVPN 8Forcing Ingress Multicast Replication Mode (Optional) 8Configuring a Multicast VPN Routing and Forwarding Instance 9Configuring Multicast VRF Routing 15Configuring Interfaces for Multicast Routing to Support MVPN 20
Sample Configurations for MVPN 22MVPN Configuration with Default MDTs Only 22MVPN Configuration with Default and Data MDTs 24
Configuring IP Unicast Layer 3 Switching 1Understanding How Layer 3 Switching Works 1
Understanding Hardware Layer 3 Switching 2Understanding Layer 3-Switched Packet Rewrite 2
Default Hardware Layer 3 Switching Configuration 4
Configuration Guidelines and Restrictions 4
Configuring Hardware Layer 3 Switching 4
Displaying Hardware Layer 3 Switching Statistics 5
Configuring IPv6 Multicast PFC3 and DFC3 Layer 3 Switching 1
Features that Support IPv6 Multicast 1
IPv6 Multicast Guidelines and Restrictions 2
New or Changed IPv6 Multicast Commands 3
Configuring IPv6 Multicast Layer 3 Switching 3
8/9/2019 122sxscg2
15/1012
Contents
13Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Using show Commands to Verify IPv6 Multicast Layer 3 Switching 3Verifying MFIB Clients 4Displaying the Switching Capability 4Verifying the (S,G) Forwarding Capability 4Verifying the (*,G) Forwarding Capability 5Verifying the Subnet Entry Support Status 5Verifying the Current Replication Mode 5Displaying the Replication Mode Auto Detection Status 5Displaying the Replication Mode Capabilities 5Displaying Subnet Entries 6Displaying the IPv6 Multicast Summary 6Displaying the NetFlow Hardware Forwarding Count 6Displaying the FIB Hardware Bridging and Drop Counts 7
Displaying the Shared and Well-Known Hardware Adjacency Counters 7
Configuring IPv4 Multicast Layer 3 Switching 1
Understanding How IPv4 Multicast Layer 3 Switching Works 1IPv4 Multicast Layer 3 Switching Overview 2Multicast Layer 3 Switching Cache 2Layer 3-Switched Multicast Packet Rewrite 3Partially and Completely Switched Flows 3Non-RPF Traffic Processing 5Multicast Boundary 6
Understanding How IPv4 Bidirectional PIM Works 7Default IPv4 Multicast Layer 3 Switching Configuration 7
IPv4 Multicast Layer 3 Switching Configuration Guidelines and Restrictions 8Restrictions 8Unsupported Features 8
Configuring IPv4 Multicast Layer 3 Switching 9Source-Specific Multicast with IGMPv3, IGMP v3lite, and URD 9Enabling IPv4 Multicast Routing Globally 9Enabling IPv4 PIM on Layer 3 Interfaces 10
Enabling IP Multicast Layer 3 Switching Globally 11Enabling IP Multicast Layer 3 Switching on Layer 3 Interfaces 11Configuring the Replication Mode 11Enabling Local Egress Replication 13Configuring the Layer 3 Switching Global Threshold 14Enabling Installation of Directly Connected Subnets 15
8/9/2019 122sxscg2
16/1012
Contents
14Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Specifying the Flow Statistics Message Interval 15Enabling Shortcut-Consistency Checking 16Configuring ACL-Based Filtering of RPF Failures 16Displaying RPF Failure Rate-Limiting Information 16Configuring Multicast Boundary 17Displaying IPv4 Multicast Layer 3 Hardware Switching Summary 18Displaying the IPv4 Multicast Routing Table 20Displaying IPv4 Multicast Layer 3 Switching Statistics 21
Configuring IPv4 Bidirectional PIM 22Enabling IPv4 Bidirectional PIM Globally 22Configuring the Rendezvous Point for IPv4 Bidirectional PIM Groups 23Setting the IPv4 Bidirectional PIM Scan Interval 23Displaying IPv4 Bidirectional PIM Information 24
Using IPv4 Debug Commands 26Clearing IPv4 Multicast Layer 3 Switching Statistics 26
Configuring MLDv2 Snooping for IPv6 Multicast Traffic 1
Understanding How MLDv2 Snooping Works 1MLDv2 Snooping Overview 2MLDv2 Messages 2Source-Based Filtering 3Explicit Host Tracking 3MLDv2 Snooping Proxy Reporting 4
Joining an IPv6 Multicast Group 4Leaving a Multicast Group 6Understanding the MLDv2 Snooping Querier 7
Default MLDv2 Snooping Configuration 8
MLDv2 Snooping Configuration Guidelines and Restrictions 8
MLDv2 Snooping Querier Configuration Guidelines and Restrictions 8
Enabling the MLDv2 Snooping Querier 9
Configuring MLDv2 Snooping 10Enabling MLDv2 Snooping 10
Configuring a Static Connection to a Multicast Receiver 11Configuring a Multicast Router Port Statically 11Configuring the MLD Snooping Query Interval 12Enabling Fast-Leave Processing 13Enabling SSM Safe Reporting 13
8/9/2019 122sxscg2
17/1012
Contents
15Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Configuring Explicit Host Tracking 14Configuring Report Suppression 14Displaying MLDv2 Snooping Information 15
Configuring IGMP Snooping for IPv4 Multicast Traffic 1Understanding How IGMP Snooping Works 1
IGMP Snooping Overview 2Joining a Multicast Group 2Leaving a Multicast Group 4Understanding the IGMP Snooping Querier 5Understanding IGMP Version 3 Support 5
Default IGMP Snooping Configuration 7
IGMP Snooping Configuration Guidelines and Restrictions 8
IGMP Snooping Querier Configuration Guidelines and Restrictions 8Enabling the IGMP Snooping Querier 9
Configuring IGMP Snooping 9Enabling IGMP Snooping 10Configuring a Static Connection to a Multicast Receiver 11Configuring a Multicast Router Port Statically 11Configuring the IGMP Snooping Query Interval 11Enabling IGMP Fast-Leave Processing 12Configuring Source Specific Multicast (SSM) Mapping 12Enabling SSM Safe Reporting 13Configuring IGMPv3 Explicit Host Tracking 13Displaying IGMP Snooping Information 14
Configuring PIM Snooping 1
Understanding How PIM Snooping Works 1
Default PIM Snooping Configuration 4
PIM Snooping Configuration Guidelines and Restrictions 4
Configuring PIM Snooping 4Enabling PIM Snooping Globally 5
Enabling PIM Snooping in a VLAN 5Disabling PIM Snooping Designated-Router Flooding 6
Configuring RGMP 1
Understanding How RGMP Works 1
Default RGMP Configuration 2
8/9/2019 122sxscg2
18/1012
Contents
16Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
RGMP Configuration Guidelines and Restrictions 2
Enabling RGMP on Layer 3 Interfaces 3
Configuring Network Security 1
Configuring MAC Address-Based Traffic Blocking 1Configuring TCP Intercept 2
Configuring Unicast Reverse Path Forwarding Check 2Understanding PFC3 Unicast RPF Check Support 2Understanding PFC2 Unicast RPF Check Support 3Unicast RPF Check Guidelines and Restrictions 3Configuring Unicast RPF Check 3
Understanding Cisco IOS ACL Support 1
Cisco IOS ACL Configuration Guidelines and Restrictions 1
Hardware and Software ACL Support 2
Configuring IPv6 Address Compression 3
Optimized ACL Logging with a PFC3 4Understanding OAL 5OAL Guidelines and Restrictions 5Configuring OAL 5
Guidelines and Restrictions for Using Layer 4 Operators in ACLs 7Determining Layer 4 Operation Usage 7Determining Logical Operation Unit Usage 8
Configuring VLAN ACLs 1
