Interface Commands

address (VRRP)

To specify a primary and secondary IP address for VRRP, use the address primary command in VRRP interface configuration mode. To remove the primary and secondary IP addresses, use the no form of this command.

address ip-address [ primary | | secondary ]

no address ip-address [ primary | | secondary ]

Syntax Description

ip-address

IP address used as VRRP primary.

[primary | secondary]

(Optional) Specifies the primary or secondary address for the VRRP group.

Command Default

None

Command Modes

VRRP interface configuration (config-if-vrrp)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

Use the address command to specify a primary and secondary virtual device for VRRP. The primary virtual device sends VRRP advertisements to other VRRP devices in the same group. The advertisements communicate the priority and state of the primary and secondary virtual device. The VRRP advertisements are encapsulated into either IPv4 or IPv6 packets (based on the VRRP group configuration) and sent to the appropriate multicast address assigned to the VRRP group.

The following example shows how to set the primary IP of VRRP group 3 to 10.50.4.3:

Device# config-transaction
Device(config)# int GigabitEthernet0/0/2
Device(config-if)# vrrp 3 address-family ipv4
Device(config-if-vrrp)# address 10.50.4.3 primary
Table 1. Related Commands

Commands

Description

vrrp address-family

Creates a VRRP group and enters VRRP configuration mode.

channel-group

To configure the interface in a channel group and set the Link Aggregation Control Protocol (LACP) mode, use the channel-group command in the interface configuration mode. To remove the channel-group configuration from the interface, use the no form on this command.

channel-group channel-group-number mode { auto | passive }

no channel-group

Syntax Description

channel-group-number

Integer that identifies the channel group. The range is from 1 to 128.

mode

Sets the LACP mode.

active

Enables LACP unconditionally.

passive

Enables LACP only when an LACP device is detected. This is the default state.

Command Default

No channel groups are assigned.

Command Modes

Interface configuration (config-if)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.6.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

This example shows how to configure an EtherChannel with LACP mode as active.


Device# config-transaction 
Device(config)# interface GigabitEthernet 0/1/2
Device(config-if)# no ip address
Device(config-if)# channnel-group 1 mode active

border

To set the TLOC as a border TLOC, use the border command in tunnel interface configuration mode. To unset the TLOC as a border TLOC, use the no form of this command.

border

Syntax Description

This command has no keywords or arguments.

Command Default

The default is to have TLOC not set as border TLOC (no border).

Command Modes

Tunnel interface configuration (config-tunnel-interface).

Usage Guidelines

Command History

Release Modification
Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Examples

The following example shows how to configure a TLOC not set as a Border TLOC:

Device# config-transaction
Device(config)# sdwan
Device(config-sdwan)# interface GigabitEthernet0/0/0 
Device(config-tunnel-interface)# no border

description (interface configuration)

To add a description to an interface configuration, use the description command in interface configuration mode. To remove the description, use the no form of this command.

description string

no description

Syntax Description

string

Comment or a description to help you remember what is attached to this interface. This string is limited to 200 characters.

Command Default

No description is added.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

The description command is meant solely as a comment to be put in the configuration to help you remember what certain interfaces are used for. The description appears in the output of the following EXEC commands: morenvram:startup-config , showinterfaces , and moresystem:running-config

The following example shows how to add a description for an ATM interface:

Device(config)# interface ATM 0/3/0                                                                                                  
Device(config-if)# description Site1

duplex

To configure the duplex operation on an interface, use the duplex command in interface configuration mode. To return to the default configuration, use the no form of this command.

Supported Parameters

full

Specifies full-duplex operation.

half

Specifies half-duplex operation.

auto

Enables autonegotiation. The interface automatically operates at half-duplex or full-duplex mode depending on environmental factors, such as the type of media and the transmission speeds for the peer routers, hubs, and switches used in the network configuration.

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.4.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

For more information about this command, see the Cisco IOS XE duplex command.

interface {intf-name}
speed {value}
duplex {value}
mtu {value}
switchport mode trunk
switchport trunk allowed vlan {vlans}
switchport trunk native vlan {vlans_id}
no shutdown

encapsulation

To set the encapsulation method used by the interface, use the encapsulation command in interface configuration mode. To remove the encapsulation, use the no form of this command.

encapsulation encapsulation-type

no encapsulation encapsulation-type

Syntax Description

encapsulation-type

Encapsulation type; one of the following keywords:

  • dot1q vlan-id ---Enables IEEE 802.1q encapsulation of traffic on a specified subinterface in VLANs. The vlan-id argument is a virtual LAN identifier.

  • frame-relay --Frame Relay (for serial interface).

  • ppp -- PPP (for Dialer interface).

Command Default

NA

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Command qualified for use in Cisco vManage CLI templates.

The following keywords are qualified:

  • dot1q for GigabitEthernet interface

    .
  • ppp for Dialer interface.

Cisco IOS XE Catalyst SD-WAN Release 17.3.1a

Command qualified for use in Cisco vManage CLI templates.

The following keywords are qualified:

  • encapsulation frame-relay for serial interface.

Usage Guidelines

For usage guidelines, see the Cisco IOS XE encapsulation command.

The following example shows how to enable frame-relay encapsulation on Serial interface 0:


Device(config)# interface Serial 0
Device(config-if)# encapsulation frame-relay

The following example shows how to configure Dialer interface 1 for PPP encapsulation:


Device(config)# interface Dialer 1
Device(config-if)# encapsulation ppp

hold-queue

To limit the length of the IP output queue on an interface, use the hold-queue command in interface configuration mode. To restore the default values, use the no form of this command.

hold-queue length {in | out}

no hold-queue length {in | out}

Syntax Description

length

Integer that specifies the maximum number of packets in the queue. The range of valid values is from 0 to 240000.

in

Specifies the input queue. The default is 75 packets. For asynchronous interfaces, the default is 10 packets.

out

Specifies the output queue. The default is 40 packets. For asynchronous interfaces, the default is 10 packets.

Command Default

Input hold-queue limit is 75 packets. Output hold-queue limit is 40 packets. Asynchronous interfaces default is 10 packets.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.3.1a

Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For the usage guidelines, see hold-queue.

