Cisco Systems 6500 Standby ip, Secondary, Defaults Command Modes Command History Usage Guidelines

Page 125

Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module

standby ip

standby ip

To activate HSRP, use the standby ip command. Use the no form of this command to disable HSRP.

standby [group-number]ip [ip-address [secondary]]

no standby [group-number]ip [ip-address]

Syntax Description

group-number

(Optional) Group number on the interface for which HSRP is being activated.

 

ip-address

(Optional) IP address of the hot standby router interface.

 

 

 

 

secondary

(Optional) Indicates the IP address is a secondary hot standby router interface.

 

 

 

Defaults

Command Modes

Command History

Usage Guidelines

The defaults are as follows:

group-number is 0.

HSRP is disabled by default.

Subinterface configuration submode

Release

Modification

SSL Services Module

Support for this command was introduced on the Catalyst 6500 series

Release 2.1(1)

switches.

 

 

SSL Services Module

The command mode for this command was changed from Proxy-VLAN to

Release 3.1(1)

Subinterface.

 

 

The standby ip command allows you to configure primary and secondary HSRP addresses.

The standby ip command activates HSRP on the configured interface. If you specify an IP address, that address is used as the designated address for the hot standby group. If you do not specifiy an IP address, the designated address is learned through the standby function. So that HSRP can elect a designated router, at least one router on the cable must have been configured with, or have learned, the designated address. Configuring the designated address on the active router always overrides a designated address that is currently in use.

When you enable the standby ip command on an interface, the handling of proxy ARP requests is changed (unless proxy ARP was disabled). If the hot standby state of the interface is active, proxy ARP requests are answered using the MAC address of the hot standby group. If the interface is in a different state, proxy ARP responses are suppressed.

When you use group number 0, no group number is written to NVRAM, providing backward compatibility.

Catalyst 6500 Series Switch SSL Services Module Command Reference

 

OL-9105-01

2-99

 

 

 

