For complete descriptions of all local DHCP and DHCPv6 server commands, refer to the Router Configuration Guide, “Local DHCP and DHCPv6 Server Commands”.
For complete descriptions of all VPRN IPSec commands, refer to the IPSec Command Reference.
The ntp-server command is not supported in the vprn ntp context. When NTP is configured in a VPRN service, NTP server mode is assumed and is not optional.
For complete descriptions of all local DHCP and DHCPv6 server show commands, refer to the 7705 SAR Router Configuration Guide, “IP Router Command Reference, Show Commands”.
For complete descriptions of all OSPF and OSPFv3 show commands, refer to the 7705 SAR Routing Protocols Guide, “OSPF Command Reference, Show Commands”.
Note: The inter-as-label command appears in the show>router>bgp command hierarchy; however, it is not applicable in the VPRN BGP context and, if executed, will return empty output. |
This command creates a text description that is stored in the configuration file for a configuration context.
The description command associates a text string with a configuration context to help identify the contents in the configuration file.
The no form of this command removes the string from the configuration.
no description
This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.
The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they can be deleted.
Services are created in the administratively down (shutdown) state. When a no shutdown command is entered, the service becomes administratively up and then tries to enter the operationally up state. Default administrative states for services and service entities are described below in Special Cases.
The no form of this command places the entity into an administratively enabled state.
A service is regarded as operational providing that one IP Interface SAP and one SDP is operational.
It is not possible to make configuration changes to an IP transport subservice without performing a shutdown first.
The operational state of an IP transport subservice is relative to the operational state of the serial port for which the IP transport subservice is defined. When a serial port is shut down, the IP transport subservice associated with the serial port becomes operationally down.
When the no shutdown command is executed for an IP transport subservice, it becomes operationally up, serial data from the serial port is encapsulated in TCP/UDP packets destined for remote hosts, and TCP/UDP packets can be received by the local host, where raw serial data is then sent out the serial port.
This command creates or edits a Virtual Private Routed Network (VPRN) service instance.
If the service-id does not exist, a context for the service is created. If the service-id exists, the context for editing the service is entered.
VPRN services allow the creation of customer-facing IP interfaces in a separate routing instance from the one used for service network core routing connectivity. VPRN services allow the IP addressing scheme used by the subscriber to overlap with other addressing schemes used by other VPRN services or by the provider and, potentially, the entire Internet.
IP interfaces defined within the context of a VPRN service ID must have a SAP created as the access point to the subscriber network.
When a service is created, the customer keyword and customer-id must be specified, which associates the service with a customer. The customer-id must already exist, having been created using the customer command in the service context. When a service is created with a customer association, it is not possible to edit the customer association. To change the association between service and customer, the service must be deleted and recreated with a new customer association.
Once a service is created, the use of customer customer-id is optional to navigate into the service configuration context. Attempting to edit a service with an incorrect customer-id results in an error.
Multiple VPRN services are created in order to separate customer-owned IP interfaces. More than one VPRN service can be created for a single customer ID. More than one IP interface can be created within a single VPRN service ID. All IP interfaces created within a VPRN service ID belong to the same customer.
The no form of the command deletes the VPRN service instance with the specified service-id. The service cannot be deleted until all the IP interfaces and all routing protocol configurations defined within the service ID have been shut down and deleted.
n/a
This command creates an aggregate route.
Use this command to group a number of routes with common prefixes into a single entry in the routing table. This reduces the number of routes that need to be advertised by this router and reduces the number of routes in the routing tables of downstream routers.
Both the original components and the aggregated route (source protocol aggregate) are offered to the Routing Table Manager (RTM). Subsequent policies can be configured to assign protocol-specific characteristics, such as the OSPF tag, to aggregate routes.
Multiple entries with the same prefix but a different mask can be configured; routes are aggregated to the longest mask. If one aggregate is configured as 10.0/16 and another as 10.0.0/24, then route 10.0.128/17 would be aggregated into 10.0/16 and route 10.0.0.128/25 would be aggregated into 10.0.0/24. If multiple entries are made with the same prefix and the same mask, the previous entry is overwritten.
The no form of the command removes the aggregate.
no aggregate
This command enables the context to configure automatic binding of a VPRN service using tunnels to MP-BGP peers.
The auto-bind-tunnel mode is simply a context to configure the binding of VPRN routes to tunnels. The user must configure the resolution option to enable auto-binding resolution to tunnels in TTM.
When an explicit SDP to a BGP next hop is configured in a VPRN service (config>service> vprn>spoke-sdp), it overrides the auto-bind-tunnel selection for that BGP next hop only. There is no support for reverting automatically to the auto-bind-tunnel selection if the explicit SDP goes down. The user must delete the explicit spoke SDP in the VPRN service context to resume using the auto-bind-tunnel selection for the BGP next hop.
This command configures the resolution mode in the automatic binding of a VPRN service to tunnels to MP-BGP peers.
If the resolution option is explicitly set to disabled, the auto-binding to tunnels is removed.
If resolution is set to any, any supported tunnel type in the VPRN context will be selected following the TTM preference. If one or more explicit tunnel types are specified using the resolution-filter option, only these tunnel types will be selected again following the TTM preference.
The user must set resolution to filter to activate the list of tunnel types configured under resolution-filter.
This command configures the subset of tunnel types that can be used in the resolution of VPRN prefixes within the automatic binding of VPRN service to tunnels to MP-BGP peers.
The following tunnel types are supported in a VPRN context (in order of preference): RSVP (rsvp), segment routing TE (sr-te), LDP (ldp), segment routing OSPF (sr-ospf), segment routing IS-IS (sr-isis), and GRE (gre). The segment routing precedences can be configured. The selection of an SR tunnel in SR-ISIS when using multi-instance IS-IS is based on lowest instance ID.
This command specifies the GRE type of automatic binding for the SDP assigned to this service. When auto-bind-tunnel is used, a spoke SDP does not need to be configured for the service.
The no form of the command removes this type of automatic binding.
no gre
This command specifies the LDP tunnel type of automatic binding for the SDP assigned to this service. When auto-bind-tunnel is used, a spoke SDP does not need to be configured for the service.
The ldp value instructs BGP to search for an LDP LSP with a FEC prefix corresponding to the address of the BGP next hop.
The no form of the command removes this type of automatic binding.
no ldp
This command specifies the RSVP tunnel type of automatic binding for the SDP assigned to this service. When auto-bind-tunnel is used, a spoke SDP does not need to be configured for the service.
The rsvp value instructs BGP to search for the best metric RSVP LSP to the address of the BGP next hop. The LSP metric is provided by MPLS in the tunnel table. In the case of multiple RSVP LSPs with the same lowest metric, BGP selects the LSP with the lowest tunnel-id.
The no form of the command removes this type of automatic binding.
no rsvp
This command specifies the SR-ISIS tunnel type of automatic binding for the SDP assigned to this service. When auto-bind-tunnel is used, a spoke SDP does not need to be configured for the service.
When the sr-isis value is enabled, an SR tunnel to the BGP next hop is selected in the TTM from the lowest-numbered IS-IS instance.
The no form of the command removes this type of automatic binding.
no sr-isis
This command specifies the SR-OSPF tunnel type of automatic binding for the SDP assigned to this service. When auto-bind-tunnel is used, a spoke SDP does not need to be configured for the service.
When the sr-ospf value is enabled, an SR tunnel to the BGP next hop is selected in the TTM from OSPF instance 0.
The no form of the command removes this type of automatic binding.
no sr-ospf
This command specifies the SR-TE tunnel type of automatic binding for the SDP assigned to this service. When auto-bind-tunnel is used, a spoke SDP does not need to be configured for the service.
The sr-te value instructs the 7705 SAR to search for the best metric SR-TE LSP to the address of the BGP next hop. The LSP metric is provided by MPLS in the tunnel table. In the case of multiple SR-TE LSPs with the same lowest metric, BGP selects the LSP with the lowest tunnel-id.
The no form of the command removes this type of automatic binding.
no sr-te
This command defines the autonomous system (AS) to be used by this VPN virtual routing/forwarding table (VRF).
The no form of the command removes the defined AS from the given VPRN context.
no autonomous-system
This command enables ECMP in the VPRN service context and configures the number of routes for path sharing; for example, the value 2 means two equal-cost routes will be used for cost sharing.
ECMP (Equal-Cost Multipath Protocol) refers to the distribution of packets over two or more outgoing links that share the same routing cost. ECMP provides a fast local reaction to route failures. ECMP is supported on static routes and dynamic (OSPF, IS-IS, and BGP) routes.
ECMP can only be used for routes with the same preference and same protocol. See the preference command (under the static-route-entry context) for information on preferences.
When more ECMP routes are available at the best preference than configured in max-ecmp-routes, then the lowest next-hop IP address algorithm is used to select the number of routes configured in max-ecmp-routes.
The no form of the command disables ECMP path sharing. If ECMP is disabled and multiple routes are available at the best preference and equal cost, the route with the lowest next-hop IP address is used.
The no form of the command disables ECMP path sharing.
no ecmp
This command is used to bind a key group to a VPRN service for inbound or outbound packet processing. When configured in the outbound direction, packets egressing the node use the active-outbound-sa associated with the key group configured. When configured in the inbound direction, received packets must be encrypted using one of the valid security associations configured for the key group.
The encryption (enabled or disabled) configured on an SDP used to terminate a Layer 3 spoke SDP of a VPRN always overrides any VPRN-level configuration for encryption.
Encryption is enabled once the outbound direction is configured.
The no form of the command removes the key group from the service in the specified direction (inbound or outbound).
n/a
This command enables or disables the use of entropy labels for spoke SDPs on a VPRN.
If entropy-label is enabled, the entropy label and entropy label indicator (ELI) are inserted in packets for which at least one LSP in the stack for the far end of the tunnel used by the service has advertised entropy label capability.
If the tunnel type is RSVP-TE, entropy-label can also be controlled by disabling entropy-label-capability under the config>router>rsvp or config>router>mpls>lsp contexts at the far-end LER.
When the entropy-label and entropy-label-capability commands are both enabled, the entropy label value inserted at the iLER is always based on the service ID.
The entropy label and the hash label features are mutually exclusive. The entropy label cannot be configured on a spoke SDP or service where the hash label feature has already been configured.
no entropy-label
This command enters the context under which all GRT leaking commands are configured.
This command enables the functions required for looking up routes in the GRT when the lookup in the local VRF fails. If this command is enabled without the use of the config>service>vprn>static-route-entry>grt command, a lookup in the local VRF is preferred over the GRT. When the local VRF returns no route table lookup matches, the result from the GRT is preferred.
The no form of this command disables the global routing table lookup function when the lookup in the local VRF fails.
no enable-grt
This command enables management traffic from GRT leaking-enabled VPRN instances to reach local interfaces in the base router instance.The local interfaces can be system IP interfaces or loopback interfaces. Management traffic is traffic generated by Telnet, SNMP, and SSH. For a complete list of supported management protocols, see Table 122.
Ping and traceroute responses from the base router interfaces are supported but are not configurable. The allow-local-management command does not control the support for management protocols terminating on VPRN interfaces directly.
no allow-local-management
This command uses configured route policies to determine which routes are exported from the VRF to the GRT along with all the forwarding information.
On network egress, packets with a source IP address that matches the 7705 SAR system IP address and the destination IP address of the far-end node must perform a GRT lookup in order to be resolved. A route policy can be configured with the IP address prefix or loopback address of the far-end router and with the action to accept. This policy is configured under the config>router>policy-options context, and is installed in the GRT FIB using the export-grt command. The route installed in the GRT FIB will have a next hop of the IPSec tunnel.
Up to five policies can be exported to the GRT FIB.
The no form of the command restores the default of not exporting routes to the GRT FIB.
no export-grt
This command limits the number of IPv4 routes that can exported from the VRF to the GRT. Setting the limit to 0 overrides the maximum limit. Setting the value to 0 does not limit the number of routes exported from the VRF to the GRT. Configuring the export-limit between 1 and 256 will limit the number of routes to the specified value.
The no form of the command resets the limit to the default of allowing five routes per route policy to be exported from the VRF to the GRT.
5
This command limits the number of IPv6 routes that can be exported from the VRF to the GRT. Setting the limit to 0 overrides the maximum limit. Setting the value to 0 does not limit the number of routes exported from the VRF to the GRT. Configuring the export-limit between 1 and 256 will limit the number of routes to the specified value.
The no form of the command resets the limit to the default of allowing five routes per route policy to be exported from the VRF to the GRT.
5
This command specifies the maximum number of IPv6 routes that can be held within a VPN virtual routing /forwarding (VRF) context. Local, host, static, and aggregate routes are not counted.
The VPRN service ID must be in a shutdown state before maximum-ipv6-routes command parameters can be modified.
If the log-only parameter is not specified and the maximum-ipv6-routes value is set to a value below the existing number of IPv6 routes in a VRF, then the extra IPv6 routes will not be added to the VRF.
The maximum IPv6 route threshold can dynamically change to increase the number of supported IPv6 routes even when the maximum has already been reached. Protocols will resubmit the IPv6 routes that were initially rejected.
The no form of the command disables any limit on the number of IPv6 routes within a VRF context. Issue the no form of the command only when the VPRN instance is shut down.
no maximum-ipv6routes (0 or disabled)
This command specifies the maximum number of IPv4 routes that can be held within a VPN virtual routing /forwarding (VRF) context. Local, host, static, and aggregate routes are not counted.
The VPRN service ID must be in a shutdown state before maximum-routes command parameters can be modified.
If the log-only parameter is not specified and the maximum-routes value is set to a value below the existing number of IPv4 routes in a VRF, then the extra IPv4 routes will not be added to the VRF.
The maximum IPv4 route threshold can dynamically change to increase the number of supported IPv4 routes even when the maximum has already been reached. Protocols will resubmit the IPv4 routes that were initially rejected.
The no form of the command disables any limit on the number of IPv4 routes within a VRF context. Issue the no form of the command only when the VPRN instance is shut down.
no maximum-routes (0 or disabled)
This command sets the identifier that gets attached to routes to which the VPN belongs. Each routing instance must have a unique (within the carrier’s domain) route distinguisher associated with it. A route distinguisher must be defined for a VPRN to be operationally active.
AS numbers can be either 2-byte or 4-byte values.
no route-distinguisher
This command sets the router ID for a specific VPRN context.
If neither the router ID nor system interface are defined, the router ID from the base router context is inherited.
The no form of the command removes the router ID definition from the given VPRN context.
no router-id
This command configures a service name that can be used for reference in configuration and show commands.
This command enables the context to configure DSCP/dot1p re-marking for self-generated traffic.
This set of commands configures DSCP marking for self-generated IP traffic or dot1p marking for self-generated non-IP traffic (specifically, IS-IS and ARP traffic).
When an IP or Layer 3 application is configured using the dscp-app-name parameter, the specified DSCP name or DSCP value is used for all packets generated by this application within the router instance in which it is configured. The value set in this command sets the DSCP value in the egress IP header. The egress QoS policy will not overwrite this value.
When a Layer 2 application is configured using the dot1p-app-name parameter, the specified dot1p priority value is used for all packets generated by this application within the router instance in which it is configured.
Only one name or value can be configured per application. If multiple entries are configured, a subsequent entry overrides the previously configured entry.
The fc-queue option redirects SGT applications to egress data queues rather than the default control queue by assigning them to a forwarding class. If this option is configured, the profile state must be set. All packets that are assigned to this forwarding class will be considered in-profile or out-of-profile based on the configuration. In case of congestion, the in-profile packets are preferentially queued over the out-of-profile packets.
If the fc-queue option is used with the dscp-app-name application, any configuration done using the sgt-qos>dscp command is ignored for packets generated by this application, as illustrated in the following examples:
sgt-qos>application telnet dscp cp1
sgt-qos>dscp cp1 fc af
sgt-qos>application ftp dscp cp1 fc-queue be profile out
sgt-qos>dscp cp1 fc af
In the first example, all packets generated by the Telnet application use DSCP CP1 and map to FC AF as configured in the dscp command. The dot1p bits of the outgoing packets are marked from the value that FC AF points to in the egress QoS policy.
In the second example, all packets generated by the FTP application use DSCP CP1 and map to FC BE as dictated by the fc-queue redirection. The dot1p bits of the outgoing packets are marked from the value that FC BE points to in the egress QoS policy. Because redirection is configured, the mapping configured with the dscp command is ignored.
Note: The above behavior applies to all SGT IP applications with the exception of VRRP, where the dot1p value is always set to 7, regardless of the value in the FC egress QoS policy. |
If the fc-queue option is used with the dot1p-app-name application, the dot1p bits of the outgoing packets are marked with the value set with the dot1p-priority parameter, regardless of the value in the FC egress queue policy.
The no form of this command resets the DSCP or dot1p value for the application to its default value and resets the application to use the egress control queue.
n/a
Application | Supported Marking | Default DSCP/dot1p |
ARP | dot1p | 7 |
IS-IS | dot1p | 7 |
BGP | DSCP | NC1 |
DHCP | DSCP | NC1 |
DNS | DSCP | AF41 |
FTP | DSCP | AF41 |
ICMP (ping) | DSCP | BE |
IGMP | DSCP | NC1 |
LDP (T-LDP) | DSCP | NC1 |
MLD | DSCP | NC1 |
NDIS | DSCP | NC1 |
NTP | DSCP | NC1 |
OSPF | DSCP | NC1 |
PIM | DSCP | NC1 |
1588 PTP | DSCP | NC1 |
RADIUS | DSCP | AF41 |
RIP | DSCP | NC1 |
RSVP | DSCP | NC1 |
SNMP (get, set, etc.) | DSCP | AF41 |
SNMP trap/log | DSCP | AF41 |
SSH (SCP) | DSCP | AF41 |
syslog | DSCP | AF41 |
TACACS+ | DSCP | AF41 |
Telnet | DSCP | AF41 |
TFTP | DSCP | AF41 |
Traceroute | DSCP | BE |
VRRP | DSCP | NC1 |
Note:
|
This command creates a mapping between the DSCP of the self-generated traffic and the forwarding class. The forwarding class dot1p SAP egress QoS policy mapping is used to mark the dot1p bits of the Layer 3 or IP application. For example, configuring the dscp-name parameter as be and the fc-name parameter as l1 results in marking the dot1p bits of the outgoing Ethernet frame, which is transporting self-generated IP traffic with DSCP bits set to BE, to the value that FC L1 points to in the SAP egress QoS policy (as configured in the config>qos>sap-egress>fc context).
Note: The dot1p class of service may not apply to all IP traffic and is dependent on the egress port encapsulation type. |
Based on this configured FC, the SAP egress QoS policy for the egress forwarding complex sets the IEEE 802.1 dot1p bits.
Multiple commands can be entered to associate some or all of the 64 DSCP values with the forwarding class. For undefined code points, packets are assigned to the default forwarding class for the DSCP value. Table 129 lists the default forwarding class for each DSCP value.
The no form of the command resets the DSCP value to its default forwarding class.
Note: If the fc-queue option is configured in the sgt-qos>application dscp-app-name command, the mapping created with this command is ignored for packets generated by the applications that are configured with the option. |
DSCP Value | Default FC |
be | nc |
cp1 | be |
cp2 | be |
cp3 | be |
cp4 | be |
cp5 | be |
cp6 | be |
cp7 | be |
cs1 | be |
cp9 | be |
af11 | af |
cp11 | be |
af12 | af |
cp13 | be |
af13 | af |
cp15 | be |
cs2 | be |
cp17 | be |
af21 | l1 |
cp19 | be |
af22 | l1 |
cp21 | be |
af23 | l1 |
cp23 | be |
cs3 | be |
cp25 | be |
af31 | l1 |
cp27 | be |
af32 | l1 |
cp29 | be |
af33 | l1 |
cp31 | be |
cs4 | be |
cp33 | be |
af41 | nc |
cp35 | be |
af42 | h2 |
cp37 | be |
af43 | h2 |
cp39 | be |
cs5 | be |
cp41 | be |
cp42 | be |
cp43 | be |
cp44 | be |
cp45 | be |
ef | ef |
cp47 | be |
nc1 | nc |
cp49 | be |
cp50 | h2 |
cp51 | be |
cp52 | be |
cp53 | be |
cp54 | be |
cp55 | be |
nc2 | nc |
cp57 | be |
cp58 | be |
cp59 | be |
cp60 | be |
cp61 | be |
cp62 | be |
cp63 | be |
See Table 129 for the default forwarding class for each DSCP value.
This command sets the SNMP community name to be used with the associated VPRN instance. If an SNMP community name is not specified, SNMP access is not allowed.
The no form of the command removes the SNMP community name from the given VPRN context.
n/a
This command enters the context to specify the source address and application that should be used in all unsolicited packets.
This command configures the application to use the IPv4 source address.
The no form of the command removes the application name from using the IPv4 source address.
This command configures the application to use the IPv6 source address.
The no form of the command removes the application name from using the IPv6 source address.
ipv6-address: | x:x:x:x:x:x:x:x (eight 16-bit pieces) x:x:x:x:x:x:d.d.d.d x - [0 to FFFF]H d - [0 to 255] D |
This command binds a service to an existing Service Distribution Point (SDP).
The SDP has an operational state that determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service will be down.
The SDP must already be defined in the config>service>sdp context in order to associate an SDP with a VPRN service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id exists, a binding between that sdp-id and the service is created.
SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end routers can participate in the service. Alternatively, the auto-bind feature can be used. With auto-bind-tunnel, no vprn>spoke-sdp configuration is required. When both auto-bind-tunnel and spoke-sdp are configured, spoke-sdp takes precedence. The spoke-sdp configuration must be deconfigured for the auto-bind feature to take effect.
The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service is affected. Once the SDP is removed, no packets are forwarded to the far-end router.
n/a
This command creates a static route entry within the associated router instance. A prefix and prefix length must be specified.
Once the static route context for the specified prefix and length has been created, additional parameters associated with the static routes may be specified.
When configuring a static route, multiple types of static routes (blackhole, grt, indirect, ipsec-tunnel, and next-hop) can be applied to the same IPv4 or IPv6 prefix. If a static route that is forwarding traffic goes down, the default route will be used instead. The preference parameter specifies the order in which the routes are applied. If a blackhole static route has the same preference as another route with the same prefix, the blackhole route takes a lower precedence.
Before the static route entry can be deleted, the next hops associated with the prefix must be shut down and deleted.
The no form of the command deletes the static route entry. If a static route needs to be removed when multiple static routes exist to the same destination, as many parameters as are necessary to uniquely identify the static route must be entered.
no static-route-entry
This command specifies that the route is a blackhole route. If the destination address on a packet matches this static route, it will be silently discarded.
If the static route is configured with the same destination address and subnet mask as a previously configured static route, the newly configured route replaces the previous one, and unless specified, the defaults for preference and metric are applied.
Before the static route entry can be deleted, the next hops associated with the prefix must be shut down and deleted.
no black-hole
This command specifies the cost (metric) for the static route, expressed as a decimal integer. This value is used when importing the static route into other protocols such as OSPF. When modifying the metric of an existing static route, the preference will not change unless specified.
This value is also used to determine which static route to install in the forwarding table.
The no form of this command returns the metric to the default value.
no metric
This command specifies the preference of this static route over routes from different sources such as BGP or OSPF. The preference is expressed as a decimal integer. A route with a lower preference value is preferred over a route with a higher preference value.
When modifying the preference value of an existing static route, the metric will not change unless specified. The preference command is also used to prioritize static routes applied to the same prefix. If a blackhole static route has the same preference as another route with the same prefix, the blackhole route takes a lower precedence.
If multiple routes are learned with an identical preference using the same protocol, the lowest-cost route is used. If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, the decision of which route to use is determined by the ecmp command.
Table 130 shows the default route preference based on the route source.
Label | Preference | Configurable |
Direct attached | 0 | No |
Static route | 5 | Yes |
OSPF internal routes | 10 | Yes |
IS-IS level 1 internal | 15 | Yes |
IS-IS level 2 internal | 18 | Yes |
OSPF external | 150 | Yes |
IS-IS level 1 external | 160 | Yes |
IS-IS level 2 external | 165 | Yes |
BGP | 170 | Yes |
The no form of this command returns the static route preference to its default value.
5
This command adds a constraint to the static route such that the static route is only active if none or all of the prefixes in the prefix list are present and active in the route table.
no prefix-list
This command adds a 32-bit integer tag to the static route. The tag is used in route policies to control distribution of the route into other protocols.
1
This command creates a static route in a VPRN service context that points to the global routing context (base router). This is primarily used to allow traffic that ingresses through a VPRN service to be routed out of the global routing context.
The grt type of next hop cannot be used in conjunction with any other next-hop types.
no grt
This command specifies that the route is indirect and specifies the next-hop IP address used to reach the destination.
The configured ip-address is not directly connected to a network configured on this node. The destination can be reached via multiple paths. The indirect address can only be resolved via a dynamic routing protocol. Another static route cannot be used to resolve the indirect address.
The ip-address can be either on the network side or the access side and is typically at least one hop away from the node.
no indirect
ipv4-address | a.b.c.d |
ipv6-address | x:x:x:x:x:x:x:x (eight 16-bit pieces) |
x:x:x:x:x:x:d.d.d.d | |
x: [0 to FFFF]H | |
d: [0 to 255]D |
This command enables CPE connectivity check and specifies the IP address of the target CPE device. ICMP pings will be sent to this target IP address. This parameter must be configured to enable the CPE connectivity feature for the static route. The cpe-ip-address cannot be in the same subnet as the static route subnet to avoid possible circular references. CPE check and BFD support are mutually exclusive on a static route.
