Management Source IP Address

In many cases network operators prefer to have a single IP address for the switch that is used for management operations like switch configuration, receiving remote log files, ping, and so forth. That IP address is needed for building firewall rules so that network switches can be easily identified. It is also required for identifying management traffic and exact management target in network logs.

The following protocols are supported by the feature:

  • FTP

  • TFTP

  • NTP

  • Syslog

  • TACACS

  • SSH, SSHD, SCP

  • Ping

  • Traceroute

  • SNMP

ssh server listen

ssh server listen <interface>
no ssh server listen <interface>

Defines a source interface for ssh server.

Syntax Description

interface

Interface to bind.
Possible values: mgmt0, lo, or loopback 0-31

Default

N/A

Configuration Mode

config

History

3.7.1002

Example

switch (config)# ssh server listen loopback2

Related Commands

Notes

ssh client global source-interface

ssh client global [vrf <vrf-name>] source-interface <interface>
no ssh client global [vrf <vrf-name>] source-interface <interface>

Configures the source interface that binds the SSH client to a specific address used by the slogin command.

Syntax Description

interface

Interface to bind.
Possible values: loopback0-31

vrf-name

VRF to be affected. If "vrf-name" parameter is not specified, "default" VRF will be used.

Default

N/A

Configuration Mode

config

History

3.7.1002

3.9.2000

Added VRF option

Example

switch (config)# ssh client global source-interface loopback10

Related Commands

Notes

The <interface> must be in the <vrf-name>. Source-interface could be configured in any VRF that the configured service is enabled in.

ip ftp source-interface

ip ftp [vrf <vrf-name>] source-interface <interface>
no ip ftp [vrf <vrf-name>] source-interface <interface>

Configures the source interface for ftp protocol.
The no form of the command disables the ftp source interface protocol.

Syntax Description

interface

Interface to bind
Possible values: loopback0-31

vrf-name

VRF to be affected. If "vrf-name" parameter is not specified, "default" VRF will be used.

Default

N/A

Configuration Mode

config

History

3.7.1002

3.9.2000

Added VRF option

Example

switch (config)# ip ftp source-interface loopback7

Related Commands

Notes

The <interface> must be in the <vrf-name>. The source-interface can be configured for each existing VRF.

ip tftp source-interface

ip tftp [vrf <vrf-name>] source-interface <interface>
no ip tftp [vrf <vrf-name>] source-interface <interface>

Configures the source interface for tftp protocol.
The no form of the command disables the tftp source interface protocol.

Syntax Description

interface

Interface to bind.
Possible values: loopback0-31

vrf-name

VRF to be affected. If "vrf-name" parameter is not specified, "default" VRF will be used.

Default

N/A

Configuration Mode

config

History

3.7.1002

3.9.2000

Added VRF option

Example

switch (config)# ip tftp source-interface loopback7

Related Commands

Notes

The <interface> must be in the <vrf-name>. The source-interface can be configured for each existing VRF.

ip scp source-interface

ip scp [vrf <vrf-name>] source-interface <interface>
no ip scp [vrf <vrf-name>] source-interface <interface>

Configures the source interface for scp protocol.
The no form of the command disables the scp source interface protocol.

Syntax Description

interface

Interface to bind
Possible values: loopback0-31

vrf-name

VRF to be affected. If "vrf-name" parameter is not specified, "default" VRF will be used.

Default

N/A

Configuration Mode

config

History

3.8.1000

3.9.2000

Added VRF option

Example

switch (config)# ip scp source-interface loopback7

Related Commands

Notes

The <interface> must be in the <vrf-name>. The source-interface can be configured for each existing VRF.

ip sftp source-interface

ip sftp [vrf <vrf-name>] source-interface <interface>
no ip sftp [vrf <vrf-name>] source-interface <interface>

Configures the source interface for sftp protocol.
The no form of the command disables the sftp source interface protocol.

Syntax Description

interface

Interface to bind
Possible values: loopback0-31

vrf-name

VRF to be affected. If "vrf-name" parameter is not specified, "default" VRF will be used.

Default

N/A

Configuration Mode

config

History

3.8.1000

3.9.2000

Added VRF option

Example

switch (config)# ip sftp source-interface loopback7

Related Commands

Notes

The <interface> must be in the <vrf-name>. The source-interface can be configured for each existing VRF.

ip traceroute source-interface

ip traceroute source-interface <interface>
no ip traceroute source-interface <interface>

Configures the source interface for traceroute protocol.
The no form of the command disables the traceroute source interface protocol.

