Source Interface Commands
This chapter is a reference for source interface commands. The source Interface feature routes management traffic to a dedicated interface using iptables NAT rules.
The source interface feature is supported for the protocols shown in
Table 6-5.
Table 6-5: Source interface protocols and port numbers
Protocol | Default port number |
|---|
Tacacs+ | 49 |
Radius | 1812 and 1813 |
Snmp | 161 and 162 |
Ntp | 123 |
Syslog | 514 |
Note: Because management applications are allowed only on the default and management VRF, the commands in this chapter are supported on the "management" and "default" VRFs only.
This chapter contains these commands:
ip source-interface
Use this command to configure the IPv4 source interface for a protocol.
Use the no form of this command to remove the IPv4 source interface for a protocol.
Note:
• It is possible that the router may establish an outgoing TCP connection using an interface that does not have a valid or routable IP address. In such case, the user must specify the address of a different interface to use as the source IP address for the outgoing connection. For this scenario, the command
ip source-interface or
ipv6 source-interfaceis used.
• OcNOS supports configuring multiple ports for the same protocol in the ip source-interface command.
Command Syntax
ip source-interface IFNAME (tacacs+|ntp|snmp|syslog|radius) (port (123|162|1812|49|514|<1025-65535>)|)(vrf (NAME|management)|)
no ip source-interface IFNAME (tacacs+|ntp|snmp|syslog|radius) (port (49|123|162|514|1812|<1025-65535>)|) (vrf (NAME|management)|)
Parameters
IFNAME
Interface name (lo or physical interface)
tacacs+
Terminal Access Controller Access Control System
tacacs+ 49
Default source interface protocol port number for TACACS+
ntp
Network Time Protocol
ntp 123
Default source interface protocol port number for NTP
snmp
Simple Network Management Protocol
snmp 162
Default source interface protocol port number for SNMP
syslog
syslog
syslog 514
Default source interface protocol port number for Rsyslog
radius
Remote Authentication Dial-In User Service
radius 1812
Default source interface protocol port number for RADIUS
<1025-65535>
Port number. Default value is as per the protocol.
vrf management
Defines the management VRF instance.
vrf NAME
Specify the user-defined VRF instance name.
Default
None
Command Mode
Configure mode
Applicability
This command was introduced in OcNOS version 4.0. Added VRF NAME parameter in OcNOS version 6.6.0
Example
OcNOS#configure terminal
OcNOS(config)#ip source-interface xe1 ntp
OcNOS(config)#ip source-interface xe2 radius port 1025
OcNOS(config)#ip source-interface xe3 syslog port 65535 vrf management
OcNOS(config)#ip source-interface xe4 tacacs+ port 49 vrf management
The following example shows how to configure multiple source interface protocol port number:
OcNOS#configure terminal
OcNOS(config)#ip source-interface lo syslog port 6666
OcNOS(config)#ip source-interface lo syslog port 7777
OcNOS(config)#ip source-interface lo syslog port 8888
OcNOS(config)#ip source-interface lo syslog port 9999
OcNOS(config)#commit
ipv6 source-interface
Use this command to configure the IPv6 source interface for a protocol.
Use the no form of this command to remove the IPv6 source interface for a protocol.
Command Syntax
ipv6 source-interface IFNAME (tacacs+|ntp|snmp|syslog|radius) (port (123|162|1812|49|514|<1025-65535>)|) (vrf (NAME|management)|)
no ipv6 source-interface IFNAME (tacacs+|ntp|snmp|syslog|radius) (port (49|123|162|514|1812|<1025-65535>)|) (vrf (NAME|management)|)
Parameters
IFNAME
Interface name (lo or physical interface)
tacacs+
Terminal Access Controller Access Control System
tacacs+ 49
Default source interface protocol port number for TACACS+
ntp
Network Time Protocol
ntp 123
Default source interface protocol port number for NTP
snmp
Simple Network Management Protocol
snmp 162
Default source interface protocol port number for SNMP
syslog
syslog
syslog 514
Default source interface protocol port number for Rsyslog
radius
Remote Authentication Dial-In User Service
radius 1812
Default source interface protocol port number for RADIUS
<1025-65535>
Port number. Default value is as per the protocol.
vrf management
Defines the management VRF instance.
vrf NAME
Specify the user-defined VRF instance name.
Default
None
Command Mode
Configure mode
Applicability
This command was introduced in OcNOS version 4.0.
Example
OcNOS#configure terminal
OcNOS(config)#ipv6 source-interface xe1 ntp
OcNOS(config)#ipv6 source-interface xe2 radius port 1025
OcNOS(config)#ipv6 source-interface xe3 syslog port 65535 vrf management
OcNOS(config)#ip source-interface xe4 tacacs+ port 49 vrf management
The following example shows how to configure multiple source interface protocol port number:
OcNOS#configure terminal
OcNOS(config)#ipv6 source-interface lo tacacs+ port 1111
OcNOS(config)#ipv6 source-interface lo tacacs+ port 2222
OcNOS(config)#ipv6 source-interface lo tacacs+ port 3333
OcNOS(config)#ipv6 source-interface lo tacacs+ port 4444
OcNOS(config)#commit
OcNOS(config)#
show ip source-interface detail
Use this command to display the IPv4 source interface status in detail.