The following example shows how to set the length of the input queue on a Gigabit Ethernet interface:

Device(config)# interface GigabitEthernet 1
Device(config-if)# no hold-queue 100 in

The following example shows how to set the length of the output queue on a Gigabit Ethernet interface:

Device(config)# interface GigabitEthernet 1
Device(config-if)# no hold-queue 450 out

hw-module subslot breakout

To configure a single port to support four 10 Gigabit Ethernet interfaces (called port breakout) on a supported platform, use the hw-module subslot breakout command in global configuration mode. To cancel the port breakout, use the no form of the command.

hw-module subslot subslot-number breakout speed port-id

no hw-module subslot subslot-number breakout speed port-id

Syntax Description

subslot-number

For the supported routers, the supported subslot is 0/2 .

speed

To configure 10 Gigabit Ethernet, use 10g for this parameter.

To cancel the port breakout and return the port to its default speed, use 10g for this parameter and include the no keyword.

port-id

Possible values:

  • native_port_0 : Port 0/2/0 in Bay 2

  • native_port_4 : Port 0/2/4 in Bay 2

  • native_port_8 : Port 0/2/8 in Bay 2

  • all : All ports in Bay 2.

Command Default

Breakout to 10 Gigabit Ethernet interfaces is not configured.

Command Modes

Global configuration (config)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.14.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

Cisco 8500-12X4QC platforms have three bays of ports: 0, 1, and 2. By default, the ports of Bays 0 and 1 operate in 10 Gigabit Ethernet mode and the ports of Bay 2 operate in 40 Gigabit Ethernet mode.

You can configure one or more of the Bay 2 ports to operate as four 10 Gigabit Ethernet interfaces. This is called breakout. After you configure a port to provide four 10 Gigabit Ethernet interfaces, use a one-to-four breakout cable to connect four cables to the single port.

When you configure port breakout on a device operating in controller mode, such as in a Cisco Catalyst SD-WAN environment, an additional step is required, using the no interface command. This step clears any information about the interfaces that the port or ports may have supported in a previous configuration. Clearing this information ensures that the show sdwan running-config command output shows the correct interface information. For details, see the examples.

Example 1

The following configures the 0/2/0 port of Bay 2 to 10 Gigabit Ethernet. The result is four 10 Gigabit Ethernet interfaces:

Te0/2/0, Te0/2/1, Te0/2/2, Te0/2/3

The no interface command clears any information about the 40 Gigabit Ethernet interface that port 0/2/0 may have supported in a different configuration.

Device(config)#hw-module subslot 0/2 breakout 10g port native_port_0
Device(config)#no interface Fo0/2/0

Example 2

The following cancels the port breakout to 10 Gigabit Ethernet interfaces. It returns the 0/2/0 port of Bay 2 to its default 40 Gigabit Ethernet speed. The result is one 40 Gigabit Ethernet interface:

Fo0/2/0

The no interface commands clear any information about the four 10 Gigabit Ethernet interfaces that port 0/2/0 may have supported in a different configuration.

Device(config)#no hw-module subslot 0/2 breakout 10g port native_port_0
Device(config)#no interface Te0/2/0
Device(config)#no interface Te0/2/1
Device(config)#no interface Te0/2/2
Device(config)#no interface Te0/2/3

interface

To configure an interface type and to enter interface configuration mode, use the interface command in the global configuration mode.

interface type number . subinterface-number

interface type slot / subslot / port . subinterface-number [point-to-point]

no interface type number . subinterface-number

no interface type slot / subslot / port . subinterface-number [point-to-point]

Syntax Description

type

Type of interface to be configured. See the table below.

number

Port, connector, or interface card number. The numbers are assigned at the factory at the time of installation or when added to a system; they can be displayed with the showinterfaces command.

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/ subslot

Secondary slot number on a SIP where a SPA is installed. The slash (/) is required.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

/ port

Port or interface number. The slash (/ ) is required.

Refer to the appropriate hardware manual for port information. For SPAs, refer to the corresponding “Specifying the Interface Address on a SPA” topics in the platform-specific SPA software configuration guide.

. subinterface-number

Subinterface number in the range 1 to 4294967293. The number that precedes the period (.) must match the number to which this subinterface belongs.

point-to-point

(Optional) Specifies a point-to-point subinterface.

Command Default

No interface types are configured.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Release Amsterdam 17.2.1v

Commands of the following form were qualified for use in Cisco vManage CLI templates:

  • interface ATM 0/3/0

  • interface ATM 0/3/0.1 point-to-point

  • interface Dialer 1

  • interface GigabitEthernet 1

  • interface GigabitEthernet 1.101

  • interface Loopback 100

  • interface Tunnel 10

  • interface VirtualPortGroup 0

  • interface Vlan 1

Cisco IOS XE Release Amsterdam 17.3.1

Commands of the following form were qualified for use in Cisco vManage CLI templates:

  • interface Serial 2/0

  • interface Serial 0/1/0

  • interface Serial 0/1/0.2 point-to-point

Usage Guidelines

The table below displays the keywords that represent the types of interfaces that can be configured with the interface command. Replace the type argument with the appropriate keyword from the table.

When you want to push a CLI template or add on CLI template after an upgrade, to match the device running configuration, you must come out of the interface configuration. In this case, interface block must end with statement exit instead of "!". After configuring the interfaces, before starting on a new feature configuration, exit from the interface configuration mode.

Starting from Cisco IOS XE Catalyst SD-WAN Release 17.15.1a, size limit for interface is within the range 1 to 31 for interface commands.

Usage Guidelines

Table 2. Interface Type Keywords

Keyword

Interface Type

ATM

ATM interface.

Dialer

Dialer interface.

GigabitEthernet

1000-Mbps Ethernet interface.

Loopback

Software-only loopback interface that emulates an interface that is always up. It is a virtual interface supported on all platforms. The number argument is the number of the loopback interface that you want to create or configure. There is no limit on the number of loopback interfaces that you can create.

Serial

Serial interface.

