IES interface commands

interface

Syntax

interface ip-int-name

no interface ip-int-name

Context

config>service>ies

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command creates a logical IP routing interface for an IES. When created, attributes like an IP address and service access point (SAP) can be associated with the IP interface.

The interface command, under the context of services, is used to create and maintain IP routing interfaces within IES service IDs. The interface command can be executed in the context of an IES service ID. The IP interface created is associated with the service core network routing instance and default routing

Interface names are case sensitive and must be unique within the group of defined IP interfaces defined for the config service ies interface command (that is, the network core router instance). Interface names must not be in the dotted decimal notation of an IP address. For example, the name ‟1.1.1.1” is not allowed, but ‟int-1.1.1.1” is allowed. Show commands for router interfaces use either interface names or the IP addresses. Use unique IP address values and IP address names to maintain clarity. It could be unclear to the user if the same IP address and IP address name values are used. Although not recommended, duplicate interface names can exist in different router instances.

When a new name is entered, a new logical router interface is created. When an existing interface name is entered, the user enters the router interface context for editing and configuration.

No default IP interface names are defined within the system; all IES IP interfaces must be explicitly defined. Interfaces are created in an enabled state.

Note:
  • See the 7210  SAS-Mxp, R6, R12, S, Sx, T Basic System Configuration Guide for information about allocating addresses toward IP subnets using the configure system resource-profile router max-ip-subnets command.

  • Before using IPv6, resources for IPv6 routes must be allocated. See the 7210  SAS-Mxp, R6, R12, S, Sx, T Basic System Configuration Guide for information about how to use the configure system resource-profile router max-ipv6-routes command

The no form of this command removes the IP interface and all the associated configuration. The interface must be administratively shutdown before issuing the no interface command.

For IES services, the IP interface must be shut down before the SAP on that interface may be removed.

Parameters

ip-int-name

Specifies the name of the IP interface. Interface names must be unique within the group of defined IP interfaces for config router interface and config service ies interface commands. An interface name cannot be in the form of an IP address. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

If ip-int-name already exists within the service ID, the context is changed to maintain that IP interface. If ip-int-name already exists within another service ID, an error occurs and the context are not changed to that IP interface. If ip-int-name does not exist, the interface is created and context is changed to that interface for further command processing.

Values

1 to 32 alphanumeric characters

address

Syntax

address {ip-address/mask | ip-address netmask}

address ip-address mask

no address

Context

config>service>ies>if

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command assigns an IP address IP subnet, to an IES IP router interface. Only one IP address can be associated with an IP interface. An IP address must be assigned to each IES IP interface. An IP address and a mask are used together to create a local IP prefix. The defined IP prefix must be unique within the context of the routing instance. It cannot overlap with other existing IP prefixes defined as local subnets on other IP interfaces in the same routing context.

The IP address for the interface can be entered in either CIDR (Classless Inter-Domain Routing) or traditional dotted-decimal notation. The show commands display CIDR notation and is stored in configuration files.

By default, no IP address or subnet association exists on an IP interface until it is explicitly created.

Use the no form of this command to remove the IP address assignment from the IP interface. When the no address command is entered, the interface becomes operationally down.

The operational state is a read-only variable and the only controlling variables are the address and admin states. The address and admin states are independent and can be set independently. If an interface is in an administratively up state and an address is assigned, it becomes operationally up.

Parameters

ip-address

Specifies the IP address of the IP interface. The ip-address portion of the address command specifies the IP host address that will be used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted decimal notation.

Values

1.0.0.0 to 223.255.255.255 (with support of /31 subnets)

/

The forward slash is a parameter delimiter and separates the ip-address portion of the IP address from the mask that defines the scope of the local subnet. No spaces are allowed between the ip-address, the ‟/” and the mask-length parameter. If a forward slash is not immediately following the ip-address, a dotted-decimal mask must follow the prefix.

mask

The subnet mask length when the IP prefix is specified in CIDR notation. When the IP prefix is specified in CIDR notation, a forward slash (/) separates the ip-address from the mask-length parameter. The mask length parameter indicates the number of bits used for the network portion of the IP address; the remainder of the IP address is used to determine the host portion of the IP address. Allowed values are integers in the range 0 to 30. Note that a mask length of 32 is reserved for system IP addresses.

netmask

Specifies the subnet mask in dotted-decimal notation. When the IP prefix is not specified in CIDR notation, a space separates the ip-address from a traditional dotted-decimal mask. The mask parameter indicates the complete mask that is used in a logical ‟AND” function to derive the local subnet of the IP address. Allowed values are dotted-decimal addresses. A mask of 255.255.255.255 is reserved for system IP addresses.