Understanding VACLs 1VACL Overview 2Bridged Packets 2Routed Packets 3Multicast Packets 4
Configuring VACLs 4VACL Configuration Overview 5
Defining a VLAN Access Map 5Configuring a Match Clause in a VLAN Access Map Sequence 6Configuring an Action Clause in a VLAN Access Map Sequence 7Applying a VLAN Access Map 8Verifying VLAN Access Map Configuration 8VLAN Access Map Configuration and Verification Examples 9
8/9/2019 122sxscg2
19/1012
Contents
17Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Configuring a Capture Port 9
Configuring VACL Logging 11
Configuring Denial of Service Protection 1
Understanding How DoS Protection Works 2DoS Protection with a PFC2 2DoS Protection with a PFC3 10
DoS Protection Default Configuration 21
DoS Protection Configuration Guidelines and Restrictions 22PFC2 22PFC3 23Monitoring Packet Drop Statistics 24Displaying Rate-Limiter Information 26
Understanding How Control Plane Policing Works 27CoPP Default Configuration 28
CoPP Configuration Guidelines and Restrictions 28
Configuring CoPP 29
Monitoring CoPP 30
Defining Traffic Classification 31Traffic Classification Overview 31Traffic Classification Guidelines 33Sample Basic ACLs for CoPP Traffic Classification 33
Configuring Sticky ARP 34
Configuring DHCP Snooping 1
Understanding DHCP Snooping 1Overview of DHCP Snooping 2Trusted and Untrusted Sources 2DHCP Snooping Binding Database 2Packet Validation 3DHCP Snooping Option-82 Data Insertion 3Overview of the DHCP Snooping Database Agent 5
Default Configuration for DHCP Snooping 6
DHCP Snooping Configuration Restrictions and Guidelines 7DHCP Snooping Configuration Restrictions 7DHCP Snooping Configuration Guidelines 7
8/9/2019 122sxscg2
20/1012
Contents
18Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Minimum DHCP Snooping Configuration 8
Configuring DHCP Snooping 9Enabling DHCP Snooping Globally 9Enabling DHCP Option-82 Data Insertion 10Enabling the DHCP Option-82 on Untrusted Port Feature 10Enabling DHCP Snooping MAC Address Verification 11Enabling DHCP Snooping on VLANs 12Configuring the DHCP Trust State on Layer 2 LAN Interfaces 13Configuring DHCP Snooping Rate Limiting on Layer 2 LAN Interfaces 14Configuring the DHCP Snooping Database Agent 14Configuration Examples for the Database Agent 15Displaying a Binding Table 18
Configuring Dynamic ARP Inspection 1
Understanding DAI 1Understanding ARP 1Understanding ARP Spoofing Attacks 2Understanding DAI and ARP Spoofing Attacks 2Interface Trust States and Network Security 3Rate Limiting of ARP Packets 4Relative Priority of ARP ACLs and DHCP Snooping Entries 4Logging of Dropped Packets 4
Default DAI Configuration 5
DAI Configuration Guidelines and Restrictions 5
Configuring DAI 6Enabling DAI on VLANs 7Configuring the DAI Interface Trust State 7Applying ARP ACLs for DAI Filtering 8Configuring ARP Packet Rate Limiting 9Enabling DAI Error-Disabled Recovery 10Enabling Additional Validation 11Configuring DAI Logging 12
Displaying DAI Information 15DAI Configuration Samples 16
Sample One: Two Switches Support DAI 16Sample Two: One Switch Supports DAI 20
8/9/2019 122sxscg2
21/1012
Contents
19Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Configuring Traffic Storm Control 1
Understanding Traffic Storm Control 1
Default Traffic Storm Control Configuration 2
Traffic Storm Control Guidelines and Restrictions 3Enabling Traffic Storm Control 3
Displaying Traffic Storm Control Settings 5
Unknown Unicast Flood Blocking 1
Understanding UUFB 1
Configuring UUFB 1
Configuring PFC QoS 1
Understanding How PFC QoS Works 2
Port Types Supported by PFC QoS 2Overview 2Component Overview 6Understanding Classification and Marking 16Policers 19Understanding Port-Based Queue Types 22
PFC QoS Default Configuration 29PFC QoS Global Settings 29Default Values With PFC QoS Enabled 30Default Values With PFC QoS Disabled 49
PFC QoS Configuration Guidelines and Restrictions 49General Guidelines 50PFC3 Guidelines 52PFC2 Guidelines 52Class Map Command Restrictions 53Policy Map Command Restrictions 53Policy Map Class Command Restrictions 53Supported Granularity for CIR and PIR Rate Values 54Supported Granularity for CIR and PIR Token Bucket Sizes 54
IP Precedence and DSCP Values 55Configuring PFC QoS 55
Enabling PFC QoS Globally 56Enabling Ignore Port Trust 57Configuring DSCP Transparency 58
8/9/2019 122sxscg2
22/1012
Contents
20Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Enabling Queueing-Only Mode 58Enabling Microflow Policing of Bridged Traffic 59Enabling VLAN-Based PFC QoS on Layer 2 LAN Ports 60Enabling Egress ACL Support for Remarked DSCP 61Creating Named Aggregate Policers 61Configuring a PFC QoS Policy 64Configuring Egress DSCP Mutation on a PFC3 82Configuring Ingress CoS Mutation on IEEE 802.1Q Tunnel Ports 84Configuring DSCP Value Maps 86Configuring the Trust State of Ethernet LAN and OSM Ports 90Configuring the Ingress LAN Port CoS Value 92Configuring Standard-Queue Drop Threshold Percentages 92Mapping QoS Labels to Queues and Drop Thresholds 98
Allocating Bandwidth Between Standard Transmit Queues 108Setting the Receive-Queue Size Ratio 110Configuring the Transmit-Queue Size Ratio 111
Common QoS Scenarios 112Sample Network Design Overview 112Classifying Traffic from PCs and IP Phones in the Access Layer 113Accepting the Traffic Priority Value on Interswitch Links 116Prioritizing Traffic on Interswitch Links 117Using Policers to Limit the Amount of Traffic from a PC 120
PFC QoS Glossary 122
Configuring PFC3BXL or PFC3B Mode MPLS QoS 1
Terminology 2
PFC3BXL or PFC3B Mode MPLS QoS Features 3MPLS Experimental Field 3Trust 3Classification 3Policing and Marking 4Preserving IP ToS 4
EXP Mutation 4MPLS DiffServ Tunneling Modes 4
PFC3BXL or PFC3B Mode MPLS QoS Overview 4Specifying the QoS in the IP Precedence Field 5
PFC3BXL or PFC3B Mode MPLS QoS 5
8/9/2019 122sxscg2
23/1012
Contents
21Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
LERs at the Input Edge of an MPLS Network 6LSRs in the Core of an MPLS Network 7LERs at the Output Edge of an MPLS Network 7
Understanding PFC3BXL or PFC3B Mode MPLS QoS 8LERs at the EoMPLS Edge 8LERs at the IP Edge (MPLS, MPLS VPN) 9LSRs at the MPLS Core 13
PFC3BXL or PFC3B MPLS QoS Default Configuration 15
MPLS QoS Commands 16
PFC3BXL or PFC3B Mode MPLS QoS Restrictions and Guidelines 17
Configuring PFC3BXL or PFC3B Mode MPLS QoS 18Enabling QoS Globally 18Enabling Queueing-Only Mode 19Configuring a Class Map to Classify MPLS Packets 20Configuring the MPLS Packet Trust State on Ingress Ports 22Configuring a Policy Map 23Displaying a Policy Map 28Configuring PFC3BXL or PFC3B Mode MPLS QoS Egress EXP Mutation 29Configuring EXP Value Maps 30
MPLS DiffServ Tunneling Modes 31Short Pipe Mode 32Uniform Mode 33