Tunnel

Tunnel interface; a virtual interface. The number argument is the number of the tunnel interface that you want to create or configure. There is no limit on the number of tunnel interfaces that you can create.

Vlan

VLAN interface.

VirtualPortGroup

Virtual Port Group interface.

For more usage guidelines, see interface.

ATM Interface

Device(config)# interface ATM 0/3/0
Device(config-if)#
Device(config)# interface ATM 0/3/0.1 point-to-point
Device(config-if)#

Dialer Interface

Device(config)# interface Dialer 1
Device(config-if)#

GigabitEthernet Interface

Device(config)# interface GigabitEthernet 1
Device(config-if)#
Device(config)# interface GigabitEthernet 1.101
Device(config-if)#

Loopback Interface


Router(config)# interface Loopback 100
Router(config-if)#

Serial Interface


Router(config)# interface Serial 2/0
Router(config-if)#

Router(config)# interface Serial 0/1/0
Router(config-if)#

Router(config)# interface Serial 0/1/0.2 point-to-point
Router(config-if)#

Router(config)# interface Serial 0/0/1:5
Router(config-if)#

Tunnel Interface


Router(config)# interface Tunnel 10
Router(config-if)#

Virtual Port Group Interface


Router(config)# interface VirtualPortGroup 0
Router(config-if)#

VLAN Interface


Router(config)# interface Vlan 1
Router(config-if)#

interface-pair

To define two tunnel interfaces for a high availability (HA) configuration, use the interface-pair command in ha-pairs mode. To clear the configured tunnels, use the no form of this command.

interface-pair tunnel1 [ active-interface-weight active-weight ] tunnel2 [ backup-interface-weight backup-weight ]

no interface-pair

Supported Parameters

tunnel1

Primary tunnel interface for Cisco Umbrella Secure Internet Gateway (SIG).

active-interface-weight active-weight

(Optional) Weight value for load balancing. The weight value is applicable in an active-active configuration if multiple HA pairs and tunnels are configured. The weight values of tunnel interfaces determine what portion of traffic each tunnel interface carries.

For example, in an active-active configuration configured as follows...

  • HA pair A: Tunnel01 has a weight value of 10, and Tunnel02 has a weight value of 10.

  • HA pair B: Tunnel03 has a weight value of 20, and Tunnel04 has a weight value of 20.

...Tunnel03 is assigned twice has much traffic as Tunnel01.

Range: 1 to 255

Default: 1

tunnel2

Secondary (backup) tunnel interface for Cisco Umbrella SIG.

backup-interface-weight backup-weight

(Optional) Weight value for load balancing. The weight value is applicable in an active-active configuration if multiple HA pairs and tunnels are configured. The weight values of tunnel interfaces determine what portion of traffic each tunnel interface carries.

For example, in an active-active configuration configured as follows...

  • HA pair A: Tunnel01 has a weight value of 10, and Tunnel02 has a weight value of 10.

  • HA pair B: Tunnel03 has a weight value of 20, and Tunnel04 has a weight value of 20.

...Tunnel03 is assigned twice has much traffic as Tunnel01.

Range: 1 to 255

Default: 1

Command Modes

ha-pairs (config-ha-pairs)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.4.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

This command is relevant for tunnel interfaces used with Cisco Umbrella SIG tunnels. The tunnel interfaces must meet the following requirements:

  • The tunnels must be IPSec or GRE.

  • The tunnels must be configured for auto tunnel or manual tunnel to Umbrella or ZScaler as the SIG service provider.

In the following example, two times as many traffic flows are forwarded to Tunnel100103 (weight configured as 200) as compared with Tunnel100101 (weight configured as 100).

Device(config)# sdwan service sig vrf 1
Device(config-vrf-1)# ha-pairs
Device(config-ha-pairs)# interface-pair Tunnel100101 active-interface-weight 100 Tunnel100102 backup-interface-weight 200
Device(config-ha-pairs)# interface-pair Tunnel100103 active-interface-weight 200 Tunnel100104 backup-interface-weight 200

interface vlan

To create or access a switch virtual interface (SVI) and to enter interface configuration mode, use the interface Vlan command in global configuration mode. To delete an SVI, use the no form of this command.

interface Vlan vlan-id

Syntax Description

vlan-id

VLAN number. The range is 1 to 4094.

Command Default

None.

Command Modes

Global configuration (config)

Usage Guidelines

SVIs are created the first time you enter the interface Vlan vlan-id command for a particular VLAN. The vlan-id corresponds to the VLAN-tag associated with data frames on an IEEE 802.1Q encapsulated trunk or the VLAN ID configured for an access port.


Note


When you create an SVI, it does not become active until it is associated with a physical port.


Command History

Release Modification
Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

This command was introduced.

Examples

The following example shows how to configure VLAN 10 and interface Vlan 10 with the IP address 10.0.10.1/24:

Device(config)# vlan 10
Device(config-vlan)# exit
Device(config)# interface Vlan 10
Device(config-Vlan-10)# ip address 10.0.10.1 255.255.255.0
Device(config-Vlan-10)# 

ip address

To set a primary or secondary IP address for an interface, use the ip address command in interface or sub-interface configuration mode. To remove an IP address or disable IP processing, use the no form of this command.

ip address ip-address [mask]

no ip address [ip-address] [mask]

Syntax Description

ip-address

IP address.

mask

(Optional) Mask for the associated IP subnet.

Command Default

No IP address is defined for the interface.

Command Modes

Interface configuration (config-if)

Sub-interface configuration (config-subif)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For the usage guidelines, see the Cisco IOS XE ip address command.