Values

128.0.0.0 to 255.255.255.254

arp-timeout

Syntax

arp-timeout seconds

no arp-timeout

Context

config>service>ies>if

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command configures the minimum time in seconds an ARP entry learned on the IP interface is stored in the ARP table. ARP entries are automatically refreshed when an ARP request or gratuitous ARP is seen from an IP host, otherwise, the ARP entry is aged from the ARP table. If the arp-timeout command is set to a value of zero seconds, ARP aging is disabled.

The no form of this command reverts to the default value.

Default

arp-timeout 14400

Parameters

seconds

Specifies the minimum number of seconds a learned ARP entry is stored in the ARP table, expressed as a decimal integer. A value of zero specifies that the timer is inoperative and learned ARP entries are not aged.

Values

0 to 65535

allow-directed-broadcasts

Syntax

[no] allow-directed-broadcasts

Context

config>service>ies>if

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command enables the forwarding of directed broadcasts out of the IP interface. A directed broadcast is a packet received on a local router interface destined for the subnet broadcast address on another IP interface. This command on an IP interface enables or disables the transmission of packets destined for the subnet broadcast address of the egress IP interface.

When enabled, a frame destined for the local subnet on this IP interface is sent as a subnet broadcast out this interface. Care should be exercised when allowing directed broadcasts because this is a well-known mechanism used for denial-of-service attacks.

When disabled, directed broadcast packets discarded at this egress IP interface are counted in the normal discard counters for the egress SAP.

By default, directed broadcasts are not allowed and are discarded at this egress IP interface.

The no form of this command disables the forwarding of directed broadcasts out of the IP interface.

Default

no allow-directed-broadcasts

delayed-enable

Syntax

delayed-enable seconds [init-only]

no delayed-enable

Context

config>service>ies>if

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command delays making an interface operational by the specified number of seconds.

In environments with many subscribers, it can take time to synchronize the subscriber state between peers when the subscriber interface is enabled (for example, after a reboot). To ensure that the state has time to be synchronized, the delayed-enable timer can be specified. The optional init-only parameter specifies to use the delayed-enable timer only after a reboot.

Default

no delayed-enable

Parameters

seconds

Specifies the number of seconds to delay before the interface is operational.

Values

1 to 1200

init-only

Keyword that delays the initialization of the subscriber interface to give the system time to complete necessary tasks, such as allowing routing protocols to converge or MCS to synchronize the subscriber information. The delay occurs only immediately after a reboot.

ip-mtu

Syntax

ip-mtu octets

no ip-mtu

Context

config>service>ies>if

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command configures the maximum IP transmit unit (packet) for the interface.

The MTU that is advertised from the IES size is:

MINIMUM((SdpOperPathMtu - EtherHeaderSize), (Configured ip-mtu))

By default (for Ethernet network interface) if no ip-mtu is configured, the packet size is (1568 - 14) = 1554.

The no form of this command reverts to the default value.

Default

no ip-mtu

Parameters

octets

Specifies the number of octets in the IP-MTU.

Values

512 to 9000

loopback

Syntax

[no] loopback

Context

config>service>ies>if

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command specifies that the associated interface is a loopback interface that has no associated physical interface. As a result, the associated IES interface cannot be bound to a SAP.

Note that you can configure an IES interface as a loopback interface by issuing the loopback command instead of the sap command. The loopback flag cannot be set on an interface where a SAP is already defined, and a SAP cannot be defined on a loopback interface.

secondary

Syntax

secondary {ip-address/mask | ip-address netmask} [broadcast {all-ones | host-ones}] [igp-inhibit]

no secondary {ip-address/mask | ip-address netmask}

Context

config>service>ies>if

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command assigns up to 64 secondary IP addresses to the interface, including the primary IP address. Each address can be configured in an IP address, IP subnet, or broadcast address format.

Parameters

ip-address

Specifies the IP address of the IP interface. The IP address portion of the address command specifies the IP host address that is used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted-decimal notation.

Values

1.0.0.0 to 223.255.255.255

/

The forward slash is a parameter delimiter that separates the ip-address portion of the IP address from the mask that defines the scope of the local subnet. No spaces are allowed between the ip-address, the "/" and the mask parameter. If a forward slash does not immediately follow the ip-address, a dotted decimal netmask must follow the prefix.

mask

Specifies the subnet mask length when the IP prefix is specified in CIDR notation. When the IP prefix is specified in CIDR notation, a forward slash (/) separates the ip-address from the mask parameter. The mask parameter indicates the number of bits used for the network portion of the IP address; the remainder of the IP address is used to determine the host portion of the IP address. A mask length of 32 is reserved for system IP addresses.

Values

1 to 32

netmask

Specifies the subnet mask in dotted-decimal notation. When the IP prefix is not specified in CIDR notation, a space separates the ip-address from a traditional dotted-decimal mask. The netmask parameter indicates the complete mask that is used in a logical ‟AND” function to derive the local subnet of the IP address. A netmask of 255.255.255.255 is reserved for system IP addresses.