Syntax Description

interface

Interface to bind
Possible values: loopback0-31

Default

N/A

Configuration Mode

config

History

3.8.1000

3.9.2000

Added VRF option

Example

switch (config)# ip traceroute source-interface loopback7

Related Commands

Notes

The <interface> must be in the <vrf-name>. The source-interface can be configured for each existing VRF.

logging source-interface

logging [vrf <vrf-name>] soucrce-interface <interface>
no logging [vrf <vrf-name>] source-interface <interface>

Configures the source interface for sending the log messages to remote servers.
The no form of the command disables the logging source interface protocol.

Syntax Description

interface

Interface to bind
Possible values: loopback0-31

vrf-name

VRF to be affected. If "vrf-name" parameter is not specified, "default" VRF will be used.

Default

N/A

Configuration Mode

config

History

3.7.1002

3.9.0600

Added notes

3.9.2000

Added VRF option

Example

switch (config)# logging source-interface loopback7

Related Commands

Notes

  • Source interface is supported only for logging host using UDP and not supported for TCP

  • Changes in runtime in the dns regarding a logging host (changes of relation between hostname and ip) are not handled, logging source ip may stop working

  • The <interface> must be in the <vrf-name>. Source-interface could be configured in any VRF that the configured service is enabled in.

tacacs-server source-interface

tacacs-server [vrf <vrf-name>] source-interface <interface>
no tacacs-server [vrf <vrf-name>] source-interface <interface>

Configures the source interface for tacacs protocol.
The no form of the command disables the tacacs source interface protocol.

Syntax Description

interface

Interface to bind
Possible values: loopback0-31

vrf-name

VRF to be affected. If "vrf-name" parameter is not specified, "default" VRF will be used.

Default

N/A

Configuration Mode

config

History

3.7.1002

3.9.2000

Added VRF option

Example

switch (config)# tacacs source-interface loopback23

Related Commands

Notes

The <interface> must be in the <vrf-name>. Source-interface must be in the same VRF that the configured service is enabled in.

ip icmp source-interface

ip icmp [vrf <vrf-name>] source-interface <interface>
no ip icmp [vrf <vrf-name>] source-interface <interface>

Configures the source interface for icmp protocol (for ping requests).
The no form of the command disables the icmp source interface protocol.

Syntax Description

interface

Interface to bind
Possible values: loopback0-31

vrf-name

VRF to be affected. If "vrf-name" parameter is not specified, "default" VRF will be used.

Default

N/A

Configuration Mode

config

History

3.7.1002

3.9.2000

Added VRF option

Example

switch (config)# ip icmp source-interface loopback24

Related Commands

Notes

<interface> must be in the <vrf-name>. Source-interface can be configured for each existing VRF.

ntp source-interface

ntp [vrf <vrf-name>] soucrce-interface <interface>
no ntp [vrf <vrf-name>] source-interface <interface>

Configures the source interface for ntp protocol. This interface will be used for user requested and periodic ntp synchronization.
The no form of the command disables the ntp source interface protocol.

Syntax Description

interface

Interface to bind. Range: loopback0-31.

vrf-name

VRF to be affected. If "vrf-name" parameter is not specified, "default" VRF will be used.

Default

N/A

Configuration Mode

config

History

3.7.1002

3.9.2000

Added VRF option

Example

switch (config)# ntp source-interface loopback7

Related Commands

Notes

  • This command sets source IP for NTPD and NTP date

  • The <interface> must be in the <vrf-name>. Source-interface must be in the same VRF that the configured service is enabled in.

snmp-server source-interface

snmp-server [vrf <vrf-name>] source-interface <interface>
no snmp-server [vrf <vrf-name>] source-interface <interface>

Configures the source interface for sending SNMP traps and informs.
The no form of the command disables the snmp-server source interface protocol.

Syntax Description

interface

Interface to bind
Range: loopback0-31

vrf-name

VRF to be affected. If "vrf-name" parameter is not specified, "default" VRF will be used.

Default

N/A

Configuration Mode

config

History

3.8.1000

3.9.2000

Added VRF option

Example

switch (config) # snmp-server source-interface loopback7

Related Commands

show snmp source-interface

Notes

The <interface> must be in the <vrf-name>. Source-interface could be configured in any VRF that the configured service is enabled in.

show ip ftp source-interface

show ip ftp [vrf {<vrf-name>|all}] source-interface

Displays the source interface.

Syntax Description

vrf-name

Describes VRF that will be affected by this command. If "vrf" parameter is not specified, the "default" VRF will be used implicitly.

