The following basic commands apply to just about any type of interface.
The shutdown command disables an interface. The interface does not transmit packets after it has been shut down; all routing protocols are informed that the interface is unavailable.
interface serial0 shutdown
Use the no shutdown command to restart an interface that has been shut down:
Router#config terminal Router(config)#interface serial 0 Router(config-if)#no shutdown
There can be side effects to an interface shutdown . The nature of these side effects depends on the interface type. Table 5-2 shows some of the possible side effects.
Side effect of a shutdown
Drops link-status indicator to the remote hub or switch.
Drops DTR signal.
Activates optical bypass switch.
Removes interface from the token ring.
The shutdown command can also be applied to a subinterface. In this case, it stops protocol processing on that subinterface without affecting the other subinterfaces or dropping the entire interface.
5.2.2. Interface Descriptions
An interface's description shows up in the router's configuration and in the output from the show interfaces command. This description is for informational purposes only; it helps you remember the configuration of the interface. For example:
interface serial0 description T1 Connection to Baltimore (Good place to document the circuit id!)
Use the no form of this command to remove the description:
5.2.3. Setting the IP Address and Subnet Mask
Setting the IP address on an interface is fairly simple: use the ip address command, followed by the address and the subnet mask. For example:
interface ethernet0 ip address 10.10.1.65 255.255.255.224
This command sets the interface IP address to 10.10.1.65 and the subnet mask to 255.255.255.224.
188.8.131.52. Secondary IP address(es)
The secondary keyword allows an interface to have more than one IP address. You can have as many secondary addresses as you like, but keep in mind that each will take processing power and will have an effect on the router. If you are using more than one secondary address, chances are you are doing something wrong with your network configuration.
For example, suppose we had an Ethernet segment with a 255.255.255.224 subnet, which allows 30 hosts per subnet, as in Figure 5-1 (before). Everything is working fine. Then one day your boss comes in and tells you to add 30 more hosts on the segment. The bad news is that there are no more Ethernet ports on your router and you need to add the new machine's addresses today.
Figure 5-1. Using a secondary IP address
After a few minutes of panic, you weigh your options. One is to resubnet the network. You would then need to change the subnet masks on every machine, which is time-consuming. Even if you are using DHCP, a massive network reorganization is bound to be disruptive for your users.
The second, easier option is to add another subnet to the Ethernet segment by using the secondary command. In the old configuration, the original subnet was 10.10.1.64 with 30 hosts. In the new configuration, we add a second subnet, 10.10.1.96, to the segment:
interface ethernet0 ip address 10.10.1.65 255.255.255.224 ip address 10.10.1.97 255.255.255.224 secondary
Initially, the interface was assigned the address 10.10.1.65; we could assign .66 through .94 to hosts on the segment (.95 is reserved for broadcasts). After adding the .96 subnet, we can assign addresses 10.10.1.98 through 10.10.1.126 as well; .97 is assigned to the ethernet0 interface as its secondary address. We can go a step further and add yet another subnet, 10.10.1.128, by assigning 10.10.1.129 as an additional secondary address. This gives us a total of three subnets. We can add as many secondary addresses as we want.
interface ethernet 0 ip address 10.10.1.65 255.255.255.224 ip address 10.10.1.97 255.255.255.224 secondary ip address 10.10.1.129 255.255.255.224 secondary
Some pitfalls with secondary addresses are:
5.2.4. Other Common Interface Commands
You will encounter the following commands frequently as you work with interfaces on Cisco routers:
The bandwidth command does not have anything to do with configuring the speed of an interface. Rather, it defines the interface speed for calculating routing metrics and other purposes. You would use this command to tell the router the interface's actual speed if for some reason the default bandwidth was not correct (for example, for a fractional T1 line, the router will use the speed of a full T1 as the default bandwidth), or to "lie" about an interface's bandwidth to influence route metric calculations and steer traffic in a particular direction. Obviously, giving the router incorrect information about an interface's bandwidth is an iffy proposition, but there are times when that's the easiest way to achieve the result you want.
A directed broadcast is a broadcast that is sent to a specific network or set of networks. They are frequently used in denial-of-service attacks, in which someone outside your network tries to overwhelm it with illegitimate traffic. To reduce your vulnerability to such attacks, Cisco routers drop directed broadcasts by default. To enable forwarding of directed broadcasts, use the ip directed-broadcasts command.
Enabling proxy ARP on an interface allows the router to respond to ARP requests for hosts that it knows about, but that aren't directly reachable by the host making the ARP request. If the router receives an ARP request for a host and the router has a route to that host, the router sends an ARP response with its own data link address to the requestor. The requesting host then sends packets to the router, who in turn forwards them on to the correct destination host.
For example, a host connected via a PPP dial-up link won't be visible to hosts connected to the router via an Ethernet. If a host on an Ethernet sends an ARP request for a host connected via PPP, the router will respond to the ARP request on behalf of the PPP host, listing its own Ethernet address as the destination. The router then takes responsibility for forwarding the packets to the PPP host.
This command enables the generation of ICMP protocol unreachable messages (the default). These messages are generated when the router receives a nonbroadcast message for a protocol it doesn't recognize. This command is usually used in its negative form (no ip unreachables) and is often used on the null interface.
Now let's look at some of the specific interface types you're likely to encounter.