Device(config)# interface ATM 0/3/0.1 point-to-point                                                                                            
Device(config-if)# ip address 192.10.6.5
Device(config)# interface ATM 0/3/0.1                                                                                                
Device(config-subif)# ip address 10.0.0.0 255.255.255.252
Device(config)# interface Serial 0/1/0.2                                                                                            
Device(config-if)# ip address 10.1.1.1 255.255.255.0
Device(config)# interface Serial 0/0/1:5                                                                                            
Device(config-if)# ip address 10.1.1.1 255.255.255.0
Device(config)# interface MFR1                                                                                            
Device(config-if)# ip address 10.4.4.4 255.255.255.0

ip address dhcp

To acquire an IP address on an interface from the DHCP, use the ip address dhcp command in interface configuration mode. To remove any address that was acquired, use the no form of this command.

ip address dhcp [ client-id interface-type number ]

no ip address dhcp [ client-id interface-type number ]

Syntax Description

client-id

(Optional) Specifies the client identifier. By default, the client identifier is an ASCII value. The client-id interface-type number option sets the client identifier to the hexadecimal MAC address of the named interface.

interface-type

(Optional) Interface type. For more information, use the question mark (?) online help function.

number

(Optional) Interface or subinterface number. For more information about the numbering syntax for your networking device, use the question mark (?) online help function.

Command Default

The client identifier is an ASCII value.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For the usage guidelines, see ip address dhcp.

Device(config)# interface GigabitEthernet 1                                                                                             
Device(config-if)# ip address dhcp client-id GigabitEthernet 1

ip policy route-map

To identify a route map to use for policy routing on an interface, use the ip policy route-map command in interface configuration mode. To disable policy routing on the interface, use the no form of this command.

ip policy route-map map-tag

no ip policy route-map

Syntax Description

map-tag

Name of the route map to use for policy routing. The name must match a map-tag value specified by a route-map command.

Command Default

No policy routing occurs on the interface.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

You might enable policy routing if you want your packets to take a route other than the obvious shortest path.

For usage guidelines, see the Cisco IOS XE ip policy route-map command.

The following example sends packets with the destination IP address of 172.21.16.18 to a router at IP address 172.30.3.20:


interface serial 0
 ip policy route-map wethersfield
!
route-map wethersfield
 match ip address 172.21.16.18
 set ip next-hop 172.30.3.20
Device(config)# interface GigabitEthernet 1.101
Device(config-if)# ip nbar protocol-discovery
Device(config-if)# ip policy route-map policy1

lacp port-priority

To set the LACP priority for a physical interface, use the lacp port-priority command in the interface configuration mode. To return to the default setting, use the no form on this command.

lacp port-priority priority

no lacp port-priority

Syntax Description

priority

Integer that indicates the priority for the physical interface. The range is from 0 to 65535. The default is 32768.

Command Default

The default system priority is set to 32768.

Command Modes

Interface configuration (config-if)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.6.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

You may assign a port priority to each port on a device running LACP. You can specify the port priority by using the lacp port-priority command or use the default port priority (32768). The port priority is used to decide which ports should be put in standby mode when a hardware limitation or the lacp max-bundle command configuration prevents all compatible ports from aggregating. Priority is supported only on port channels with LACP-enabled physical interfaces.


Note


A high priority number means a low priority.


To verify the configured port priority, use the show lacp internal command.

The following example shows how to set a port priority of 23700 for an interface:


Device# config-transaction 
Device(config)# interface GigabitEthernet 0/1/2
Device(config-if)# lacp port-priority 23700

lacp system-priority

To set the LACP priority for a system, use the lacp system-priority command in the global configuration mode. To return to the default setting, use the no form on this command.

lacp system-priority priority

no lacp system-priority

Syntax Description

priority

Integer that indicates the LACP priority for the system. The range is from 0 to 65535. The default is 32768.

Command Default

The default system priority is set to 32768.

Command Modes

Global configuration (config)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.6.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

You can assign a system priority to each device running LACP. You can specify the system priority by using the lacp system-priority command or use the default system priority (32768). The system priority is used with the MAC address of the device to form the system ID and is used during negotiation with the other systems. The system priority is supported only on port channels with LACP-enabled physical interfaces.


Note


A high priority number means a low priority.


To verify the configured system priority, issue the show lacp command.

The following example shows how to set a system priority of 25500 for a device:


Device# config-transaction 
Device(config)# lacp system-priority 25500

load-balancing

To apply a load-balancing method to a Gigabit EtherChannel (GEC) interface, use the load-balancing command in the interface configuration mode. To reset to the default, use the no form on this command.

load-balancing { flow | vlan }

no load-balancing

Command Default

The port channel uses the global load-balancing configuration.

Command Modes

Interface configuration (config-if)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.6.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

For more information about this command, see Cisco IOS XE load-balancingcommand.

This example shows how to set the load-balancing method to VLAN-manual.


Device# config-transaction 
Device(config)# interface port-channel 1
Device(config-if)# load-balancing vlan

mtu

To adjust the maximum packet size or maximum transmission unit (MTU) size, use the mtu command in interface configuration mode. To restore the MTU value to its original default value, use the no form of this command.

mtu bytes

no mtu

Syntax Description

bytes

MTU size, in bytes.

Command Default

The default MTU size for GigabitEthernet interface is 1500 bytes.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For the usage guidelines, see mtu.

Device(config)# interface GigabitEthernet 1
Device(config-if)# mtu 1000

negotiation

To enable advertisement of speed, duplex mode, and flow control on a Gigabit Ethernet interface, use the negotiation command in interface configuration mode. To disable automatic negotiation, use the no form of this command.

negotiation auto

no negotiation [auto]

Syntax Description

auto

Specifies enabling the autonegotiation protocol to configure the speed, duplex, and automatic flow control of the Gigabit Ethernet interface. By default, this is set.

Command Default

Autonegotiation is enabled.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For more information about this command, see the Cisco IOS XE negotiation command.

Device(config)# interface GigabitEthernet 1
Device(config-if)# negotiation auto

Port-channel

To create a port-channel virtual interface, use the Port-channel command in the global configuration mode. To remove a port-channel, use the no form on this command.

Port-channel channel-number

no Port-channel

Syntax Description

channel-number

Channel number assigned to this port-channel interface.

Command Default

There are no default values.

Command Modes

Global configuration (config)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.6.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

In the following example how to create a port-channel interface.