If a CPE connectivity check target address is already being used as the target address in a different static route, cpe-check parameters must match. If they do not match, the new configuration command will be rejected.
If a static-route-entry>indirect command or static-route-entry>next-hop command is issued with no cpe-check target but the destination prefix/prefix-length and the next hop match a static route that has an associated cpe-check, the cpe-check test is removed from the static route.
The no form of this command disables the cpe-check option.
no cpe-check
ipv4-address | a.b.c.d |
ipv6-address | x:x:x:x:x:x:x:x (eight 16-bit pieces) |
x:x:x:x:x:x:d.d.d.d | |
x: [0 to FFFF]H | |
d: [0 to 255]D |
This command specifies the number of consecutive ping replies that must be missed in order to declare the CPE down and to deactivate the static route.
3
This command specifies the interval, in seconds, between ICMP pings to the target IP address.
1
This command enables the logging of transitions between active and inactive routes based on the CPE connectivity check. Events will be sent to the system log, syslog, and SNMP traps.
no log
This command creates a static route in a VPRN service context that points to an IPSec tunnel.
If a static route is configured with the same destination address, subnet mask, and IPSec tunnel name as a previously configured static route, the newly configured route replaces the previous one, and unless specified, the default values for the preference and metric commands are applied.
no ipsec-tunnel
This command specifies the directly connected next-hop IP address or interface used to reach the destination. If the next hop is over an unnumbered interface, the interface name of the unnumbered interface can be used.
The configured ip-address can be either on the network side or the access side on the node. The address must be associated with a network that is directly connected to a network configured on the node.
no next-hop
ip-int-name | 32 characters max |
ipv4-address | a.b.c.d |
ipv6-address | x:x:x:x:x:x:x:x[-interface] |
x:x:x:x:x:x:d.d.d.d[-interface] | |
x: [0 to FFFF]H | |
d: [0 to 255]D | |
| interface: 32 characters maximum, mandatory for link local addresses |
This command associates the static route state with a BFD session between the local system and the configured next hop.
The remote end of the BFD session must also be configured to originate or accept the BFD session controlling the static route state.
The no form of this command removes the association of the static route state with the BFD session.
no bfd-enable
This command designates the type of VPRN instance being configured for hub and spoke topologies.
The no form of the command resets to the default of a fully meshed VPRN.
no type
This command specifies the export policies to control routes exported from the local VPN virtual routing/ forwarding table (VRF) to other VRFs on the same or remote PE routers (via MP-BGP). The policy (and policy-name) are defined under the config>router>policy-options>policy-statement command.
Aggregate routes are not advertised via MP-BGP protocols to the other MP-BGP peers.
The no form of the command removes all route policy names from the export list.
n/a
This command sets the import policies to control routes imported to the local VPN virtual routing/ forwarding table (VRF) from other VRFs on the same or remote PE routers (via MP-BGP). BGP-VPN routes imported with a vrf-import policy will use the BGP preference value of 170 when imported from remote PE routers, or retain the protocol preference value of the exported route when imported from other VRFs on the same router, unless the preference is changed by the policy.
The no form of the command removes all route policy names from the import list.
n/a
This command facilitates a simplified method to configure the route target to be added to advertised routes or compared against received routes from other VRFs on the same or remote PE routers (via MP-BGP).
BGP-VPN routes imported with a vrf-target statement will use the BGP preference value of 170 when imported from remote PE routers, or retain the protocol preference value of the exported route when imported from other VRFs in the same router.
Specified vrf-import or vrf-export policies override the vrf-target policy.
The no form of the command removes the route target from the VRF.
no vrf-target
This command enables the BGP protocol on the VPRN service.
The no form of this command disables the BGP protocol on the VPRN service.
no bgp
This command enables the advertising of inactive BGP routes to other BGP peers. By default, BGP only advertises BGP routes to other BGP peers if a given BGP route is chosen by the route table manager as the most preferred route within the system and is active in the forwarding plane. This command allows system administrators to advertise a BGP route even though it is not the most preferred route within the system for a given destination.
The no form of this command disables the advertising of inactive BGP routes to other BGP peers.
no advertise-inactive
This command is used to set the router ID in the BGP aggregator path attribute to 0 when BGP aggregates routes. This prevents different routers within an AS from creating aggregate routes that contain different AS paths.
When BGP is aggregating routes, it adds the aggregator path attribute to the BGP Update messages. By default, BGP adds the AS number and router ID to the aggregator path attribute.
When this command is enabled, BGP adds only the router ID (set to 0) to the aggregator path attribute. This command is used at the group level to revert to the value defined under the global level, and this command is used at the neighbor level to revert to the value defined under the group level.
The no form of the command used at the global level reverts to the default, where BGP adds the AS number and router ID to the aggregator path attribute.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no aggregator-id-zero
This command replaces all instances of the peer's AS number with the local AS number in a BGP route's AS path.
This command breaks the BGP loop detection mechanism. It should be used carefully.
no as-override
This command associates an authentication keychain with the BGP protocol. The keychain is a collection of keys used to authenticate BGP messages from remote neighbors. The keychain allows the rollover of authentication keys during the lifetime of a session and also supports stronger authentication algorithms than clear text and MD5.
The keychain must already be defined in the config>system>security>keychain context.
Either the authentication-key command or the auth-keychain command can be used by BGP, but both cannot be supported at the same time. If both commands are configured, the auth-keychain configuration will be applied and the authentication-key command will be ignored.
By default, authentication is not enabled.
no auth-keychain
This command configures the BGP authentication key.
Authentication is performed between neighboring routers before setting up the BGP session by verifying the password. Authentication is performed using the MD5 message-based digest.
The authentication key can be any combination of ASCII characters up to 255 characters long.
Either the authentication-key command or the auth-keychain command can be used by BGP, but both cannot be supported at the same time. If both commands are configured, the auth-keychain configuration will be applied and the authentication-key command will be ignored.
The no form of the command removes the authentication password from the configuration and effectively disables authentication.
Authentication is disabled and the authentication password is empty.
This command enables BGP Fast Reroute (FRR) with Prefix-Independent Convergence (PIC), allowing for the creation of a backup path for IPv4 or IPv6 BGP learned prefixes belonging to a VPRN. Multiple paths must be received for a prefix in order to take advantage of this feature.
When a prefix has a backup path, and its primary paths fail, the affected traffic is rapidly diverted to the backup path without waiting for control plane reconvergence to occur. The time to reroute the traffic is independent of the number of prefixes sharing the primary or backup paths.
The no form of the command disables BGP FRR with PIC.
no backup-path
This command enables path selection configuration.
This command specifies how the Multi-Exit Discriminator (MED) path attribute is used in the BGP route selection process.
If this command is used without the strict-as option, the MEDs of two paths are always compared even if the paths have a different neighbor AS.
If the strict-as option is used, the MEDs of two paths are compared only if they come from the same neighboring AS.
The zero and infinity options specify how to treat paths that do not have a MED attribute; for example, always-compare-med zero means that if one path is missing a MED attribute, it is treated as though it had a MED attribute with the value of 0. If neither option is specified, the zero option is implied.
The no form of the command means that only the MEDs of paths that have the same neighbor AS are compared.
no always-compare-med
This command determines whether the AS path is used to determine the best BGP route.
If this command is enabled, the AS paths of incoming routes are not used in the route selection process.
When as-path-ignore is used without specifying one or more keywords, then all keywords are configured. When one or more keywords are specified, then only those keywords are configured.
The no form of the command means that the AS paths of incoming routes are used to determine the best BGP route.
no as-path-ignore
This command enables the use of bidirectional forwarding (BFD) to control the state of the associated protocol interface. By enabling BFD on a given protocol interface, the state of the protocol interface is tied to the state of the BFD session between the local node and the remote node. The parameters used for BFD are set via the BFD command under the IP interface.
The no form of this command removes BFD from the associated BGP protocol peering.
no bfd-enable
This command configures the BGP connect retry timer value in seconds. When this timer expires, BGP tries to reconnect to the configured peer. This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
The no form of the command used at the global level reverts to the default value.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
120 s
This command enables BGP damping for learned routes that are defined within the VPRN service. Damping parameters are set at the route policy level. Refer to the 7705 SAR Router Configuration Guide, “Route Policy Command Reference”.
The no form of the command disables learned route damping.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no damping
This command configures BGP to disable sending communities.
no disable-communities
This command configures BGP fast external failover.
For EBGP neighbors, fast external failover controls whether the router should drop an EBGP session immediately upon an interface-down event, or whether the BGP session is kept up until the hold-time expires.
When fast external failover is disabled, the EBGP session stays up until the hold-time expires or the interface comes back up again. If the BGP routes become unreachable as a result of the interface going down, they are immediately withdrawn from other peers.
no disable-fast-external-failover
This command enables the context to configure dynamic BGP sessions for a peer group.
This command configures a prefix to accept dynamic BGP sessions, which are sessions from source IP addresses that do not match any configured (static) neighbor addresses. A dynamic session is associated with the group having the longest-match prefix entry for the source IP address of the peer. There is no limit on the number of prefixes that can be configured. The group association determines local parameters that apply to the session, including the local AS, local IP address, MP-BGP families, and import and export policies.
The no form of this command removes a prefix entry.
none
This command configures the maximum number of dynamic BGP sessions that will be accepted from remote peers associated with the global BGP instance or a specific peer group. If accepting a new dynamic session would cause either the group limit or the global limit to be exceeded, the new session attempt is rejected and a notification message is sent back to the remote peer.
The no form of this command removes the limit on the number of dynamic sessions.
no dynamic-neighbor-limit
This command allows BGP-VPN routes imported into the VPRN to be used as backup paths for IPv4 or IPv6 BGP learned prefixes.
This command enables BGP peer tracking. BGP peer tracking allows a BGP peer to be dropped immediately if the route used to resolve the BGP peer address is removed from the IP routing table and there is no alternative available. The BGP peer will not wait for the hold timer to expire; therefore, the BGP reconvergence process is accelerated.
The no form of the command disables peer tracking.
no enable-peer-tracking
This command specifies the export policies used to control routes advertised to BGP neighbors. Route policies are configured in the config>router>policy-options context. Refer to the section on “Route Policy” in the 7705 SAR Router Configuration Guide.
When multiple policy names are specified, the policies are evaluated in the order in which they are specified. A maximum of five (5) policy names can be configured. The first policy that matches is applied.
If a non-existent route policy is applied to a VPRN instance, the CLI generates a warning message. This message is only generated during an interactive CLI session. No warning message is generated when a non-existent route policy is applied to a VPRN instance in a configuration file or when SNMP is used.
The no form of this command removes all route policy names from the export list.
no export—BGP routes are advertised and non-BGP routes are not advertised
This command specifies the address families to be negotiated with one or more multiprotocol BGP peers of the VPRN.
The no form of this command removes the specified address family from the associated BGP sessions.
ipv4
This command enables graceful restart for BGP in the VPRN context. If the control plane of a GR-capable router fails, the VPRN BGP peers (GR helpers) temporarily preserve neighbor information, so packets continue to be forwarded through the failed GR router using the last known routes. The helper state remains until the peer completes its restart or exits if the GR timer value is exceeded.
The 7705 SAR acts as a GR helper; it does not request graceful restart but agrees to graceful restart requests from a peer.
The no form of the command disables graceful restart and removes all graceful restart configurations in the VPRN BGP instance.
no graceful-restart
This command configures the maximum amount of time in seconds that stale routes should be maintained after a graceful restart is initiated.
The no form of the command resets the stale routes time back to the default value.
360 s
This command creates a context to configure a BGP peer group.
The no form of the command deletes the specified peer group and all configurations associated with the peer group. The group must be shut down before it can be deleted.
no group—no peer groups are defined
This command creates a BGP peer/neighbor instance within the context of the BGP group.
This command can be issued repeatedly to create multiple peers and their associated configurations.
The no form of the command is used to remove the specified neighbor and the entire configuration associated with the neighbor. The neighbor must be administratively shut down before it can be deleted. If the neighbor is not shut down, the command will not result in any action except a warning message on the CLI indicating that the neighbor is still administratively up.
no neighbor—no neighbors are defined
This command configures the BGP hold time, expressed in seconds.
The BGP hold time specifies the maximum time BGP waits between successive messages (either Keepalive or Update) from its peer, before closing the connection. This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
The strict option ensures that the negotiated hold time value is not set to a value less than the configured value.
Even though the 7705 SAR implementation allows setting the keepalive time separately, the configured keepalive timer is overridden by the hold-time value under the following circumstances.
The no form of the command used at the global level reverts to the default value.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
90 s
This command specifies the import route policy to be used to determine which routes are accepted from peers. Route policies are configured in the config>router>policy-options context. Refer to the section on “Route Policy” in the 7705 SAR Router Configuration Guide.
When multiple policy names are specified, the policies are evaluated in the order in which they are specified. A maximum of five (5) policy names can be specified. The first policy that matches is applied.
When multiple import commands are issued, the last command entered will override the previous command.
The no form of the command removes all route policy names from the import list.
no import—BGP routes are accepted by default
This command configures the BGP keepalive timer. A Keepalive message is sent every time this timer expires.
The keepalive parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used. The keepalive value is generally one-third of the hold-time interval. Even though the 7705 SAR implementation allows the keepalive value and the hold-time interval to be independently set, under the following circumstances, the configured keepalive value is overridden by the hold-time value.
The no form of the command used at the global level reverts to the default value.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
30 s
This command configures the local IP address used by the group or neighbor when communicating with BGP peers.
Outgoing connections use the local-address as the source of the TCP connection when initiating connections with a peer.
When a local address is not specified, the 7705 SAR uses the interface address for directly connected EBGP peers. This command is used at the neighbor level to revert to the value defined under the group level.
The no form of the command removes the configured local address for BGP.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no local-address
This command configures a BGP virtual autonomous system (AS) number.
In addition to the AS number configured for BGP in the config>router>autonomous-system context, a virtual (local) AS number is configured. The virtual AS number is added to the as-path attribute before the router’s AS number makes the virtual AS the second AS in the AS path.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). By specifying this parameter at each neighbor level, it is possible to have a separate AS number per EBGP session.
When a command is entered multiple times for the same AS, the last command entered is used in the configuration. The private attribute can be added or removed dynamically by reissuing the command.
Changing the local AS at the global level in an active BGP instance causes the BGP instance to restart with the new local AS number.
Changing the local AS at the group level in an active BGP instance causes BGP to re-establish the peer relationships with all peers in the group with the new local AS number.
Changing the local AS at the neighbor level in an active BGP instance causes BGP to re-establish the peer relationship with the new local AS number.
This is an optional command and can be used in the following example:
Example: Provider router P is moved from AS1 to AS2. The customer router that is connected to P, however, is configured to belong to AS1. To avoid reconfiguring the customer router, the local-as value on router P can be set to AS1. Thus, router P adds AS1 to the as-path message for routes it advertises to the customer router.
The no form of the command used at the global level will remove any virtual AS number configured.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no local-as
This command configures the default value of the BGP local preference attribute if it is not already specified in incoming routes.
This value is used if the BGP route arrives from a BGP peer without the local-preference integer set.
The specified value can be overridden by any value set via a route policy. This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
The no form of the command at the global level specifies that incoming routes with local preference set are not overridden and routes arriving without local preference set are interpreted as if the route had a local preference value of 100.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no local-preference
This command configures how the BGP peer session handles loop detection in the AS path.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
When applied to an ongoing BGP peer session, this command does not take effect until the BGP peer session is re-established.
The no form of the command used at the global level reverts to the default (ignore- loop).
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
ignore-loop
This command enables advertising the Multi-Exit Discriminator (MED) and assigns the value used for the path attribute for the advertised MED to BGP peers if the MED is not already set.
The specified value can be overridden by any value set via a route policy.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
The no form of the command used at the global level reverts to the default where the MED is not advertised.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no med-out
This command configures the minimum interval, in seconds, at which a prefix can be advertised to a peer.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
The no form of the command used at the global level reverts to the default.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
30 s
This command configures the time to live (TTL) value at an originating EBGP peer. The TTL value is entered in the IP header of packets that are sent to a terminating EBGP peer that is multiple hops away.
The no form of the command used at the global level reverts to the default value.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
1 — EBGP peers are directly connected
This command enables BGP multipath.
When multipath is enabled, BGP load-shares traffic across multiple links. Multipath can be configured to load-share traffic across a maximum of 16 routes. If the equal-cost routes available are more than the configured value, then routes with the lowest next-hop IP address value are chosen.
This configuration parameter is set at the global level (applies to all peers).
Multipath is disabled if the value is set to 1. When multipath is disabled and multiple equal-cost routes are available, the route with the lowest next-hop IP address will be used.
The no form of the command reverts to the default where multipath is disabled.
no multipath
This command enters the context to configure next-hop resolution parameters.
This command specifies the name of a policy statement to use with the BGP next-hop resolution process. The policy controls which IP routes in the RTM are eligible to resolve the BGP next-hop addresses of IPv4 and IPv6 routes. The policy has no effect on the resolution of BGP next hops to MPLS tunnels. If a BGP next hop of an IPv4 or IPv6 route is resolved in the RTM and the longest matching route for the next-hop address is an IP route that is rejected by the policy, the route is unresolved; if the route is accepted by the policy, it becomes the resolving route.
If the no form of the command is used, the default next-hop-resolution policy is to use the longest matching active route in the RTM that is not a BGP route or an aggregate route.
no policy
This command configures the group or neighbor to always set the next-hop path attribute to its own physical interface when advertising to a peer.
This command is primarily used to avoid third-party route advertisements when connected to a multi-access network.
The no form of the command used at the group level allows third-party route advertisements in a multi-access network.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no next-hop-self
This command enables and disables passive mode for the BGP group or neighbor. When in passive mode, BGP will not attempt to actively connect to the configured BGP peers but responds only when it receives a connect open request from the peer.
The no form of the command used at the group level disables passive mode, and BGP actively attempts to connect to its peers.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no passive
This command configures the autonomous system number for the remote peer. The peer AS number must be configured for each configured peer.
For EBGP peers, the peer AS number configured must be different from the autonomous system number configured for this router under the global level. This requirement is necessary since the peer will be in a different autonomous system than that of this router.
This command may be configured under the group level for all neighbors in a particular group.
no AS numbers defined
This command specifies the name of a policy statement to use with the BGP peer-tracking function on the BGP sessions where the peer-tracking-policy command is enabled. The policy controls which IP routes in the RTM are eligible to indicate reachability of IPv4 and IPv6 BGP neighbor addresses. If the longest matching route in the RTM for a BGP neighbor address is an IP route that is rejected by the policy or a BGP route accepted by the policy, or if there is no matching route, the neighbor is considered unreachable and BGP tears down the peering session and holds it in the idle state until a valid route is once again available and accepted by the policy.
The no form of the command defaults to using the longest matching active route in the RTM that is not an aggregate route.
no peer-tracking-policy
This command configures the route preference for routes learned from the configured peers.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
The lower the preference, the higher the chance of the route being the active route. The 7705 SAR assigns the highest default preference to BGP routes as compared to routes that are direct, static, or learned via MPLS or OSPF.
The no form of the command used at the global level reverts to the default value.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
170
This command configures the maximum number of BGP routes that can be received from a peer before administrative action is taken. The administrative action can be the generation of a log event or the taking down of the session. If a session is taken down, it can be brought back up automatically after an idle-timeout period or it can be configured to stay down (forever) until the operator performs a reset.
The prefix-limit command allows each address family to have its own limit; a set of address family limits can be applied to one neighbor or to all neighbors in a group.
The no form of the command removes the prefix-limit.
No prefix limits for any address family
This command disables the delay on issuing BGP withdrawals.
By default, BGP withdrawals (messages containing the routes that are no longer valid) are delayed up to the min-route-advertisement to allow for efficient packing of BGP Update messages. However, when the rapid-withdrawal command is enabled, the delay on sending BGP withdrawals is disabled.
The no form of the command returns BGP withdrawal processing to its default behavior.
no rapid-withdrawal
This command allows all private AS numbers to be removed from the AS path before advertising them to BGP peers. The no form of the command includes private AS numbers in the AS path attribute.
If the limited keyword is included, only the leading private ASNs up to the first public ASN are removed.
When the remove-private parameter is set at the global level, it applies to all peers regardless of group or neighbor configuration. When the parameter is set at the group level, it applies to all peers in the group regardless of the neighbor configuration.
The 7705 SAR recognizes the set of AS numbers that are defined by IANA as private. These are AS numbers in the range 64512 through 65535, inclusive.
The no form of the command used at the global level reverts to the default value.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no remove-private
This command enables the context to configure RIB management parameters. Under the RIB management context are options for ipv4 and ipv6.
This command specifies the name of a route policy to control the importation of active routes from the IP route table into one of the BGP RIBs.
If the route-table-import command is not configured, or if the command refers to an empty policy, all non-BGP routes from the IP route table are imported into the applicable RIB.
If the route-table-import command is configured, routes that are dropped or rejected by the configured policy are not installed in the associated RIB. Rejected routes cannot be advertised to BGP peers associated with the RIB, but they can still be used to resolve BGP next hops of routes in that RIB. If the active route for a prefix is rejected by the route-table-import policy, then the best BGP route for that prefix in the BGP RIB can be advertised to peers as though it is used.
Aggregate routes are always imported into the applicable RIB, independent of the route-table-import policy.
Route modifications specified in the actions of a route-table-import policy are ignored and have no effect on the imported routes.
no route-table-import
This command enables the use of split-horizon. When applied globally, to a group, or a specific peer, split-horizon prevents routes from being reflected back to a peer that sends the best route. It applies to routes of all address families and to any type of sending peer: confed-EBGP, EBGP, or IBGP.
The configuration default is no split-horizon, meaning that no effort is taken to prevent a best route from being reflected back to the sending peer.
Caution: Use of the split-horizon command may have a detrimental impact on peer and route scaling; therefore, operators are encouraged to use it only when absolutely needed. |
The no form of the command disables split-horizon, which allows the lower level to inherit the setting from an upper level.
no split-horizon
This command configures TTL security parameters for incoming packets. When the feature is enabled, BGP accepts incoming IP packets from a peer only if the TTL value in the packet is greater than or equal to the minimum TTL value configured for that peer.
The no form of the command disables TTL security.
no ttl-security
This command enables access to the context to define OSPF parameters for VPRN.
When an OSPF instance is created, the protocol is enabled. To start or suspend execution of the OSPF protocol without affecting the configuration, use the no shutdown command.
The no form of the command deletes the OSPF protocol instance and removes all associated configuration parameters.
no ospf
This command enables access to the context to define OSPFv3 parameters for VPRN.
When an OSPFv3 instance is created, the protocol is enabled. To start or suspend execution of the OSPF protocol without affecting the configuration, use the no shutdown command.
The no form of the command deletes the OSPFv3 protocol instance and removes all associated configuration parameters.
no ospf3
This command enables the context to configure an OSPF or OSPFv3 area. An area is a collection of network segments within an AS that have been administratively grouped together. The area ID can be specified in dotted-decimal notation or as a 32-bit decimal integer.
The no form of the command deletes the specified area from the configuration. Deleting the area also removes the OSPF or OSPFv3 configuration of all the interfaces, virtual links, sham links, address ranges, and so on, that are currently assigned to this area.
The 7705 SAR supports a maximum of four areas.
no area — no OSPF or OSPFv3 areas are defined
This command creates ranges of addresses on an Area Border Router (ABR) for the purpose of route summarization or suppression. When a range is created, the range is configured to be advertised or not advertised to other areas. Multiple range commands can be used to summarize or hide ranges. In the case of overlapping ranges, the most specific range command applies.
ABRs send summary link advertisements to describe routes to other areas. To minimize the number of advertisements that are flooded, you can summarize a range of IP addresses and send reachability information about these addresses in an LSA.
The ip-prefix/mask parameter applies in the ospf context. The ipv6-prefix/prefix-length parameter applies in the ospf3 context.
The no form of the command deletes the range advertisement or non-advertisement.
no area-range — no range of addresses is defined
This command installs a low-priority blackhole route for the entire aggregate. Existing routes that make up the aggregate will have a higher priority and only the components of the range for which no route exists will be blackholed.
When performing area aggregation, addresses may be included in the range for which no actual route exists. This can cause routing loops. To avoid this problem, configure the blackhole aggregate option.
The no form of this command removes this option.
blackhole-aggregate
This command creates a context to configure an OSPF or OSPFv3 interface.
By default, interfaces are not activated in any interior gateway protocol, such as OSPF or OSPFv3, unless explicitly configured.
The no form of the command deletes the OSPF or OSPFv3 interface configuration for this interface. The shutdown command in the config>router>ospf>interface context or config>router>ospf3>interface context can be used to disable an interface without removing the configuration.
no interface
If the IP interface exists in a different area, the configuration will be rejected with an error message unless the keyword secondary is specified.
This command enables advertising point-to-point interfaces as subnet routes (network number and mask). When disabled, point-to-point interfaces are advertised as host routes.
This command is not supported in the ospf3 context.