Image 125
Contents Text Part Number OL-9105-01 Corporate HeadquartersPage Iii N T E N T SNatpool Acronyms A-1 OL-9105-01 Organization AudienceRelated Documentation Chapter Title DescriptionConvention Description ConventionsBoldface font Example, interface interface typeCisco.com Obtaining DocumentationCisco Product Security Overview Documentation FeedbackObtaining Technical Assistance Reporting Security Problems in Cisco ProductsXii Submitting a Service RequestXiii Obtaining Additional Publications and InformationXiv This chapter includes the following sections Getting HelpHow to Find Command Options Command Comment Mode keyword Must enter next on the command lineAfter you enter the mode keyword Complete the command. If additionalCommand Mode Access Method Prompt Exit Method Understanding Command ModesConfigure terminal privileged Exec Configure terminalInterface command Using the No and Default Forms of CommandsImage using the boot system flash filename With an interfaceCharacter Special Meaning Using the CLI String SearchAeiou \$ \ \+AbcdABCD DA-DCharacter Telebit 3107 v32bisBa?b This string matches any number of asterisksCodex telebit Za-z0-9+Abcd $\.121300 For example1300$ 1300space space1300 1300, ,1300, 1300 ,1300 WithOL-9105-01 A P T E R Command Modes Command History DefaultsClear ssl-proxy conn Release ModificationDefaults Command Modes Command History Clear ssl-proxy contentUsage Guidelines Clear ssl-proxy sessionClear ssl-proxy stats Ssl-proxy#clear ssl-proxy stats Terminal Crypto pki export pemDes 3desCrypto pki import pem Related CommandsCrypto pki import pem Defaults Command HistoryExportable Usage-keysCrypto pki export pem Crypto pki export pkcs12 This example shows how to export a PKCS12 file using SCP Crypto pki import pkcs12 Crypto This example shows how to import a PKCS12 file using SCPFilename TP2? /users/admin-1/pkcs12/TP2.p12 Name key-name Crypto key decrypt rsaPassphrase passphrase Crypto key encrypt rsaCrypto key lock rsa Crypto key encrypt rsaCrypto key decrypt rsa Optional Specifies that the key can be exported Crypto key export rsa pemKeylabel Name of the key Key nametest-keys UsageGeneral Purpose Key Instead of one general-purpose key pair Crypto key import rsa pemNull-Imports from the null file system System-Imports from the system file systemPEM-formatted RSA key to the SSL Services Module Crypto key lock rsa name key-namepassphrase passphrase Crypto key lock rsaName key-name Optional Name of the key Passphrase passphraseCrypto key unlock rsa name key-namepassphrase passphrase Crypto key unlock rsaDebug ssl-proxy Command History Release Modification This example shows how to turn on App debugging Configuration mode Do commandCommand EXEC-level command to be executed Syntax Description Syntax Description Defaults Command Modes Command HistoryInterface ssl-proxy Standby delay minimum reload Standby authenticationStandby timers Standby ipSsl-proxyconfig-subif#ip address 208.59.100.18 Ssl-proxy config# interface ssl-proxyThis example shows how to define a pool of IP addresses Context subcommand modeNatpool Natpool nat-pool-name startipaddr endipaddr netmask netmaskPolicy health-probe tcp Syntax Description Defaults Command ModesInterval seconds Failed-interval secondsSsl-proxyconfig#ssl-proxy context ssl Open-timeout secondsSsl-proxyconfig-context#policy health-probe tcp probe1 Running on server IP addressPage Client-cert pem Policy http-headerAlias Policy that is applied to the payloadField To Insert Description Client-cert pem Custom custom-string Client-ip-portInserts the custom-stringheader into the Http header PrefixSSL-OFFLOAD-SOFTWARE VERSION3.11 Related Commands show ssl-proxy policySession-caching is enabled Close-protocol is disabledTimeout session timeout absolute Policy sslSSL-Policy Configuration Submode Command Descriptions Timeout handshake timeout Renegotiation volume sizeHelp Renegotiation interval timeOL-9105-01 This example shows how to disable a session cache This example shows how to enable a session cacheOL-9105-01 Policy tcp Delayed-ack-timeout timer Delayed-ack-threshold delayNo timeout fin-wait timeout-in-seconds No timeout inactivity timeout-in-secondsForm of this command to return to the default setting No timeout reassembly timeNo tos carryover Server to client connection, the server connection must beSsl-proxy config-ctx-tcp-policy# mss Policy url-rewrite Redirectonly Ssl-proxyconfig-context#ssl-proxy policy url-rewrite test1Ca-pool-name Certificate authority pool name Pool caPool ca ca-pool-name Service Default certificate inservice nat server Authenticate verify all signature-onlyInservice Certificate rsa general-purpose trustpointVlan vlan Virtual policy ssl ssl-policy-nameVirtual policy tcp Related Commands show ssl-proxy service Policy health-probe tcp Policy http-header Service clientVirtual policy ssl ssl-policy-name Nat server client natpool-nameVirtual policy tcp Vlan vlanSsl-proxy config-ctx-ssl-proxy# server policy tcp tcppl1 Show interfaces ssl-proxy 0.subinterface Show interfaces ssl-proxyPolicy tcp Show ionterfacesShow ssl-proxy buffers This command has no default settingsShow ssl-proxy