Device# config-transaction 
Device(config)# interface Port-channel 1
Device(config-if)# ip address 10.0.0.1 255.255.255.0

port-channel load-balance

To set the load-distribution method among the ports in the EtherChannel, use the port-channel load-balance command in the global configuration mode. To reset the load-balancing function to the default setting, use the no form of this command, use the no form on this command.

port-channel load-balance

no port-channel load-balance

Syntax Description

dst-ip

Specifies load distribution based on the destination host IP address.

dst-mac

Specifies load distribution based on the destination host MAC address. Packets to the same destination are sent on the same port, but packets to different destinations are sent on different ports in the channel.

src-dst-ip

Specifies load distribution based on the source and destination host IP address.

src-dst-mac

Specifies load distribution based on the source and destination host MAC address.

src-ip

Specifies load distribution based on the source host IP address.

src-mac

Specifies load distribution based on the source MAC address. Packets from different hosts use different ports in the channel, but packets from the same host use the same port.

Command Default

The default is src-dst-ip.

Command Modes

Global configuration (config-if)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.6.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

You can verify your setting by entering the show running-config privileged EXEC command or the show etherchannel load-balance privileged EXEC command.

This example shows how to set the load-distribution method to dst-mac.


Device# config-transaction 
Device(config)# port-channel load-balance dst-mac

port-channel load-balance-hash-algo

To enable load balancing for the EtherChannel, use the port-channel load-balance-hash-algo command in the global configuration mode. To reset the load balancing to the default setting, use the no form of this command.

port-channel load-balance-hash-algo

no port-channel load-balance-hash-algo

Syntax Description

dst-ip

Specifies load balancing based on the destination host IP address.

dst-mac

Specifies load balancing based on the destination host MAC address. Packets to the same destination are sent on the same port, but packets to different destinations are sent on different ports in the channel.

sdwan

Enables load balancing on the transport side of Cisco IOS XE Catalyst SD-WAN devices.

src-dst-ip

Specifies load balancing based on the source and destination host IP address.

src-dst-mac

Specifies load balancing based on the source and destination host MAC address.

src-ip

Specifies load balancing based on the source host IP address.

src-mac

Specifies load balancing based on the source MAC address. Packets from different hosts use different ports in the channel, but packets from the same host use the same port.

Command Default

The default is src-dst-ip.

Command Modes

Global configuration (config-if)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.14.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

This example shows how to enable load balancing and apply the desired hash algorithm for traffic distribution on the transport side of Cisco IOS XE Catalyst SD-WAN devices.

Example 1: The following example displays the output for load balancing IPv4 traffic with the default hash algorithm, src-dst-ip , applied. Other hash algorithms, such as ip-and-ports or src-ip-only , can also be applied.


Device(config)#port-channel load-balance-hash-algo sdwan
Device(config)#sdwan
Device(config-sdwan)#ip load-sharing algorithm src-dst-ip

Example 2: The following example displays the output for load balancing IPv6 traffic with the hash algorithm, ip-and-ports , applied. Other hash algorithms, such as src-dst-ip or src-ip-only , can also be applied.


Device(config)#port-channel load-balance-hash-algo sdwan
Device(config)#sdwan
Device(config-sdwan)#ipv6 load-sharing algorithm ip-and-ports

preempt (VRRP)

VRRP preempt is enabled by default. This means, a VRRP router with higher priority than the primary VRRP router will take over as primary router. To delay preemption, so that the higher priority router waits for a minimum period of time before taking over, use the preempt delay minimum command. To restore the default behavior (preempt with no delay), use the no form of the command.

preempt delay minimum seconds

no preempt delay minimum seconds

Syntax Description

seconds

Minimum number of seconds the router waits before issuing an advertisement claiming virtual IP address ownership to be the primary router.

  • The router that is IP address owner preempts the delay of the higher authority router, regardless of the setting of this command.

  • The range is 1 to 3600 seconds (1 hour).

Command Default

VRRP preempt is enabled.

seconds : 0 (no delay)

Command Modes

VRRP configuration mode (config-if-vrrp)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.6.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

By default, the router being configured with this command takes over as primary router for the virtual router if it has a higher priority than the current primary router. You can configure a minimum delay, which causes the VRRP router to wait for the specified number of seconds before issuing an advertisement claiming virtual IP address ownership to be the primary router.

Device# configure terminal
Device(config)# interface GigabitEthernet 0/0/1
Device(config-if)# ip address 172.16.6.5 255.255.255.0
Device(config-if)# vrrp 10 address-family ipv4 description working-group
Device(config-if-vrrp)# preempt delay minimum 380
Device(config-if-vrrp)# priority 200

priority vrrp

To set the priority for the Virtual Router Redundancy Protocol (VRRP), use the priority command. To revert to the default value, use the no form of this command.

priority level

no priority

Syntax Description

level

Interface priority for a virtual router. The range of values is from 1 to 254. If this router is the owner of the IP addresses, then the value is automatically set to 254. The default is 100.

Command Default

The default value is 100. For switches whose interface IP address is the same as the primary virtual IP address, the default value is 254.

Command Modes

VRRP configuration mode (config-if-vrrp)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

The priority determines whether or not a VRRP router functions as a virtual router backup, the order of ascendancy for the VRRP router to become a virtual router master if the virtual router master fails, the role that each VRRP router plays, and what happens if the virtual router master fails.

If a VRRP router owns the IP address of the virtual router and the IP address of the physical interface, then this router functions as a virtual router master.

By default, a preemptive scheme is enabled. A backup high-priority virtual router that becomes available takes over for the backup virtual router that was elected to become the virtual router master. If you disable preemption, then the backup virtual router that is elected to become the virtual router master remains the master until the original virtual router master recovers and becomes the master again.

This command does not require a license.

Device(config)# interface GigabitEthernet 1
Device(config-if)# vrrp 64 address-family ipv4
Device(config-if-vrrp)# priority 11

shutdown (controller)

To shut down a DSL group, use the shutdown command in controller configuration mode. To reactivate the DSL group, use the no form of the command.

shutdown

no shutdown

Syntax Description

This command has no arguments or keywords.

Command Default

Using this command assumes that the interface is already enabled. By default, if this command is not issued, the interface remains enabled.