The no form of the command disables advertising point-to-point interfaces as subnet routes, meaning they are advertised as host routes.
advertise-subnet
This command associates an authentication keychain with the OSPF interface, virtual link, or sham link. The keychain is a collection of keys used to authenticate OSPF messages from remote peers. The keychain allows the rollover of authentication keys during the lifetime of a session and also supports stronger authentication algorithms than clear text and MD5.
The keychain must already be defined in the config>system>security>keychain context.
Either the authentication-key command or the auth-keychain command can be used by OSPF, but both cannot be supported at the same time. If both commands are configured, the auth-keychain configuration will be applied and the authentication-key command will be ignored.
This command is not supported in the ospf3 context.
The no form of the command removes the authentication keychain name from the configuration.
no auth-keychain
This command configures an interface with a static security association (SA) used to authenticate OSPFv3 packets.
This command is not supported in the ospf context.
The no form of the command removes the SA name from the configuration.
This command configures the password used by the OSPF interface, virtual link, or sham link to send and receive OSPF protocol packets on the interface when simple password authentication is configured.
All neighboring routers must use the same type of authentication and password for correct protocol communication. If the authentication-type is configured as password, the authentication key must be configured.
By default, no authentication key is configured.
Either the authentication-key command or the auth-keychain command can be used by OSPF, but both cannot be supported at the same time. If both commands are configured, the auth-keychain configuration will be applied and the authentication-key command will be ignored.
This command is not supported in the ospf3 context.
The no form of the command removes the authentication key.
no authentication-key
This is useful when a user must configure the parameter, but for security purposes, the actual unencrypted key value is not provided.
This command enables authentication and specifies the type of authentication to be used on the OSPF interface, virtual link, or sham link.
Both simple password and message-digest authentication are supported.
By default, authentication is not enabled on an interface or link.
This command is not supported in the ospf3 context.
The no form of the command disables authentication on the interface or link.
no authentication-type
This command enables the use of bidirectional forwarding detection (BFD) to control the state of the associated OSPF or OSPFv3 interface. By enabling BFD on an OSPF or OSPFv3 interface, the state of the interface is tied to the state of the BFD session between the local node and the remote node. The parameters used for BFD are set using the bfd command under the IP interface.
The optional remain-down-on-failure parameter can be specified on OSPF or OSPFv3 interfaces that are enabled for BFD, to keep OSPF or OSPFv3 from reaching the Full state if the BFD session to that neighbor cannot be established. This option is disabled by default and should be used only if there is a chance that unicast packets might be discarded while multicast packets are forwarded.
The no form of this command removes BFD from the associated OSPF or OSPFv3 adjacency.
no bfd-enable
This command configures the time, in seconds, that OSPF or OSPFv3 waits before declaring a neighbor router, virtual-link neighbor, or sham-link neighbor down. If no Hello packets are received from a neighbor for the duration of the dead interval, the router or link is assumed to be down. The minimum interval must be two times the hello interval.
The no form of the command resets the configured interval to the default value.
40
This command configures the interval between OSPF or OSPFv3 hello messages issued on the interface, virtual link, or sham link.
The hello interval, in combination with the dead interval, is used to establish and maintain the adjacency.
Reducing the interval, in combination with an appropriate reduction in the associated dead-interval, allows for faster detection of link and/or router failures but results in higher processing costs.
The no form of this command resets the configured interval to the default value.
10
This command configures the interface type to be either broadcast or point-to-point.
Use this command to set the interface type of an Ethernet link to point-to-point to avoid having to carry the broadcast adjacency maintenance overhead of the link, provided that the link is used as a point-to-point link.
If the interface type is not known when the interface is added to OSPF or OSPFv3, and the IP interface is subsequently bound (or moved) to a different interface type, this command must be entered manually.
The no form of the command resets the configured interface type to the default value.
broadcast – if the physical interface is Ethernet or unknown
point-to-point – if the physical interface is T1, E1, or SONET/SDH
This command applies a route next-hop policy template to an OSPF or OSPFv3 interface.
When a route next hop policy template is applied to an interface, it is applied in all areas. However, this command can only be executed under the area in which the specified interface is primary. When the command is executed, the template is applied in that area and in all other areas where the interface is secondary. If the user attempts to execute the command under an area where the interface is secondary, the command will fail.
If the interface has been excluded from LFA with the loopfree-alternate-exclude command, the LFA policy has no effect on the interface.
If the route next-hop policy template is applied to a loopback interface or to the system interface, the command will not be rejected, but the policy will have no effect on the interface.
The no form of the command deletes the mapping of a route next-hop policy template to an OSPF or OSPFv3 interface.
no lfa-policy-map
This command instructs OSPF or OSPFv3 to exclude a specific interface or all interfaces participating in a specific OSPF or OSPFv3 area from the LFA SPF calculation. The LFA SPF calculation can therefore be run only where it is needed.
If an interface is excluded from the LFA SPF calculation, it is excluded in all areas. However, this command can only be executed under the area in which the specified interface is primary. When the command is executed, the interface is excluded in that area and in all other areas where the interface is secondary. If the user attempts to execute the command under an area where the interface is secondary, the command will fail.
no loopfree-alternate-exclude
This command configures a message digest key when MD5 authentication is enabled on the interface, virtual link, or sham link. Multiple message digest keys can be configured.
This command is not supported in the ospf3 context.
The no form of the command removes the message digest key identified by the key-id.
no message-digest-key
This is useful when a user must configure the parameter, but for security purposes, the actual unencrypted key value is not provided.
This is useful when a user must configure the parameter, but for security purposes, the actual unencrypted key value is not provided.
This command configures an explicit route cost metric for the interface or sham link that overrides the metrics calculated based on the speed of the underlying link.
The no form of the command deletes the manually configured metric, so the interface or sham link uses the computed metric based on the reference-bandwidth command setting and the speed of the underlying link.
no metric
This command configures the OSPF or OSPFv3 interface MTU value used when negotiating an OSPF or OSPFv3 adjacency.
The operational OSPF MTU value is calculated as follows.
If this command is not configured:
If this command is configured:
To determine the actual packet size, add 14 bytes for an Ethernet packet and 18 bytes for a tagged Ethernet packet to the size of the OSPF (IP) packet MTU configured with this command.
If the OSPF mtu command is configured to a value less than the interface or port MTU value, the OSPF MTU value will be used to transmit OSPF packets.
Use the no form of this command to revert to the default.
no mtu — uses the value derived from the port MTU
This command adds the passive property to an OSPF or OSPFv3 interface.
By default, only interface addresses that are configured for OSPF or OSPFv3 will be advertised as OSPF or OSPFv3 interfaces. The passive parameter allows an interface to be advertised as an OSPF or OSPFv3 interface without running the OSPF or OSPFv3 protocol.
While in passive mode, the interface will ignore ingress OSPF or OSPFv3 protocol packets and will not transmit any OSPF or OSPFv3 protocol packets.
The no form of the command removes the passive property from the OSPF or OSPFv3 interface.
no passive
This command configures the priority of the OSPF or OSPFv3 interface that is used in an election of the designated router on the subnet.
This parameter is only used if the interface is of type broadcast. The router with the highest-priority interface becomes the designated router. A router with priority 0 is not eligible to be a designated router or backup designated router.
The no form of the command resets the interface priority to the default value.
1
This command specifies the length of time, in seconds, that OSPF or OSPFv3 will wait before retransmitting an unacknowledged LSA to an OSPF or OSPFv3 neighbor.
The value should be greater than the expected round-trip delay between any two routers on the attached network. If the retransmit interval expires and no acknowledgment has been received, the LSA will be retransmitted.
The no form of this command resets the configuration to the default interval.
5
This command configures the estimated time, in seconds, that it takes to transmit an LSA on the interface, virtual link, or sham link.
The no form of this command resets the configuration to the default delay time.
1
This command configures the key rollover interval.The no form of the command resets the configured interval to the default setting.
10
This command enables the context to configure an OSPF or OSPFv3 Not So Stubby Area (NSSA) and adds or removes the NSSA designation from the area.
NSSAs are similar to stub areas in that no external routes are imported into the area from other OSPF or OSPFv3 areas. The major difference between a stub area and an NSSA is that an NSSA has the capability to flood external routes that it learns throughout its area and via an ABR to the entire OSPF or OSPFv3 domain.
Existing virtual links of a stub area or NSSA are removed when the designation is changed to NSSA or stub.
An area can be designated as stub or NSSA but never both at the same time.
By default, an area is not configured as an NSSA area.
The no form of the command removes the NSSA designation and configuration context from the area.
no nssa
This command enables the generation of a default route and its LSA type into an NSSA by an NSSA ABR or ASBR.
The functionality of the type-7 parameter and the type-nssa parameter is the same. The type-7 parameter is available in the ospf context; the type-nssa parameter is available in the ospf3 context. Include the type-7 or type-nssa parameter to inject a type 7 LSA default route instead of a type 3 LSA into the NSSA configured with no summaries.
To return to a type 3 LSA, enter the originate-default-route command without the type-7 or type-nssa parameter.
When configuring an NSSA with no summaries, the ABR will inject a type 3 LSA default route into the NSSA area. Some older implementations expect a type 7 LSA default route.
The no form of the command disables origination of a default route.
no originate-default-route
This command enables the redistribution of external routes into the NSSA on an NSSA ABR that is exporting the routes into non-NSSA areas.
NSSAs are similar to stub areas in that no external routes are imported into the area from other OSPF or OSPFv3 areas. The major difference between a stub area and an NSSA is that the NSSA has the capability to flood external routes that it learns (providing it is an ASBR) throughout its area and via an ABR to the entire OSPF or OSPFv3 domain.
The no form of the command disables the default behavior to automatically redistribute external routes into the NSSA area from the NSSA ABR.
redistribute-external
This command enables sending summary (type 3) advertisements into a stub area or NSSA on an ABR.
This parameter is particularly useful to reduce the size of the routing and link-state database (LSDB) tables within the stub or NSSA area.
By default, summary route advertisements are sent into the stub area or NSSA.
The no form of the command disables sending summary route advertisements and, for stub areas, only the default route is advertised by the ABR.
summaries
This command configures an OSPF area sham link to a far-end PE OSPF router.
The no form of the command removes the sham link.
no sham-link
This command enables access to the context to configure an OSPF or OSPFv3 stub area and adds or removes the stub designation from the area.
External routing information is not flooded into stub areas. All routers in the stub area must be configured with the stub command.
Existing virtual links of a stub area or NSSA are removed when its designation is changed to NSSA or stub.
An OSPF or OSPFv3 area cannot be both an NSSA and a stub area at the same time.
By default, an area is not a stub area.
The no form of the command removes the stub designation and configuration context from the area.
no stub
This command configures the metric used by the ABR for the default route into a stub area.
The default metric should only be configured on an ABR of a stub area.
An ABR generates a default route if the area is a stub area.
The no form of the command resets the configuration to the default value.
default-metric 1
This command configures a virtual link to connect ABRs to the backbone.
The backbone area (area 0.0.0.0) must be contiguous and all other areas must be connected to the backbone area. If it is not practical or possible to connect an area to the backbone, the ABRs must be connected via a virtual link. The two ABRs form a point-to-point-like adjacency across the transit area. A virtual link can only be configured while in the area 0.0.0.0 context.
The router-id specified in this command must be associated with the virtual neighbor. The transit area cannot be a stub area or an NSSA.
The no form of the command deletes the virtual link.
no virtual-link
This command specifies export route policies to determine which routes are exported from the routing table manager to OSPF or OSPFv3. Export policies are only in effect if OSPF or OSPv3 is configured as an ASBR.
If no export policy is specified, routes that are not OSPF or OSPFv3 are not exported from the routing table manager to OSPF or OSPFv3.
If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If multiple export commands are issued, the last command entered will override the previous command. A maximum of five policy names can be specified.
The no form of the command removes all policies from the configuration.
Refer to the 7705 SAR Router Configuration Guide for information on defining route policies.
no export — no export route policies specified
This command enables limits on the number of non-default, AS-external LSA entries that can be stored in the link-state database (LSDB) and specifies a wait timer before processing these entries after the limit is exceeded.
The limit value specifies the maximum number of entries that can be stored in the LSDB. Placing a limit on these LSAs in the LSDB protects the router from receiving an excessive number of external routes that consume excessive memory or CPU resources. If the number of routes reaches or exceeds the limit, the table is in an overflow state. When in an overflow state, the router will not originate any new AS-external LSAs and will withdraw all the self-originated non-default external LSAs.
The seconds value specifies the time to wait after an overflow state before regenerating and processing non-default, AS-external LSAs. The waiting period acts like a dampening period, preventing the router from continuously running shortest path first (SPF) calculations caused by the excessive number of non-default, AS-external LSAs.
The external-db-overflow must be set identically on all routers attached to any regular OSPF or OSPFv3 area. OSPF or OSPFv3 stub areas and NSSAs are excluded.
The no form of the command disables limiting the number of non-default, AS-external LSA entries.
no external-db-overflow
This command configures the preference for OSPF or OSPFv3 external routes. The preference for internal routes is set with the preference command.
A route can be learned by the router from different protocols, in which case, the costs are not comparable. When this occurs, the preference is used to decide which route will be used.
Different protocols should not be configured with the same preference. If this occurs, the tiebreaker is based on the default preferences as defined in Table 131.
Route Type | Preference | Configurable |
Direct attached | 0 | No |
Static routes | 5 | Yes |
OSPF/OSPFv3 internal | 10 | Yes |
IS-IS level 1 internal | 15 | Yes |
IS-IS level 2 internal | 18 | Yes |
OSPF/OSPFv3 external | 150 | Yes |
IS-IS level 1 external | 160 | Yes |
IS-IS level 2 external | 165 | Yes |
If multiple routes are learned with the same preference using the same protocol, the lowest-cost route is used. If multiple routes are learned with the same preference using the same protocol and the costs (metrics) are equal, the decision of which route to use is determined by the configuration of ECMP in the config>router context. Refer to the 7705 SAR Router Configuration Guide for information on ECMP.
Note: To configure a preference for static routes, use the config>router>static-route-entry command. Refer to the 7705 SAR Router Configuration Guide for information. |
The no form of the command returns the setting to the default value.
external-preference 150 — OSPF or OSPFv3 external routes have a default preference of 150
This command specifies whether to ignore the DN (down) bit for OSPF or OSPFv3 LSA packets for this instance of OSPF or OSPFv3 on the router. When enabled, the DN bit for OSPF or OSPFv3 LSA packets will be ignored. When disabled, the DN bit will not be ignored for OSPF or OSPFv3 LSA packets.
no ignore-dn-bit
This command configures up to five import route policies that determine which routes are imported into the routing table.
When a prefix received in an OSPF LSA is accepted by an entry in an OSPF import policy, it is installed in the routing table if it is the most preferred route to the destination. When a prefix received in an OSPF LSA is rejected by an entry in an OSPF import policy, it is not installed in the routing table, even if it has the lowest preference value among all the routes to that destination.
The flooding of LSAs is not affected by OSPF import policy actions.
The no form of this command removes all import policies from the configuration. The default behavior then applies, that is, if an OSPF route has the lowest preference value among all routes to the destination, it is installed in the routing table.
no import
The route policy names must already be defined.
This command enables Loop-Free Alternate (LFA) computation by SPF under the OSPF or OSPFv3 routing protocol instance.
When this command is enabled, the OSPF or OSPFv3 SPF attempts to precalculate both a primary next hop and a LFA backup next hop for every learned prefix. When found, the LFA next hop is populated into the routing table along with the primary next hop for the prefix.
The no form of this command disables the LFA SPF calculation.
no loop-free alternate
This command excludes from the LFA SPF calculation any prefixes that match a prefix entry in a prefix policy. If a prefix is excluded, it is not included in the LFA SPF calculation, regardless of its priority. Prefix policies are created with the command config>router> policy-options>prefix-list (for information on prefix lists, refer to the 7705 SAR Router Configuration Guide, “Route Policies”).
The default action of the loopfree-alternate-exclude command, when not explicitly specified in the prefix policy, is to “reject”. Therefore, even if the default-action reject statement was not explicitly stated for the prefix policy, a prefix that does not match any entry in the policy will be used in the LFA SPF calculation.
The no form of the command deletes the excluded prefix policy.
no loop-free-alternate-exclude
This command changes the overload state of the local router so that it appears to be overloaded. When overload is enabled, the router can participate in OSPF or OSPFv3 routing, but is not used for transit traffic. Traffic destined for directly attached interfaces continues to reach the router.
To put the IGP in an overload state, enter a timeout value. The IGP will enter the overload state until the timeout timer expires or a no overload command is executed.
If no timeout is specified, the overload state is maintained indefinitely.
If the overload command is encountered during the execution of an overload-on-boot command, the overload command takes precedence. This situation could occur as a result of a saved configuration file where both parameters are saved. When the file is saved by the system, the overload-on-boot command is saved after the overload command.
Use the no form of this command to return to the default. When the no overload command is executed, the overload state is terminated regardless of the reason the protocol entered the overload state.
no overload
This command is used to determine if the OSPF or OSPFv3 stub networks should be advertised with a maximum metric value when the system goes into an overload state for any reason. When enabled, the system uses the maximum metric value. When this command is enabled and the router is in overload, all stub interfaces, including loopback and system interfaces, will be advertised at the maximum metric.
no overload-include-stub
When the router is in an overload state, the router is used only if there is no other router to reach the destination. This command configures OSPF or OSPFv3 upon boot-up in the overload state until one of the following events occurs:
If no timeout is specified, the overload state is maintained indefinitely.
The no overload command does not affect the overload-on-boot function.
The no form of the command removes the overload-on-boot functionality from the configuration.
no overload-on-boot
This command configures the preference for OSPF or OSPFv3 internal routes.
A route can be learned by the router from different protocols, in which case, the costs are not comparable. When this occurs, the preference is used to decide which route will be used.
Different protocols should not be configured with the same preference. If this occurs, the tiebreaker is based on the default preferences as defined in Table 131. If multiple routes are learned with the same preference using the same protocol and the costs (metrics) are equal, the decision of which route to use is determined by the configuration of ECMP in the config>router context. Refer to the 7705 SAR Router Configuration Guide for information on ECMP.
The no form of the command resets the preference configuration to the default value.
preference 10 — OSPF or OSPFv3 internal routes have a preference of 10
This command configures the reference bandwidth used to calculate the default costs of interfaces based on their underlying link speed.
The default interface cost is calculated as follows:
cost = reference bandwidth/bandwidth
The default reference bandwidth is 100 000 000 kb/s or 100 Gb/s; therefore, the default auto-cost metrics for various link speeds are as follows:
The reference-bandwidth command assigns a default cost to the interface based on the interface speed. To override this default cost on an interface, use the metric command in the config>router>ospf>area>interface ip-int-name context or config>router >ospf3>area> interface ip-int-name context.
The no form of the command resets the reference bandwidth to the default value.
reference-bandwidth 100000000
This command configures the router ID for a specific VPRN context. If the router ID is not defined under VPRN, the router ID from the base router context is inherited.
When configuring the router ID in the base instance of OSPF or OSPFv3, the value overrides the router ID configured in the config>router context.
The default value for the base instance is inherited from the configuration in the config>router context. If the router ID in the config>router context is not configured, the following applies:
When configuring a new router ID, the instance is not automatically restarted with the new router ID. The next time the instance is initialized, the new router ID is used.
To force the new router ID to be used, issue the shutdown and no shutdown commands for the instance, or reboot the entire router.
The no form of the command to resets the router ID to the default value.
0.0.0.0 (base OSPF)
This command specifies whether CE-PE functionality is required. The OSPF super-backbone indicates the type of the LSA generated as a result of routes redistributed into OSPF. When enabled, the redistributed routes are injected as summary, external, or NSSA LSAs. When disabled, the redistributed routes are injected as either external or NSSA LSAs only.
no super-backbone
This command specifies whether to suppress the setting of the DN (down) bit for OSPF or OSPFv3 LSA packets generated by this instance of OSPF or OSPFv3 on the router. When enabled, the DN bit will not be set. When disabled, this instance of the OSPF or OSPFv3 router will follow the usual procedure to determine whether to set the DN bit.
no suppress-dn-bit
This command enables the context that allows for the configuration of OSPF or OSPFv3 timers. Timers control the delay between receipt of an LSA requiring an SPF calculation and the minimum time between successive SPF calculations.
Changing the timers affects CPU usage and network reconvergence times. Lower values reduce reconvergence time but increase CPU usage. Higher values reduce CPU usage but increase reconvergence time.
n/a
This command defines the minimum delay that must pass between receipt of the same LSAs arriving from neighbors.
It is recommended that the configured lsa-generate lsa-second-wait interval for the neighbors be equal to or greater than the lsa-arrival-time.
Use the no form of this command to return to the default.
no lsa-arrival
This command customizes the throttling of OSPF or OSPFv3 LSA generation. Timers that determine when to generate the first, second, and subsequent LSAs can be controlled with this command. Subsequent LSAs are generated at increasing intervals of the lsa-second-wait timer until a maximum value is reached.
It is recommended that the lsa-arrival-time be equal to or less than the lsa-second-wait interval.
Use the no form of this command to return to the default.
no lsa-generate
When an LSA is generated, the initial wait period commences. If, within the specified lsa-initial-wait period, another topology change occurs, the lsa-initial-wait timer applies.
This command defines the maximum interval between two consecutive SPF calculations in milliseconds. Timers that determine when to initiate the first, second, and subsequent SPF calculations after a topology change occurs can be controlled with this command. Subsequent SPF runs (if required) will occur at exponentially increasing intervals of the spf-second-wait interval. For example, if the spf-second-wait interval is 1000, the next SPF will run after 2000 ms, and the next SPF will run after 4000 ms, and so on, until it reaches the spf-wait value. The SPF interval will stay at the spf-wait value until there are no more SPF runs scheduled in that interval. After a full interval without any SPF runs, the SPF interval will drop back to spf-initial-wait.
The timer must be entered in increments of 100 ms. Values entered that do not match this requirement will be rejected.
Use the no form of this command to return to the default.
no spf-wait
This command specifies the type of extended community attribute exchanged using BGP to carry the OSPF VPN domain ID. The command applies to VPRN instances of OSPF only. An attempt to modify the value of this attribute will result in an inconsistent value error when the instance is not a VPRN instance. The parameters are mandatory and can be entered in any order.
This command is not supported in the ospf3 context.
no vpn-domain
This command specifies the route tag for an OSPF VPN on a PE router and is used mainly to prevent routing loops. This field is set in the tag field of the OSPF external LSAs generated by the PE. The command applies to VPRN instances of OSPF only. An attempt to modify the value of this tag will result in an inconsistent value error when the instance is not a VPRN instance.
This command is not supported in the ospf3 context.
vpn-tag 0
This command enables the context to configure IGMP parameters.
The no form of the command disables IGMP.
disabled
This command enables the context to configure IGMP interface parameters.
This command enables or disables the IGMP router alert check option.
The no form of the command enables the router alert check.
no disable-router-alert-check
This command imports a policy to filter IGMP packets on this interface.
The no form of the command removes the policy association from the IGMP instance.
no import
This command specifies the maximum number of groups for which IGMP can have local receiver information based on received IGMP reports on this interface. When this configuration is changed dynamically to a value lower than the currently accepted number of groups, the groups that are already accepted are not deleted. Only new groups will not be allowed.
The no form of the command removes the value.
0 — no limit to the number of groups
This command configures the maximum number of group sources for which IGMP can have local receiver information based on received IGMP reports on this interface. When this configuration is changed dynamically to a value lower than the currently accepted number of group sources, the group sources that are already accepted are not deleted. Only new group sources will not be allowed.
The no form of the command reverts to the default.
0
This command enables the context to configure group ranges that are translated to SSM (S,G) entries. If the static entry needs to be created, it must be translated from an IGMPv1 or IGMPv2 request to a Source Specific Multicast (SSM) join request. An SSM translate source can only be added when the starg command is not enabled. An error message is generated when trying to configure the source command while the starg command is enabled.
This command is used to configure group ranges that are translated to SSM (S,G) entries.
This command specifies the source IP address for the group range. Whenever a (*,G) report is received and is in the range specified by grp-range start and end parameters, it is translated to an (S,G) report where ip-address is the source address.
This command accesses the context to test forwarding on an interface without a receiver host. When enabled, data is forwarded to an interface without having received membership reports from host members.
n/a
This command adds a static multicast group as either a (*,G) record or one or more (S,G) records. Use IGMP static group memberships to test multicast forwarding when there is no receiver host. When IGMP static groups are enabled, data is forwarded to an interface without receiving membership reports from host members.
When static IGMP group entries on point-to-point links that connect routers to a rendezvous point (RP) are configured, the static IGMP group entries do not generate join messages toward the RP.
n/a
This command specifies the source address of the multicast group. It is an IPv4 unicast address. By specifying the source address, a multicast receiver host signals to the router that the multicast group will only be receiving multicast traffic from this specific source.
The source command and the specification of individual sources for the same group are mutually exclusive.
The source command, in combination with the group command, is used to create a specific (S,G) static group entry.
The no form of the command removes the source from the configuration.
n/a
This command enables or disables subnet checking for IGMP messages received on this interface. All IGMP packets with a source address that is not in the local subnet are dropped.
The no form of the command disables subnet-check.
enabled
This command specifies the IGMP version. If routers run different versions of IGMP, they negotiate the lowest common version of IGMP that is supported by hosts on their subnet and operate in that version. For IGMP to function correctly, all routers on a LAN should be configured to run the same version of IGMP.