MPLS DiffServ Tunneling Restrictions and Usage Guidelines 35Configuring Short Pipe Mode 35
Ingress PE RouterCustomer Facing Interface 35Configuring Ingress PE RouterP Facing Interface 36Configuring the P RouterOutput Interface 38Configuring the Egress PE RouterCustomer Facing Interface 39
Configuring Uniform Mode 40Configuring the Ingress PE RouterCustomer Facing Interface 40Configuring the Ingress PE RouterP Facing Interface 41
Configuring the Egress PE RouterCustomer Facing Interface 42Configuring PFC QoS Statistics Data Export 1
Understanding PFC QoS Statistics Data Export 1
PFC QoS Statistics Data Export Default Configuration 2
Configuring PFC QoS Statistics Data Export 2
8/9/2019 122sxscg2
24/1012
Contents
22Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Configuring the Cisco IOS Firewall Feature Set 1
Cisco IOS Firewall Feature Set Support Overview 1
Cisco IOS Firewall Guidelines and Restrictions 2
Additional CBAC Configuration 3
Configuring Network Admission Control 1
Understanding NAC 1NAC Overview 1NAC Device Roles 2AAA Down Policy 3NAC Layer 2 IP Validation 4
Configuring NAC 11Default NAC Configuration 11
NAC Layer 2 IP Guidelines, Limitations, and Restrictions 11Configuring NAC Layer 2 IP Validation 13Configuring EAPoUDP 16Configuring Identity Profiles and Policies 17Configuring a NAC AAA Down Policy 17
Monitoring and Maintaining NAC 21Clearing Table Entries 21Displaying NAC Information 21
Configuring IEEE 802.1X Port-Based Authentication 1
Understanding 802.1X Port-Based Authentication 1Device Roles 2Authentication Initiation and Message Exchange 3Ports in Authorized and Unauthorized States 4Supported Topologies 4
Default 802.1X Port-Based Authentication Configuration 5
802.1X Port-Based Authentication Guidelines and Restrictions 6
Configuring 802.1X Port-Based Authentication 7Enabling 802.1X Port-Based Authentication7
Configuring Switch-to-RADIUS-Server Communication8Enabling Periodic Reauthentication 10Manually Reauthenticating the Client Connected to a Port 11Initializing Authentication for the Client Connected to a Port 11Changing the Quiet Period 11Changing the Switch-to-Client Retransmission Time 12
8/9/2019 122sxscg2
25/1012
Contents
23Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Setting the Switch-to-Client Retransmission Time for EAP-Request Frames 13Setting the Switch-to-Authentication-Server Retransmission Time for Layer 4 Packets 13Setting the Switch-to-Client Frame Retransmission Number 14Enabling Multiple Hosts 14Resetting the 802.1X Configuration to the Default Values 15
Displaying 802.1X Status 15
Configuring Port Security 1
Understanding Port Security 1Port Security with Dynamically Learned and Static MAC Addresses 1Port Security with Sticky MAC Addresses 2
Default Port Security Configuration 3
Port Security Guidelines and Restrictions 3
Configuring Port Security 4Enabling Port Security 4Configuring the Port Security Violation Mode on a Port 6Configuring the Port Security Rate Limiter 7Configuring the Maximum Number of Secure MAC Addresses on a Port 9Enabling Port Security with Sticky MAC Addresses on a Port 10Configuring a Static Secure MAC Address on a Port 11Configuring Secure MAC Address Aging on a Port 12
Displaying Port Security Settings 13
Configuring CDP 1Understanding How CDP Works 1
Configuring CDP 1Enabling CDP Globally 2Displaying the CDP Global Configuration 2Enabling CDP on a Port 2Displaying the CDP Interface Configuration 3Monitoring and Maintaining CDP 3
Configuring UDLD 1
Understanding How UDLD Works 1UDLD Overview 1UDLD Aggressive Mode 2
Default UDLD Configuration 3
Configuring UDLD 3
8/9/2019 122sxscg2
26/1012
Contents
24Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Enabling UDLD Globally 3Enabling UDLD on Individual LAN Interfaces 4Disabling UDLD on Fiber-Optic LAN Interfaces 4Configuring the UDLD Probe Message Interval 5Resetting Disabled LAN Interfaces 5
Configuring NetFlow 1
Understanding NetFlow 1NetFlow Overview 1NetFlow on the MSFC 2NetFlow on the PFC 3
Default NetFlow Configuration 5
NetFlow Configuration Guidelines and Restrictions 5
Configuring NetFlow 6Configuring NetFlow on the PFC 6Configuring NetFlow on the MSFC 10
Configuring NDE 1
Understanding NDE 1NDE Overview 1NDE on the MSFC 2NDE on the PFC 2
Default NDE Configuration 10
NDE Configuration Guidelines and Restrictions 10
Configuring NDE 10Configuring NDE on the PFC 11Configuring NDE on the MSFC 13Enabling NDE for Ingress-Bridged IP Traffic 15Displaying the NDE Address and Port Configuration 15Configuring NDE Flow Filters 16Displaying the NDE Configuration 18
Configuring Local SPAN, RSPAN, and ERSPAN 1
Understanding How Local SPAN, RSPAN, and ERSPAN Work 1Local SPAN, RSPAN, and ERSPAN Overview 2Local SPAN, RSPAN, and ERSPAN Sources 5Local SPAN, RSPAN, and ERSPAN Destination Ports 6
Local SPAN, RSPAN, and ERSPAN Configuration Guidelines and Restrictions 6
8/9/2019 122sxscg2
27/1012
Contents
25Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Feature Incompatiblities 6Local SPAN, RSPAN, and ERSPAN Session Limits 7Local SPAN, RSPAN, and ERSPAN Guidelines and Restrictions 9VSPAN Guidelines and Restrictions 10RSPAN Guidelines and Restrictions 11ERSPAN Guidelines and Restrictions 11
Configuring Local SPAN, RSPAN, and ERSPAN 13Configuring Destination Port Permit Lists (Optional) 14Configuring Local SPAN 14Configuring RSPAN 16Configuring ERSPAN 18Configuring Source VLAN Filtering for Local SPAN and RSPAN 23Configuring a Destination Port as an Unconditional Trunk 23
Configuring Destination Trunk Port VLAN Filtering 24Verifying the Configuration 25Configuration Examples 26
Configuring SNMP IfIndex Persistence 1
Understanding SNMP IfIndex Persistence 1
Configuring SNMP IfIndex Persistence 2Enabling SNMP IfIndex Persistence Globally 2Disabling SNMP IfIndex Persistence Globally 2Enabling and Disabling SNMP IfIndex Persistence on Specific Interfaces 2
Clearing SNMP IfIndex Persistence Configuration from a Specific Interface 3
Power Management and Environmental Monitoring 1
Understanding How Power Management Works 1Enabling or Disabling Power Redundancy 2Powering Modules Off and On 3Viewing System Power Status 4Power Cycling Modules 5Determining System Power Requirements 5Determining System Hardware Capacity 5Determining Sensor Temperature Threshold 9
Understanding How Environmental Monitoring Works 10Monitoring System Environmental Status 10Understanding LED Environmental Indications 12
8/9/2019 122sxscg2
28/1012
Contents
26Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Configuring Generic Online Diagnostics 1
Understanding How Online Diagnostics Work 1