Default

N/A

Configuration Mode

Any configuration mode

History

3.7.1002

3.9.2000

Added VRF option

Example

switch (config)# show ip ftp source-interface
Source IP for ftp client:
Configured: loopback7
Current : loopback7
IPv4-addr : 5.5.5.5
IPv6-addr : none

switch (config)# show ip ftp vrf all source-interface

VRF name: default

Source IP for ftp client:
Configured: none
Current : none
IPv4-addr : none
IPv6-addr : none

VRF name: mgmt

Source IP for ftp client:
Configured: loopback2
Current : loopback2
IPv4-addr : 10.10.10.10
IPv6-addr : none

Related Commands

Notes

show ip tftp source-interface

show ip tftp [vrf {<vrf-name>|all}] source-interface

Displays the source interface.

Syntax Description

vrf-name

Describes VRF that will be affected by this command. If "vrf" parameter is not specified, the "default" VRF will be used implicitly.

Default

N/A

Configuration Mode

Any configuration mode

History

3.9.2000

Example

switch (config)# show ip tftp [vrf {<vrf-name>|all}] source-interface

Example:
show ip tftp vrf all source-interface

VRF name: default

Source IP for tftp client:
Configured: none
Current : none
IPv4-addr : none
IPv6-addr : none

VRF name: mgmt

Source IP for tftp client:
Configured: loopback2
Current : loopback2
IPv4-addr : 10.10.10.10
IPv6-addr : none

Related Commands

Notes

show ntp source-interface

show ntp [vrf {<vrf-name>|all}] source-interface

Displays the source interface.

Syntax Description

vrf-name

Describes VRF that will be affected by this command. If "vrf" parameter is not specified, the "default" VRF will be used implicitly.

Default

N/A

Configuration Mode

Any configuration mode

History

3.7.1002

3.9.2000

Added VRF option

Example

switch (config)# show ntp source-interface
Source IP for ntp client:
Configured: loopback2
Current : loopback2
IPv4-addr : 10.7.144.97
IPv6-addr : none

switch (config)# show ntp vrf all source-interface

VRF name: default

Source IP for ntp client:
Configured: none
Current : none
IPv4-addr : none
IPv6-addr : none

VRF name: mgmt

Source IP for ntp client:
Configured: loopback2
Current : loopback2
IPv4-addr : 10.10.10.10
IPv6-addr : none

Related Commands

Notes

show logging source-interface

show logging [vrf {<vrf-name>|all}] source-interface

Displays the source interface.

Syntax Description

vrf-name

Describes VRF that will be affected by this command. If "vrf" parameter is not specified, the "default" VRF will be used implicitly.

Default

N/A

Configuration Mode

Any configuration mode

History

3.7.1002

3.9.2000

Added VRF option

Example

switch (config)# show logging source-interface
Source IP for syslogd client:
Configured: loopback23
Current : loopback23
IPv4-addr : 1.3.5.7
IPv6-addr : none

switch (config)# show logging vrf all source-interface

VRF name: default

Source IP for syslogd client:
Configured: none
Current : none
IPv4-addr : none
IPv6-addr : none

VRF name: mgmt

Source IP for syslogd client:
Configured: loopback2
Current : loopback2
IPv4-addr : 10.10.10.10
IPv6-addr : none

Related Commands

Notes

show tacacs source-interface

show tacacs [vrf {<vrf-name>|all}] source-interface

Displays the source interface.

Syntax Description

vrf-name

Describes VRF that will be affected by this command. If "vrf" parameter is not specified, the "default" VRF will be used implicitly.

Default

N/A

Configuration Mode

Any configuration mode

History

3.7.1002

3.9.2000

Added VRF option.

Example

switch (config)# show tacacs source-interface
Source IP for tacacs client:
Configured: loopback3
Current : loopback3
IPv4-addr : 1.3.5.7
IPv6-addr : none

switch (config)# show tacacs vrf all source-interface

VRF name: default

Source IP for tacacs client:
Configured: none
Current : none
IPv4-addr : none

VRF name: mgmt

Source IP for tacacs client:
Configured: loopback2
Current : loopback2
IPv4-addr : 10.10.10.10

Related Commands

Notes

show ip icmp source-interface

show ip icmp [vrf {<vrf-name>|all}] source-interface

Displays the source interface.

Syntax Description

vrf-name

Describes VRF that will be affected by this command. If "vrf" parameter is not specified, the "default" VRF will be used implicitly.

Default

N/A

Configuration Mode

Any configuration mode

History

3.7.1002

3.9.2000

Added VRF option

Example

switch (config)# show icmp source-interface
Source IP for ping client:
Configured: none
Current : none
IPv4-addr : none
IPv6-addr : none

switch (config)# show ip icmp vrf all source-interface

VRF name: default

Source IP for ping client:
Configured: none
Current : none
IPv4-addr : none
IPv6-addr : none

VRF name: mgmt

Source IP for ping client:
Configured: loopback2
Current : loopback2
IPv4-addr : 10.10.10.10
IPv6-addr : none

Related Commands

Notes

show ip traceroute source-interface

show ip traceroute [vrf {<vrf-name>|all}] source-interface

Displays the source interface.