For IGMPv3, a multicast router that is also a group member performs both parts of IGMPv3, receiving and responding to its own IGMP message transmissions as well as those of its neighbors.
3
This command specifies the frequency at which the querier router transmits general host-query messages. The host-query messages solicit group membership information and are sent to the all-systems multicast group address, 224.0.0.1.
125
This command configures the frequency at which the querier sends group-specific query messages, including messages sent in response to leave-group messages; the shorter the interval, the faster the detection of the loss of the last member of a group.
1
This command specifies how long the querier router waits to receive a response to a host-query message from a host.
10
This command configures the robust count. The robust-count allows adjusting for the expected packet loss on a subnet. If a subnet anticipates losses, the robust-count can be increased.
2
This command configures a Protocol Independent Multicast (PIM) instance in the VPRN service. When a PIM instance is created, the protocol is enabled. PIM is used for multicast routing within the network. Devices in the network can receive the requested multicast feed and non-participating routers can be pruned. The router supports PIM sparse mode (PIM-SM).
The no form of the command deletes the PIM protocol instance, removing all associated configuration parameters.
n/a
This command creates a PIM interface configured with default parameters.
If a manually created interface or a modified interface is deleted, the interface will be recreated when the apply-to command is executed. If PIM is not required on a specific interface, execute a shutdown command on the interface.
The apply-to command is saved first in the PIM configuration structure; all subsequent apply-to commands either create new structures or modify the defaults as created by the apply-to command.
none
This command specifies up to five import route policies to be used for determining which routes are accepted from peers. Route policies are configured in the config>router>policy-options context. When an import policy is not specified, BGP routes are accepted by default.
The no form of the command removes the policy associations from the PIM instance for the specified type.
no import join-policy no import register-policy
This command enables PIM on an interface and enables the context to configure interface-specific parameters. By default, interfaces are activated in PIM based on the apply-to command and do not have to be configured on an individual basis unless the default values must be changed.
The no form of the command deletes the PIM interface configuration for this interface. If the apply-to command parameter is configured, then the no interface form must be saved in the configuration to avoid automatic recreation of the interface after the next apply-to command is executed as part of a reboot.
The shutdown command can be used to disable an interface without removing the configuration for the interface.
Interfaces are activated in PIM based on the apply-to command.
This command configures the time between refreshes of PIM assert messages on an interface.
The no form of the command reverts to the default.
60
This command enables the checking of the router alert option in the bootstrap messages received on this interface.
no bsm-check-rtr-alert
This command enables the use of bidirectional forwarding (BFD) to control the state of the associated protocol interface. By enabling BFD on a protocol interface, the state of the protocol interface is tied to the state of the BFD session between the local node and the remote node. The parameters used for the BFD session are set via the bfd command under the IP interface.
The no form of this command removes BFD from the associated IGP protocol adjacency.
no bfd-enable
This command configures the interval at which PIM hello messages are transmitted on this interface.
The no form of this command reverts to the default value.
30
This command configures the multiplier used to determine the hold time for a PIM neighbor.
The hello-multiplier in conjunction with the hello-interval determines the hold time for a PIM neighbor.
hello hold-time = (hello-interval * hello-multiplier) / 10
This allows the PIMv2 default timeout of 3.5 s to be supported. For example, if hello-interval = 1 s, and hello-multiplier = 35 deci-units, then hold-time = (1 * 35) / 10 = 3.5 s.
This command enables improved assert processing on this interface. The PIM assert process establishes a forwarder node for a LAN and requires interaction between the control and forwarding planes.
The assert process is started when data is received on an outgoing interface. There can be an impact on performance if data is continuously received on an outgoing interface.
When enabled, the PIM assert process occurs entirely on the control plane, with no interaction between the control and forwarding planes.
enabled
This command enables or disables instant PruneEcho for a PIM interface.
no instant-prune-echo
This command administratively disables or enables PIM operation for IPv4.
no ipv4-multicast-disable
This command configures the maximum number of groups for which PIM can have a downstream state based on received PIM join messages on this interface. This number does not include IGMP local receivers on the interface. When this configuration is changed dynamically to a value lower than the currently accepted number of groups, the groups that are already accepted are not deleted. Only new groups will not be allowed. When this configuration has a value of 0, there is no limit to the number of groups.
This command configures the way subnet matching is done for incoming data packets on this interface. An IP multicast sender is a user entity to be authenticated in a receiving host.
This command enables multicast-to-multicast address translation by mapping a range of source IP addresses to a range of multicast group addresses. The PIM interface on the 7705 SAR translator router is the source of the multicast address. Multiple (S,G)s (for example, s1,g1 / s2,g1 / s3,g1) can be mapped to a single PIM interface, using the same source IP address for the translated (S,G) but for a range of groups.
The PIM interface on the translator router must first be enabled for multicast translation with the config>router>interface>multicast-translation command.
no multicast-to-multicast
This command sets the priority value for the interface to become the designated router (DR), so that multiple PIM routers do not exist on one Layer 2 network.
The no form of the command resets the priority to the default value.
1 (the router is least likely to become the designated router)
This command enables sticky-dr operation on this interface. When enabled, the priority value used in PIM hello messages sent on this interface when elected as the designated router (DR) is changed to the value configured with this command. This is done to avoid forwarding delays caused by DR recovery, which occurs when switching back to the old DR on a LAN when the old DR comes back up.
By enabling sticky-dr on this interface, the interface continues to act as the DR for the LAN even after the old DR comes back up.
When sticky-dr is used without the priority keyword, the sticky-dr priority value is 1024 (default).
The no form of the command disables sticky-dr operation on this interface.
disabled (no sticky-dr)
This command configures the compatibility mode to enable three-way hello. By default, three-way hello is disabled on all interfaces and the standard two-way hello is supported.
no three-way-hello
This command sets the T-bit in the LAN prune delay option of the hello message. This indicates the router's capability to disable join-message suppression.
no tracking-support
This command enables unicast-to-multicast address translation by mapping a range of unicast source addresses and a unicast destination address to a multicast group address. The unicast destination address is a loopback IP address configured on the 7705 SAR that is performing the translation. This translator router becomes the source of the multicast packets. The multicast source address is a loopback interface IP address configured on the PIM interface of the translator router. The PIM interface on the 7705 SAR translator router must first be enabled for multicast translation with the config>router>interface>multicast-translation command.
The unicast destination and the multicast source can be the same loopback address or different loopback addresses.
The translation can map a range of unicast source addresses to a range of multicast group addresses. For example, if the unicast source address range is 1.1.1.1 to 1.1.1.4 and the multicast group address is 230.0.0.100, the following multicast destination address range is created:
Unicast Source | Multicast Group |
1.1.1.1 | 230.0.0.100 |
1.1.1.2 | 230.0.0.101 |
1.1.1.3 | 230.0.0.102 |
1.1.1.4 | 230.0.0.103 |
no unicast-to-multicast
This command specifies whether the router should ignore the designated router state and attract traffic even when it is not the designated router.
An operator can configure an interface (router or IES or VPRN interfaces) with IGMP and PIM. The interface IGMP state will be synchronized to the backup node if it is associated with the redundant peer port. The interface can be configured to use PIM, which will cause multicast streams to be sent to the elected DR only. The DR will also be the router sending traffic to the DSLAM. Since it may be required to attract traffic to both routers, a non-dr-attract-traffic flag can be used in the PIM context to have the router ignore the DR state and attract traffic when it is not the DR. While using this flag, the router may not send the stream to the DSLAM when it is not the DR.
The no form of the command disables the DR state. When disabled, the DR state is used.
no non-dr-attract-traffic
This command enables access to the context to configure the rendezvous point (RP) of a PIM protocol instance.
A PIM router acting as an RP must respond to a PIM register message that specifies an SSM multicast group address by sending stop register messages to the first-hop router. The PIM router does not build an (S, G) shortest path tree toward the first-hop router. An SSM multicast group address can be an address either from the SSM default range of 232/8 or from a multicast group address range that was explicitly configured for SSM.
rp enabled when PIM is enabled
This command configures a PIM anycast protocol instance for the RP being configured. Anycast enables fast convergence when a PIM RP router fails by allowing receivers and sources to rendezvous at the closest RP.
The no form of the command removes the anycast instance from the configuration.
none
This command configures a peer in the anycast RP-set. The ip-address identifies the address used by the other node as the RP candidate address for the same multicast group address range as configured on this node.
Caution: This is a manual procedure. Caution should be taken to produce a consistent configuration of an RP-set for a given multicast group address range. The priority should be identical on each node and be a higher value than any other configured RP candidate that is not a member of this RP-set. |
Although there is no set maximum number of addresses that can be configured in an RP-set, up to 15 multicast addresses is recommended.
The no form of the command removes an entry from the list.
none
This command enables auto-RP protocol in discovery mode. In discovery mode, RP-mapping and RP-candidate messages are received and forwarded to downstream nodes. RP-mapping messages are received locally to learn about availability of RP nodes present in the network.
Either bsr-candidate for IPv4 or auto-rp-discovery can be configured; the two mechanisms cannot be enabled together. The auto-rp-discovery command cannot be enabled together with mdt-type sender-only or mdt-type receiver-only, or wildcard-spmsi configurations.
The no form of the command disables auto-RP discovery.
no auto-rp-discovery
This command exports policies to control the flow of bootstrap messages from the RP. Up to five policies can be defined.
The no form of this command removes the specified policy names from the configuration.
n/a
This command imports policies to control the flow of bootstrap messages to the RP. Up to five policies can be defined.
The no form of this command removes the specified policy names from the configuration.
n/a
This command enables the context to configure candidate bootstrap router (BSR) parameters.
Either bsr-candidate for IPv4 or auto-rp-discovery can be configured; the two mechanisms cannot be enabled together.
bsr-candidate shutdown
This command configures a static bootstrap or rendezvous point (RP) as long as the source is not directly attached to this router.
Use the no form of this command to remove the static RP from the configuration.
no address
This command is used to configure the length of the mask that is combined with the group address before the hash function is called. All groups with the same hash result will map to the same RP. For example, if the hash-mask-length value is 24, only the first 24 bits of the group addresses matter. This mechanism is used to map one group or multiple groups to an RP.
30
This command defines the priority used when determining the rendezvous point (RP). The higher the priority value the more likely that this router becomes the RP. If there is a tie, the router with the highest IP address is elected.
This command enables the context to configure the candidate rendezvous point (RP) parameters.
enabled when PIM is enabled
This command configures the group address or range of group addresses for which this router can be the rendezvous point (RP).
Use the no form of this command to remove the group address or range of group addresses for which this router can be the RP from the configuration.
none
This command defines the length of time a neighboring router considers this router to be up.
The no form of this command reverts to the default value.
150
This command defines the priority used to determine the rendezvous point (RP). The higher the priority value, the more likely that this router will become the RP.
Use the no form of this command to revert to the default value.
192
This command enables access to the context to configure a static rendezvous point (RP) for a PIM-SM protocol instance.
none
This command configures the static rendezvous point (RP) address.
The no form of this command removes the static RP entry from the configuration.
none
The command defines a range of multicast IP addresses for which a certain RP is applicable.
The no form of the command removes the criterion.
none
This command changes the precedence of static RP over dynamically-learned RP.
When enabled, the static group-to-RP mappings take precedence over the dynamically-learned mappings.
no override
This command configures a shortest path tree (SPT) switchover threshold for a group prefix.
PIM-SM routers with directly connected routers receive multicast traffic initially on a shared tree rooted at the rendezvous point (RP). Once the traffic arrives on the shared tree and the source of the traffic is known, a switchover to the SPT tree rooted at the source is attempted.
For a group that falls in the range of a prefix configured in the table, the corresponding threshold value determines when the router should switch over from the shared tree to the source specific tree. The switchover is attempted only if the traffic rate on the shared tree for the group exceeds the configured threshold.
In the absence of any matching prefix in the table, the default behavior is to switchover when the first packet is seen. In the presence of multiple prefixes matching a given group, the most specific entry is used.
This command specifies whether to disable the use of default range (232/8) for SSM so that it can be used by ASM to process (*,G). When enabled, the use of the default range is disabled for SSM and it (the default range) can be used by ASM. When disabled, the SSM default range is enabled.
The no form of the command enables the use of the default range.
no ssm-default-range-disable (enabled)
This command enables access to the context to enable a source-specific multicast (SSM) configuration instance.
none
This command configures the group address or range of group addresses for which this router can be the rendezvous point (RP).
Use the no form of this command to remove the group address or range of group addresses for which this router can be the RP from the configuration.
none
This command enables the RIP protocol on a VPRN interface.
The no form of the command disables the RIP protocol on a VPRN interface.
This command sets the authentication password to be passed between RIP neighbors. The authentication type and authentication key must match exactly in order for the RIP message to be considered authentic.
The authentication key can be any combination of ASCII characters up to 16 characters long. The hash-key can be any combination of ASCII characters up to 33 characters long.
The no form of the command removes the authentication password from the configuration and disables authentication.
no authentication-key
This command sets the type of authentication to be used between RIP neighbors. Authentication type can be specified regardless of the configured send and receive parameters, but will only apply to RIPv2 packets.
The type and password must match exactly for the RIP message to be considered authentic and processed.
The no form of the command removes the authentication type from the configuration and disables authentication.
no authentication-type
This command enables checking for zero values in fields specified to be zero by the RIPv1 and RIPv2 specifications.
The check-zero enable command enables checking of the mandatory zero fields in the RIPv1 and RIPv2 specifications and rejecting of non-compliant RIP messages.
The check-zero disable command disables this check and allows the receipt of RIP messages even if the mandatory zero fields are non-zero.
The check-zero command can be enabled at all three RIP levels. The most specific value is used. If no check-zero value is set (no check-zero), the setting from the less-specific level is inherited by the lower level.
The no form of the command disables check-zero on the configuration.
no check-zero
This command specifies the export policies to be used to control routes advertised to RIP neighbors.
By default, when no export policies are specified, RIP routes are advertised and non-RIP routes are not advertised.
The no form of the command removes all route policy names from the export list.
no export
This command configures the maximum number of routes (prefixes) that can be exported into RIP from the route table.
The no form of the command removes the configured parameter values.
no export-limit
This command creates a context for configuring a RIP group of neighbors.
RIP groups logically associate RIP neighbor interfaces to facilitate a common configuration for RIP interfaces.
The no form of the command deletes the RIP neighbor interface group. Deleting the group will also remove the RIP configuration of all the neighbor interfaces currently assigned to this group.
no group
This command specifies the import policy to be used to control routes advertised from RIP neighbors.
By default, RIP accepts all routes from RIP neighbors. Import policies can be used to limit or modify the routes accepted and their corresponding parameters and metrics.
The no form of the command removes all route policy names from the import list.
no import
This command configures the maximum number of routes per RIP update message.
By default, each update can contain a maximum of 25 route advertisements. This limit is imposed by RIP specifications. RIP can be configured to send as many as 255 routes per update.
The no form of the command reverts to the default value.
no message-size
This command configures the metric added to routes received from a RIP neighbor. The specified metric value is added to the hop count and shortens the maximum distance of the route.
When applying an export policy to a RIP configuration, the policy overrides the metric values determined through calculations involving the metric-in and metric-out values.
The no form of the command reverts to the default value.
no metric-in
This command configures the metric added to routes exported into RIP and advertised to RIP neighbors. The specified metric value is added to the hop count and shortens the maximum distance of the route.
When applying an export policy to a RIP configuration, the policy overrides the metric values determined through calculations involving the metric-in and metric-out values.
The no form of the command removes the command from the configuration and resets the metric-in value to the default.
no metric-out
This command creates a context for configuring a RIP neighbor interface.
By default, interfaces are not activated unless explicitly configured.
The no form of the command deletes the RIP interface configuration for this interface. The shutdown command in the config>router>rip>group>neighbor context can be used to disable an interface without removing the configuration for the interface.
no neighbor
This command configures the route preference assigned to RIP routes. This value can be overridden by route policies.
The no form of the command reverts to the default value.
no preference
This command allows the RIP metric to be used to set the MP-BGP MED attribute when RIP is used as the CE-PE routing protocol for VPRNs. This is similar to the way the OSPF metric can be used to set the MP-BGP metric when OSPF is used as the CE-PE protocol.
MP-BGP uses the RIP metric to set the MED attribute, which is flooded throughout the MP-BGP peers and is then used to set the RIP metric at the other end and re-advertise the RIP metric to the far-end RIP neighbors.
This command configures the types of RIP updates that will be accepted and processed.
If you specify both or version-2, the RIP instance listens for, and accepts, packets sent to the broadcast (255.255.255.255) and multicast (224.0.0.9) addresses.
If version-1 is specified, the router only listens for and accepts packets sent to the broadcast address.
The default behavior is to accept and process both RIPv1 and RIPv2 messages.
The no form of the command reverts to the default value.
both
both | specifies that RIP updates in either version 1 or version 2 format will be accepted |
none | specifies that RIP updates will not be accepted |
version-1 | specifies that only RIP updates in version 1 format will be accepted |
version-2 | specifies that only RIP updates in version 2 format will be accepted |
This command specifies the type of RIP messages sent to RIP neighbors.
If multicast is specified, the router sends RIPv2 messages to the multicast (224.0.0.9) destination address.
If broadcast, or version-1 is specified, the router only listens for and accepts packets sent to the broadcast address.
The no form of this command reverts to the default value.
broadcast
broadcast: | sends RIPv2 formatted messages to the broadcast address | |
multicast: | sends RIPv2 formatted messages to the multicast address | |
none: | does not to send any RIP messages (silent listener) | |
version-1: | sends RIPv1 formatted messages to the broadcast address |
This command enables the use of split-horizon. RIP uses split-horizon with poison-reverse to protect from such problems as “counting to infinity”. Split-horizon with poison reverse means that routes learned from a neighbor through an interface are advertised in updates out of the same interface but with a metric of 16 (infinity).
The split-horizon disable command enables split-horizon without poison-reverse. This allows the routes to be re-advertised on interfaces other than the interface that learned the route, with the advertised metric equaling an increment of the metric-in value.
This parameter can be set at three levels: global level (applies to all groups and neighbor interfaces), group level (applies to all neighbor interfaces in the group), or neighbor level (only applies to the specified neighbor interface). The most specific value is used. If no value is set (no split-horizon), the setting from the less-specific level is inherited by the lower level.
The no form of the command disables split-horizon.
enable
This command configures values for the update, timeout, and flush RIP timers.
The RIP update timer determines how often RIP updates are sent.
If the route is not updated by the time the RIP timeout timer expires, the route is declared invalid but is maintained in the RIP database.
The RIP flush timer determines how long a route is maintained in the RIP database after it has been declared invalid. After the flush timer expires, the route is removed from the RIP database.
The no form of the command reverts all timers to their default values.
no timers
This command creates or specifies a security zone within a VPRN context. Each zone must have a unique ID.
All zones must be explicitly created with the create keyword. If no zones are created within a service or router context, a zone will not exist on that object.
Enter an existing zone without the create keyword to edit zone parameters.
The no form of this command deletes the zone. When a zone is deleted, all configuration parameters for the zone are also deleted.
This command discards changes made to a security feature.
n/a
This command enters the mode to create or edit security features.
n/a
This command saves changes made to security features.
n/a
This command creates a security zone on automatically bound GRE, MPLE, or LDP transport tunnels configured for this service. Depending on how the security policy is configured, any traffic entering or exiting the zone is firewalled; traffic traveling between auto-bind LSPs in the zone is not firewalled.
n/a
This command enables the context to configure limit parameters on inbound security sessions.
n/a
This command enables the context to configure limit parameters for outbound security sessions on the CSM.
n/a
This command enables the context to configure limits on concurrent sessions for inbound or outbound firewall sessions on the CSM.
n/a
This command configures the maximum number of concurrent firewall sessions that can be established per zone, in either the inbound or outbound direction.
n/a
This command creates a logical IP routing interface for a zone. Once created, attributes such as an IP address can be associated with the IP interface. Multiple interfaces can be configured on a zone.
The no form of this command removes the IP interface and all the associated configurations.
This command applies a security log to the specified zone. The security log must already be configured in the config>security>policy context.
The no form of this command removes logging for the zone.
This command configures a zone name. The zone name is unique within the system. It can be used to refer to the zone under configure, show, and clear commands.
This command enters the context to configure NAT security parameters for a zone.
This command configures the NAT pool for the security zone within a VPRN service. Each pool must have a unique ID.
All pools must be explicitly created with the create keyword.
Enter an existing pool without the create keyword to edit pool parameters.
The no form of this command deletes the specified NAT pool. When a pool is deleted, all configuration parameters for the pool will also be deleted.
This command configures the NAT pool direction for the security zone. A specific NAT pool can be configured for different directions while using the same policy. For example, if the security policy entry direction is set to both, separate inbound and outbound pools can be created for that policy.
The no form of this command deletes the direction.
This command configures a NAT pool entry within a VPRN service.
The no form of this command deletes the entry with the specified ID. When an entry is deleted, all configuration parameters for the entry will also be deleted.
This command configures the source IP address or IP address range to which packets that match NAT policy are routed using NAT. An interface can also be configured, in which case all packets that match NAT policy are routed to the interface IP address. If the interface IP address is changed dynamically, NAT is updated accordingly. Only one IP address can be associated with an IP interface. Source IP addresses and interfaces cannot be used together in a single NAT pool.
The IP address for the interface must be entered in dotted-decimal notation.
The no form of the command removes the IP address assignment. The no form of this command can only be performed when the IP interface is administratively shut down. Shutting down the IP interface brings the interface operationally down.
This command configures the UDP/TCP port or port range. Packets that match NAT policy undergo network port address translation (NPAT) and are routed to their source UDP/TCP port. Configuring a UDP/TCP port pool requires an IP-address pool because the 7705 SAR does not support port address translation (PAT) alone.
The no form of this command deletes the port or port range.
This command configures a zone pool name. Pool names must be unique within the group of pools defined for a zone. It can be used to refer to the pool under configure, show, and clear commands.
This command sets the policy to be used by the security zone to build its matching criteria for incoming packets.
The no form of this command deletes the specified policy.
This command creates an IP transport subservice within a VPRN service. An IP transport subservice is used to transmit serial raw socket data to and from a local host and remote host.
All IP transport subservices must be explicitly created using the create keyword. An IP transport subservice is owned by the service within which it is created. An IP transport subservice can only be associated with a single service. The create keyword is not needed when editing parameters for an existing IP transport subservice. An IP transport subservice must be first shut down before changes can be made to the configured parameters.
The no form of this command deletes the IP transport subservice with the specified ipt-id. When an IP transport subservice is deleted, all configured parameters for the IP transport subservice are also deleted.
no ip-transport
This command configures the DSCP name used to mark the DSCP field in IP transport packets originating from this node.
Raw socket traffic redirection to a specific queue is enabled by the fc command.
ef
dscp-name |
be, ef, cp1, cp2, cp3, cp4, cp5, cp6, cp7, cp9, cs1, cs2, cs3, cs4, cs5, nc1, nc2, af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, cp11, cp13, cp15, cp17, cp19, cp21, cp23, cp25, cp27, cp29, cp31, cp33, cp35, cp37, cp39, cp41, cp42, cp43, cp44, cp45, cp47, cp49, cp50, cp51, cp52, cp53, cp54, cp55, cp57, cp58, cp59, cp60, cp61, cp62, cp63 |
This command configures the forwarding class and profile marking for IP transport packets originating from this node.
ef for fc, in for profile
This command filters connections from unknown hosts. An unknown host is any host that is not configured as a remote host.
The no form of this command disables the filter.
no filter-unknown-host
This command creates the local host within the IP transport subservice.
The local host is required to accept TCP/UDP sessions initiated from far-end remote hosts, and for the node to initiate sessions towards the far-end remote hosts.
The no form of this command deletes the local host.
no local-host
This command creates a remote host within the IP transport subservice. Multiple remote hosts may be created in order to send serial raw socket IP transport data to multiple destinations. The create keyword must be used for each remote host that is created.
The no form of this command deletes the remote host.
no remote-host
This command configures a unique name for this remote host.
The no form of this command deletes the remote host name.
n/a
This command enables the context to configure TCP parameters within this IP transport subservice.
n/a
This command specifies how long to wait before disconnecting a TCP connection due to traffic inactivity over the connection.
30 s
This command specifies the number of times that a remote host, acting as a client, tries to establish a TCP connection after the initial attempt fails.
5
This command specifies how long to wait before each TCP max-retries attempt.
5 s
This command enables the context to configure MVPN-related parameters for the IP VPN.
This command enables MVPN membership auto-discovery through BGP. When auto-discovery is enabled, PIM peering on the inclusive provider tunnel is disabled. Changing the auto-discovery configuration requires a shutdown of this VPRN instance.
default
This command specifies BGP for PE-to-PE signaling of CE multicast states.
bgp
This command allows the restriction of an MVPN instance per PE node to a specific role. By default, an MVPN instance on a PE node assumes the role of a sender as well as a receiver. This creates a mesh of MDT/PMSI across all PE nodes from this PE.
This command provides an option to configure either a sender-only or receiver-only mode per PE node. Restricting the role of a PE node avoids creating a full mesh of MDT/PMSI across all PE nodes that are participating in the MVPN instance.
The no version of this command restores the default (sender-receiver).
sender-receiver
This command enables the context to configure tunnel parameters for the MVPN.