Configuring Online Diagnostics 2Setting Bootup Online Diagnostics Level 2Configuring On-Demand Online Diagnostics 2Scheduling Online Diagnostics 4Configuring Health-Monitoring Diagnostics 5
Running Online Diagnostic Tests 5Starting and Stopping Online Diagnostic Tests 6Displaying Online Diagnostic Tests and Test Results 7
Performing Memory Tests 10
Configuring Web Cache Services Using WCCP 1
Understanding WCCP 2WCCP Overview 2Hardware Acceleration 2Understanding WCCPv1 Configuration 3Understanding WCCPv2 Configuration 4WCCPv2 Features 5
Restrictions for WCCPv2 7
Configuring WCCP 7Specifying a Version of WCCP 7
Configuring a Service Group Using WCCPv2 8
Excluding Traffic on a Specific Interface from Redirection 9Registering a Router to a Multicast Address 10Using Access Lists for a WCCP Service Group 10Setting a Password for a Router and Cache Engines 11
Verifying and Monitoring WCCP Configuration Settings 11
WCCP Configuration Examples 11Changing the Version of WCCP on a Router Example 12Performing a General WCCPv2 Configuration Example 12Running a Web Cache Service Example 12Running a Reverse Proxy Service Example 13Registering a Router to a Multicast Address Example 13Using Access Lists Example 13Setting a Password for a Router and Cache Engines Example 14
8/9/2019 122sxscg2
29/1012
Contents
27Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Verifying WCCP Settings Example 14
Using the Top N Utility 1
Understanding the Top N Utility 1
Top N Utility Overview 1Understanding Top N Utility Operation 2
Using the Top N Utility 2Enabling Top N Utility Report Creation 3Displaying the Top N Utility Reports 3Clearing Top N Utility Reports 4
Using the Layer 2 Traceroute Utility 1
Understanding the Layer 2 Traceroute Utility 1
Usage Guidelines 1
Using the Layer 2 Traceroute Utility 2
A P P E N D I X A Online Diagnostic Tests 1
Global Health-Monitoring Tests 2TestSPRPInbandPing 2TestScratchRegister 3TestMacNotification 3
Per-Port Tests 4TestNonDisruptiveLoopback 4TestLoopback 5TestActiveToStandbyLoopback 5TestTransceiverIntegrity 6TestNetflowInlineRewrite 6
PFC Layer 2 Forwarding Engine Tests 7TestNewIndexLearn 7TestDontConditionalLearn 7TestBadBpduTrap 8TestMatchCapture 8
TestStaticEntry 9DFC Layer 2 Forwarding Engine Tests 9
TestDontLearn 9TestNewLearn 10TestIndexLearn 10TestConditionalLearn 11TestTrap 11
8/9/2019 122sxscg2
30/1012
Contents
28Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
TestBadBpdu 12TestProtocolMatchChannel 13TestCapture 13TestStaticEntry 14
PFC Layer 3 Forwarding Engine Tests 14TestFibDevices 14TestIPv4FibShortcut 15TestIPv6FibShortcut 15TestMPLSFibShortcut 16TestNATFibShortcut 16TestL3Capture2 17TestAclPermit 17TestAclDeny 18
TestNetflowShortcut 18TestQoS 19
DFC Layer 3 Forwarding Engine Tests 19TestFibDevices 19TestIPv4FibShortcut 20TestIPv6FibShortcut 20TestMPLSFibShortcut 21TestNATFibShortcut 21TestL3Capture2 22TestAclPermit 22TestAclDeny 23TestQoS 23TestNetflowShortcut 24
Replication Engine Tests 24TestL3VlanMet 24TestIngressSpan 25TestEgressSpan 25
Fabric Tests 26TestFabricSnakeForward 26
TestFabricSnakeBackward 27TestSynchedFabChannel 27TestFabricCh0Health 28TestFabricCh1Health 28
Exhaustive Memory Tests 28TestFibTcamSSRAM 29TestAsicMemory 29
8/9/2019 122sxscg2
31/1012
Contents
29Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
TestAclQosTcam 30TestNetflowTcam 30TestQoSTcam 30
IPSEC Services Modules Tests 32TestIPSecClearPkt 32TestHapiEchoPkt 32TestIPSecEncryptDecryptPkt 33
Stress Tests 33TestTrafficStress 33TestEobcStressPing 34
Critical Recovery Tests 34TestL3HealthMonitoring 34TestTxPathMonitoring 35
TestSynchedFabChannel 35
General Tests 36ScheduleSwitchover 36TestFirmwareDiagStatus 36
A P P E N D I X B Acronyms 1
I N D E X
8/9/2019 122sxscg2
32/1012
30Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Preface
This preface describes who should read the Cisco 7600 Series Router Cisco IOS Software ConfigurationGuide , Release 12.2SX, how it is organized, and its document conventions.
AudienceThis guide is for experienced network administrators who are responsible for configuring andmaintaining Cisco 7600 series routers.
OrganizationThis guide is organized as follows:
Chapter Title Description
Chapter 1 Product Overview Presents an overview of the Cisco 7600 seriesrouters.
Chapter 2 Command-Line Interfaces Describes how to use the command-line interface(CLI).
Chapter 3 Configuring the Switch for theFirst Time
Describes how to perform a baseline configuration.
Chapter 4 Configuring aSupervisor Engine 720
Describes how to configure aSupervisor Engine 720.
Chapter 5 Configuring aSupervisor Engine 32
Describes how to configure a Supervisor Engine 32.
Chapter 6 Configuring the SupervisorEngine 2 and the Switch FabricModule
Describes how to configure a Supervisor Engine 2and the Switch Fabric Module.
Chapter 7 Configuring NSF with SSOSupervisor Engine Redundancy
Describes how to configure NSF with SSOsupervisor engine redundancy.
Chapter 8 Configuring RPR and RPR+Supervisor Engine Redundancy
Describes how to configure RPR and RPR+supervisor engine redundancy.
8/9/2019 122sxscg2
33/1012
31Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
PrefaceOrganization
Chapter 9 Configuring Interfaces Describes how to configure non-layer-specificfeatures on LAN interfaces.
Chapter 10 Configuring LAN Ports for Layer2 Switching
Describes how to configure LAN interfaces tosupport Layer 2 features, including VLAN trunks.
Chapter 11 Configuring Flex Links Describes how to configure Flex Links.
Chapter 12 Configuring EtherChannels Describes how to configure Layer 2 and Layer 3EtherChannel port bundles.
Chapter 13 Configuring VTP Describes how to configure the VLAN TrunkingProtocol (VTP).
Chapter 14 Configuring VLANs Describes how to configure VLANs.
Chapter 15 Configuring Private VLANs Describes how to configure private VLANs.
Chapter 16 Configuring Cisco IP PhoneSupport
Describes how to configure Cisco IP Phone support.
Chapter 17 Configuring IEEE 802.1QTunneling
Describes how to configure IEEE 802.1Q tunneling.
Chapter 18 Configuring Layer 2 ProtocolTunneling
Describes how to configure Layer 2 protocoltunneling.
Chapter 19 Configuring Standard-CompliantIEEE MST
Describes how to configure standard-compliantIEEE MST.
Chapter 20 Configuring STP and PrestandardIEEE 802.1s MST
Describes how to configure the Spanning TreeProtocol (STP) and Prestandard IEEE 802.1sMultiple Spanning Tree (MST).
Chapter 21 Configuring Optional STPFeatures
Describes how to configure the STP PortFast,UplinkFast, and BackboneFast features.
Chapter 22 Configuring Layer 3 Interfaces Describes how to configure LAN interfaces tosupport Layer 3 features.
Chapter 23 Configuring UDE and UDLR Describes how to configure unidirectional Ethernet(UDE) and unidirectional link routing (UDLR).
