Cisco Commands Used to Correct Problems Occurring at the Network Layer

This section lists a collection of Cisco IOS commands. These commands are used to correct different types of network layer problems and can be categorized as follows:

■ General/global

A brief explanation is provided for each Cisco IOS command.

General Command

The following command enables or disables (with the no form of the command) the ability of the router to generate a request for name to IP address resolution. If you are using the ip name-server ip-address global configuration command, an address for the name server is specified. A unicast request is sent to the name server (DNS server); otherwise, the request is sent using a User Datagram Protocol (UDP)-based broadcast. You enter this general IP command from the global configuration mode.

router(config)# [no] ip domain-lookup

IP Interface Commands

The following command switches the prompt mode from the global configuration mode to the interface configuration mode (the particular interface name and number that was entered). In interface configuration, you can enter commands such as bandwidth, ip address, [no] shut, encapsulation, [no] ip proxy-arp, ip access-group, and so on.

Router(config)# interface type number

The following command sets the IP address and subnet mask of the interface. If the keyword secondary is used, the existing IP addresses remain, while this new address is added to the existing set of IP addresses on the interface. Based on the IP address and subnet mask of each of the interfaces, the IP routing process computes what networks the router is connected to.

Router(config-if)# ip address ip-address mask [secondary]

The following command enables or disables the sending of redirect messages on the local interface. Router(config-if)# [no] ip redirects

Assume that S, R, and D are on the same IP subnet. If a router's IP interface (R) receives a packet (in a frame sent by S) and believes that packet must be forwarded to another IP device (D) on the local subnet, the IP interface (R) sends a redirect message to S and advises it to send the packet directly to D. (See the top of Figure 10-1.)

Figure 10-1 IP Redirects

Figure 10-1 IP Redirects

In some cases, you might need to turn off this feature. For example, if a Frame Relay multipoint connection is set up over a single IP subnet, you might need to turn off the IP redirects on the hub device. That is because the spokes in the hub and spoke setup do not have a direct link between them; therefore, advising one to send a packet directly to the other is not practical. (See the bottom of Figure 10-1.)

The following command specifies the value that you should use as the bandwidth of this interface for the purpose of computing the load/utilization of the interface. Some routing protocols, such as Open Shortest Path First (OSPF) and Enhanced Interior Gateway Routing Protocol (EIGRP), make use of this value to calculate routing metrics.

Router(config-if)# bandwidth kilobits

The following interface configuration command enables/disables the proxy Address Resolution Protocol (ARP) behavior on the interface. Proxy ARP is enabled by default; the router replies to an ARP request for an address other than its own, as long as the address is reachable via another one of its interfaces. If an IP interface of a router is connected to a segment in which some IP hosts rely on the proxy ARP behavior, keeping this command, which is the default setting on Cisco (router) IP interfaces, is crucial to the ability of those IP hosts to communicate with devices outside their subnet.

Router(config-if)# [no] ip proxy-arp

The following interface configuration command configures the interface to watch for UDP broadcasts (usually sent by Dynamic Host Configuration Protocol [DHCP], Network Time Protocol [NTP], Terminal Access Controller Access Control System [TACACS] clients, and so on) and send their request in the form of IP unicast to the server address that is specified. Because the requests that clients send are broadcasts, they cannot reach servers that are in other networks. The helper-address command ensures that the client request is sent to the address specified and that the server's reply goes back to the segment that the client request originated from. When the router sends a client request to the server, it actually specifies the network address from which the request originated. Based on that information, a server such as a DHCP knows from which address range to choose an IP lease and furnish it to the interested/requesting client.

Router(config-if)# ip helper-address address

The following command enables or disables IP multicast route caching on an interface. Router(config-if)# [no] ip mroute-cache

IP Access List Commands

The following command defines an extended IP access list. The access list number must be between 100 and 199.

Router(config)# access-list {access-list-number} {deny | permit} protocol source source-wildcard destination destination-wildcard [log]

The following command defines a standard or extended named IP access list.

Router(config)# ip access-list {standard | extended} {access-list-name}

The following command applies an access list to the interface. The keywords in and out specify whether the access list should be applied to the interface in the inbound or in the outbound direction. (The default is outbound.)

Router(config-if)# ip access-group {access-list-number | access-list-name} [in | out]

IP Routing Commands

The following command configures a static route on the router. A static route has an administrative distance value of 0 if it points to an interface as the egress interface. A static route has an administrative distance value of 1 if it points to an IP address as the next hop. However, you can also specify an administrative distance that suits your needs for the static route.

Router(config)# ip route prefix mask {address | interface-type} [admin-distance]

The following command configures a manual static default (gateway of last resort) route on the router.

Router(config)# ip route {address | interface-type} [distance]

The following interface command enables or disables use of fast-switching cache on the particular interface. A router that has fast switching enabled (default) forwards packets more quickly by routing the first packet in a packet train and building a cache entry and then switching the following packets using the cache entry created during the processing of the first packet. This feature must be left on unless it is in conflict with another required feature/technology. The fast-switching cache is kept in shared memory. As you can see, this feature is turned off for some interfaces (and selected protocols) but left on for others.

Router(config-if)# [no] ip route-cache

The following interface configuration command enables or disables IP split horizon on the particular interface. This command is applicable to distance vector protocols (IGRP and RIP). However, it is seldom used. One place that you can use this command might be on a hub that has a multipoint connection (such as with Frame Relay) to two or more spoke sites. This hub might want to pass (send out) routes learned from one spoke site to the other spoke site(s). On a multipoint interface, this means that the route learned from an interface is sent out the same interface it was learned from, thereby breaking the split-horizon rule of distance-vector routing protocols.

Router(config-if)# [no] ip split-horizon

The following command configures a particular routing process (such as RIP and (E)IGRP) to not send updates out of a particular interface.

Router(config-router)# passive-interface interface-type number

The network command configures a particular interior routing process (such as RIP, (E)IGRP, or OSPF) to determine and go active on all those local interfaces whose IP addresses match this statement. The routing process advertises the networks that are connected via those interfaces as its locally connected networks (links). The network command, when used within a BGP process, has a different role/effect: It makes the BGP process advertise the mentioned prefix as a local network, provided that the network is present in the IP forwarding table (reachable).

For RIP and IGRP:

Router(config-router)# network classful-address


Router(config-router)# network address [wildcard-mask]


Router(config-router)# network address inverted-mask area area-number

For BGP:

Router(config-router)# network network-number [mask network-mask]

0 0

Post a comment