Values

a.b.c.d (network bits all 1 and host bits all 0)

broadcast {all-ones | host-ones}

This optional parameter overrides the default broadcast address used by the IP interface when sourcing IP broadcasts on the IP interface. If no broadcast format is specified for the IP address, the default value is host-ones, which indicates a subnet broadcast address. Use this parameter to change the broadcast address to all-ones or revert to a broadcast address of host-ones.

The broadcast parameter within the address command does not have a negate feature, which is usually used to revert a parameter to the default value. To change the broadcast type to host-ones after being configured as all-ones, the address command must be executed with the broadcast parameter defined. The broadcast format on an IP interface can be specified when the IP address is assigned or changed.

This parameter does not affect the type of broadcasts that can be received by the IP interface. A host sending either the local broadcast (all-ones) or the valid subnet broadcast address (host-ones) is received by the IP interface

Values

all-ones — Specifies that the broadcast address used by the IP interface for this IP address is 255.255.255.255, also known as the local broadcast. host-ones — Specifies that the broadcast address used by the IP interface for this IP address is the subnet broadcast address. This is an IP address that corresponds to the local subnet described by the ip-address and mask or netmask with all of the host bits set to binary 1. This is the default broadcast address used by an IP interface.

Default

host-ones

igp-inhibit

Specifies that the secondary IP address should not be recognized as a local interface by the running IGP.

static-arp

Syntax

static-arp ip-address ieee-mac-address

no static-arp ip-address

Context

config>service>ies>if

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command configures a static address resolution protocol (ARP) entry associating a subscriber IP address with a MAC address for the core router instance. This static ARP appears in the core routing ARP table. A static ARP can be configured only if it exists on the network attached to the IP interface.

If an entry for a particular IP address already exists and a new MAC address is configured for the IP address, the existing MAC address is replaced with the new MAC address.

The no form of this command removes a static ARP entry.

Parameters

ip-address

Specifies the IP address for the static ARP in IP address dotted-decimal notation.

ieee-mac-address

Specifies the 48-bit MAC address for the static ARP in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses.

vpls

Syntax

vpls service-name

Context

config>service

config>service>ies>if

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command binds the IP interface to the specified service name.

The system does not attempt to resolve the service name provided until the IP interface is placed into the administratively up state (no shutdown). When the IP interface is administratively up, the system scans the available VPLS services that have the allow-ip-int-binding flag set for a VPLS service associated with the name. If the service name is bound to the service name when the IP interface is already in the administratively up state, the system immediately attempts to resolve the specific name.

If a VPLS service is found associated with the name and with the allow-ip-int-binding flag set, the IP interface is attached to the VPLS service allowing routing to and from the service virtual ports when the IP interface is operational.

A VPLS service associated with the specified name that does not have the allow-ip-int-binding flag set or a non-VPLS service associated with the name is ignored and is not attached to the IP interface.

If the service name is applied to a VPLS service after the service name is bound to an IP interface and the VPLS service allow-ip-int-binding flag is set at the time the name is applied, the VPLS service is automatically resolved to the IP interface if the interface is administratively up or when the interface is placed in the administratively up state.

If the service name is applied to a VPLS service without the allow-ip-int-binding flag set, the system does not attempt to resolve the applied service name to an existing IP interface bound to the name. To rectify this condition, the flag must first be set, and then the IP interface must enter or reenter the administratively up state.

While the specified service name may be assigned to only one service context in the system, it is possible to bind the same service name to more than one IP interface. If two or more IP interfaces are bound to the same service name, the first IP interface to enter the administratively up state (if currently administratively down) or to reenter the administratively up state (if currently administratively up) when a VPLS service is configured with the name and has the allow-ip-int-binding flag set is attached to the VPLS service. Only one IP interface is allowed to attach to a VPLS service context. No error is generated for the remaining non-attached IP interfaces using the service name.

When an IP interface is attached to a VPLS service, the name associated with the service cannot be removed or changed until the IP interface name binding is removed. Also, the allow-ip-int-binding flag cannot be removed until the attached IP interface is unbound from the service name. Unbinding the service name from the IP interface causes the IP interface to detach from the VPLS service context. The IP interface may then be bound to another service name, or a SAP or SDP binding may be created for the interface using the sap or spoke-sdp commands on the interface.

Parameters

service-name

Required when using the IP interface vpls command and specifies the service name that the system attempts to resolve to an allow-ip-int-binding enabled VPLS service associated with the name. The specified name is expressed as an ASCII string consisting of up to 32 characters. It does not need to already be associated with a service, and the system does not check to ensure that multiple IP interfaces are not bound to the same name.