Chapter 24 Configuring PFC3BXL andPFC3B Mode Multiprotocol LabelSwitching
Describes how to configure PFC3BXL or PFC3BMultiprotocol Label Switching (MPLS).
Chapter 25 Configuring IPv4 Multicast VPNSupport
Describes how to configure IPv4 Multicast VirtualPrivate Network (MVPN).
Chapter 26 Configuring IP Unicast Layer 3Switching
Describes how to configure IP unicast Layer 3switching.
Chapter 27 Configuring IPv6 Multicast PFC3and DFC3 Layer 3 Switching Describes how to configure IPv6 MulticastMultilayer Switching (MMLS).
Chapter 28 Configuring IPv4 MulticastLayer 3 Switching
Describes how to configure IPv4 MulticastMultilayer Switching (MMLS).
Chapter 29 Configuring MLDv2 Snooping forIPv6 Multicast Traffic
Describes how to configure Multicast ListenerDiscovery version 2 (MLDv2) snooping.
Chapter 30 Configuring IGMP Snooping forIPv4 Multicast Traffic
Describes how to configure Internet GroupManagement Protocol (IGMP) snooping.
Chapter Title Description
8/9/2019 122sxscg2
34/1012
32Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
PrefaceOrganization
Chapter 31 Configuring PIM Snooping Describes how to configure protocol independentmulticast (PIM) snooping.
Chapter 32 Configuring RGMP Describes how to configure Router-Port GroupManagement Protocol (RGMP).
Chapter 33 Configuring Network Security Describes how to configure network securityfeatures that are unique to the Cisco 7600 seriesrouters.
Chapter 34 Understanding Cisco IOS ACLSupport
Describes how Cisco 7600 series routers supportCisco IOS ACLs.
Chapter 35 Configuring VLAN ACLs Describes how to configure VLAN ACLs.
Chapter 36 Configuring Denial of ServiceProtection
Describes how to configure denial of serviceprotection.
Chapter 37 Configuring DHCP Snooping Describes how to configure DHCP snooping.
Chapter 38 Configuring Dynamic ARP
Inspection
Describes how to configure dynamic ARP
inspection.Chapter 39 Configuring Traffic Storm Control Describes how to configure traffic storm control.
Chapter 40 Unknown Unicast Flood Blocking Describes how to configure unknown unicast floodblocking.
Chapter 41 Configuring PFC QoS Describes how to configure quality of service (QoS).
Chapter 42 Configuring PFC3BXL or PFC3BMode MPLS QoS
Describes how to configure MPLS QoS.
Chapter 43 Configuring PFC QoS StatisticsData Export
Describes how to configure PFC QoS statistics dataexport.
Chapter 44 Configuring the Cisco IOSFirewall Feature Set
Describes how to configure the Cisco IOS Firewallfeature set.
Chapter 45 Configuring Network AdmissionControl
Describes how to configure Network AdmissionControl.
Chapter 46 Configuring IEEE 802.1XPort-Based Authentication
Describes how to configure IEEE 802.1X port-basedauthentication.
Chapter 47 Configuring Port Security Describes how to configure port security.
Chapter 48 Configuring CDP Describes how to configure Cisco DiscoveryProtocol (CDP).
Chapter 49 Configuring UDLD Describes how to configure the UniDirectional Link Detection (UDLD) protocol.
Chapter 50 Configuring NetFlow Describes how to configure the NetFlow table
Chapter 51 Configuring NDE Describes how to configure Netflow Data Export(NDE).
Chapter 52 Configuring Local SPAN,RSPAN, and ERSPAN
Describes how to configure the Switch PortAnalyzer (SPAN).
Chapter 53 Configuring SNMP IfIndexPersistence
Describes how to configure SNMP ifIndexpersistence.
Chapter Title Description
8/9/2019 122sxscg2
35/1012
33Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
PrefaceRelated Documentation
Related DocumentationThe following publications are available for the Cisco 7600 series routers:
Cisco 7600 Series Router Installation Guide
Cisco 7600 Series Router Module Installation Guide
Cisco 7600 Series Router Cisco IOS Command Reference
Cisco 7600 Series Router Cisco IOS System Message Guide
Release Notes for Cisco IOS Release 12.2SX on the Supervisor Engine 720, Supervisor Engine 32,and Supervisor Engine 2
Cisco IOS Configuration Guides and Command References Use these publications to help you
configure Cisco IOS software features not described in the Cisco 7600 series router publications: Configuration Fundamentals Configuration Guide Configuration Fundamentals Command Reference Bridging and IBM Networking Configuration Guide Bridging and IBM Networking Command Reference Interface Configuration Guide Interface Command Reference Network Protocols Configuration Guide , Part 1, 2, and 3 Network Protocols Command Reference , Part 1, 2, and 3
Security Configuration Guide Security Command Reference Switching Services Configuration Guide Switching Services Command Reference Voice, Video, and Home Applications Configuration Guide Voice, Video, and Home Applications Command Reference Software Command Summary
Chapter 54 Power Management andEnvironmental Monitoring
Describes how to configure power management andenvironmental monitoring features.
Chapter 55 Configuring Generic OnlineDiagnostics
Describes how to configure online diagnostics andrun diagnostic tests.
Chapter 56 Configuring Web Cache ServicesUsing WCCP
Describes how to configure the Web CacheCommunication Protocol (WCCP).
Chapter 57 Using the Top N Utility Describes how to use the Top N utility.
Chapter 58 Using the Layer 2 TracerouteUtility
Describes how to use the Layer 2 traceroute utility.
Appendix A Online Diagnostic Tests Provides recommendations for how to use the onlinediagnostic tests.
Appendix B Acronyms Defines the acronyms used in this publication.
Chapter Title Description
8/9/2019 122sxscg2
36/1012
34Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
PrefaceConventions
Software System Error Messages Debug Command Reference Internetwork Design Guide Internetwork Troubleshooting Guide
Configuration Builder Getting Started Guide The Cisco IOS Configuration Guides and Command References are located at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/index.htm
For information about MIBs, go to this URL:
http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
ConventionsThis document uses the following conventions:
Notes use the following conventions:
Note Means reader take note . Notes contain helpful suggestions or references to material not covered in thepublication.
Convention Description
boldface font Commands, command options, and keywords are in boldface .
italic font Arguments for which you supply values are in italics .
[ ] Elements in square brackets are optional.
{ x | y | z } Alternative keywords are grouped in braces and separated by vertical bars.
[ x | y | z ] Optional alternative keywords are grouped in brackets and separated byvertical bars.
string A nonquoted set of characters. Do not use quotation marks around thestring or the string will include the quotation marks.
screen font Terminal sessions and information the system displays are in screen font. boldface screen font
Information you must enter is in boldface screen font.
italic screen font Arguments for which you supply values are in italic screen font.
This pointer highlights an important line of text in an example.
^ The symbol represents the key labeled Controlfor example, the keycombination ^D in a screen display means hold down the Control keywhile you press the D key.
< > Nonprinting characters, such as passwords are in angle brackets.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/index.htmhttp://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtmlhttp://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtmlhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios122/index.htm8/9/2019 122sxscg2
37/1012
35Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
PrefaceConventions
Cautions use the following conventions:
Caution Means reader be careful . In this situation, you might do something that could result in equipmentdamage or loss of data.
Obtaining Documentation and Submitting a Service RequestFor information on obtaining documentation, submitting a service request, and gathering additionalinformation, see the monthly Whats New in Cisco Product Documentation , which also lists all new andrevised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the Whats New in Cisco Product Documentation as a Really Simple Syndication (RSS) feedand set content to be delivered directly to your desktop using a reader application. The RSS feeds are a freeservice and Cisco currently supports RSS version 2.0.