This command enables the context for specifying inclusive provider tunnels.
This command enables the use of an mLDP LSP for the provider tunnel.
no mldp
This command administratively disables or enables the use of an mLDP LSP for the provider tunnel.
no shutdown
This command enables the context to specify selective provider tunnel parameters.
n/a
This command specifies the interval, in seconds, before a PE router connected to the source switches traffic from the inclusive provider tunnel to the selective provider tunnel.
The no form of the command resets the value to the default.
3 s
This command specifies the data rate threshold that triggers the switch from the inclusive provider tunnel to the selective provider tunnel for (C-S, C-G) within the group range. Optionally, PE thresholds for creating or deleting NG-MVPN S-PMSI may also be specified. Omitting the PE thresholds preserves the currently set value (or defaults, if never set). Multiple statements (one per unique group) are allowed in the configuration.
The no form of the command removes the values from the configuration.
no data-threshold
c-grp-ip-addr | multicast group address a.b.c.d | ||
mask | 4 to 32 | ||
netmask | a.b.c.d (network bits all 1 and host bits all 0) |
This command specifies the maximum number of LDP point-to-multipoint S-PMSI tunnels for the MVPN. When the limit is reached, no more LDP point-to-multipoint S-PMSI tunnels are created and traffic over the data threshold will stay on I-PMSI.
10
This command specifies which upstream multicast hop (UMH) selection mechanism to use, highest IP address, hash-based, or preferred unicast route.
The no form of the command resets it back to the default.
umh-selection highest-ip
This command specifies the export policy (up to 15) to control MVPN routes exported from the local VRF to other VRFs on the same or remote PE routers.
vrf-export unicast
This command specifies the import policy (up to 15) to control MVPN routes imported to the local VRF from other VRFs on the same or remote PE routers.
vrf-import unicast
This command specifies the route target to be added to the advertised routes or compared against the received routes from other VRFs on the same or remote PE routers. The VRF import or VRF export policies override the VRF target policy.
The no form of the command removes the VRF target.
no vrf-target
target:{ip-address:comm-val | 2byte-asnumber:ext-comm-val | 4byte-asnumber:comm-val} | ||
ip-address: | a.b.c.d | |
comm-val: | 0 to 65535 | |
2byte-asnumber: | 0 to 65535 | |
ext-comm-val: | 0 to 4294967295 | |
4byte-asnumber | 0 to 4294967295 |
This command specifies communities to be sent to peers.
target:{ip-address:comm-val | 2byte-asnumber:ext-comm-val | 4byte-asnumber:comm-val} | ||
ip-address: | a.b.c.d | |
comm-val: | 0 to 65535 | |
2byte-asnumber: | 0 to 65535 | |
ext-comm-val: | 0 to 4294967295 | |
4byte-asnumber | 0 to 4294967295 |
This command specifies communities to be accepted from peers.
target:{ip-address:comm-val | 2byte-asnumber:ext-comm-val | 4byte-asnumber:comm-val} | ||
ip-address: | a.b.c.d | |
comm-val: | 0 to 65535 | |
2byte-asnumber: | 0 to 65535 | |
ext-comm-val: | 0 to 4294967295 | |
4byte-asnumber | 0 to 4294967295 |
This command enables a Multicast Source Discovery Protocol (MSDP) instance. When an MSDP instance is created, the protocol is enabled. To start or suspend execution of the MSDP protocol without affecting the configuration, use the [no] shutdown command.
For MSDP to function, at least one peer must be configured.
When MSDP is configured and started, an event message is generated.
Before the no form of the command is executed, all sessions are terminated and an event message is generated.
When all peering sessions are terminated, event messages are not generated for each peer.
The no form of the command deletes the MSDP instance, removing all associated configuration parameters.
no msdp
This command controls the maximum number of source-active (SA) messages that will be accepted by MSDP, which controls the number of active sources that can be stored on the system.
The no form of this command resets the SA message limit to its default operation.
no active-source-limit
This command configures a rendezvous point (RP) that uses MSDP to encapsulate multicast data received in MSDP register messages inside forwarded MSDP SA messages.
data-encapsulation
This command specifies the policies to export the SA state from the SA list into MSDP.
If multiple policy names are specified, the policies are evaluated in the order they are specified. A maximum of five policy names can be specified. The first policy that matches is applied. If multiple export commands are issued, the last command entered will override the previous command.
If you configure an export policy at the global level, each individual peer inherits the global policy. If you configure an export policy at the group level, each individual peer in a group inherits the group’s policy. If you configure an export policy at the peer level, the policy only applies to the peer where it is configured.
The no form of the command removes all policies from the configuration and all SA entries are allowed.
no export
This command enables access to the context to create or modify an MSDP group. To configure multiple MSDP groups, multiple group statements must be included in the configuration.
By default, the group’s parameter settings are inherited from the global MSDP parameter settings. To override the global settings, group-specific settings within the group can be configured.
If the specified group name is already configured, this command enables the context to configure or modify group-specific parameters.
If the specified group name is not already configured, this command creates the group and enables the context to configure the group-specific parameters.
For a group to be functional, at least one peer must be configured.
no group
This command specifies the policies to import the SA state from MSDP into the SA list.
If multiple policy names are specified, the policies are evaluated in the order they are specified. A maximum of five policy names can be specified. The first policy that matches is applied. If multiple import commands are issued, the last command entered will override the previous command.
If you configure an import policy at the global level, each individual peer inherits the global policy.
If you configure an import policy at the group level, each individual peer in a group inherits the group’s policy.
If you configure an import policy at the peer level, the policy only applies to the peer where it is configured.
The no form of the command removes all policies from the configuration and all SA messages are allowed.
no import
This command configures the local end of an MSDP session. For MSDP to function, at least one peer must be configured. When configuring a peer, you must include this local-address command. This address must be present on the node and is used to validate incoming connections to the peer and to establish connections to the remote peer.
When the address is configured, it is validated and will be used as the local address for MSDP peers from that point. If a subsequent local-address command is entered, it will replace the existing configuration and existing sessions will be terminated.
Similarly, when the no form of this command is entered, the existing local-address will be removed from the configuration and the existing sessions will be terminated.
Whenever a session is terminated, all information pertaining to and learned from that peer will be removed.
Whenever a new peering session is created or a peering session is lost, an event message is generated.
The no form of this command removes the local-address from the configuration.
no local-address
This command configures groups of peers either in non-meshed mode or in a full mesh topology to limit excessive flooding of SA messages to neighboring peers. When the mode is specified as mesh-group, SA messages received from a mesh group member are always accepted but are not flooded to other members of the same mesh group. These SA messages are only flooded to non-mesh-group peers or members of other mesh groups.
In a meshed configuration, all members of the group must have a peer connection with every other mesh group member. If this rule is not adhered to, unpredictable results may occur.
standard
This command configures an MSDP peer or MDSP group peer. MSDP must have at least one peer configured. A peer is defined by configuring a local-address that is used by the local node to set up a peering session and by configuring the address of a remote MSDP router. It is the address of this remote peer that is configured with this command.
After peer relationships are established, the MSDP peers exchange messages to advertise active multicast sources. If multiple peering sessions are required, multiple peer statements should be included in the configuration.
By default, the parameters applied to a peer are inherited from the global or group level. To override these inherited settings, the parameters must be configured at the peer level.
If the specified peer address is already a configured peer, this command enables the context to configure or modify the peer-specific parameters.
If the specified peer address is not already a configured peer, this command creates the peer instance and enables the context to configure the peer-specific parameters.
The peer address is validated and, if valid, will be used as the remote address for an MSDP peering session.
When the no form of this command is entered, the existing peering address is removed from the configuration and the existing session is terminated. Whenever a session is terminated, all SA information pertaining to and learned from that peer is removed. Whenever a new peering session is created or a peering session is lost, an event message is generated.
n/a
This command configures a Message Digest 5 (MD5) authentication key to be used with a specific MSDP peering session. The authentication key must be configured per peer; therefore, no global or group configuration is possible.
Using the no form of the command accepts all MSDP messages and disables the MD5 signature option authentication key.
no authentication-key
This parameter is useful when a user must configure the parameter, but for security purposes, the actual unencrypted key value is not provided.
This command enables the default peer mechanism, where a peer can be selected as the default MSDP peer. As a result, all SA messages from the peer will be accepted without the usual peer reverse path forwarding (RPF) check.
The MSDP peer-RPF check is different from the normal multicast RPF checks. The peer-RPF check is used to stop SA messages from looping. A router validates SA messages originated from other routers in a deterministic fashion.
A set of rules is applied to validate received SA messages, and the first rule that applies determines the peer-RPF neighbor. All SA messages from other routers are rejected. The following rules are applied to SA messages originating at router_S and received at router_R from router_N.
When the no form the command is issued, no default peer is established and all SA messages are RPF checked.
no default-peer
This command limits the number of MSDP messages that are read from the TCP session to prevent an MSDP RP router from receiving a large number of MSDP message packets in an SA message.
After the number of MSDP packets (including SA messages) defined by the threshold number have been processed, all other MSDP packets are rate-limited. Messages from the TCP session are no longer accepted until the configured interval seconds has elapsed. Setting the threshold is useful during at system startup and initialization. No limit is placed on the number of MSDP and SA messages that will be accepted.
The no form of this command resets the message limit to its default operation.
n/a
This command configures the sequence of route tables used to find an RPF interface for a particular multicast route.
By default, only the unicast route table is looked up to calculate an RPF interface towards the source/rendezvous point. However, the operator can specify one of the following options:
rtable-u
This command configures the timeout value for the SA entries in the cache. If these entries are not refreshed within the timeout value, they are removed from the cache. Normally, the entries are refreshed at least once a minute. However, under high load with many MSDP peers, the refresh cycle could be incomplete. A higher timeout value (more than 90 seconds) could be useful to prevent instabilities in the MSDP cache.
90
This command configures an MSDP source.
If the specified prefix and mask is already configured, this command enables the context to configure or modify the source-specific parameters.
If the specified prefix and mask is not already configured, this command creates the source node instance and enables the context to configure the source-specific parameters.
The SA msdp messages are not rate-limited based on the source address range.
The no form of this command removes the sources in the address range.
n/a
This command enables the context to configure router advertisement properties for all VPRN IPv6-enabled interfaces. By default, the command is disabled for all IPv6-enabled interfaces.
The no form of the command disables router advertisement on all IPv6 interfaces.
no router-advertisement
This command configures router advertisement properties on a specified interface. The interface name must already exist in the config>service>vprn>interface context.
The no form of the command disables router advertisement on the specified router interface.
n/a
This command configures the current hop limit in the router advertisement messages. It informs the nodes on the subnet about the hop limit when originating IPv6 packets.
64
This command sets the managed address configuration flag. This flag indicates that DHCPv6 is available for address configuration in addition to any address autoconfigured using stateless address autoconfiguration.
no managed-configuration
This command configures the maximum interval between sending router advertisement messages.
600
This command configures the minimum interval between sending ICMPv6 router advertisement messages.
200
This command configures the MTU for the nodes to use when sending packets on the link.
The no form of the command means that the MTU option is not sent in the router advertisement messages.
no mtu
This command sets the “Other configuration” flag. This flag indicates that DHCPv6lite is available for autoconfiguration of other (non-address) information such as DNS-related information or information on other servers in the network.
no other-stateful configuration
This command configures an IPv6 prefix in the router advertisement messages. To support multiple IPv6 prefixes, use multiple prefix statements. No prefix is advertised until it is explicitly configured using prefix statements.
n/a
This command specifies whether the prefix can be used for stateless address autoconfiguration.
autonomous
This command specifies whether the prefix can be used for on-link determination.
on-link
This command configures the time that this prefix will continue to be preferred. The address generated from a prefix that is no longer preferred should not be used as a source address in new communications. However, packets received on such an interface are processed as expected.
604800
This command specifies the length of time, in seconds, that the prefix is valid for the purpose of onlink determination. The address generated from an invalidated prefix should not appear as the destination or source address of a packet.
2592000
This command configures how long the router should be considered reachable by other nodes on the link after receiving a reachability confirmation.
no reachable-time
This command configures the retransmission frequency of neighbor solicitation messages.
no retransmit-time
This command configures the router lifetime.
no router-lifetime
This command enables the sending of router advertisement messages using the VRRP virtual MAC address, provided that the virtual router is currently the master.
If the virtual router is not the master, no router advertisement messages are sent.
The no form of the command disables the sending of router advertisement messages.
no use-virtual-mac
For complete descriptions of all local DHCP and DHCPv6 server commands, refer to the Router Configuration Guide, “Local DHCP and DHCPv6 Server Commands”.
This command creates a local DHCP or DHCPv6 server instance. A local DHCP or DHCPv6 server can serve multiple interfaces but is limited to the routing context in which it was created.
The no form of the command removes the local DHCP or DHCPv6 server instance.
n/a
This command creates a logical IP routing interface for a Virtual Private Routed Network (VPRN). Once created, attributes such as an IP address and a service access point (SAP) can be associated with the IP interface.
The interface command, under the context of services, is used to create and maintain IP routing interfaces within VPRN service IDs. The interface command can be executed in the context of a VPRN service ID. The IP interface created is associated with the VPRN service routing instance and VPRN service routing table.
Interface names are case-sensitive and must be unique within the group of defined IP interfaces defined for config router interface and config service vprn interface. Interface names must not be in the dotted-decimal notation of an IP address. For example, the name “1.1.1.1” is not allowed, but “int-1.1.1.1” is allowed. Show commands for router interfaces use either interface names or the IP addresses. Use unique IP address values and IP address names to maintain clarity. It could be unclear to the user if the same IP address and IP address name values are used. Although not recommended, duplicate interface names can exist in different router instances.
When a new name is entered, a new logical router interface is created. When an existing interface name is entered, the user enters the router interface context for editing and configuration.
There are no default IP interface names defined within the system. All VPRN IP interfaces must be explicitly defined. Interfaces are created in an enabled state.
The no form of this command removes the interface and all the associated configurations. The interface must be administratively shut down before issuing the no interface command.
This command assigns an IP address, IP subnet, and broadcast address format to a VPRN IP router interface.
An IP address must be assigned to each VPRN IP interface. An IP address and a mask are used together to create a local IP prefix. The defined IP prefix must be unique within the context of the routing instance. It cannot overlap with other existing IP prefixes defined as local subnets on other IP interfaces in the same routing context within the 7705 SAR.
The IP address for the interface can be entered in either CIDR (Classless Inter-Domain Routing) or traditional dotted-decimal notation. The show commands display CIDR notation, which is stored in configuration files.
By default, no IP address or subnet association exists on an IP interface until it is explicitly created.
Use the no form of this command to remove the IP address assignment from the IP interface. When the no address command is entered, the interface becomes operationally down, as shown in Table 133.
Address | Administrative State | Operational State |
No address | Up | Down |
No address | Down | Down |
1.1.1.1 | Up | Up |
1.1.1.1 | Down | Down |
The operational state is a read-only variable, and the only controlling variables are the address and administrative states. The address and administrative states are independent and can be set independently. If an interface is in an administratively up state and an address is assigned, it becomes operationally up and the protocol interfaces and the MPLS LSPs associated with that IP interface will be reinitialized.
The broadcast format on an IP interface can be specified when the IP address is assigned or changed.
This parameter does not affect the type of broadcasts that can be received by the IP interface. A host sending either the local broadcast (all-ones) or the valid subnet broadcast address (host-ones) will be received by the IP interface.
The broadcast parameter within the address command does not have a negation feature, which is usually used to revert a parameter to the default value. To change the broadcast type to host-ones after being changed to all-ones, the address command must be executed with the broadcast parameter defined.
This command controls the forwarding of directed broadcasts out of the IP interface.
A directed broadcast is a packet received on a local router interface destined for the subnet broadcast address on another IP interface. The allow-directed-broadcasts command on an IP interface enables or disables the transmission of packets destined for the subnet broadcast address of the egress IP interface.
When enabled, a frame destined for the local subnet on this IP interface will be sent as a subnet broadcast out this interface. Care should be exercised when allowing directed broadcasts as it is a well-known mechanism used for denial-of-service attacks.
When disabled, directed broadcast packets discarded at this egress IP interface will be counted in the normal discard counters for the egress SAP.
By default, directed broadcasts are not allowed and will be discarded at this egress IP interface.
The no form of this command disables the forwarding of directed broadcasts out of the IP interface.
no allow-directed-broadcasts
This command specifies the length of time, in 100s of milliseconds, that the system waits before reissuing a failed ARP request.
The no form of the command resets the interval to the default value.
Note: The ARP retry default value of 5000 ms is intended to protect CPU cycles on the 7705 SAR, especially when it has a large number of interfaces. Configuring the ARP retry timer to a value shorter than the default should be done only on mission-critical links, such as uplinks or aggregate spoke SDPs transporting mobile traffic; otherwise, the retry interval should be left at the default value. |
50 (in 100s of ms)
This command configures the minimum time, in seconds, that an ARP entry learned on the IP interface will be stored in the ARP table. ARP entries are automatically refreshed when an ARP request or gratuitous ARP is seen from an IP host; otherwise, the ARP entry is aged from the ARP table. If arp-timeout is set to a value of 0 s, ARP aging is disabled.
The no form of this command restores arp-timeout to the default value.
14400 s
This command specifies the BFD parameters for the associated IP interface. If no parameters are defined, the default values are used.
The multiplier specifies the number of consecutive BFD messages that must be missed from the peer before the BFD session state is changed to down. In addition, the Route Table Manager (RTM) is notified and the static routes with BFD enabled will go down, based on BFD status.
The no form of the command removes BFD from the associated IGP protocol adjacency.
no bfd
Note: The BFD session must be disabled before the type np parameter can be changed. The type np parameter is only supported on VPRN services for SAPs. |
This command enables the context to configure Cflowd parameters for the specified IP interface.
Cflowd is used for network planning and traffic engineering, capacity planning, security, application and user profiling, performance monitoring, usage-based billing, and SLA measurement.
n/a
This command configures the Cflowd sampling behavior to collect traffic flow samples through a router for analysis.
This command can be used to configure the sampling parameters for unicast and multicast traffic separately.
If Cflowd sampling is enabled with no direction parameter specified, ingress-only sampling is enabled by default.
The no form of the command disables the specified type of traffic sampling on the interface.
no sampling unicast
no sampling multicast
This command configures the IP maximum transmit unit (packet) for this interface.
The default value is derived from the port MTU.
The no form of the command returns the default value.
no ip-mtu — uses the value derived from the port MTU
This command allows access to the Internet Protocol Control Protocol (IPCP) context within the interface configuration. Within this context, IPCP extensions can be configured to define such things as the remote IP address and DNS IP address to be signaled via IPCP on the associated PPP interface.
This command is only applicable if the associated SAP/port is a PPP/MLPPP interface.
n/a
This command defines the DNS addresses to be assigned to the far end of the associated PPP/MLPPP link via IPCP extensions.
This command is only applicable if the associated SAP/port is a PPP/MLPPP interface with an IPCP encapsulation.
The no form of the command deletes the specified primary DNS address, the secondary DNS address, or both addresses from the IPCP extension peer-ip-address configuration.
no dns
This command defines the remote IP address to be assigned to the far end of the associated PPP/ MLPPP link via IPCP extensions.
This command is only applicable if the associated SAP/port is a PPP/MLPPP interface with an IPCP encapsulation.
The interface must be shut down to modify the IPCP configuration.
The no form of the command deletes the IPCP extension peer-ip-address configuration.
no peer-ip-address (0.0.0.0)
This command enables the context to configure load balancing hashing options on the interface. The options enabled at the interface level overwrite parallel system-level configurations.
n/a
This command configures Layer 4 load balancing at the interface level. Configuration must be done on the ingress network interface (that is, the interface on the node that the packet is received on). When enabled, Layer 4 source and destination port fields of incoming TCP/UDP packets are included in the hashing calculation to randomly determine the distribution of packets.
You can add additional fields to generate more randomness and more equal distribution of packets with the teid-load-balancing command.
The default configuration on the interface is to match the Layer 4 load-balancing configuration in the config>system context. Using this command to modify Layer 4 load-balancing configuration on an interface overrides the system-wide load-balancing settings for that interface.
This command enables use of the SPI in hashing for ESP/AH encrypted IPv4or IPv6 traffic at the interface level.
The no form of this command disables SPI hashing.
no spi-load-balancing
This command configures TEID load balancing at the interface level. Configuration must be done on the ingress network interface (that is, the interface on the node that the packet is received on). The TEID attribute is included in the header of GTP (general packet radio system tunneling protocol) packets. When TEID load balancing is enabled, the TEID field of incoming TCP/UDP packets is included in the hashing calculation to randomly determine the distribution of packets.
You can add additional fields to generate more randomness and more equal distribution of packets with the l4-load-balancing command.
no teid-load-balancing
This command associates the interface with a local DHCP server configured on the system. A routed VPLS interface may not be associated with a local DHCP server.
The no form of the command removes the association of the interface with the local DHCP server.
none
This command enables local proxy ARP on the interface.
Local proxy ARP allows the 7705 SAR to respond to ARP requests received on an interface for an IP address that is part of a subnet assigned to the interface. The router responds to all requests for IP addresses within the subnet with its own MAC address and forwards all traffic between the hosts in the subnet.
Local proxy ARP is used on subnets where hosts are prevented from communicating directly.
When local-proxy-arp is enabled, ICMP redirects on the ports associated with the service are automatically blocked.
no local-proxy-arp
This command specifies that the interface is a loopback interface that has no associated physical interface. If this command is enabled, a SAP cannot be defined on the interface.
no loopback
This command assigns a specific MAC address to a VPRN IP interface.
The no form of this command returns the MAC address of the IP interface to the default value.
the physical MAC address associated with the Ethernet interface that the SAP is configured on
This command enables multicast address translation on the 7705 SAR that is the translator router for unicast-to-multicast or multicast-to-multicast translation.
When enabled for unicast-to-multicast translation, the 7705 SAR will try to find the source and destination address of the packet in the unicast-to-multicast translation table. If the source and destination address is not found, the packet is processed as a regular IP packet. To disable unicast-to-multicast translation, all entries must be removed from the translation table and then the command must be set to no multicast-translation.
When enabled for multicast-to-multicast translation, the static group configuration is used for multicast PDUs that arrive on the node and are to be translated via the translation table. If the command is enabled and an arriving PDU does not match an entry in the translation table, the multicast PDU is dropped. If the (S,G) arrives from another interface via a dynamic protocol while this command is enabled, the interface that the dynamic (S,G) arrived from will be added as an outgoing interface but it will not forward traffic. Only the outgoing loopback interface on the translation router will forward the translated PDU.
For multicast-to-multicast translation, if this command is not enabled, the node will function as a leaf for the static group configuration.To disable multicast-to-multicast translation, the interface must be shut down before the no version of this command is issued.
no multicast-translation
This command enables proxy ARP on the interface and specifies an existing policy statement that controls the flow of routing information by analyzing match and action criteria. The policy statement is configured in the config>router>policy-options context (refer to the 7705 SAR Router Configuration Guide, “Route Policy Command Reference, Route Policy Options”). When proxy ARP is enabled, the 7705 SAR responds to ARP requests on behalf of another device.
no proxy-arp-policy
This command enables remote proxy ARP on the interface, allowing a router on one network to respond to ARP requests intended for another node that is physically located on another network. The router effectively pretends to be the destination node by sending an ARP response to the originating node that associates the router’s MAC address with the destination node’s IP address (acts as a proxy for the destination node). The router then takes responsibility for routing traffic to the real destination.
no remote-proxy-arp
This command assigns an secondary IP address, IP subnet, and broadcast address format to the interface.
no secondary
The broadcast format on an IP interface can be specified when the IP address is assigned or changed.
This parameter does not affect the type of broadcasts that can be received by the IP interface. A host sending either the local broadcast (all-ones) or the valid subnet broadcast address (host-ones) will be received by the IP interface.
The broadcast parameter within the secondary command does not have a negation feature, which is usually used to revert a parameter to the default value. To change the broadcast type to host-ones after being changed to all-ones, the secondary command must be executed with the broadcast parameter defined.
This command configures a static address resolution protocol (ARP) entry associating a subscriber IP address with a MAC address for the core router instance. This static ARP will appear in the core routing ARP table. A static ARP can only be configured if it exists on the network attached to the IP interface. If an entry for a particular IP address already exists and a new MAC address is configured for the IP address, the existing MAC address will be replaced with the new MAC address.
Static ARP is used when a 7705 SAR needs to know about a device on an interface that cannot or does not respond to ARP requests. Therefore, the 7705 SAR configuration can specify to send a packet with a particular IP address to the corresponding ARP address.
The no form of the command removes a static ARP entry.
n/a
This command configures the maximum segment size (MSS) in a TCP SYN or SYN-ACK packet during the establishment of a TCP connection. A tcp-mss value can be specified on an ingress interface, egress interface, or both. When configured on two interfaces, the smaller of the two values is used. If the TCP SYN packet has no TCP MSS field, the 7705 SAR assigns it the MSS value configured on the interface and recalculates the IP checksum. If the TCP SYN or SYN-ACK packet has an MSS field and the value is greater than the value configured on the interface, the 7705 SAR overwrites the packet MSS value with the lower value. If the MSS value is less than the value configured on the interface, the packet MSS value does not change.