Command Modes

Controller configuration (config-controller)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Qualified for use in Cisco vManage CLI templates.

Router(config)# controller SHDSL 0/1/0
Router(config-controller)# termination cpe
Router(config-controller)# mode atm
Router(config-controller)# dsl-group 0 pairs 0
Router(config-controller-dsl-group)# shdsl rate auto
...
Router(config-controller-dsl-group)# ignore crc always 
Router(config-controller-dsl-group)# shutdown 
Router(config-controller-dsl-group)# no shutdown 
Router(config-controller-dsl-group)# 

speed

To set the speed of the interface, use the speed command in interface configuration (config-if) mode. To return to the default configuration, use the no form of this command.

speed speed

no speed [ speed ]

Syntax Description

speed

Interface speed, in Mbps.

Values: 10, 100, 1000, 2500, 5000, 10000, auto

The auto option negotiates the link speed, according to the speed of the peer device. If the peer is using a fixed speed, then the device uses that fixed speed. If the peer is also using auto negotiation, then the two devices negotiate the highest possible speed, which is dependent on the interface type.

Default: auto

Command Default

auto

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.4.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

For fiber small form-factor pluggable modules (SFPs), the supported speed is 1 Gbps full duplex. For copper SFPs, the supported speeds are 10/100/1000 Mbps and half/full duplex. By default, the router autonegotiates the speed and duplex values for the interfaces.

To use a fixed speed and duplex configuration for interfaces that do not support autonegotiation, disable autonegotiation and then use the speed and duplex commands to set the appropriate interface link characteristics.

The following example configures the speed as 100 Mbps, then displays this value using the show running interface command.

Device(config)# interface GigabitEthernet1/0/6
Device(config-if)# speed 100
Device(config-if)# commit
Commit complete.
Device(config-if)# end
Device#show running interface gi1/0/6
Building configuration...

Current configuration : 48 bytes
!
interface GigabitEthernet1/0/6
 speed 100
end

The following example configures the speed as 100 Mbps, then uses no speed to cancel the speed configuration. After canceling the speed configuration, the show running interface command shows that no speed is currently configured.

Device(config)# interface GigabitEthernet1/0/6 
Device(config-if)# speed 100
Device(config-if)# commit
Commit complete.
Device(config-if)# no speed
Device(config-if)# commit
Commit complete.
Device(config-if)# end
Device#show running interface gi1/0/6
Building configuration...
 
Current configuration : 38 bytes
!
interface GigabitEthernet1/0/6
end

switchport access vlan

To set the VLAN when the interface is in access mode, use the switchport access vlan command in interface configuration or template configuration mode. To reset the access-mode VLAN to the appropriate default VLAN for the device, use the no form of this command.

Supported Parameters

vlan-id

VLAN to set when the interface is in access mode. Valid values are from 1 to 4094.

  • 1-2349—VLAN ID Range 1

  • 2450-4095—VLAN ID Range 2

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.4.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

For more information about this command, see the Cisco IOS XE switchport access vlan command.

interface {intf-name}
switchport mode access
switchport access vlan {vlan_id}
dot1x pae authenticator
authentication order dot1x mab
authentication host-mode single-host
authentication port-control auto
authentication timer reauthenticate <timer_num/server>
authentication timer inactivity <timer_num/server>
authentication event server dead action authorize vlan {critical_vlan}
authentication event fail action authorize vlan {restrict_vlan}
authentication event no-response action authorize vlan {guest_vlan}
no shutdown

switchport mode

To set the interface type, use the switchport mode command in interface configuration mode. Use the no form of this command to reset the mode to the appropriate default mode for the device.

Supported Parameters

access

Sets a nontrunking, nontagged single VLAN Layer 2 interface.

trunk

Specifies a trunking VLAN Layer 2 interface.

native vlan vlan-id

The particular native VLAN. Valid values are:

1-2349—VLAN ID Range 1

2450-4095—VLAN ID Range 2

allowed vlan vlan-list

Sets the list of allowed VLANs that transmit traffic from this interface in tagged format when in trunking mode.

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.4.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

For more information about this command, see the Cisco IOS XE switchport mode command.

interface {intf-name}
switchport mode access
switchport access vlan {vlan_id}
dot1x pae authenticator
authentication order dot1x mab
authentication host-mode single-host
authentication port-control auto
authentication timer reauthenticate <timer_num/server>
authentication timer inactivity <timer_num/server>
authentication event server dead action authorize vlan {critical_vlan}
authentication event fail action authorize vlan {restrict_vlan}
authentication event no-response action authorize vlan {guest_vlan}
no shutdown
interface {intf-name}
speed {value}
duplex {value}
mtu {value}
switchport mode trunk
switchport trunk allowed vlan {vlans}
switchport trunk native vlan {vlans_id}
no shutdown

timers advertise VRRP

To set the advertisement timer for VRRP, use timers advertise command in VRRP interface configuration mode. To remove advertisement timer custom setting, use the no form of this command.

timers advertise interval

no timers advertise interval

Syntax Description

interval

Sets the VRRP advertisement timer in milliseconds.

Command Default

The advertisement timer is set to 1000 milliseconds by default.

Command Modes

VRRP interface configuration (config-if-vrrp)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

The primary virtual device sends VRRP advertisements to other VRRP devices in the same group. The advertisements communicate the priority and state of the primary virtual device. The VRRP advertisements are encapsulated into either IPv4 or IPv6 packets (based on the VRRP group configuration) and sent to the appropriate multicast address assigned to the VRRP group. Use timers advertise command to set the advertisement timer for VRRP.

Example

The following example sets VRRP advertisement timer to 1500 milliseconds:

SDWAN-Device-01# config-transaction
SDWAN-Device-01(config)# int GigabitEthernet0/0/2
SDWAN-Device-01(config-if)# vrrp 3 address-family ipv4
SDWAN-Device-01(config-if-vrrp)# timers advertise 1500 
Table 3. Related Commands

Commands

Description

vrrp address-family

Creates a VRRP group and enters VRRP configuration mode.

tunnel destination

To set the destination address for a GRE tunnel interface, use the tunnel destination command in interface configuration mode. To remove the destination address, use the no form of this command.

tunnel destination interface-ip-address

no tunnel destination

Syntax Description

interface-ip-address

IP address of the destination interface.