buffers Ssl-proxy#show ssl-proxy buffersService name Show ssl-proxy certificate-history service nameSpecific proxy service Show ssl-proxy certificate-historyRecord 1, Timestamp000051, 163634 UTC Oct 31 Ssl-proxy# show ssl-proxy certificate-historyRelated Commands service 4tuple Show ssl-proxy connLocal RemoteSsl-proxy#show ssl-proxy conn Context name Module module200.200.1438814 58796 Show ssl-proxy context Context DefaultShow ssl-proxy context name Name Optional Name of the contextShow ssl-proxy crash-info brief details Show ssl-proxy crash-infoBrief DetailsSsl-proxy#show ssl-proxy crash-info brief Stack top Printing 1024 bytes from stack topSsl-proxy#show ssl-proxy mac address Show ssl-proxy mac addressShow ssl-proxy mac address Show ssl-proxy natpool namecontext name Show ssl-proxy natpoolContext name NatpoolHealth-probe tcp Show ssl-proxy policyHttp-header Url-rewriteSsl-proxy#show ssl-proxy policy tcp tcp-policy1 Ssl-proxy#show ssl-proxy policy ssl ssl-policy1Ssl-proxy#show ssl-proxy policy health-probe tcp tcp-health Show ssl-proxy service namecontext name Show ssl-proxy serviceSsl-proxy#show ssl-proxy service Ssl-proxy#show ssl-proxy service S6Service client Show ssl-proxy stats type ContentShow ssl-proxy stats Stats This example shows how to display the PKI statistics This example shows how to display the TCP statisticsSsl-proxy# show ssl-proxy stats hdr This example shows how to display context statisticsSsl-proxy#show ssl-proxy stats context Context name Default Ssl-proxy#show ssl-proxy stats content This example shows how to display content statisticsShow ssl-proxy status Show ssl-proxy statusShow ssl-proxy status fdu ssl tcp TCP cpu is alive Ssl-proxy#show ssl-proxy version Show ssl-proxy versionShow ssl-proxy version Show ssl-proxy vlan vlan-iddebugmodule module Show ssl-proxy vlanDebug Optional Displays debug informationDefaults Command Modes Command History Examples Snmp-server enableSsl-proxy context Command Purpose and Guidelines DefaultsSsl-proxy context name No ssl-proxy context name Description descriptionPolicy tcp policy-name Policy ssl policy-namePolicy url-rewrite policy-name Pool ca nameThis example shows how to start a cryptographic self-test Seconds Global configurationSsl-proxy crypto selftest Time-intervalRelated Commands show ssl-proxy mac address This example shows how to configure a MAC addressSsl-proxy config# ssl-proxy mac address 00e0.b0ff.f232 Ssl-proxy mac addressSsl-proxy pki Related Commands show ssl-proxy stats This example shows how to specify the cache sizeThis example shows how to enable PKI event-history Key-name Name of the key Passphrase Pass phrase Ssl-proxy crypto key unlock rsaSsl-proxyconfig#ssl-proxy ip-frag-ttl Time is 6 seconds Global configurationSsl-proxy ip-frag-ttl Ssl-proxy ip-frag-ttl timeSsl-proxy config# no ssl-proxy ssl ratelimit Ssl-proxy config# ssl-proxy ssl ratelimitSsl-proxy ssl ratelimit Ssl-proxy ssl ratelimit No ssl-proxy ssl ratelimitGroup-number is String is cisco Standby authenticationMin-delay is 1 second Reload-delay is 5 seconds Standby delay minimum reloadSsl-proxyconfig-subif#standby delay minimum 30 reload Show standby delaySsl-proxyconfig#interface ssl-proxy Standby ip Defaults Command Modes Command History Usage GuidelinesSecondary Group-number is100 Used by the hot standby group is learned using HsrpStandby group-numbermac-addressmac-address Standby mac-addressNo standby group-numbermac-address Mac-address MAC addressThat is used in the end nodes Ssl-proxyconfig-subif#standby 1 mac-addressShow standby 102103 Standby mac-refreshStandby mac-refresh seconds no standby mac-refresh Standby name Hsrp is disabledStandby name group-name No standby name group-name Group-name Name of the standby group105 Standby preemptLeaves any synchronization delay if it was configured Operation returns to the default behaviorClients To become the active routerStandby group-numberpriority priority Standby priorityNo standby group-numberpriority priority Group-number is Priority is108 This example shows how to change the router priority109 Standby redirectsSsl-proxyconfig-subif#standby redirects timers 90 Related Commands show standbyShow standby redirect 110Msec Standby timersOptional Specifies the interval in milliseconds 111112 Decrement priority Standby trackOr comes back up 113Router B Configuration Router a ConfigurationRelated Commands standby preempt 114Standby use-bia scope interface no standby use-bia Standby use-biaScope interface On which it was entered, instead of the major interfaceStandby version This example shows how to configure Hsrp versionStandby version 1 Specifies Hsrp versionAcronym Expansion CCA CbacCDP CEFDsap DramDscp DspuIcmp ICDIDB IDPMdix MD5Mdss MFDOSM OSIOspf PAEROM RmonRommon RPCSVC STPSVI TACACS+WRR Weighted round-robinXNS Xerox Network SystemOL-9105-01 Acknowledgments for Open-Source Software OL-9105-01 Asterisk + plus sign Period ? command Caret # character privileged Exec mode prompt$ character IN-1IN-2 IN-3 IN-4 IN-5 TCPIN-6 Configuration submode User Exec mode, summary
Related manuals
Manual 20 pages 62.17 Kb Manual 112 pages 18.84 Kb Manual 262 pages 31.67 Kb