Command Syntax
show ip source-interface detail
Parameters
None
Command Mode
Exec mode and Privileged Exec mode
Applicability
This command was introduced in OcNOS version 4.0.
Examples
The following example shows the output using different protocols with multiple port numbers:
#show ip source-interface detail
Source-Interface Detailed Information
=====================================
Protocol : tacacs+
Interface : lo
Port : 6666
Address : 1.1.1.1
Status : Active
VRF Name : Default
Protocol : radius
Interface : lo
Port : 7777
Address : 1.1.1.1
Status : Active
VRF Name : Default
Protocol : ntp
Interface : xe12
Port : 8888
Address : 1.1.1.1
Status : Active
VRF Name : Management
Protocol : syslog
Interface : lo
Port : 9999
Address : 0.0.0.0
Status : Active
VRF Name : default
The following example shows the output using the same protocol with multiple port numbers:
OcNOS#show ip source-interface detail
Source-Interface Detailed Information
=====================================
Protocol : syslog
Interface : lo
Port : 6666
Address : 0.0.0.0
Status : Active
VRF Name : default
Protocol : syslog
Interface : lo
Port : 7777
Address : 0.0.0.0
Status : Active
VRF Name : default
Protocol : syslog
Interface : lo
Port : 8888
Address : 0.0.0.0
Status : Active
VRF Name : default
Protocol : syslog
Interface : lo
Port : 9999
Address : 0.0.0.0
Status : Active
VRF Name : default
Table 6-6 explains the output fields.
Table 6-6: Output fields
Field | Description |
|---|
Protocol | tacacs+, ntp, snmp, syslog, or radius |
Interface | Interface name (lo or physical interface) |
Port | Source interface protocol port number |
Address | IP address |
Status | Whether active or inactive |
VRF Name | Virtual Routing and Forwarding name |
show ipv6 source-interface detail
Use this command to display the IPv6 source interface status in detail.
Command Syntax
show ipv6 source-interface detail
Parameters
None
Command Mode
Exec mode and Privileged Exec mode
Applicability
This command was introduced in OcNOS version 4.0.
Examples
The following example shows the output using different protocols with multiple port numbers:
#show ipv6 source-interface detail
Source-Interface Detailed Information
=====================================
Protocol : tacacs+
Interface : lo
Port : 6666
Address : ::1
Status : Active
VRF Name : Default
Protocol : radius
Interface : lo
Port : 7777
Address : ::1
Status : Active
VRF Name : Default
Protocol : ntp
Interface : xe12
Port : 7777
Address : 2001::1
Status : Active
VRF Name : vrf1
Protocol : ntp
Interface : xe12
Port : 8888
Address : 2001::1
Status : Active
VRF Name : vrf1
The following example shows the output using the same protocol with multiple port numbers:
OcNOS#show ipv6 source-interface detail
Source-Interface Detailed Information
=====================================
Protocol : tacacs+
Interface : lo
Port : 1111
Address : ::
Status : Active
VRF Name : default
Protocol : tacacs+
Interface : lo
Port : 2222
Address : ::
Status : Active
VRF Name : default
Protocol : tacacs+
Interface : lo
Port : 3333
Address : ::
Status : Active
VRF Name : default
Protocol : tacacs+
Interface : lo
Port : 4444
Address : ::
Status : Active
VRF Name : default
Table 6-6 explains the output fields.
Field | Description |
|---|
Protocol | tacacs+, ntp, snmp, syslog, or radius |
Interface | Interface name (lo or physical interface) |
Port | Source interface protocol port number |
Address | IP address |
Status | Whether active or inactive |
VRF Name | Virtual Routing and Forwarding name |
show running-config ip source-interface
Use this command to display the IPv4 source interface running configuration.
Command Syntax
show running-config ip source-interface
Parameters
None
Command Mode
Exec mode and Privileged Exec mode
Applicability
This command was introduced in OcNOS version 4.0
Example
#show running-config ip source-interface
ip source-interface lo tacacs+ port 1025
ip source-interface lo radius
ip source-interface lo.management ntp vrf management
ip source-interface lo.management syslog port 1026 vrf management
ip source-interface ge3 snmp
ip source-interface lo syslog port 6666
ip source-interface lo syslog port 7777
ip source-interface lo syslog port 8888
ip source-interface lo syslog port 9999s
show running-config ipv6 source-interface
Use this command to display the IPv6 source interface running configuration.
Command Syntax
show running-config ipv6 source-interface
Parameters
None
Command Mode
Exec mode and Privileged Exec mode
Applicability
This command was introduced in OcNOS version 4.0.
Example
#show running-config ipv6 source-interface
ipv6 source-interface lo tacacs+ port 1025
ipv6 source-interface lo radius
ipv6 source-interface lo.management ntp vrf management
ipv6 source-interface lo.management syslog port 1026 vrf management
ipv6 source-interface ge3 snmp
ip source-interface lo syslog port 6666
ip source-interface lo syslog port 7777
ip source-interface lo syslog port 8888
ip source-interface lo syslog port 9999