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.htmlhttp://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html8/9/2019 122sxscg2
38/1012
36Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
PrefaceConventions
8/9/2019 122sxscg2
39/1012
C H A P T E R
1-1Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
1Product Overview
This chapter consists of these sections:
Supported Hardware and Software, page 1-1
User Interfaces, page 1-1
Configuring Embedded CiscoView Support, page 1-2
Software Features Supported in Hardware by the PFC and DFC, page 1-3
Supported Hardware and SoftwareFor complete information about the chassis, modules, and software features supported by the Cisco 7600series routers, refer to the Release Notes for Cisco IOS Release 12.2SX on the Supervisor Engine 720,Supervisor Engine 32, and Supervisor Engine 2 :
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/122sx/ol_4164.htm
User InterfacesRelease 12.2SX supports configuration using the following interfaces:
CLISee Chapter 2, Command-Line Interfaces.
SNMPRefer to the Release 12.2 IOS Configuration Fundamentals Configuration Guide andCommand Reference at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ffun_c/index.htm
Cisco IOS web browser interfaceRefer to Using the Cisco Web Browser in the IOSConfiguration Fundamentals Configuration Guide at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ffun_c/ffcprt1/fcf005.htm
Embedded CiscoViewSee the Configuring Embedded CiscoView Support section on page 1-2
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/122sx/ol_4164.htmhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ffun_c/index.htmhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ffun_c/ffcprt1/fcf005.htmhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ffun_c/ffcprt1/fcf005.htmhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ffun_c/index.htmhttp://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/122sx/ol_4164.htm8/9/2019 122sxscg2
40/1012
1-2Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 1 Product OverviewConfiguring Embedded CiscoView Support
Configuring Embedded CiscoView SupportThese sections describe configuring Embedded CiscoView support:
Understanding Embedded CiscoView, page 1-2
Installing and Configuring Embedded CiscoView, page 1-2 Displaying Embedded CiscoView Information, page 1-3
Understanding Embedded CiscoViewThe Embedded CiscoView network management system is a web-based interface that uses HTTP andSNMP to provide a graphical representation of the router and to provide a GUI-based management andconfiguration interface. You can download the Java Archive (JAR) files for Embedded CiscoView atthis URL:
http://www.cisco.com/cgi-bin/Software/CiscoView/cvplanner.cgi
Installing and Configuring Embedded CiscoViewTo install and configure Embedded CiscoView, perform this task:
Note The default password for accessing the router web page is the enable-level password of the router.
Command Purpose
Step 1 Router# dir device_name Displays the contents of the device.
If you are installing Embedded CiscoView for the firsttime, or if the CiscoView directory is empty, skip toStep 4 .
Step 2 Router# delete device_name :cv/* Removes existing files from the CiscoView directory.
Step 3 Router# squeeze device_name : Recovers the space in the file system.
Step 4 Router# archive tar /xtract tftp://ip_address_of_tftp_server /ciscoview.tardevice_name :cv
Extracts the CiscoView files from the tar file on the TFTPserver to the CiscoView directory.
Step 5 Router# dir device_name : Displays the contents of the device.
In a redundant configuration, repeat Step 1 throughStep 5 for the file system on the redundant supervisorengine.
Step 6 Router# configure terminal Enters global configuration mode.
Step 7 Router(config)# ip http server Enables the HTTP web server.
Step 8 Router(config)# snmp-server community string ro Configures the SNMP password for read-only operation.Step 9 Router(config)# snmp-server community string rw Configures the SNMP password for read/write operation.
http://www.cisco.com/cgi-bin/Software/CiscoView/cvplanner.cgihttp://-/?-http://-/?-http://-/?-http://-/?-http://-/?-http://-/?-http://www.cisco.com/cgi-bin/Software/CiscoView/cvplanner.cgi8/9/2019 122sxscg2
41/1012
1-3Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 1 Product OverviewSoftware Features Supported in Hardware by the PFC and DFC
For more information about web access to the router, refer to Using the Cisco Web Browser in the IOSConfiguration Fundamentals Configuration Guide at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ffun_c/ffcprt1/fcf005.htm
Displaying Embedded CiscoView InformationTo display the Embedded CiscoView information, enter the following EXEC commands:
Software Features Supported in Hardware by the PFC and DFCThese sections describe the hardware support provided by Policy Feature Card 3 (PFC3), Policy FeatureCard 2 (PFC2), Distributed Forwarding Card 3 (DFC3) and Distributed Forwarding Card (DFC):
Software Features Supported in Hardware by the PFC3, PFC2, DFC3, and DFC, page 1-3
Software Features Supported in Hardware by the PFC3 and DFC3, page 1-4
Software Features Supported in Hardware by the PFC3, PFC2, DFC3, and DFC
The PFC3, PFC2, DFC3, and DFC provide hardware support for these Cisco IOS software features:
Access Control Lists (ACLs) for Layer 3 ports and VLAN interfaces Permit and deny actions of input and output standard and extended ACLs
Note Flows that require ACL logging are processed in software on the MSFC.
Except on MPLS interfaces, reflexive ACL flows after the first packet in a session is processedin software on the MSFC
Dynamic ACL flows
Note Idle timeout is processed in software on the MSFC.
For more information about PFC and DFC support for ACLs, see Chapter 34, Understanding Cisco
IOS ACL Support.For complete information about configuring ACLs, refer to the Cisco IOS Security ConfigurationGuide, Release 12.2, Traffic Filtering and Firewalls, at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/ftrafwl/index.htm
VLAN ACLs (VACLs)To configure VACLs, see Chapter 35, Configuring VLAN ACLs.
Command PurposeRouter# show ciscoview package Displays information about the Embedded CiscoView files.Router# show ciscoview version Displays the Embedded CiscoView version.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ffun_c/ffcprt1/fcf005.htmhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/ftrafwl/index.htmhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/ftrafwl/index.htmhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ffun_c/ffcprt1/fcf005.htm8/9/2019 122sxscg2
42/1012
1-4Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 1 Product OverviewSoftware Features Supported in Hardware by the PFC and DFC
Policy-based routing (PBR) for route-map sequences that use the match ip address , set ipnext-hop , and ip default next-hop PBR keywords.
To configure PBR, refer to the Cisco IOS Quality of Service Solutions Configuration Guide , Release12.2, Classification, Configuring Policy-Based Routing, at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fqos_c/fqcprt1/qcfpbr.htm
Note If the MSFC3 address falls within the range of a PBR ACL, traffic addressed to the MSFC3is policy routed in hardware instead of being forwarded to the MSFC3. To prevent policyrouting of traffic addressed to the MSFC3, configure PBR ACLs to deny traffic addressed tothe MSFC3.
Except on MPLS interfaces, TCP interceptTo configure TCP intercept, see the Configuring TCPIntercept section on page 33-2 .
Firewall feature set images provide these features: Context-Based Access Control (CBAC) The PFC installs entries in the NetFlow table to
direct flows that require CBAC to the MSFC where the CBAC is applied in software on theMSFC.
Authentication ProxyAfter authentication on the MSFC, the PFC provides TCAM support forthe authentication policy.
Port-to-Application Mapping (PAM)PAM is done in software on the MSFC.
To configure firewall features, see Chapter 44, Configuring the Cisco IOS Firewall Feature Set.
Hardware-assisted NetFlow AggregationRefer to this URL:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/122sx/swcg/nde.htm#1081085
Software Features Supported in Hardware by the PFC3 and DFC3
The PFC3 and DFC3 provide hardware support for these Cisco IOS software features: Bidirectional Protocol Independent Multicast (PIM) in hardwareSee Understanding How IPv4
Bidirectional PIM Works section on page 28-7 .