This command is supported on interfaces with IPv4 and IPv6 traffic, and a different MSS value can be configured for the IPv4 and IPv6 interfaces. This command is supported on IPSec private interfaces in a VPRN.
no tcp-mss
This command configures an IP interface as an unnumbered interface and specifies an IP address or interface name to be used for the interface. Unnumbered interfaces are point-to-point interfaces that are not explicitly configured with a dedicated IP address and subnet; instead, they borrow (or link to) an IP address from another interface on the system (the system IP address, another loopback interface, or any other numbered interface) and use it as the source IP address for packets originating from the interface.
By default, no IP address exists on an IP interface until it is explicitly created.
The no form of the command removes the IP address assignment from the IP interface.
no unnumbered
This command enables the context to configure parameters for a VPRN IPv6 interface.
This command assigns an address to the IPv6 interface.
This command enables the context to configure DHCPv6 relay parameters for the interface.
The no form of the command disables DHCPv6 relay.
This command enables the context to configure DHCPv6 relay information options.
The no form of the command disables DHCPv6 relay information options.
This command enables the sending of interface ID options in the DHCPv6 relay packet.
The no form of the command disables the sending of interface ID options in the DHCPv6 relay packet.
This command enables the sending of the remote ID option in the DHCPv6 relay packet.
The client DHCP Unique Identifier (DUID) is used as the remote ID.
The no form of the command disables the sending of remote ID option in the DHCPv6 relay packet.
This command configures an IPv6 address to the DHCPv6 server.
The no form of the command disables the specified IPv6 address.
This command assigns the source IPv6 address of the DHCPv6 relay messages.
The no form of the command disables the specified IPv6 address.
This command enables the context to configure DHCPv6 server parameters for the VPRN interface.
The no form of the command disables the DHCPv6 server.
This command configures the maximum number of lease states installed by the DHCPv6 server function allowed on this interface.
The no form of the command returns the value to the default.
8000
This command configures prefix delegation options for delegating a long-lived prefix from a delegating router to a requesting router, where the delegating router does not require knowledge about the topology of the links in the network to which the prefixes will be assigned.
The no form of the command disables prefix delegation.
This command specifies the IPv6 prefix that is delegated by the system.
This command configures the DHCP Unique Identifier (DUID) of the DHCPv6 server client.
This command configures the IPv6 prefix preferred lifetime. The preferred-lifetime value cannot be larger than the valid-lifetime value.
The no form of the command reverts to the default value.
604800 seconds (7 days)
This command configures the time, in seconds, that the prefix is valid.
The no form of the command reverts to the default value.
2592000 seconds (30 days)
This command configures ICMPv6 parameters for the interface.
This command specifies whether, and how often, “packet-too-big” ICMPv6 messages should be sent. When enabled, ICMPv6 “packet-too-big” messages are generated by this interface.
The no form of the command disables the sending of ICMPv6 “packet-too-big” messages.
100 10
This command specifies whether, and how often, “parameter-problem” ICMPv6 messages should be sent. When enabled, “parameter-problem” ICMPv6 messages are generated by this interface.
The no form of the command disables the sending of “parameter-problem” ICMPv6 messages.
100 10
This command specifies whether, and how often, “time-exceeded” ICMPv6 messages should be sent. When enabled, ICMPv6 “time-exceeded” messages are generated by this interface.
100 10
This command specifies whether, and how often, ICMPv6 host and network destination unreachable messages are generated by this interface.
100 10
This command configures the IPv6 link-local address.
The no form of the command removes the configured link-local address, and the router automatically generates a default link-local address.
Removing a manually configured link-local address may impact routing protocols that have a dependency on that address.
n/a
This command configures IPv6-to-MAC address mapping on the interface.
n/a
This command specifies the time that an IPv6 neighbor remains in a reachable state.
no reachable-time
This command specifies the time that an IPv6 neighbor cache entry remains in a stale state. When the specified time elapses, the system removes the neighbor cache entry.
no stale-time
This command enables the context to configure DHCP parameters.
This command configures the gateway interface address for the DHCP Relay Agent. By default, the GIADDR used in the relayed DHCP packet is the primary address of an interface. Specifying the GIADDR allows the user to choose a secondary address.
no gi-address
This command enables DHCP Option 82 (Relay Agent Information Option) parameters processing and enters the context for configuring Option 82 suboptions.
The no form of this command returns the system to the default.
no option
This command configures the processing required when the 7705 SAR receives a DHCP request that already has a Relay Agent Information Option (Option 82) field in the packet.
The no form of this command returns the system to the default value.
keep—(as per RFC 3046, DHCP Relay Agent Information Option, section 2.1.1, Reforwarded DHCP requests, the default is to keep the existing information intact. The exception to this occurs if the gi-addr (gateway interface address) of the received packet is the same as the ingress address on the router. In this case, the packet is dropped and an error is logged.)
The behavior is slightly different in the case of Vendor Specific Options (VSOs). When the keep parameter is specified, the router will insert its own VSO into the Option 82 field. This will only be done when the incoming message has an Option 82 field already.
If no Option 82 field is present, the router will not create the Option 82 field. In this case, no VSO will be added to the message.
This command sends either an ASCII tuple or the interface index (If Index) on the specified SAP ID in the circuit-id suboption of the DHCP packet. The If Index of a router interface can be displayed using the command show>router>interface> detail. This option specifies data that must be unique to the router that is relaying the circuit.
If disabled, the circuit-id suboption of the DHCP packet is left empty.
The no form of this command returns the system to the default.
ascii-tuple
This command sends the MAC address of the remote end (typically, the DHCP client) in the remote-id suboption of the DHCP packet. This command identifies the host at the other end of the circuit. If disabled, the remote-id suboption of the DHCP packet will be left empty.
The no form of this command returns the system to the default.
remote-id
This command enables the Nokia vendor-specific suboption of the DHCP relay packet and enters the context for configuring the vendor-specific suboptions.
This command enables the sending of the MAC address in the Nokia vendor-specific suboption of the DHCP relay packet.
The no form of the command disables the sending of the MAC address in the Nokia vendor- specific suboption of the DHCP relay packet.
no client-mac-address
This command enables the sending of the SAP ID in the Nokiat vendor-specific suboption of the DHCP relay packet.
The no form of the command disables the sending of the SAP ID in the Nokia vendor-specific suboption of the DHCP relay packet.
no sap-id
This command enables the sending of the service ID in the Nokia vendor-specific suboption of the DHCP relay packet.
The no form of the command disables the sending of the service ID in the Nokia vendor- specific suboption of the DHCP relay packet.
no service-id
This command specifies the vendor-specific suboption string of the DHCP relay packet.
The no form of the command returns the default value.
no string
This command specifies whether the system ID is encoded in the Nokia vendor-specific suboption of Option 82.
n/a
This command specifies a list of servers where requests will be forwarded. The list of servers can be entered as either IP addresses or fully qualified domain names. There must be at least one server specified for DHCP Relay to work. If there are multiple servers specified, the request is forwarded to all of the servers in the list. There can be a maximum of 8 DHCP servers configured.
no server
This command enables or disables trusted mode on an IP interface.
According to RFC 3046, DHCP Relay Agent Information Option, a DHCP request where the gi-addr (gateway interface address) is 0.0.0.0 and which contains an Option 82 field in the packet, should be discarded, unless it arrives on a “trusted” circuit.
If trusted mode is enabled on an IP interface, the relay agent (the 7705 SAR) will modify the request gi-addr to be equal to the ingress interface and forward the request.
This behavior only applies when the action in the Relay Agent Information Option is “keep”.
In the case where the Option 82 field is being replaced by the relay agent (action = “replace”), the original Option 82 information is lost. Thus, in this case, there is no reason for enabling the trusted option.
The no form of this command returns the system to the default.
no trusted
This command configures Internet Control Message Protocol (ICMP) parameters on a VPRN service and enters the context for configuring ICMP.
This command enables responses to ICMP mask requests on the router interface.
If a local node sends an ICMP mask request to the router interface, the mask-reply command configures the router interface to reply to the request.
By default, the router instance will reply to mask requests.
The no form of this command disables replies to ICMP mask requests on the router interface.
mask-reply
This command configures the rate at which ICMP TTL-expired messages are issued by the IP interface.
By default, generation of ICMP TTL-expired messages is enabled at a maximum rate of 100 per 10-s time interval.
The no form of this command disables limiting the rate of TTL-expired messages on the router interface.
ttl-expired 100 10
This command enables and configures the rate of ICMP host and network destination unreachable messages issued on the router interface.
The unreachables command enables the generation of ICMP destination unreachables on the router interface. The rate at which ICMP unreachables is issued can be controlled with the number and seconds parameters by indicating the maximum number of destination unreachable messages that can be issued on the interface for a given time interval.
By default, generation of ICMP destination unreachable messages is enabled at a maximum rate of 100 per 10-s time interval.
The no form of this command disables the generation of ICMP destination unreachable messages on the router interface.
unreachables 100 10
This command creates a Service Access Point (SAP) within a service when used with the create keyword. The create keyword is not needed when entering an existing SAP to edit SAP parameters.
A SAP is a combination of port and encapsulation parameters that identify the service access point on the interface and within the 7705 SAR. Each SAP must be unique.
All SAPs must be explicitly created. If no SAPs are created within a service or on an IP interface, a SAP will not exist on that object.
The SAP is owned by the service in which it was created.
A SAP can only be associated with a single service. A SAP can only be defined on a port that has been configured as an access port using the config interface port-type port-id mode access command. Channelized TDM ports are always access ports.
If a port is shut down with the shutdown command, all SAPs on that port become operationally down. When a service is shut down, SAPs for the service are not displayed as operationally down although all traffic traversing the service will be discarded. The operational state of a SAP is relative to the operational state of the port on which the SAP is defined.
To configure a VPRN interface SAP that is used for a private IPSec tunnel interface, see sap in Service Interface Tunnel Commands.
If the VPRN interface has been configured as a loopback interface with the loopback command, a SAP cannot be defined on the interface.
The no form of this command deletes the SAP with the specified port. When a SAP is deleted, all configuration parameters for the SAP will also be deleted.
no SAPs are defined
This command creates the accounting policy context that can be applied to an interface SAP.
An accounting policy must be defined before it can be associated with a SAP. Accounting policies are configured in the config log context. A maximum of one accounting policy can be associated with a SAP at one time.
If the acct-policy-id does not exist, an error message is generated.
The no form of this command removes the accounting policy association from the SAP, and the accounting policy reverts to the default.
no accounting policy
This command enables accounting and statistical data collection for either an interface SAP or network port. When applying accounting policies, the data, by default, is collected in the appropriate records and written to the designated billing file.
When the no collect-stats command is issued, the statistics are still accumulated. However, the CPU will not obtain the results and write them to the billing file. If a subsequent collect-stats command is issued, then the counters written to the billing file include all the traffic while the no collect-stats command was in effect.
collect-stats
This command enables the context to configure egress SAP QoS policies and filter policies.
If no sap-egress QoS policy is defined, the system default sap-egress QoS policy is used for egress processing. If no egress filter policy is defined, no filtering is performed.
This command enables the context to configure ingress SAP QoS policies and filter policies.
If no sap-ingress QoS policy is defined, the system default sap-ingress QoS policy is used for ingress processing. If no ingress filter policy is defined, no filtering is performed.
This command sets the aggregate rate limits (PIR and CIR) for the SAP. The agg-rate sets the PIR value. The cir-rate sets the CIR value. When aggregate rate limits are configured on a second-generation (Gen-2) Ethernet adapter card, the scheduler mode must be set to 16-priority. On a third-generation (Gen-3) Ethernet adapter card, the scheduler mode is always 4-priority. For information on adapter card generations, refer to the “Evolution of Ethernet Adapter Cards, Modules, and Platforms” section in the 7705 SAR Interface Configuration Guide.
Configuring the cir-rate is optional. If a cir-rate is not entered, then the cir-rate is set to its default value (0 kb/s). If a cir-rate has been set and the agg-rate is changed without re-entering the cir-rate, the cir-rate automatically resets to 0 kb/s. For example, to change the agg-rate from 2000 to 1500 while maintaining a cir-rate of 500, use the command agg-rate-limit 1500 cir 500.
If the specified SAP is a LAG SAP, then agg-rate and cir-rate can be configured regardless of the scheduler mode setting on Gen-2 or Gen-3 hardware—it is not configurable if one of the ports configured in the LAG SAP is on Gen-1 hardware. If the active port is on a Gen-3 card or platform, then agg-rate and cir-rate are applicable. If the active port is on a Gen-2 card or platform, then agg-rate and cir-rate apply when the scheduler mode is set to 16-priority. If the active port is on a Gen-1 card, then agg-rate and cir-rate are not applicable. For details on the behavior of a mix-and-match LAG SAP, refer to the “LAG Support on Third-Generation Ethernet Adapter Cards, Ports, and Platforms” and “Network LAG Traffic Management” sections in the 7705 SAR Interface Configuration Guide.
Note: Starting with Release 7.0.R6, schedulers on Gen-3 adapter cards and platforms have been updated to better align with the scheduling behavior supported on the other 7705 SAR adapter cards and platforms. The updated scheduler mode is called “4-priority” scheduler-mode throughout the CLI. Prior to Release 7.0.R6, the CLI designation was “4-priority-hqos”. In the updated mode of operation, arbitration among different flows at the second-tier aggregate (per-SAP or per-VLAN) and third-tier aggregate (per-customer (MSS)) levels are carried out in a round-robin manner, scheduling cir-rate first from the shapers, followed by the pir-rate. |
Caution: Any Gen-3 adapter card or platform running Release 7.0.R6 or later software uses 4-priority scheduling instead of 4-priority-hqos scheduling, which was supported previously. The migration of scheduler mode is automatic with an upgrade and there is no operator action required. As part of the migration, all CIR values at second-tier (per-SAP and per-VLAN) and third-tier (per-customer (MSS)) aggregate shaper levels are set to zero. Operators must exercise caution when performing an upgrade to Release 7.0.R6 or later from a previous Release 7.0 version, and must adjust the affected CIR values in accordance with the needs of their applications as soon as possible. |
The no form of the command sets the agg-rate to the maximum and the cir-rate to 0 kb/s.
no agg-rate-limit
This command associates an IPv4 or IPv6 filter policy with an ingress or egress SAP or IP interface. Filter policies control the forwarding and dropping of packets based on IP matching criteria.
The filter command is used to associate a filter policy with a specified ip-filter-id or ipv6-filter-id with an ingress or egress SAP. The ip-filter-id or ipv6-filter-id must already be defined before the filter command is executed. If the filter policy does not exist, the operation will fail and an error message will be returned.
Only one filter ID can be assigned to an interface unless the interface is dual-stack (supports both IPv4 and IPv6). A dual-stack interface can have one IPv4 and one IPv6 filter ID assigned to it.
In general, filters applied to SAPs apply to all packets on the SAP. One exception is that IP match criteria are not applied to non-IP packets, in which case the default action in the filter policy applies to these packets.
The no form of this command removes any configured filter ID association with the SAP or IP interface. The filter ID is not removed from the system unless the scope of the created filter is set to local. To avoid deletion of the filter ID and only break the association with the service object, use the scope command within the filter definition to change the scope to local or global. The default scope of a filter is local.
This command specifies which dot1q tag position (top or bottom) in a qinq-encapsulated packet should be used when QoS evaluates dot1p classification.
The no form of the command restores the default dot1p evaluation behavior for the SAP, which means that the inner (bottom) tag (second tag) dot1p bits are used for classification.
By default, the dot1p bits from the inner tag service-delineating dot1q tag are used.
Table 134 shows which set of dot1p bits are used for QoS purposes when match-qinq-dot1p is configured. To use the table, find the row that represents the settings for Port/SAP Type and Match-QinQ-Dot1q Setting. Use the Existing Packet Tags column to identify which dot1q tags are available in the packet. Then use the P-bits Used for Match column to identify which dot1q tag contains the dot1p bits that are used for QoS dot1p classification.
no match-qinq-dot1p
Port/ SAP Type | Match-QinQ-Dot1p Setting 1 | Existing Packet Tags | P-bits Used for Match |
Null | n/a | None | None |
Null | n/a | Dot1p (VLAN ID 0) | None 2 |
Null | n/a | Dot1q | None 2 |
Null | n/a | TopQ BottomQ | None 2 |
Dot1q | n/a | None | None |
Dot1q | n/a | Dot1p (default SAP VLAN ID 0) | Dot1p P-bits |
Dot1q | n/a | Dot1q | Dot1q P-bits |
QinQ/ X.Y | Top | TopQ BottomQ | TopQ P-bits |
QinQ/ X.Y | Default or Bottom | TopQ BottomQ | BottomQ P-bits |
QinQ/ X.0 | Top | TopQ | TopQ P-bits |
QinQ/ X.0 | Default or Bottom | TopQ | TopQ P-bits |
QinQ/ X.0 | Top | TopQ BottomQ | TopQ P-bits |
QinQ/ X.0 | Default or Bottom | TopQ BottomQ | BottomQ P-bits |
QinQ/ X.* | Top | TopQ | TopQ P-bits |
QinQ/ X.* | Default or Bottom | TopQ | TopQ P-bits |
QinQ/ X.* | Top | TopQ BottomQ | TopQ P-bits |
QinQ/ X.* | Default or Bottom | TopQ BottomQ | BottomQ P-bits |
QinQ/ 0.* | Top | None | None |
QinQ/ 0.* | Default or Bottom | None | None |
QinQ/ 0.* | Top | TopQ | TopQ P-bits |
QinQ/ 0.* | Default or Bottom | TopQ | TopQ P-bits |
QinQ/ 0.* | Top | TopQ BottomQ | TopQ P-bits |
QinQ/ 0.* | Default or Bottom | TopQ BottomQ | BottomQ P-bits |
QinQ/ *.* | Top | None | None |
QinQ/ *.* | Default or Bottom | None | None |
QinQ/ *.* | Top | TopQ | TopQ P-bits |
QinQ/ *.* | Default or Bottom | TopQ | TopQ P-bits |
QinQ/ *.* | Top | TopQ BottomQ | TopQ P-bits |
QinQ/ *.* | Default or Bottom | TopQ BottomQ | BottomQ P-bits |
Notes:
When enabled, the qinq-mark-top-only command specifies which P-bits to mark during packet egress. When disabled, both sets of P-bits are marked. When enabled, only the P-bits in the top Q-tag are marked. The no form of the command is the default state (disabled).
Table 135 shows the dot1p remarking behavior for different egress port type/SAP type combinations and qinq-mark-top-only state, where “False” represents the default (disabled) state.
If a new tag is pushed, the dot1p bits of the new tag will be zero (unless the new tag is re-marked by the egress policy. The dot1p bits are configured using the dot1p parameter under the config>qos context.
Egress Port Type/SAP Type | QinQ-mark-top-only State | Egress P-Bits Marked or Re-marked |
Null 1 | n/a | None |
Dot1q/ X 1 | n/a | Outer tag |
Dot1q/ * 2 | n/a | None |
Dot1q/ 0 2 | n/a | Outer tag |
QinQ/ X.Y 1 | False | Two outer tags 3 |
True | Outer tag 3 | |
QinQ/ X.* 1 | True or False | Outer tag |
QinQ/ X.0 1 | True or False | Outer tag |
QinQ/ 0.* 1 | True or False | None |
QinQ/ *.* 2 | True or False | None |
Notes:
no qinq-mark-top-only
This command associates a QoS policy with an ingress or egress SAP. QoS ingress and egress policies are important for the enforcement of SLA agreements. The policy ID must be defined prior to associating the policy with a SAP. If the policy-id does not exist, an error will be returned.
The qos command is used to associate both ingress and egress QoS policies. The qos command only allows ingress policies to be associated on SAP ingress and egress policies on SAP egress. Attempts to associate a QoS policy of the wrong type returns an error; for example, trying to associate an egress policy on SAP ingress.
Only one ingress and one egress QoS policy can be associated with a SAP at one time. Attempts to associate a second QoS policy of a given type returns an error.
By default, no specific QoS policy is associated with the SAP for ingress or egress, so the default QoS policy is used.
The no form of this command removes the QoS policy association from the SAP, and the QoS policy reverts to the default.
This command sets the scheduler mode for the SAP and is part of the hierarchical QoS (H-QoS) feature on the 7705 SAR.
If the mode is 4-priority, then the SAP is considered an unshaped 4-priority SAP and the agg-rate-limit cannot be changed from its default values.
If the mode is 16-priority and the agg-rate limit parameters are configured to be non-default values, then the SAP is considered a shaped SAP. If the agg-rate limit parameters are left in their default settings, the SAP is considered an unshaped, 16-priority SAP.
This command is blocked on third-generation (Gen-3) Ethernet adapter cards and platforms, such as the 6-port Ethernet 10Gbps Adapter card and the 7705 SAR-X, which only support 4-priority scheduling mode.
If the specified SAP is a LAG SAP, scheduler-mode can be configured but is not applied to Gen-3 adapter cards and platforms. If one of the ports in the LAG is on a Gen-1 adapter card, then scheduler-mode cannot be configured.
4-priority
This command applies a shaper group to a SAP. The shaper group must already be created and must be within the shaper policy assigned to the Ethernet MDA (for ingress) or port (for egress). A shaper group is a dual-rate aggregate shaper used to shape aggregate access ingress or egress SAPs at a shaper group rate. Multiple aggregate shaper groups ensure fair sharing of available bandwidth among different aggregate shapers.
The default shaper group cannot be deleted.
The no form of this command removes the configured shaper-group.
shaper-group “default”
This command binds a service to an existing Service Distribution Point (SDP).
A spoke SDP is treated like the equivalent of a traditional bridge “port”, where flooded traffic received on the spoke SDP is replicated on all other “ports” (other spoke SDPs or SAPs) and not transmitted on the port it was received on.
The SDP has an operational state that determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service is down.
The SDP must already be defined in the config>service>sdp context in order to associate it with a service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id does exist, a binding between that sdp-id and the service is created.
SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end devices can participate in the service.
Class-based forwarding is not supported on a spoke SDP used for termination on an IES or VPRN service. All packets are forwarded over the default LSP.
The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to the service. Once the binding is removed, no packets are forwarded to the far-end router. The spoke SDP must be shut down first before it can be deleted from the configuration.
n/a
This command enables the context to configure egress SDP parameters.
This command configures the static MPLS VC label used by the 7705 SAR to send packets to the far-end device in this service via this SDP.
This command enables the context to configure ingress SDP parameters.
This command associates an IPv4 or IPv6 filter policy with a spoke SDP. Filter policies control the forwarding and dropping of packets based on IP or MAC matching criteria.
The ip-filter-id or ipv6-filter-id must already be defined before the filter command is executed. If the filter policy does not exist, the operation will fail and an error message will be returned.
Only one filter ID can be assigned to an interface unless the interface is dual-stack (supports both IPv4 and IPv6). A dual-stack interface can have one IPv4 and one IPv6 filter ID assigned to it.
In general, filters applied to ingress spoke SDPs will apply to all packets on the spoke SDP. One exception is that non-IP packets are not applied to IP match criteria, so the default action in the filter policy applies to these packets.
The no form of this command removes any configured filter ID association with the spoke SDP.
This command configures the static MPLS VC label used by the far-end device to send packets to the 7705 SAR in this service via this SDP.
This command within the IP interface context binds the IP interface to the specified VPLS service name.
The system does not attempt to resolve the service name until the IP interface is placed into the administratively up state (no shutdown). Once the IP interface is administratively up, the system scans the available VPLS services that have the allow-ip-int-binding flag set for a VPLS service associated with the service name. If the IP interface is already in the administratively up state, the system immediately attempts to resolve the given service name.
This command within the VPLS binding context defines the routed IPv4 optional filter override.
This command specifies an IPv4 filter ID applied to all ingress packets entering the VPLS service. The filter overrides the existing ingress IPv4 filter applied to SAPs or SDP bindings for packets associated with the routing IP interface. The override filter is optional, and if not defined or removed, the IPv4 routed packets use the existing ingress IPv4 filter on the VPLS virtual ports.
The no form of the command removes the IPv4 routed override filter from the ingress IP interface.
n/a
This command specifies an IPv6 filter ID applied to all ingress packets entering the VPLS service. The filter overrides the existing ingress IPv6 filter applied to SAPs or SDP bindings for packets associated with the routing IP interface. The override filter is optional, and if not defined or removed, the IPv6 routed packets use the existing ingress IPv6 filter on the VPLS virtual ports.
The no form of the command removes the IPv6 routed override filter from the ingress IP interface.
n/a
This command creates or edits a virtual router ID on the service IP interface. A virtual router ID is internally represented in conjunction with the IP interface name. This allows the virtual router ID to be used on multiple IP interfaces while representing different virtual router instances.
Two VRIDs can be defined on an IP interface. One, both, or none may be defined as owner.
The no form of this command removes the specified virtual router ID from the IP interface. This terminates VRRP participation for the virtual router and deletes all references to the virtual router ID. The virtual router ID does not need to be shut down in order to remove the virtual router instance.
n/a
This command assigns a simple text password authentication key to generate master VRRP advertisement messages and validate received VRRP advertisement messages.
If the command is re-executed with a different password key defined, the new key will be used immediately. If a no authentication-key command is executed, the password authentication key is restored to the default value. The authentication-key command can be executed at any time.
To change the current in-use password key on multiple virtual router instances:
The no form of this command restores the default value of the key.
