Configuring an IPv6 Snooping Binding Table
Using information extracted from intercepted DHCP messages, DHCP snooping dynamically builds and maintains a database. The database contains an entry for each untrusted host with a leased IP address if the host is associated with a VLAN that has DHCP snooping enabled. The database does not contain entries for hosts connected through trusted interfaces.
Note: The DHCP snooping binding database is also referred to as the DHCP snooping binding table.
DHCP snooping updates the database when the device receives specific DHCP messages. For example, the feature adds an entry to the database when the device receives a DHCPACK message from the server. The feature removes the entry in the database when the IP address lease expires or the device receives a DHCPRELEASE message from the host.
Each entry in the DHCP snooping binding database includes the MAC address of the host, the leased IP address, the lease time, the binding type, and the VLAN number and interface information associated with the host.
Dynamic ARP inspection (DAI) and IP Source Guard also use information stored in the DHCP snooping binding database.
For more information, see the Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 7.x.
Configuring an IPv6 Snooping Binding Table with the Maximum Times Set to Infinite
Configuring an IPv6 Snooping Binding Table with the Maximum Times set to Infinite
http://<mgmt0_IP>/api/mo/sys/sisf.json
{
"sisfEntity": {
"children": [
{
"sisfInstBinding": {
"attributes": {
"DownLifetimer": "0",
"ReachableLifetimer": "0",
"StaleLifetimer": "0"
}}}]}}
{
imdata:[]
}
<System>
<sisf-items>
<neighborbinding-items>
<DownLifetimer>0</DownLifetimer>
<ReachableLifetimer>0</ReachableLifetimer>
<StaleLifetimer>0</StaleLifetimer>
</neighborbinding-items>
</sisf-items>
</System>
Note: This example was added in Release Cisco NX-OS Release 7.0(3)I7(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
ipv6 neighbor binding reachable-lifetime infinite down-lifetime infinite stale-lifetime infinite
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Configuring an IPv6 Snooping Binding Table with the Maximum Times set to Specific Time Values (in Seconds)
Configuring an IPv6 Snooping Binding Table with the Maximum Times set to Specific Time Values (in Seconds)
http://<mgmt0_IP>/api/mo/sys/sisf.json
{
"sisfEntity": {
"children": [
{
"sisfInstBinding": {
"attributes": {
"DownLifetimer": "123",
"ReachableLifetimer": "123",
"StaleLifetimer": "123"
}}}]}}
{
imdata:[]
}
<System>
<sisf-items>
<neighborbinding-items>
<DownLifetimer>123</DownLifetimer>
<ReachableLifetimer>123</ReachableLifetimer>
<StaleLifetimer>123</StaleLifetimer>
</neighborbinding-items>
</sisf-items>
</System>
Note: This example was added in Release Cisco NX-OS Release 7.0(3)I7(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
ipv6 neighbor binding reachable-lifetime 123 down-lifetime 123 stale-lifetime 123
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Deleting the Configuration of an IPv6 Snooping Binding Table with the Maximum Times Set to Specific Time Values (in Seconds)
Deleting the Configuration of an IPv6 Snooping Binding Table with the Maximum Times Set to Specific Time Values (in Seconds)
http://<mgmt0_IP>/api/mo/sys/sisf.json
{
"sisfEntity": {
"children": [
{
"sisfInstBinding": {
"attributes": {
"DownLifetimer": "86400",
"ReachableLifetimer": "300",
"StaleLifetimer": "86400"
}}}]}}
{
imdata:[]
}
<System>
<sisf-items>
<neighborbinding-items>
<DownLifetimer>86400</DownLifetimer>
<ReachableLifetimer>300</ReachableLifetimer>
<StaleLifetimer>86400</StaleLifetimer>
</neighborbinding-items>
</sisf-items>
</System>
Note: This example was added in Release Cisco NX-OS Release 7.0(3)I7(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