Syntax Description

vrf-name

VRF that will be affected by this command. If "vrf" parameter is not specified, the "default" VRF will be used implicitly.

Default

N/A

Configuration Mode

Any configuration mode

History

3.7.1002

3.9.2000

Added VRF option

Example

switch (config)# show traceroute source-interface
Source IP for traceroute client:
Configured: none
Current : none
IPv4-addr : none
IPv6-addr : none

switch (config)# show ip traceroute vrf all source-interface

VRF name: default

Source IP for traceroute client:
Configured: none
Current : none
IPv4-addr : none
IPv6-addr : none

VRF name: mgmt

Source IP for traceroute client:
Configured: loopback2
Current : loopback2
IPv4-addr : 10.10.10.10
IPv6-addr : none

Related Commands

Notes

show ssh client source-interface

show ssh client [vrf {<vrf-name>|all}] source-interface

Displays the SSH client source interface.

Syntax Description

vrf-name

Describes VRF that will be affected by this command. If "vrf" parameter is not specified, the "default" VRF will be used implicitly.

Default

N/A

Configuration Mode

Any configuration mode

History

3.7.1002

3.7.1100

Updated example

3.9.2000

Added VRF option

Example

switch (config)# show ssh client source-interface
Source IP for ssh client:
Configured: loopback1
Current : loopback1
IPv4-addr : 1.1.1.1
IPv6-addr : none

switch (config)# show ssh client vrf all source-interface

VRF name: default

Source IP for ssh client:
Configured: none
Current : none
IPv4-addr : none
IPv6-addr : none

VRF name: mgmt

Source IP for ssh client:
Configured: loopback2
Current : loopback2
IPv4-addr : 10.10.10.10
IPv6-addr : none

Related Commands

Notes

show ip scp source-interface

show ip scp [vrf {<vrf-name>|all}] source-interface

Displays the source interface.

Syntax Description

vrf-name

Describes VRF that will be affected by this command. If "vrf" parameter is not specified, the "default" VRF will be used implicitly.

Default

N/A

Configuration Mode

Any configuration mode

History

3.7.1002

3.9.2000

Added VRF option.

Example

switch (config)# show ip scp source-interface
Source IP for scp client:
Configured: none
Current : none
IPv4-addr : none
IPv6-addr : none

switch (config)# show ip scp vrf all source-interface

VRF name: default

Source IP for scp client:
Configured: none
Current : none
IPv4-addr : none
IPv6-addr : none

VRF name: mgmt

Source IP for scp client:
Configured: loopback2
Current : loopback2
IPv4-addr : 10.10.10.10
IPv6-addr : none

Related Commands

Notes

show ip sftp source-interface

show ip sftp [vrf {<vrf-name>|all}] source-interface

Displays the source interface.

Syntax Description

vrf-name

Describes VRF that will be affected by this command. If "vrf" parameter is not specified, the "default" VRF will be used implicitly.

Default

N/A

Configuration Mode

Any configuration mode

History

3.7.1002

3.9.2000

Added VRF option

Example

switch (config)# show ip sftp source-interface
Source IP for sftp client:
Configured: none
Current : none
IPv4-addr : none
IPv6-addr : none

switch (config)# show ip sftp vrf all source-interface

VRF name: default

Source IP for sftp client:
Configured: none
Current : none
IPv4-addr : none
IPv6-addr : none

VRF name: mgmt

Source IP for sftp client:
Configured: loopback2
Current : loopback2
IPv4-addr : 10.10.10.10
IPv6-addr : none

Related Commands

Notes

show snmp source-interface

show snmp [vrf {<vrf-name>|all}] source-interface

Displays the source interface for sending SNMP traps and informs.

Syntax Description

vrf-name

Describes VRF that will be affected by this command. If "vrf" parameter is not specified, the "default" VRF will be used implicitly.

Default

N/A

Configuration Mode

config

History

3.8.1000

3.9.2000

Added VRF option

Example

switch (config)# show snmp source-interface
Source IP for snmp server:

Configured: loopback7
Current : loopback7
IPv4-addr : 5.5.5.5
IPv6-addr : none

switch (config)# show snmp vrf all source-interface

VRF name: default

Source IP for snmp server:
Configured: none
Current : none
IPv4-addr : none
IPv6-addr : none

VRF name: mgmt

Source IP for snmp server:
Configured: loopback2
Current : loopback2
IPv4-addr : 10.10.10.10
IPv6-addr : none

Related Commands

snmp-server source-interface <interface>

Notes

© Copyright 2023, NVIDIA. Last updated on Sep 8, 2023.