Multiple-path Unicast Reverse Path Forwarding (RPF) CheckTo configure Unicast RPF Check,see the Configuring Unicast Reverse Path Forwarding Check section on page 33-2 .
Except on MPLS interfaces, Network Address Translation (NAT) for IPv4 unicast and multicasttraffic.
Note the following information about hardware-assisted NAT: NAT of UDP traffic is supported only in PFC3BXL or PFC3B mode. The PFC3 does not support NAT of multicast traffic.
The PFC3 does not support NAT configured with a route-map that specifies length. When you configure NAT and NDE on an interface, the PFC3 sends all traffic in fragmented
packets to the MSFC3 to be processed in software. (CSCdz51590)
To configure NAT, refer to the Cisco IOS IP Configuration Guide , Release 12.2, IP Addressing andServices, Configuring IP Addressing, Configuring Network Address Translation, at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt1/1cfipadr.htm#1042290
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fqos_c/fqcprt1/qcfpbr.htmhttp://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/122sx/swcg/nde.htm#1081085http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt1/1cfipadr.htm#1042290http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt1/1cfipadr.htm#1042290http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt1/1cfipadr.htm#1042290http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt1/1cfipadr.htm#1042290http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/122sx/swcg/nde.htm#1081085http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fqos_c/fqcprt1/qcfpbr.htm8/9/2019 122sxscg2
43/1012
1-5Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 1 Product OverviewSoftware Features Supported in Hardware by the PFC and DFC
To prevent a significant volume of NAT traffic from being sent to the MSFC3, due to either a DoSattack or a misconfiguration, enter the mls rate-limit unicast acl {ingress | egress } commanddescribed at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/122sx/cmdref/m1.htm#56404
(CSCea23296)
With Release 12.2(18)SXE and later releases, IPv4 Multicast over point-to-point generic routeencapsulation (GRE) TunnelsRefer to the publication at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/finter_c/icflogin.htm
Releases earlier than Release 12.2(18)SXE support IPv4 multicast over point-to-point GRE tunnelsin software on the MSFC.
Note The PFC3 does not provide hardware acceleration for tunnels configured with the tunnel key command.
GRE Tunneling and IP in IP TunnelingThe PFC3 and DFC3s support the following tunnel commands:
tunnel destination tunnel mode gre tunnel mode ipip tunnel source tunnel ttl tunnel tos
Other supported types of tunneling run in software on the MSFC3.
The tunnel ttl command (default 255) sets the TTL of encapsulated packets.
The tunnel tos command, if present, sets the ToS byte of a packet when it is encapsulated. If the
tunnel tos command is not present and QoS is not enabled, the ToS byte of a packet sets the ToSbyte of the packet when it is encapsulated. If the tunnel tos command is not present and QoS isenabled, the ToS byte of a packet as modified by PFC QoS sets the ToS byte of the packet when itis encapsulated.
To configure GRE Tunneling and IP in IP Tunneling, refer to these publications:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/finter_c/icflogin.htm
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/finter_r/irfshoip.htm
To configure the tunnel tos and tunnel ttl commands, refer to this publication:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s17 /12s_tos.htm
Note the following information about tunnels: Each hardware-assisted tunnel must have a unique source. Hardware-assisted tunnels cannot
share a source even if the destinations are different. Use secondary addresses on loopback interfaces or create multiple loopback interfaces. (CSCdy72539)
Each tunnel interface uses one internal VLAN. Each tunnel interface uses one additional router MAC address entry per router MAC address. The PFC3A does not support any PFC QoS features on tunnel interfaces.
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/122sx/cmdref/m1.htm#56404http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/finter_c/icflogin.htmhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/finter_c/icflogin.htmhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/finter_r/irfshoip.htmhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s17/12s_tos.htmhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s17/12s_tos.htmhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/finter_c/icflogin.htmhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s17/12s_tos.htmhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s17/12s_tos.htmhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/finter_r/irfshoip.htmhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/finter_c/icflogin.htmhttp://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/122sx/cmdref/m1.htm#564048/9/2019 122sxscg2
44/1012
1-6Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 1 Product OverviewSoftware Features Supported in Hardware by the PFC and DFC
The PFC3B and PFC3BXL support PFC QoS features on tunnel interfaces. The MSFC3 supports tunnels configured with egress features on the tunnel interface. Examples
of egress features are output Cisco IOS ACLs, NAT (for inside to outside translation), TCPintercept, CBAC, and encryption.
8/9/2019 122sxscg2
45/1012
C H A P T E R
2-1Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
2Command-Line Interfaces
This chapter describes the command-line interfaces (CLIs) you use to configure the Cisco 7600 seriesrouters.
Note For complete syntax and usage information for the commands used in this chapter, refer to thesepublications:
The Cisco 7600 Series Router Cisco IOS Command Reference at this URL:
http://www.cisco.com/en/US/docs/ios/mcl/122sxmcl/12_2sx_mcl_book.html
The Release 12.2 publications at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/index.htm
This chapter consists of these sections:
Accessing the CLI, page 2-1
Performing Command Line Processing, page 2-3
Performing History Substitution, page 2-3
Cisco IOS Command Modes, page 2-4
Displaying a List of Cisco IOS Commands and Syntax, page 2-5
ROM-Monitor Command-Line Interface, page 2-6
Accessing the CLIThese sections describe accessing the CLI:
Accessing the CLI through the EIA/TIA-232 Console Interface, page 2-2
Accessing the CLI through Telnet, page 2-2
http://www.cisco.com/en/US/docs/ios/mcl/122sxmcl/12_2sx_mcl_book.htmlhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/index.htmhttp://www.cisco.com/en/US/docs/ios/mcl/122sxmcl/12_2sx_mcl_book.htmlhttp://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/index.htm8/9/2019 122sxscg2
46/1012
2-2Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 2 Command-Line InterfacesAccessing the CLI
Accessing the CLI through the EIA/TIA-232 Console Interface
Note EIA/TIA-232 was known as recommended standard 232 (RS-232) before its acceptance as a standard bythe Electronic Industries Alliance (EIA) and Telecommunications Industry Association (TIA).
Perform initial configuration over a connection to the EIA/TIA-232 console interface. Refer to theCisco 7600 Series Router Module Installation Guide for console interface cable connection procedures.
To make a console connection, perform this task:
After making a console connection, you see this display:
Press Return for Console prompt
Router> enable Password:Router#
Accessing the CLI through Telnet
Note Before you can make a Telnet connection to the router, you must configure an IP address (see theConfiguring IPv4 Routing and Addresses section on page 22-4 ).
The router supports up to eight simultaneous Telnet sessions. Telnet sessions disconnect automaticallyafter remaining idle for the period specified with the exec-timeout command.
To make a Telnet connection to the router, perform this task:
Command Purpose
Step 1 Press Return. Brings up the prompt.
Step 2 Router> enable Initiates enable mode enable.
Step 3 Password: password Router#
Completes enable mode enable.
Step 4 Router# quit Exits the session when finished.
Command Purpose
Step 1 telnet { hostname | ip_addr } Makes a Telnet connection from the remote host to therouter you want to access.
Step 2 Password: password Router#
Initiates authentication.Note If no password has been configured, press Return.
Step 3 Router> enable Initiates enable mode enable.
Step 4 Password: password Router#
Completes enable mode enable.
Step 5 Router# quit Exits the session when finished.
8/9/2019 122sxscg2
47/1012
2-3Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 2 Command-Line InterfacesPerforming Command Line Processing
This example shows how to open a Telnet session to the router:
unix_host% telnet Router_1 Trying 172.20.52.40...Connected to 172.20.52.40.Escape character is '^]'.