The authentication data field contains the value 0 in all 16 octets.
The authentication-key parameter is expressed as a string consisting up to eight alphanumeric characters. Spaces must be contained in quotation marks ( “ ” ). The quotation marks are not considered part of the string.
The string is case-sensitive and is left-justified in the VRRP advertisement message authentication data fields. The first field contains the first four characters with the first octet containing the first character. The second field holds the fifth through eighth characters. Any unspecified portion of the authentication data field is padded with the value 0 in the corresponding octet.
This option is useful when a user must configure the parameter, but for security purposes, the actual unencrypted key value is not provided.
This command configures virtual router IP addresses for backup.
n/a
This command assigns a BFD session that provides a heartbeat mechanism for a VRRP instance. Only one BFD session can be assigned to a VRRP instance, but multiple VRRP instances can use the same BFD session.
BFD controls the state of the associated interface. By enabling BFD on a protocol interface, the state of the protocol interface is tied to the state of the BFD session between the local node and the remote node. The parameters used for the BFD session are set with the bfd-enable command under the IP interface specified in this command.
The no form of this command removes BFD from the configuration.
n/a
This command configures a VRRP initialization delay timer.
no init-delay
This command assigns a specific MAC address to a VPRN IP interface.
The no form of the command returns the MAC address of the IP interface to the default value.
the physical MAC address associated with the Ethernet interface that the SAP is configured on (the default MAC address assigned to the interface, assigned by the system)
This command allows the master instance to dictate the master down timer (non-owner context only).
The master down interval is the time that the master router can be down before the backup router takes over. The master down interval is used to specify the master down timer. If the master down timer expires, the backup virtual router enters the master state. Refer to "Master Down Interval" in the "VRRP" chapter of the 7705 SAR Router Configuration Guide for details.
no master-int-inherit
This command sets the advertisement timer and indirectly sets the master down timer on the virtual router instance. The message-interval setting must be the same for all virtual routers with the same VRID. Any VRRP advertisement message received with an advertisement interval field different from the virtual router instance configured message-interval value will be silently discarded.
Configuring the message interval value can be done in three ways: using only the milliseconds value, using only the seconds value, or using a combination of the two values. Table 136 shows the ranges for each way of configuring the message interval.
Configuration | IPv4 | IPv6 |
Using milliseconds value only | 100 to 900 ms | 10 to 990 ms |
Using seconds value only | 1 to 255 s | 1 to 40 s |
Using combination milliseconds and seconds values | 1 s 100 ms to 255 s 900 ms (1.1 s to 255.9 s) | 1 s 10 ms to 40s 990 ms (1.01 s to 40.99 s) |
Default setting | 1 s | 1 s |
The message-interval command is available for both non-owner and owner virtual routers. If the message-interval command is not executed, the default message interval is 1 s.
The no form of this command restores the default message-interval value of 1 s to the virtual router instance.
1 s
This command enables the non-owner master to reply to ICMP echo requests directed to the virtual router instance IP addresses. The ping request can be received on any routed interface.
Ping must not have been disabled at the management security level (either on the parent IP interface or based on the ping source host address). When ping reply is not enabled, ICMP echo requests to non-owner master virtual IP addresses are silently discarded.
Non-owner backup virtual routers never respond to ICMP echo requests regardless of the setting of the ping reply configuration.
The ping-reply command is only available for non-owner virtual routers.
The no form of this command restores the default operation of discarding all ICMP echo request messages destined for the non-owner virtual router instance IP addresses.
no ping-reply
This command associates a VRRP priority control policy with the virtual router instance (non-owner context only). VRRP policies are defined under the config>vrrp>policy context. For details, refer to the “VRRP” chapter in the 7705 SAR Router Configuration Guide.
n/a
This command provides the ability to override an existing non-owner master with a virtual router backup that has a higher priority. Enabling preempt mode enhances the operation of the base priority and VRRP policy ID definitions on the virtual router instance. If the virtual router cannot preempt an existing non-owner master, the effect of the dynamic changing of the in-use priority is greatly diminished.
The preempt command is only available for non-owner VRRP virtual routers. The owner cannot be preempted because the priority of non-owners can never be higher than the owner. The owner will always preempt all other virtual routers when it is available.
Non-owner backup virtual router instances will only preempt when preempt is set and the current master has an in-use message priority value less than the backup virtual router instance in-use priority.
A master non-owner virtual router will only allow itself to be preempted when the incoming VRRP advertisement message priority field value is one of the following:
The no form of this command prevents a non-owner virtual router instance from preempting another, less-desirable, virtual router.
preempt
This command configures a specific priority value for the virtual router instance. In conjunction with the optional policy command, the base priority derives the in-use priority of the virtual router instance.
The priority command is only available for non-owner VRRP virtual routers. The priority of owner virtual router instances is permanently set to 255 and cannot be changed. For non-owner virtual router instances, if the priority command is not executed, the base priority is set to 100.
The no form of this command restores the default value of 100.
This command enables the non-owner master to reply to SSH requests directed at the IP addresses of the virtual router instances. The SSH request can be received on any routed interface. SSH must not have been disabled at the management security level (either on the parent IP interface or based on the SSH source host address). Proper login and CLI command authentication are enforced.
When the ssh-reply command is not enabled, SSH packets to non-owner master virtual IP addresses are silently discarded.
Non-owner backup virtual routers never respond to SSH requests regardless of the SSH reply configuration.
The ssh-reply command is only available for non-owner VRRP virtual routers.
The no form of this command restores the default operation of discarding all SSH packets destined to the non-owner virtual router instance IP addresses.
no ssh-reply
This command allows the forwarding of packets by a standby router when sent to the virtual router MAC address.
The no form of the command specifies that a standby router should not forward traffic sent to the virtual router MAC address. The standby router should forward traffic sent to the real MAC address of the standby router.
no standby-forwarding
This command enables the non-owner master to reply to TCP port 23 Telnet requests directed at the IP addresses of the virtual router instance. The Telnet request can be received on any routed interface. Telnet must not have been disabled at the management security level (either on the parent IP interface or based on the Telnet source host address). Proper login and CLI command authentication are enforced.
If the telnet-reply command is not enabled, TCP port 23 Telnet packets to non-owner master virtual IP addresses are silently discarded.
Non-owner backup virtual routers never respond to Telnet requests regardless of the Telnet reply configuration.
The telnet-reply command is only available for non-owner VRRP virtual routers.
The no form of this command restores the default operation of discarding all Telnet packets destined for the non-owner virtual router instance IP addresses.
no telnet-reply
This command enables a non-owner master to reply to traceroute requests directed to the virtual router instance IP addresses. The command is valid only if the VRRP virtual router instance associated with this entry is a non-owner. A non-owner backup virtual router never responds to traceroute requests regardless of the traceroute reply status.
no traceroute-reply
This command configures an interface as an inside (private) interface.
By default, all interfaces are outside (public) interfaces. The no form of this command returns the interface to the default setting.
no static-nat-inside
This command enables the context to configure static one-to-one NAT.
The no form of this command disables static one-to-one NAT.
no static-nat
This command configures the router to drop packets that are traveling from either an inside network to an outside network or an outside network to an inside network that do not have a NAT mapping entry.
By default, packets traveling from either an inside network to an outside network or an outside network to an inside network are forwarded whether or not there is a NAT mapping entry.
The no form of this command returns the router to the default behavior.
no drop-packets-without-nat-entry
This command creates a static one-to-one NAT mapping from an inside network to an outside network. When configured, a packet traveling from an inside network to an outside network that matches a NAT mapping entry will have NAT applied to its source IP address. Similarly, a packet traveling from an outside network to an inside network that matches a NAT mapping entry will have NAT applied to its destination IP address.
n/a
This command maps a range of inside source IP addresses that will undergo NAT to a specified outside IP address range.
For example, to map the entire range of inside addresses within 192.168.0.0/16 to the outside address 10.10.0.0/16, the configuration would be:
map start 192.168.0.0 end 192.168.255.255 to 10.10.0.0
The 7705 SAR will then map each inside source IP address to its corresponding outside IP address sequentially; for example:
The no form of this command removes the NAT mapping.
no map start ip-address end ip-address
This command administratively disables the static NAT map entry.
The no form of this command administratively enables the static NAT map entry.
no shutdown
This command enables the context for configuring TWAMP Light functionality.
disabled
This command enables the context for configuring TWAMP Light session reflector functionality. The relector functionality is enabled using the no shutdown command.
disabled
This command configures an IP address prefix containing one or more TWAMP Light session controllers. It is used to define which TWAMP Light packet prefixes the reflector will process. Once the prefix is configured, the TWAMP Light session reflector only responds to TWAMP Light packets from source addresses that are part of the prefix list.
no prefix
This command configures the specific UDP port that the session reflector listens to for TWAMP Light packets. The session controller launching the TWAMP Light packets must have the same UDP port configured as on the session reflector.
no udp-port
This command enables the context to configure Network Time Protocol (NTP) and its operation. It also enables NTP server mode within the VPRN routing instance so that the router will respond to NTP requests received from external clients in the VPRN.
The no form of this command stops the execution of NTP and removes its configuration.
n/a
This command enables authentication for the NTP server.
n/a
This command provides the option to skip the rejection of NTP PDUs that do not match the authentication key ID, type, or key values.
When authentication is configured, NTP PDUs received on an interface or the management port are authenticated on receipt and rejected if there is a mismatch in the authentication key ID, type, or key value.
When authentication-check is enabled, NTP PDUs are authenticated on receipt and rejected if there is a mismatch in the authentication key ID, type, or key value. Any mismatches cause a counter to be incremented: one counter for type, one for key ID, and one for key value mismatches. These counters are visible in the show>system>ntp command output.
The no form of this command allows mismatched packets to be accepted (overriding authentication); however, the counters are maintained.
authentication-check
This command sets the authentication key ID, type, and key value used to authenticate NTP PDUs that are either sent by the broadcast server function toward external clients or received from external unicast clients within the VPRN routing instance. For authentication to work, the configured authentication key ID, type, and key values must match those of the NTP PDUs.
Configuring the authentication-key with a key-id value that matches an existing key will override the existing entry.
Recipients of the NTP packets must have the same authentication key ID, type, and key values in order to use the data transmitted by this node.
The no form of this command removes the authentication key.
n/a
This command configures the node to transmit NTP broadcast packets on the specified interface. Because broadcast messages can easily be spoofed, authentication is strongly recommended.
The no form of this command removes the interface from the configuration.
n/a
Note: The following command outputs are examples only; actual displays may differ depending on supported functionality and user configuration. |
This command displays service information using the range of egress labels.
If only the mandatory start-label parameter is specified, only services using the specified label are displayed.
If both start-label and end-label parameters are specified, the services using the labels in the specified range are displayed.
Use the show router ldp bindings command to display dynamic labels.
The following output is an example of service egress label information, and Table 137 describes the fields.
In the example below, services 3, 5 and 6 are IES, and services 5000 and 5001 are VPLS services.
Label | Description |
Svc Id | The ID that identifies a service |
Sdp Binding | The ID that identifies an SDP |
Type | Indicates whether the SDP binding is a spoke or a mesh |
I. Lbl | The VC label used by the far-end device to send packets to this device in this service by the SDP |
E. Lbl | The VC label used by this device to send packets to the far-end device in this service by the SDP |
Number of Bindings Found | The total number of SDP bindings that exist within the specified label range |
This command accesses the context to display information for a particular service ID. Once the particular service context has been accessed, the filtering commands listed below are available.
This command displays detailed information for all aspects of the service.
The following output is an example of service ID all information, and Table 138 describes the fields.
Label | Description |
Service Detailed Information | |
Service Id | The service identifier |
Service Type | The type of service (VPRN) |
Name | The service name |
Description | A description of the service |
Customer Id | The customer identifier |
Last Status Change | The date and time of the most recent change in the administrative or operating status of the service |
Last Mgmt Change | The date and time of the most recent management-initiated change to this service |
Admin State | The desired state of the service |
Oper State | The current operational state of the service |
Route Dist. | The route distribution number |
VPRN Type | Only valid in services that accept mesh SDP bindings. It validates the VC ID portion of each mesh SDP binding defined in the service. |
AS Number | The autonomous system number |
Router Id | The router ID for this service |
ECMP | Displays equal cost multipath information |
ECMP Max Routes | The maximum number of routes that can be received from the neighbors in the group or for the specific neighbor |
Max IPv4 Routes | The maximum number of routes that can be used for path sharing |
Max IPv6 Routes | Not applicable |
Auto Bind | The automatic binding type for the SDP assigned to this service |
Vrf Target | The route target in the VRF applied to this service |
Vrf Import | The VRF import policy applied to this service |
Vrf Export | The VRF export policy applied to this service |
SAP Count | The number of SAPs specified for this service |
SDP Bind Count | The number of SDPs bound to this service |
Service Destination Points (SDPs) | |
SDP Id | The SDP identifier |
Type | Indicates whether this service SDP binding is a spoke or a mesh |
VC Type | The VC type: ether or vlan |
VC Tag | The explicit dot1q value used when encapsulating to the SDP far end |
Admin Path MTU | The desired largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented |
Oper Path MTU | The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented |
Far End | Specifies the IP address of the remote end of the GRE, MPLS, or IP tunnel defined by this SDP |
Tunnel Far End | n/a |
LSP Types | Indicates the supported LSP types: R = RSVP, L = LDP, B = BGP, I = SR-ISIS, O = SR-OSPF, T = SR-TE, n/a = not applicable |
Delivery | Specifies the type of delivery used by the SDP: GRE, MPLS, or IP |
Admin State | The administrative state of this SDP |
Oper State | The operational state of this SDP |
Acct. Pol | The accounting policy applied to the SDP |
Collect Stats | Specifies whether accounting statistics are collected on the SDP |
Ingress Label | The label used by the far-end device to send packets to this device in this service by this SDP |
Egress Label | The label used by this device to send packets to the far-end device in this service by this SDP |
Ing mac Fltr | Not applicable |
Egr mac Fltr | Not applicable |
Ing ip Fltr | The SDP ingress filter policy ID |
Egr ip Fltr | The SDP egress filter policy ID |
Ing ipv6 Fltr | Not applicable |
Egr ipv6 Fltr | Not applicable |
Admin ControlWord | The administrative state of the control word: Preferred (control word enabled) or Not Preferred (control word disabled) |
Oper ControlWord | The operational state of the control word: True (control word enabled) or False (control word disabled) |
Last Status Change | The date and time of the most recent status change to this SDP |
Signaling | The signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on this SDP |
Last Mgmt Change | The date and time of the most recent management-initiated change to this SDP |
Class Fwding State | Not applicable |
Flags | Specifies the conditions that affect the operating status of this SAP. Display output includes: ServiceAdminDown, SapAdminDown, InterfaceAdminDown, PortOperDown, PortMTUTooSmall, L2OperDown, SapIngressQoSMismatch, SapEgressQoSMismatch, RelearnLimitExceeded, RxProtSrcMac, ParentIfAdminDown, NoSapIpipeCeIpAddr, TodResourceUnavail, TodMssResourceUnavail, SapParamMismatch, CemSapNoEcidOrMacAddr, StandByForMcRing, ServiceMTUTooSmall, SapIngressNamedPoolMismatch, SapEgressNamedPoolMismatch, NoSapEpipeRingNode |
KeepAlive Information | |
Admin State | The operating status of the keepalive protocol |
Oper State | The current status of the keepalive protocol |
Hello Time | Specifies how often the SDP echo request messages are transmitted on this SDP |
Hello Msg Len | The length of the SDP echo request messages transmitted on this SDP |
Max Drop Count | The maximum number of consecutive SDP Echo Request messages that can be unacknowledged before the keepalive protocol reports a fault |
Hold Down Time | The time to wait before the keepalive operating status is eligible to enter the alive state |
Statistics | |
I. Fwd. Pkts. | The number of forwarded ingress packets |
I. Dro. Pkts. | The number of dropped ingress packets |
I. Fwd. Octs. | The number of forwarded ingress octets |
I. Dro. Octs. | The number of dropped ingress octets |
E. Fwd. Pkts. | The number of forwarded egress packets |
E. Fwd. Octets | The number of forwarded egress octets |
Associated LSP LIST | If the SDP type is MPLS, a list of LSPs used to reach the far-end router displays. All the LSPs in the list must terminate at the IP address specified in the far-end field. If the SDP type is GRE, the following message displays: SDP delivery mechanism is not MPLS |
Number of SDPs | The total number of SDPs applied to this service ID |
Service Access Points | |
Service Id | The service identifier |
SAP | The SAP identifier |
Encap | The encapsulation type of the SAP |
Admin State | The administrative state of the SAP |
Oper State | The operating state of the SAP |
Flags | Specifies the conditions that affect the operating status of this SAP. Display output includes: ServiceAdminDown, SapAdminDown, InterfaceAdminDown, PortOperDown, PortMTUTooSmall, L2OperDown, SapIngressQoSMismatch, SapEgressQoSMismatch, RelearnLimitExceeded, RxProtSrcMac, ParentIfAdminDown, NoSapIpipeCeIpAddr, TodResourceUnavail, TodMssResourceUnavail, SapParamMismatch, CemSapNoEcidOrMacAddr, StandByForMcRing, ServiceMTUTooSmall, SapIngressNamedPoolMismatch, SapEgressNamedPoolMismatch, NoSapEpipeRingNode |
Multi Svc Site | Indicates the multiservice site that the SAP is a member of |
Last Status Change | The time of the most recent operating status change to this SAP |
Last Mgmt Change | The time of the most recent management-initiated change to this SAP |
Sub Type | The supported sub type: regular |
Dot1Q Ethertype | The value of the dot1q Ethertype |
QinQ Ethertype | The value of the qinq Ethertype |
Admin MTU | The desired largest service frame size (in octets) that can be transmitted through the SAP to the far-end router, without requiring the packet to be fragmented |
Oper MTU | The actual largest service frame size (in octets) that can be transmitted through the SAP to the far-end router, without requiring the packet to be fragmented |
Ingr IP Fltr-Id | The ingress filter policy ID assigned to the SAP |
Egr IP Fltr-Id | The egress filter policy ID assigned to the SAP |
Ingr Mac Fltr-Id | Not applicable |
Ingr IPv6 Fltr-ID | Not applicable |
Egr IPv6 Fltr-ID | Not applicable |
tod-suite | Indicates whether a time-based policy is applied to a multiservice site |
qinq-pbit-marking | Indicates the qinq P-bit marking for the service: both or top |
Ing Scheduler Mode | Indicates the ingress scheduler mode for the SAP |
Egr Scheduler Mode | Indicates the egress scheduler mode for the SAP |
Ing Agg Rate Limit | Indicates the PIR rate limit in the access ingress direction for the aggregate of the SAP queues |
Egr Agg Rate Limit | Indicates the PIR rate limit in the access egress direction for the aggregate of the SAP queues |
Ing Agg cir | Indicates the CIR rate limit in the access ingress direction for the aggregate of the SAP queues |
Egr Agg cir | Indicates the CIR rate limit in the access egress direction for the aggregate of the SAP queues |
Ing Shaper Group | Indicates the ingress shaper group for the SAP |
Egr Shaper Group | Indicates the egress shaper group for the SAP |
Q Frame-Based Acct | Not applicable |
Acct. Pol | The accounting policy applied to the SAP |
Collect Stats | Specifies whether accounting statistics are collected on the SAP |
Anti Spoofing | Not applicable |
Nbr Static Hosts | Not applicable |
QOS | |
Ingress qos-policy | The SAP ingress QoS policy ID |
Egress qos-policy | The SAP egress QoS policy ID |
Shared Q plcy | Not applicable |
Multipoint shared | Not applicable |
Segment Routing | |
ISIS | Indicates the state of segment routing for IS-IS: enabled or disabled |
LSP Id | The LSP identifier |
Oper Instance Id | The IS-IS instance identifier for the SR IS-IS instance |
OSPF | Indicates the state of segment routing for OSPF: enabled or disabled |
TE-LSP | Indicates the state of segment routing for TE LSP: enabled or disabled |
TWAMP-Light Reflector | |
Admin State | Displays one of the following: Up—the server or prefix is administratively enabled (no shutdown) in configuration Down—the server or prefix is administratively disabled (shutdown) in configuration |
Up Time | The time since the server process was started, measured in days (d), hours, minutes, and seconds |
Configured UDP Port | The UDP port number used |
Test Packets Rx | The total number of test packets received from session senders |
Test Packets Tx | The total number of test packets sent to session senders |
TWAMP Light Controller Prefix List | The IP address prefixes of TWAMP Light clients |
SAP Statistics | |
Last Cleared time | The date and time that a clear command was issued on the statistics |
Forwarding Engine Stats (Ingress) | |
Dropped | The number of packets or octets dropped by the forwarding engine |
Off. HiPrio | The number of high-priority packets or octets offered to the forwarding engine |
Off. LowPrio | The number of low-priority packets offered to the forwarding engine |
Queueing Stats (Ingress QoS Policy) | |
Dro. HiPrio | The number of high-priority packets or octets discarded, as determined by the SAP ingress QoS policy |
Dro. LowPrio | The number of low-priority packets discarded, as determined by the SAP ingress QoS policy |
For. InProf | The number of in-profile packets or octets (rate below CIR) forwarded, as determined by the SAP ingress QoS policy |
For. OutProf | The number of out-of-profile packets or octets (rate above CIR) forwarded, as determined by the SAP ingress QoS policy |
Queueing Stats (Egress QoS Policy) | |
Dro. InProf | The number of in-profile packets or octets discarded, as determined by the SAP egress QoS policy |
Dro. OutProf | The number of out-of-profile packets or octets discarded, as determined by the SAP egress QoS policy |
For. InProf | The number of in-profile packets or octets (rate below CIR) forwarded, as determined by the SAP egress QoS policy |
For. OutProf | The number of out-of-profile packets or octets (rate above CIR) forwarded, as determined by the SAP egress QoS policy |
Sap per Queue stats | |
Ingress Queue n (Priority) | The index of the ingress QoS queue of this SAP, where n is the index number |
Off. Combined | The combined total number of high-priority and low-priority packets or octets offered to the forwarding engine |
Off. HiPrio | The number of packets or octets of high-priority traffic for the SAP (offered) |
Off. LoPrio | The number of packets or octets count of low-priority traffic for the SAP (offered) |
Dro. HiPrio | The number of high-priority traffic packets or octets dropped |
Dro. LoPrio | The number of low-priority traffic packets or octets dropped |
For. InProf | The number of in-profile packets or octets (rate below CIR) forwarded |
For. OutProf | The number of out-of-profile packets or octets (rate above CIR) forwarded |
Ingress Queue n (Profile) | The index of the ingress QoS queue of this SAP, where n is the index number |
Off. ColorIn | The number of packets or octets colored as in-profile for the SAP (offered) |
Off. ColorOut | The number of packets or octets colored as out-of-profile for the SAP (offered) |
Off. Uncolor | The number of packets or octets that areunprofiled for the SAP (offered) |
Dro. ColorOut | The number of packets or octets colored as out-of-profile that were dropped for the SAP |
Dro. ColorIn/Uncolor | The number of packets or octets that were colored as in-profile or were unprofiled that were dropped for the SAP |
For. InProf | The number of forwarded packets or octets colored as in-profile (FC profile set to “in” or “no profile” and rate less than or equal to CIR) |
For. OutProf | The number of forwarded packets or octets that were colored as out-of-profile (FC profile set to “out” or “no profile” and rate above CIR) |
Egress Queue n | The index of the egress QoS queue of the SAP, where n is the index number |
For. InProf | The number of in-profile packets or octets (rate below CIR) forwarded |
For. OutProf | Number of out-of-profile packets or octets (rate above CIR) forwarded |
Dro. InProf | The number of in-profile packets or octets dropped for the SAP |
Dro. OutProf | The number of out-of-profile packets or octets discarded |
Service Interfaces | |
Interface | |
If Name | The name used to refer to the interface |
Admin State | The desired state of the interface |
Oper (v4/v6) | The operating state of the interface |
Protocols | The protocols supported on the interface |
IP Addr/mask | The IP address/IP subnet/broadcast address of the interface |
Details | |
If Index | The index corresponding to this interface. The primary index is 1. For example, all interfaces are defined in the Base virtual router context. |
Virt. If Index | The virtual interface index of the VPRN interface |
Last Oper Chg | The date and time of the last operating state change on the interface |
Global If Index | The global interface index of the VPRN interface |
TOS Marking | Specifies whether the ToS marking is trusted or untrusted for the interface |
If Type | The interface type |
SNTP B.Cast | Specifies whether SNTP broadcast client mode is enabled or disabled |
MAC Address | The 48-bit IEEE 802.3 MAC address |
Arp Timeout | The timeout for an ARP entry learned on the interface |
IP MTU | The IP maximum transmit unit for the interface |
ICMP Mask Reply | Specifies whether ICMP mask reply is enabled or disabled |
ARP Populate | Specifies if ARP is enabled or disabled |
Host Conn Verify | Not applicable |
LdpSyncTimer | Not applicable |
Proxy ARP Details | |
Rem Proxy ARP | Indicates whether remote proxy ARP is enabled or disabled |
Local Proxy ARP | Indicates whether local proxy ARP is enabled or disabled |
Policies | Specifies the policy statements applied to proxy ARP |
DHCP Details | |
Admin State | The desired state of DHCP |
Lease Populate | Not applicable |
Action | The processing required that occurs when the 7705 SAR receives a DHCP request that already has a Relay Agent Information Option (Option 82): |
Trusted | Indicates whether trusted mode is enabled or disabled on the IP interface |
ICMP Details | |
Redirects | The rate for ICMP redirect messages |
Unreachables | The rate for ICMP unreachable messages |
TTL Expired | The rate for ICMP TTL messages |
IPCP Address Extension Details | |
Peer IP Addr | Specifies the remote IP address to be assigned to the far-end of the associated PPP/MLPPP link via IPCP extensions |
Peer Pri DNS Addr | Specifies a unicast IPv4 address for the primary DNS server to be signaled to the far-end of the associate PPP/MLPPP link via IPCP extensions |
Peer Sec DNS Addr | Specifies a unicast IPv4 address for the secondary DNS server to be signaled to the far-end of the associate PPP/MLPPP link via IPCP extensions |
This command displays the ARP table for the VPRN instance.