no ipv6 neighbor binding reachable-lifetime 123 down-lifetime 123 stale-lifetime 123
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Deleting the Configuration of an IPv6 Snooping Binding Table with the Maximum Times set to Infinite
Deleting the Configuration of an IPv6 Snooping Binding Table with the Maximum Times set to Infinite
http://<mgmt0_IP>/api/mo/sys/sisf.json
{
"sisfEntity": {
"children": [
{
"sisfInstBinding": {
"attributes": {
"DownLifetimer": "86400",
"ReachableLifetimer": "300",
"StaleLifetimer": "86400"
}}}]}}
{
imdata:[]
}
<System>
<sisf-items>
<neighborbinding-items>
<DownLifetimer>86400</DownLifetimer>
<ReachableLifetimer>300</ReachableLifetimer>
<StaleLifetimer>86400</StaleLifetimer>
</neighborbinding-items>
</sisf-items>
</System>
Note: This example was added in Release Cisco NX-OS Release 7.0(3)I7(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
no ipv6 neighbor binding reachable-lifetime infinite down-lifetime infinite stale-lifetime infinite
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Configuring an IPv6 Snooping Binding Table with a VLAN Interface
Configuring an IPv6 Snooping Binding Table with a VLAN Interface
sys/sisf/neighborbinding.json
{
"sisfInstBinding": {
"children": [
{
"sisfStaticBinding": {
"attributes": {
"interface": "eth1/2",
"mac": "00:01:00:02:00:03",
"v6Addr": "1:2::3:4",
"vlanID": "123"
}}}]}}
{
imdata:[]
}
<System>
<sisf-items>
<neighborbinding-items>
<bindingip-items>
<StaticBinding-list>
<v6Addr>1:2::3:4</v6Addr>
<vlanID>123</vlanID>
<interface>eth1/2</interface>
<mac>00:01:00:02:00:03</mac>
</StaticBinding-list>
</bindingip-items>
</neighborbinding-items>
</sisf-items>
</System>
Note: This example was added in Release Cisco NX-OS Release 7.0(3)I7(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
ipv6 neighbor binding vlan 123 1:2::3:4 interface ethernet1/2 1.2.3 tracking default reachable-lifetime default
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Deleting the Configuration of an IPv6 Snooping Binding Table That Contains a VLAN Interface
Deleting the Configuration of an IPv6 Snooping Binding Table That Contains a VLAN Interface
sys/sisf/neighborbinding.json
{
"sisfInstBinding": {
"children": [
{
"sisfStaticBinding": {
"attributes": {
"interface": "unspecified",
"mac": "00:00:00:00:00:00",
"reachableLifetimer": "300",
"retryInterval": "1",
"tracking": "disable",
"v6Addr": "1:2::3:4",
"vlanID": "123"
}}}]}}
{
imdata:[]
}
<System>
<sisf-items>
<neighborbinding-items>
<bindingip-items>
<StaticBinding-list>
<v6Addr>1:2::3:4</v6Addr>
<vlanID>123</vlanID>
<interface>unspecified</interface>
<mac>00:00:00:00:00:00</mac>
<reachableLifetimer>300</reachableLifetimer>
<retryInterval>1</retryInterval>
<tracking>disable</tracking>
</StaticBinding-list>
</bindingip-items>
</neighborbinding-items>
</sisf-items>
</System>
Note: This example was added in Release Cisco NX-OS Release 7.0(3)I7(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
no ipv6 neighbor binding vlan 123 1:2::3:4 interface ethernet1/2 1.2.3 tracking default reachable-lifetime default
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Configuring the Maximum Number of Entries for an IPv6 Snooping Binding Table
Configuring the Maximum Number of Entries for an IPv6 Snooping Binding Table
http://<mgmt0_IP>/api/mo/sys/sisf.json
{
"sisfEntity": {
"children": [
{
"sisfInstBinding": {
"attributes": {
"MacLimit": "123",
"MaxEntries": "123",
"PortLimit": "123",
"VlanLimit": "123"
}}}]}}
{
imdata:[]
}
<System>
<sisf-items>
<neighborbinding-items>
<MacLimit>123</MacLimit>
<MaxEntries>123</MaxEntries>
<PortLimit>123</PortLimit>
<VlanLimit>123</VlanLimit>
</neighborbinding-items>
</sisf-items>
</System>