Command Default

No tunnel interface destination address is set.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.5.1a

Command qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For the usage guidelines, see tunnel destination.

The following example shows a GRE tunnel configuration, including tunnel source and destination interfaces specified by IP address:

Device(config)# interface Tunnel100512
Device(config-if)# no shutdown
Device(config-if)# vrf forwarding 1
Device(config-if)# ip address 192.168.0.1 255.255.255.248
Device(config-if)# no ip clear-dont-fragment
Device(config-if)# ip tcp adjust-mss 1387
Device(config-if)# ip mtu 1500
Device(config-if)# tunnel source 10.0.3.55
Device(config-if)# tunnel destination 10.0.3.149

tunnel mode

To set the encapsulation mode for the tunnel interface, use the tunnel mode command in interface configuration mode. To restore the default mode, use the no form of this command.

tunnel mode sdwan

no tunnel mode

Syntax Description

sdwan

Enables SD-WAN tunneling mode.

Command Default

The default is GRE tunneling.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Command qualified for use in Cisco vManage CLI templates.

Example

The following example shows how to enable SD-WAN tunneling mode:


Device(config)# interface Tunnel 1
Device(config-if)# tunnel source GigabitEhternet0/2.101
Device(config-if)# tunnel mode sdwan

tunnel route-via

To specify the outgoing interface of the tunnel transport, use the tunnelroute-via command in interface configuration mode. To disable the source address selection, use the no form of this command.

Supported Parameters

interface-type

Indicates the type of interface.

interface-number

Indicates the interface number of the interface configured as the tunnel transport.

mandatory

Drops the traffic if the route is not available.

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.5.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

For more information about this command, see the Cisco IOS XE tunnel route-via command.

interface Tunnel100512
 tunnel route-via GigabitEthernet1 mandatory
ip sdwan route vrf 1 0.0.0.0/0 service sig
sdwan service sig vrf global
 ha-pairs
  interface-pair Tunnel100511 active-interface-weight 100 Tunnel100512 backup-interface-weight 200

tunnel source

To set the source address for a tunnel interface, use the tunnel source command in interface configuration mode. To remove the source address, use the no form of this command.

tunnel source interface-type interface-number interface-ip-address

no tunnel source

Syntax Description

interface-type

Interface type.

interface-number

Port, connector, or interface card number. The numbers are assigned at the factory at the time of installation or when added to a system and can be displayed with the show interfaces command.

interface-ip-address

IP address of the source interface.

Command Default

No tunnel interface source address is set.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Command qualified for use in Cisco vManage CLI templates.

Cisco IOS XE Catalyst SD-WAN Release 17.5.1a

Added interface-ip-address option.

Usage Guidelines

For the usage guidelines, see tunnel source.

The following example shows how to set a Gigabit Ethernet interface as the tunnel source:

Device(config)# interface Tunnel 1
Device(config-if)# tunnel source GigabitEthernet0/2.101
Device(config-if)# tunnel mode sdwan

The following example shows a GRE tunnel configuration, including tunnel source and destination interfaces specified by IP address:

Device(config)# interface Tunnel100512
Device(config-if)# no shutdown
Device(config-if)# vrf forwarding 1
Device(config-if)# ip address 192.168.0.1 255.255.255.248
Device(config-if)# no ip clear-dont-fragment
Device(config-if)# ip tcp adjust-mss 1387
Device(config-if)# ip mtu 1500
Device(config-if)# tunnel source 10.0.3.55
Device(config-if)# tunnel destination 10.0.3.149

track ip route

To track the state of an IP route and to enter tracking configuration mode, use the track ip route command in global configuration mode. To remove the tracking, use the no form of this command.

Supported Parameters

object-number

Object number that represents the object to be tracked. The range is from 1 to 1000.

ip

Tracks an IP route.

ipv6

Tracks an IPv6 route.

address

IP or IPv6 subnet address to the route that is being tracked.

/prefix-length

Number of bits in the address prefix. A forward slash (/) is required.

reachability

Tracks whether the route is reachable.

metric threshold

Tracks the threshold metric. The default up threshold is 254, and the default down threshold is 255.

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.6.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

For more information about this command, see the Cisco IOS XE track ip route.

The following example shows how the tracking process is configured to track the reachability of 10.22.0.0/16:


Device(config)#  track 1 ip route 10.22.0.0/16 reachability

The following example shows how the tracking process is configured to track the threshold metric by using the default threshold metric values:


Device(config)#  track 1 ip route 10.22.0.0/16 metric threshold

The following example shows how the tracking process is configured to track the threshold metric using the default threshold metric values for an IPv6 route:


Device(config)#  track 2 ipv6 route 2001:DB8:0:ABCD::1/10 metric threshold

track

To configure an interface or a SIG container list tracking as a single entity, use the track command in vrrp configuration mode. To remove the tracking for a list, use the no form of this command.

track track-list-name [ decrement priority ]

Syntax Description

track-list-name

The interface or container list name.

priority

The decrement value for the list priority.

Command Modes

vrrp configuration (config-vrrp)

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.6.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Example

The following example shows how to configure a track list for an interface.

Device# config terminal
Device (config)# system
Device (config-system)# track-list zs1 interface ge0/1 gre1 ipsec1 
Device (config-system-tracker-list-zs1)# exit
Device (config-system)# exit

Device (config)# vpn 1
Device (config-vpn-1)# name vpn-name
Device (config- vpn-1)# interface ge0/2
Device (config-interface-ge0/2)# ip address 172.16.10.1/24
Device (config-interface-ge0/2)# no shutdown
Device (config-interface-ge0/2)# vrrp 100
Device (config-vrrp-100)# track zs1 decrement 10
Device (config-vrrp-track-zs1)# exit
Device (config-vrrp-100)# ipv4 172.16.10.100
Device (config-vrrp-100)# tloc-change-pref 

The following example shows how to configure a track list for the SIG container.