User Access Verification
Password:Router_1> enable Password:Router_1#
Performing Command Line ProcessingCommands are not case sensitive. You can abbreviate commands and parameters if the abbreviationscontain enough letters to be different from any other currently available commands or parameters. Youcan scroll through the last 20 commands stored in the history buffer, and enter or edit the command atthe prompt. Table 2-1 lists the keyboard shortcuts for entering and editing commands.
Performing History SubstitutionThe history buffer stores the last 20 commands you entered. History substitution allows you to accessthese commands without retyping them, by using special abbreviated commands. Table 2-2 lists thehistory substitution commands.
Table 2-1 Keyboard Shortcuts
Keystrokes Purpose
Press Ctrl-B orpress the left arrow key 1
1. The arrow keys function only on ANSI-compatible terminals such as VT100s.
Moves the cursor back one character.
Press Ctrl-F or press the right arrow key 1
Moves the cursor forward one character.
Press Ctrl-A Moves the cursor to the beginning of the command line.
Press Ctrl-E Moves the cursor to the end of the command line.
Press Esc B Moves the cursor back one word.
Press Esc F Moves the cursor forward one word.
http://-/?-http://-/?-http://-/?-http://-/?-8/9/2019 122sxscg2
48/1012
2-4Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 2 Command-Line InterfacesCisco IOS Command Modes
Cisco IOS Command Modes
Note For complete information about Cisco IOS command modes, refer to the Cisco IOS ConfigurationFundamentals Configuration Guide at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ffun_c/index.htm
The Cisco IOS user interface is divided into many different modes. The commands available to youdepend on which mode you are currently in. To get a list of the commands in a given mode, type aquestion mark (?) at the system prompt. See the Displaying a List of Cisco IOS Commands and Syntaxsection on page 2-5 .
When you start a session on the router, you begin in user mode, often called user EXEC mode. Only alimited subset of the commands are available in EXEC mode. To have access to all commands, you mustenter privileged EXEC mode. Normally, you must type in a password to access privileged EXEC mode.From privileged EXEC mode, you can type in any EXEC command or access global configuration mode.
The configuration modes allow you to make changes to the running configuration. If you later save theconfiguration, these commands are stored across reboots. You must start at global configuration mode.From global configuration mode, you can enter interface configuration mode, subinterface configurationmode, and a variety of protocol-specific modes.
Note With Release 12.1(11b)E and later, when you are in configuration mode you can enter EXEC mode-levelcommands by entering the do keyword before the EXEC mode-level command.
ROM-monitor mode is a separate mode used when the router cannot boot properly. For example, therouter might enter ROM-monitor mode if it does not find a valid system image when it is booting, or if its configuration file is corrupted at startup. See the ROM-Monitor Command-Line Interface sectionon page 2-6 .
Table 2-3 lists and describes frequently used Cisco IOS modes.
Table 2-2 History Substitution Commands
Command Purpose
Ctrl-P or the up arrow key. 1
1. The arrow keys function only on ANSI-compatible terminals such as VT100s.
Recalls commands in the history buffer, beginningwith the most recent command. Repeat the keysequence to recall successively older commands.
Ctrl-N or the down arrow key. 1 Returns to more recent commands in the historybuffer after recalling commands with Ctrl-P or theup arrow key. Repeat the key sequence to recallsuccessively more recent commands.
Router# show history While in EXEC mode, lists the last severalcommands you have just entered.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ffun_c/index.htmhttp://-/?-http://-/?-http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ffun_c/index.htm8/9/2019 122sxscg2
49/1012
2-5Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 2 Command-Line InterfacesDisplaying a List of Cisco IOS Commands and Syntax
The Cisco IOS command interpreter, called the EXEC, interprets and executes the commands you enter.You can abbreviate commands and keywords by entering just enough characters to make the commandunique from other commands. For example, you can abbreviate the show command to sh and theconfigure terminal command to config t .
When you type exit , the router backs out one level. To exit configuration mode completely and return toprivileged EXEC mode, press Ctrl-Z .
Displaying a List of Cisco IOS Commands and SyntaxIn any command mode, you can display a list of available commands by entering a question mark (?).Router> ?
To display a list of commands that begin with a particular character sequence, type in those charactersfollowed by the question mark (?). Do not include a space. This form of help is called word help becauseit completes a word for you.Router# co? collect configure connect copy
To display keywords or arguments, enter a question mark in place of a keyword or argument. Include aspace before the question mark. This form of help is called command syntax help because it reminds youwhich keywords or arguments are applicable based on the command, keywords, and arguments you havealready entered.
Table 2-3 Frequently Used Cisco IOS Command Modes
Mode Description of Use How to Access Prompt
User EXEC Connect to remote devices, changeterminal settings on a temporarybasis, perform basic tests, anddisplay system information.
Log in. Router>
Privileged EXEC (enable) Set operating parameters. Theprivileged command set includesthe commands in user EXECmode, as well as the configure command. Use this command toaccess the other command modes.
From the user EXEC mode, enterthe enable command and theenable password.
Router#
Global configuration Configure features that affect thesystem as a whole.
From the privileged EXEC mode,enter the configure terminal command.
Router(config)#
Interface configuration Many features are enabled for aparticular interface. Interfacecommands enable or modify theoperation of an interface.
From global configuration mode,enter the interface type slot/port command.
Router(config-if)#
Console configuration From the directly connectedconsole or the virtual terminalused with Telnet, use thisconfiguration mode to configurethe console interface.
From global configuration mode,enter the line console 0 command.
Router(config-line)#
8/9/2019 122sxscg2
50/1012
2-6Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 2 Command-Line InterfacesROM-Monitor Command-Line Interface
For example:
Router# configure ? memory Configure from NV memory
network Configure from a TFTP network hostoverwrite-network Overwrite NV memory from TFTP network hostterminal Configure from the terminal
To redisplay a command you previously entered, press the up arrow key or Ctrl-P . You can continue topress the up arrow key to see the last 20 commands you entered.
Tip If you are having trouble entering a command, check the system prompt, and enter the question mark (?)for a list of available commands. You might be in the wrong command mode or using incorrect syntax.
Enter exit to return to the previous mode. Press Ctrl-Z or enter the end command in any mode toimmediately return to privileged EXEC mode.
ROM-Monitor Command-Line InterfaceThe ROM-monitor is a ROM-based program that executes upon platform power-up, reset, or when a fatalexception occurs. The router enters ROM-monitor mode if it does not find a valid software image, if theNVRAM configuration is corrupted, or if the configuration register is set to enter ROM-monitor mode.From the ROM-monitor mode, you can load a software image manually from Flash memory, from anetwork server file, or from bootflash.
You can also enter ROM-monitor mode by restarting and pressing the Break key during the first 60seconds of startup.
Note The Break key is always enabled for 60 seconds after rebooting, regardless of whether the Break key is
configured to be off by configuration register settings.
To access the ROM-monitor mode through a terminal server, you can escape to the Telnet prompt andenter the send break command for your terminal emulation program to break into ROM-monitor mode.
Once you are in ROM-monitor mode, the prompt changes to rommon 1>. Enter a question mark ( ? ) tosee the available ROM-monitor commands.
For more information about the ROM-monitor commands, refer to the Cisco 7600 Series Router Cisco IOS Command Reference .
8/9/2019 122sxscg2
51/1012
C H A P T E R
3-1Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
3Configuring the Router for the First Time
This chapter contains information about how to initially configure the Cisco 7600 series router, whichsupplements the administration information and procedures in these publications:
Cisco IOS Configuration Fundamentals Configuration Guide , Release 12.2, at this URL:
http://www.cisco.com/univercd/cc/td/d