Note: This example was added in Release Cisco NX-OS Release 7.0(3)I7(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
ipv6 neighbor binding max-entries 123 vlan-limit 123 port-limit 123 mac-limit 123
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Deleting the Configuration of the Maximum Number of Entries for an IPv6 Snooping Binding Table
Deleting the Configuration of the Maximum Number of Entries for an IPv6 Snooping Binding Table
http://<mgmt0_IP>/api/mo/sys/sisf.json
{
"sisfEntity": {
"children": [
{
"sisfInstBinding": {
"attributes": {
"MacLimit": "0",
"MaxEntries": "0",
"PortLimit": "0",
"VlanLimit": "0"
}}}]}}
{
imdata:[]
}
<System>
<sisf-items>
<neighborbinding-items>
<MacLimit>0</MacLimit>
<MaxEntries>0</MaxEntries>
<PortLimit>0</PortLimit>
<VlanLimit>0</VlanLimit>
</neighborbinding-items>
</sisf-items>
</System>
Note: This example was added in Release Cisco NX-OS Release 7.0(3)I7(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
no ipv6 neighbor binding max-entries 123 vlan-limit 123 port-limit 123 mac-limit 123
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Configuring the Syslog Logging of Binding Table Events
Configuring the Syslog Logging of Binding Table Events
http://<mgmt0_IP>/api/mo/sys/sisf.json
{
"sisfEntity": {
"children": [
{
"sisfInstBinding": {
"attributes": {
"logging": "yes"
}}}]}}
{
imdata:[]
}
<System>
<sisf-items>
<neighborbinding-items>
<logging>true</logging>
</neighborbinding-items>
</sisf-items>
</System>
Note: This example was added in Release Cisco NX-OS Release 7.0(3)I7(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
ipv6 neighbor binding logging
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Disabling the Syslog Logging of Binding Table Events
Disabling the Syslog Logging of Binding Table Events
http://<mgmt0_IP>/api/mo/sys/sisf.json
{
"sisfEntity": {
"children": [
{
"sisfInstBinding": {
"attributes": {
"logging": "no"
}}}]}}
{
imdata:[]
}
<System>
<sisf-items>
<neighborbinding-items>
<logging>false</logging>
</neighborbinding-items>
</sisf-items>
</System>
Note: This example was added in Release Cisco NX-OS Release 7.0(3)I7(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
no ipv6 neighbor binding logging
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Configuring the Interval Time Between Two Probings
Configuring the Interval Time Between Two Probings
http://<mgmt0_IP>/api/mo/sys/sisf.json
{
"topSystem": {
"children": [
{
"sisfEntity": {
"children": [
{
"sisfInstBinding": {
"attributes": {
"retryInterval": "123",
"tracking": "yes"
}
}
}
]
}
}
]
}
}
{
imdata:[]
}
<System>
<sisf-items>
<neighborbinding-items>
<retryInterval>123</retryInterval>
<tracking>true</tracking>
</neighborbinding-items>
</sisf-items>
</System>
Tracks entries in the binding table.
Note: This example was added in Release Cisco NX-OS Release 7.0(3)I7(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
ipv6 neighbor tracking retry-interval 123
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Disabling the Interval Time Between Two Probings
Disabling the Interval Time Between Two Probings
http://<mgmt0_IP>/api/mo/sys/sisf.json
{
"topSystem": {
"children": [
{
"sisfEntity": {
"children": [
{
"sisfInstBinding": {
"attributes": {
"retryInterval": "1",
"tracking": "no"
}
}
}
]
}
}
]
}
}
{
imdata:[]
}
<System>
<sisf-items>
<neighborbinding-items>
<retryInterval>1</retryInterval>
<tracking>false</tracking>
</neighborbinding-items>
</sisf-items>
</System>
Note: This example was added in Release Cisco NX-OS Release 7.0(3)I7(3).
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
no ipv6 neighbor tracking retry-interval 123
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/media/dme/index.html
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html