Device# config terminal
Device (config)# system
Device (config-system)# track-list sig-1 sig-container global
Device (config-system-tracker-list-SIG)# exit
Device (config-system)# exit

Device (config)# vpn 1
Device (config-vpn-1)# name vpn-name
Device (config- vpn-1)# interface ge0/2
Device (config-interface-ge0/2)# ip address 172.16.10.1/24
Device (config-interface-ge0/2)# no shutdown
Device (config-interface-ge0/2)# vrrp 100
Device (config-vrrp-100)# track SIG decrement 10
Device (config-vrrp-track-zs1)# exit
Device (config-vrrp-100)# ipv4 172.16.10.100
Device (config-vrrp-100)# tloc-change-pref 

track (VRRP)

To enable an object to be tracked using a Virtual Router Redundancy Protocol version 3 (VRRPv3) group, use the track command in VRRP configuration mode. To disable the tracking, use the no form of this command.

track object-number { shutdown | | [ decrement priority ] }

no track object-number shutdown

Syntax Description

object-number

Object number representing the interface to be tracked. The range is from 1–1000.

shutdown

Shuts down the VRRPv3 group.

decrement priority

Sets the priority value by which the VRRP group is reduced if the tracked object state on serial interface VRRPv3 goes down. The valid range is 1–255.

Command Default

Tracking an object using a VRRPv3 group isn't enabled.

Command Modes

VRRP configuration (config-if-vrrp)

Command History

Release

Modification

Cisco IOS XE Release Amsterdam 17.2.1v

Qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

For the usage guidelines, see track (VRRP).

The following example shows how to configure VRRPv3 group shutdown:

Device(config)# interface GigabitEthernet1
Device(config-if)# vrrp 2 address-family ipv4
Device(config-if-vrrp)# track 2 shutdown

The following example shows how to configure the tracking process to track the state of the IPv6 object using the VRRPv3 group. VRRP on GigabitEthernet interface 0/0/0 registers with the tracking process to be informed of any changes to the IPv6 object on the VRRPv3 group. If the IPv6 object state on serial interface VRRPv3 goes down, then the priority of the VRRP group is reduced by 20:


Device(config)# fhrp version vrrp v3
Device(config)# interface GigabitEthernet 0/0/0
Device(config-if)# vrrp 1 address-family ipv6
Device(config-if-vrrp)# track 1 decrement 20

The following example shows how to configure the tracking process to track the state of the IPv4 object. VRRP on GigabitEthernet2 registers with the tracking process to be informed of any changes to the IPv4 object. If the IPv4 object state on interface goes down, then the priority of the VRRP group is reduced by 10:

Device(config)# interface GigabitEthernet2
Device(config-if)# ip address 10.10.1.1 255.255.255.0
Device(config-if)# negotiation auto
Device(config-if)# vrrp 1 address-family ipv4
Device(config-if-vrrp)# address 10.10.1.10 primary
Device(config-if-vrrp)# track 400 decrement 10
Device(config-if-vrrp)# tloc-change increase-preference 1
Device(config-if-vrrp)# exit

vrf forwarding

To associate a VRF instance or a virtual network with an interface or subinterface, use the vrf forwarding command in interface configuration mode. To disassociate a VRF or virtual network from an interface or subinterface, use the no form of this command.

vrf forwarding vrf-name

no vrf forwarding vrf-name

Syntax Description

vrf-name

The VRF name to be associated with the specified interface.

Command Default

The default for an interface is the global routing table.

Command Modes

Interface configuration (config-if)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Qualified for use in Cisco vManage CLI templates.

Usage Guidelines

For the usage guidelines, see vrf forwarding.

Device(config)# interface GigabitEthernet 1
Device(config-if)# vrf forwarding vrf1

vrrp address-family

To create a VRRP group and to enter VRRP configuration mode, use the vrrp address-family command in interface configuration mode. To remove the VRRP group, use the no form of this command.

vrrp group address-family { ipv4 | ipv6 }

no vrrp group address-family { ipv4 | ipv6 }

Syntax Description

group

VRRP group number ranges from 1 to 255.

ipv4

Enter VRRP IPv4 address-family configuration.

ipv6

Enter VRRP IPv6 address-family configuration.

Command Default

None

Command Modes

Interface configuration (config-if)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

Use the vrrp address-family command to create a VRRP group and to enter VRRP configuration mode. VRRP is the only FHRP (First Hop Redundancy Protocol) supported by Cisco Catalyst SD-WAN edge routers in controller mode. Once you create the group and specify the address-family, you can configure different settings for VRRP.

The following example creates and customizes VRRP group 3:

Device# config-transaction
Device(config)# int GigabitEthernet0/0/2
Device(config-if)# vrrp 3 address-family ipv4
Table 4. Related Commands

Command

Description

address primary (VRRP)

Configures a primary IP address for VRRP.

vrrpv2

To enable the support of VRRP version 2 simultaneously with VRRP version 3, use the vrrpv2 command in VRRP interface configuration mode. To disable the support of VRRP version 2 group, use the no form of this command.

vrrpv2

no vrrpv2

Syntax Description

This command has no keywords or arguments.

Command Default

VRRPv2 is disabled by default.

Command Modes

VRRP interface configuration (config-if-vrrp)

Command History

Release Modification
Cisco IOS XE Catalyst SD-WAN Release 17.2.1v

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

When you configure VRRP on an interface, the default version is VRRP version 3. When VRRPv3 is in use, VRRPv2 is unavailable. Use vrrpv2 command to enable support for VRRPv2 simultaneously, to interoperate with devices which only support VRRP version 2.

Example

The following example enables the support of VRRPv2 simultaneously with VRRPv3:

SDWAN-Device-01# config-transaction
SDWAN-Device-01(config)# int GigabitEthernet0/0/2
SDWAN-Device-01(config-if)# vrrp 3 address-family ipv4
SDWAN-Device-01(config-if-vrrp)# vrrpv2
Table 5. Related Commands

Command

Description

vrrp address-family

Creates a VRRP group and enters VRRP configuration mode.