The following output is an example of service ID ARP information, and Table 139 describes the fields.
Label | Description |
IP Address | The IP address of the ARP entry |
MAC Address | The MAC address of the ARP entry |
Type | Dyn—the ARP entry is a dynamic ARP entry |
Inv—the ARP entry is an inactive static ARP entry (invalid). | |
Oth—the ARP entry is a local or system ARP entry | |
Sta—the ARP entry is an active static ARP entry | |
Expiry | The age of the ARP entry |
Interface | The IP interface name associated with the ARP entry |
SAP | The port identifier of the SAP |
This command displays basic information about the service ID, including service type, description, SAPs and SDPs.
The following output is an example of service ID base information, and Table 140 describes the fields.
Label | Description |
Service Id | The service identifier |
Service Type | The type of service: VPRN |
Name | The service name |
Description | Generic information about the service |
Customer Id | The customer identifier |
Last Status Change | The date and time of the most recent status change to this service |
Last Mgmt Change | The date and time of the most recent management-initiated change to this service |
Admin State | The desired state of the service |
Oper State | The operating state of the service |
Route Dist. | The largest frame size (in octets) that the service can handle |
VPRN Type | Only valid in services that accept mesh SDP bindings. It validates the VC ID portion of each mesh SDP binding defined in the service. |
AS Number | The autonomous system number |
Router ID | The router ID for this service |
ECMP | Displays equal cost multipath information |
ECMP Max Routes | The maximum number of routes that can be received from the neighbors in the group or for the specific neighbor |
Max IPv4 Routes | The maximum number of routes that can be used for path sharing |
Auto Bind | The automatic binding type for the SDP assigned to this service |
Max IPv6 Routes | Not applicable |
Vrf Target | The route target in the VRF applied to this service |
Vrf Import | The VRF import policy applied to this service |
Vrf Export | The VRF export policy applied to this service |
SAP Count | The number of SAPs defined on the service |
SDP Bind Count | The number of SDPs bound to the service |
Service Access and Destination Points | |
Identifier | The service access (SAP) and destination (SDP) points |
Type | The signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on the SDP |
AdmMTU | The desired largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented |
OprMTU | The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented |
Adm | The administrative state of the SAP or SDP |
Opr | The operating state of the SAP or SDP |
This command enables the context to display DHCP information for the specified service.
This command displays DHCP statistics information.
The following output is an example of server ID DHCP statistics information, and Table 141 describes the fields.
Label | Description |
DHCP Global Statistics, service x | |
Rx Packets | The number of packets received from the DHCP clients |
Tx Packets | The number of packets transmitted to the DHCP clients |
Rx Malformed Packets | The number of corrupted/invalid packets received from the DHCP clients |
Rx Untrusted Packets | The number of untrusted packets received from the DHCP clients. In this case, a frame is dropped due to the client sending a DHCP packet with Option 82 filled in before “trust” is set under the DHCP interface command. |
Client Packets Discarded | The number of packets received from the DHCP clients that were discarded |
Client Packets Relayed | The number of packets received from the DHCP clients that were forwarded |
Server Packets Discarded | The number of packets received from the DHCP server that were discarded |
Server Packets Relayed | The number of packets received from the DHCP server that were forwarded |
This command displays DHCP configuration summary information.
The following output is an example of service ID DHCP summary information, and Table 142 describes the fields.
Label | Description |
DHCP Summary, service x | |
Interface Name Sap/Sdp | The name of the interface |
Arp Populate | Specifies whether ARP populate is enabled or disabled |
Used/Provided | Used—the number of lease-states that are currently in use on the specified interface, that is, the number of clients on the interface that got an IP address by DHCP. This value is always less than or equal to the “Provided” field. |
Provided—the lease-populate value that is configured for a specific interface | |
Info Option | Keep—the existing information is kept on the packet and the router does not add any additional information |
Replace—on ingress, the existing information-option is replaced with the information-option from the router | |
Drop—the packet is dropped and an error is logged | |
Admin State | The administrative state |
This command displays information for the IP interfaces associated with the service.
If no optional parameters are specified, a summary of all IP interfaces associated to the service are displayed.
The following output is an example of service ID interface information, and Table 143 describes the fields.
Label | Description |
Interface | |
If Name | The name used to refer to the interface |
Admin State | The desired state of the interface |
Oper (v4/v6) | The operating state of the interface |
Protocols | The protocols supported on this interface |
IP Addr/mask | The IP address/IP subnet/broadcast address of the interface |
Details | |
If Index | The index corresponding to this interface. The primary index is 1. For example, all interfaces are defined in the Base virtual router context. |
Virt. If Index | The virtual interface index of the VPRN interface |
Last Oper Chg | The date and time of the last operating state change on the interface |
Global If Index | The global interface index of the VPRN interface |
TOS Marking | Specifies whether the ToS marking is trusted or untrusted for the interface |
If Type | The interface type |
SNTP B.Cast | Specifies whether SNTP broadcast client mode is enabled or disabled |
MAC Address | The 48-bit IEEE 802.3 MAC address |
Arp Timeout | The timeout for an ARP entry learned on the interface |
IP MTU | The IP maximum transmit unit for the interface |
ICMP Mask Reply | Specifies whether ICMP mask reply is enabled or disabled |
ARP Populate | Specifies if ARP is enabled or disabled |
Host Conn Verify | Not applicable |
LdpSyncTimer | Not applicable |
Proxy ARP Details | |
Rem Proxy ARP | Indicates whether remote proxy ARP is enabled or disabled |
Local Proxy ARP | Indicates whether local proxy ARP is enabled or disabled |
Policies | Specifies the policy statements applied to proxy ARP |
DHCP Details | |
Admin State | The administrative state of DHCP |
Lease Populate | Not applicable |
Action | The processing required that occurs when the 7705 SAR receives a DHCP request that already has a Relay Agent Information Option (Option 82): |
Trusted | Indicates whether trusted mode is enabled or disabled on the IP interface |
ICMP Details | |
Redirects | The rate for ICMP redirect messages |
Unreachables | The rate for ICMP unreachable messages |
TTL Expired | The rate for ICMP TTL messages |
IPCP Address Extension Details | |
Peer IP Addr | The remote IP address to be assigned to the far end of the associated PPP/MLPPP link via IPCP extensions |
Peer Pri DNS | The unicast IPv4 address for the primary DNS server to be signaled to the far end of the associate PPP/MLPPP link via IPCP extensions |
Peer Sec DNS | The unicast IPv4 address for the secondary DNS server to be signaled to the far end of the associate PPP/MLPPP link via IPCP extensions |
This command displays information for a specified IP transport subservice within this VPRN service. If no IP transport subservice is specified, summary information is displayed for all IP transport subservices associated with the VPRN service.
The following output is an example of IP transport subservice summary information for a specified service, and Table 144 describes the fields.
Label | Description |
IP Transport (Summary), Service x | |
IptId | The IP transport subservice physical port identifier |
LocalIP | The IP address (IPv4) that is used for the local host |
LocalPort | The port number that is used by remote hosts to establish TCP/UDP sessions to the local host |
Proto | The protocol type that is used for all sessions to and from the local host (either TCP or UDP) |
RemHost | The number of remote hosts associated with the IP transport subservice |
DSCP | The DSCP name used to mark the DSCP field in IP transport packets |
FC | The FC name used for IP transport packets |
FltrUnkn | Indicates whether the filter-unknown-host command is enabled or disabled on the IP transport subservice |
Adm | The administrative state of the IP transport subservice |
Opr | The operational state of the IP transport subservice |
Entries found: | The number of IP transport subservices associated with this service |
The following output is an example of detailed information for a specified IP transport subservice within a specified service, and Table 145 describes the fields.
Label | Description |
IP Transport | |
Service Id | The ID that identifies the service (the service type is shown in brackets) |
IP Transport Id | The physical port identifier for this IP transport subservice |
Description | The description associated with this IP transport subservice |
Admin State | The administrative state of this IP transport subservice |
Oper State | The operational state of this IP transport subservice |
Oper Flags | The operational flags associated with this IP transport subservice |
Local IP Address | The IP address (IPv4) that is used for the local host |
Local Port Number | The port number that is used by remote hosts to establish TCP/UDP sessions to the local host |
Local IP Protocol | The protocol type that is used for all sessions to and from the local host (either TCP or UDP) |
DSCP | The DSCP name used to mark the DSCP field in IP transport packets |
Filter Unknown Host | Indicates whether the filter-unknown-host command is enabled or disabled for this IP transport subservice |
FC | The FC name used for IP transport packets |
Profile | The profile marking for the IP transport packets (in or out) |
TCP Inact Timeout | The configured inactivity timeout value for TCP connections |
TCP Max Retries | The configured maximum retry value for TCP connections |
TCP Retry Interval | The configured retry interval value for TCP connections |
Num Remote Hosts | The number of remote hosts associated with this IP transport subservice |
Last Mgmt Change | The date and time of the most recent management-initiated change to this IP transport subservice |
Last Oper Change | The date and time of the most recent operational status change for this IP transport subservice |
IP Transport Accumulated Statistics | |
Known Remote Hosts | |
Packets sent | The number of packets sent to the host |
Characters sent | The number of data characters sent to the host |
Packets received | The number of packets received from the host |
Characters received | The number of data characters received from the host |
Connections To From | The number of connections to and from the host |
Connection retries | The number of connection retries to the host |
Connection failures | The number of connection failures to the host |
Currently connected | The number of hosts currently connected |
Unknown Remote Hosts | |
Packets sent | The number of packets sent to the host |
Characters sent | The number of data characters sent to the host |
Packets received | The number of packets received from the host |
Characters received | The number of data characters received from the host |
Successful connections from | The number of successful connections from the host |
Rejected due to unknown host filter | The number of rejected connection attempts from the host due to the filter-unknown-host command being enabled |
Rejected due to out of resource | The number of connection attempts from the host that were rejected due to the unavailability of resources |
Inactivity timeouts | The number of connections from the host that timed out due to inactivity |
Last RemIp:RemPort | The IP address (IPv4) and port number used by the host for the last connection |
Currently connected | The number of hosts that are currently connected |
Dropped packets due to no remote hosts | The number of packets dropped due to no hosts being connected |
This command displays information for a specified remote host within this IP transport subservice within this service. If no remote host is specified, summary information is displayed for all remote hosts within this IP transport subservice.
The following output is an example of IP transport subservice remote host summary information when no remote host is specified, and Table 146 describes the fields.
Label | Description |
IP Remote Host (Summary), Service x IPT x/x/x.x | |
RemId | The remote host identifier |
RemIp:RemPort | The IP address (IPv4) and port number used by the remote host |
Rcvd Chars | The number of data characters received from the remote host |
Sent Chars | The number of data characters sent to the remote host |
Drop Chars | The number of data characters destined for the remote host that were dropped |
State | The operational state of the packet transport session connection to the remote host |
Rcvd Pkts | The number of packets received from the remote host |
Sent Pkts | The number of packets sent to the remote host |
Drop Pkts | The number of packets destined for the remote host that were dropped |
Up Time | The amount of time that the remote host has been connected |
Number of known remote hosts | The number of known remote hosts associated with the IP transport subservice |
Number of unknown remote hosts | The number of unknown remote hosts associated with the IP transport subservice |
Total entries found | The total number of hosts associated with the IP transport subservice |
The following output is an example of IP transport subservice detailed information for a specified remote host, and Table 147 describes the fields.
Label | Description |
IP Remote Host | |
Service Id | The ID that identifies the service (the service type is shown in brackets) |
IP Transport Id | The physical port identifier for the IP transport subservice |
Remote host Id | The host identifier associated with this remote host |
Name | The name associated with this remote host |
Description | The description associated with this remote host |
IP Address | The IP address associated with this remote host |
Port Number | The port number associated with this remote host |
Last Mgmt Change | The date and time of the most recent management-initiated change to this remote host |
Session State | The operational state of the packet transport session to this host |
Up Time | The amount of time that this remote host has been connected |
Last Connect | Indicates whether the last connection attempt to this remote host was successful or unsuccessful |
IP Remote Host Statistics | |
Sent Pkts | The number of packets sent to this remote host |
Sent Chars | The number of data characters sent to this remote host |
Dropped Pkts | The number of packets destined for this remote host that were dropped |
Dropped Chars | The number of data characters destined for this remote host that were dropped |
Rcvd Pkts | The number of packets received from this remote host |
Rcvd Chars | The number of data characters received from this remote host |
Session information | |
Connections | |
To | The number of connections made to this host |
From | The number of connections made from the host |
Connection retries | The number of connection retries to this host |
Connection failures | The number of connection failures to this host |
Closed by far end | The number of connections closed by the far end |
Inactivity timeouts | The number of connection that were timed out due to inactivity |
This command displays information for the SAPs associated with the service.
If no optional parameters are specified, a summary of all associated SAPs is displayed.
The following output is an example of service SAP information, and Table 148 describes the fields.
Label | Description |
Service Id | The service identifier |
SAP | The SAP identifier |
Encap | The encapsulation type of the SAP |
Admin State | The administrative state of the SAP |
Oper State | The operating state of the SAP |
Flags | Specifies the conditions that affect the operating status of this SAP. Display output includes: ServiceAdminDown, SapAdminDown, InterfaceAdminDown, PortOperDown, PortMTUTooSmall, L2OperDown, SapIngressQoSMismatch, SapEgressQoSMismatch, RelearnLimitExceeded, RxProtSrcMac, ParentIfAdminDown, NoSapIpipeCeIpAddr, TodResourceUnavail, TodMssResourceUnavail, SapParamMismatch, CemSapNoEcidOrMacAddr, StandByForMcRing, ServiceMTUTooSmall, SapIngressNamedPoolMismatch, SapEgressNamedPoolMismatch, NoSapEpipeRingNode |
Last Status Change | The time of the most recent operating status change to this SAP |
Last Mgmt Change | The time of the most recent management-initiated change to this SAP |
Sub Type | The supported sub type: regular |
Dot1Q Ethertype | The value of the dot1q Ethertype |
QinQ Ethertype | The value of the qinq Ethertype |
Admin MTU | The desired largest service frame size (in octets) that can be transmitted through the SAP to the far-end router, without requiring the packet to be fragmented |
Oper MTU | The actual largest service frame size (in octets) that can be transmitted through the SAP to the far-end router, without requiring the packet to be fragmented |
Ingr IP Fltr-Id | The ingress filter policy ID assigned to the SAP |
Egr IP Fltr-Id | The egress filter policy ID assigned to the SAP |
Ingr Mac Fltr-Id | Not applicable |
Egr Mac Fltr-Id | Not applicable |
tod-suite | Indicates whether a time-based policy is applied to a multiservice site |
qinq-pbit-marking | Indicates the qinq P-bit marking for the service: both or top |
Ing Scheduler Mode | The scheduler mode for the SAP in the access ingress direction: 4-priority or 16-priority |
Egr Scheduler Mode | The scheduler mode for the SAP in the access egress direction: 4-priority or 16-priority |
Ing Agg Rate Limit | The PIR rate limit in the access ingress direction for the aggregate of the SAP queues |
Egr Agg Rate Limit | The PIR rate limit in the access egress direction for the aggregate of the SAP queues |
Ing Agg cir | The CIR rate limit in the access ingress direction for the aggregate of the SAP queues |
Egr Agg cir | The CIR rate limit in the access egress direction for the aggregate of the SAP queues |
Ing Shaper Group | The ingress shaper group for the SAP |
Egr Shaper Group | The egress shaper group for the SAP |
Acct. Pol | The accounting policy ID assigned to the SAP |
Collect Stats | Specifies whether accounting statistics are collected on the SAP |
Anti Spoofing | Not applicable |
Nbr Static Hosts | Not applicable |
QOS | |
Ingress qos-policy | The ingress QoS policy ID assigned to the SAP |
Egress qos-policy | The egress QoS policy ID assigned to the SAP |
Shared Q plcy | Not applicable |
Multipoint shared | Not applicable |
Sap Statistics | |
Last Cleared Time | The date and time that a clear command was issued on statistics |
Forwarding Engine Stats (Ingress) | |
Dropped | The number of packets or octets dropped by the forwarding engine |
Off. HiPrio | The number of high-priority packets or octets offered to the forwarding engine |
Off. LowPrio | The number of low-priority packets offered to the forwarding engine |
Queueing Stats (Ingress QoS Policy) | |
Dro. HiPrio | The number of high-priority packets or octets discarded, as determined by the SAP ingress QoS policy |
Dro. LowPrio | The number of low-priority packets discarded, as determined by the SAP ingress QoS policy |
For. InProf | The number of in-profile packets or octets (rate below CIR) forwarded, as determined by the SAP ingress QoS policy |
For. OutProf | The number of out-of-profile packets or octets (rate above CIR) forwarded, as determined by the SAP ingress QoS policy |
Queueing Stats (Egress QoS Policy) | |
Dro. InProf | The number of in-profile packets or octets discarded, as determined by the SAP egress QoS policy |
Dro. OutProf | The number of out-of-profile packets or octets discarded, as determined by the SAP egress QoS policy |
For. InProf | The number of in-profile packets or octets (rate below CIR) forwarded, as determined by the SAP egress QoS policy |
For. OutProf | The number of out-of-profile packets or octets (rate above CIR) forwarded, as determined by the SAP egress QoS policy |
Sap per Queue stats | |
Ingress Queue n (Priority) | The index of the ingress QoS queue of this SAP, where n is the index number |
Off. Combined | The combined total number of high-priority and low-priority packets or octets offered to the forwarding engine |
Off. HiPrio | The number of packets or octets of high-priority traffic for the SAP (offered) |
Off. LoPrio | The number of packets or octets count of low-priority traffic for the SAP (offered) |
Dro. HiPrio | The number of high-priority traffic packets or octets dropped |
Dro. LoPrio | The number of low-priority traffic packets or octets dropped |
For. InProf | The number of in-profile packets or octets (rate below CIR) forwarded |
For. OutProf | The number of out-of-profile packets or octets (rate above CIR) forwarded |
Ingress Queue n (Profile) | The index of the ingress QoS queue of this SAP, where n is the index number |
Off. ColorIn | The number of packets or octets colored as in-profile for the SAP (offered) |
Off. ColorOut | The number of packets or octets colored as out-of-profile for the SAP (offered) |
Off. Uncolor | The number of packets or octets that are unprofiled for the SAP (offered) |
Dro. ColorOut | The number of packets or octets colored as out-of-profile that were dropped for the SAP |
Dro. ColorIn/Uncolor | The number of packets or octets that were colored as in-profile or unprofiled that were dropped for the SAP |
For. InProf | The number of forwarded packets or octets colored as in-profile (FC profile set to “in” or “no profile” and rate less than or equal to CIR) |
For. OutProf | The number of forwarded packets or octets that were colored as out-of-profile (FC profile set to “out” or “no profile” and rate above CIR) |
Egress Queue n | The index of the egress QoS queue of the SAP, where n is the index number |
For. InProf | The number of in-profile packets or octets (rate below CIR) forwarded |
For. OutProf | The number of out-of-profile packets or octets (rate above CIR) forwarded |
Dro. InProf | The number of in-profile packets or octets dropped for the SAP |
Dro. OutProf | The number of out-of-profile packets or octets discarded |
This command displays service information using the range of ingress labels.
If only the mandatory start-label parameter is specified, only services using the specified label are displayed.
If both start-label and end-label parameters are specified, the services using the labels in the specified range are displayed.
Use the show router ldp bindings command to display dynamic labels.
The following output is an example of service ingress label information, and Table 149 describes the fields.
In the example below, services 3, 5 and 6 are IES, and services 5000 and 5001 are VPLS services.
Label | Description |
Svc Id | The ID that identifies a service |
Sdp Binding | The ID that identifies an SDP |
Type | Indicates whether the SDP binding is a spoke or a mesh |
I. Lbl | The VC label used by the far-end device to send packets to this device in this service by the SDP |
E. Lbl | The VC label used by this device to send packets to the far-end device in this service by the SDP |
Number of Bindings Found | The total number of SDP bindings that exist within the specified label range |
This command displays IP transport subservice information for a specified port. If no port is specified, the command displays a summary of all IP transport subservices defined for the VPRN service.
The following output is an example of ip-transport-using information, and Table 150 describes the fields.
Label | Description |
IP Transports | |
IptId | The IP transport subservice physical port identifier |
SvcId | The service identifier |
Type | The type of service |
Adm | The administrative state of the IP transport subservice |
Opr | The operational state of the IP transport subservice |
Entries found | The number of IP transport subservices using this service |
This command displays information for the SDPs associated with the service. If no optional parameters are specified, a summary of all associated SDPs is displayed.
The following output is an example of service ID SDP information, and Table 151 describes the fields.
Label | Description |
Sdp Id | The SDP identifier |
Type | Indicates whether the SDP is a spoke or a mesh |
VC Type | The VC type: ether or vlan |
VC Tag | The explicit dot1q value used when encapsulating to the SDP far end |
Admin Path MTU | The operating path MTU of the SDP is equal to the admin path MTU (when one is set) or the dynamically computed tunnel MTU, when no admin path MTU is set (the default case) |
Oper Path MTU | The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented |
Far End | The IP address of the remote end of the GRE, MPLS, or IP tunnel defined by this SDP. |
Delivery | Specifies the type of delivery used by the SDP: GRE, MPLS, or IP |
Admin State | The administrative state of this SDP |
Oper State | The operational state of this SDP |
Acct. Pol | The accounting policy applied to the SDP |
Collect Stats | Specifies whether accounting statistics are collected on the SDP |
Ingress Label | The label used by the far-end device to send packets to this device in this service by this SDP |
Egress Label | The label used by this device to send packets to the far-end device in this service by the SDP |
Ing mac Fltr | Not applicable |
Egr mac Fltr | Not applicable |
Ing ip Fltr | The ingress filter policy ID assigned to the SDP |
Egr ip Fltr | The egress filter policy ID assigned to the SDP |
Admin ControlWord | The administrative state of the control word: Preferred (control word enabled) or Not Preferred (control word disabled) |
Oper ControlWord | The operational state of the control word: True (control word enabled) or False (control word disabled) |
Last Status Change | The date and time of the most recent change to the SDP |
Signaling | The signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on this SDP |
Last Mgmt Change | The date and time of the most recent management-initiated change to this SDP |
Class Fwding State | Not applicable |
Flags | Specifies the conditions that affect the operating status of this SAP. Display output includes: ServiceAdminDown, SapAdminDown, InterfaceAdminDown, PortOperDown, PortMTUTooSmall, L2OperDown, SapIngressQoSMismatch, SapEgressQoSMismatch, RelearnLimitExceeded, RxProtSrcMac, ParentIfAdminDown, NoSapIpipeCeIpAddr, TodResourceUnavail, TodMssResourceUnavail, SapParamMismatch, CemSapNoEcidOrMacAddr, StandByForMcRing, ServiceMTUTooSmall, SapIngressNamedPoolMismatch, SapEgressNamedPoolMismatch, NoSapEpipeRingNode |
KeepAlive Information | |
Admin State | The administrative state of the keepalive process |
Oper State | The operational state of the keepalive process |
Hello Time | Specifies how often the SDP echo request messages are transmitted on this SDP |
Hell Msg Length | The length of the SDP echo request messages transmitted on this SDP |
Max Drop Count | The maximum number of consecutive SDP echo request messages that can be unacknowledged before the keepalive protocol reports a fault |
Hold Down Time | The time to wait before the keepalive operating status is eligible to enter the alive state |
Statistics | |
I. Fwd. Pkts. | The number of forwarded ingress packets |
I. Dro. Pkts. | The number of dropped ingress packets |
I. Fwd. Octs. | The number of forwarded ingress octets |
I. Dro. Octs. | The number of dropped ingress octets |
E. Fwd. Pkts. | The number of forwarded egress packets |
E. Fwd. Octets | The number of forwarded egress octets |
Associated LSP LIST | If the SDP type is MPLS, a list of LSPs used to reach the far-end router displays. All the LSPs in the list must terminate at the IP address specified in the far-end field. If the SDP type is GRE, the following message displays: SDP delivery mechanism is not MPLS. |
Number of SDPs | The total number of SDPs applied to this service ID |
This command displays OAM TWAMP Light status information.
The following output is an example of TWAMP Light information, and Table 152 describes the fields.
Label | Description |
TWAMP Light Reflector | |
Admin State | Displays one of the following: Up—the server or prefix is administratively enabled (no shutdown) in configuration Down—the server or prefix is administratively disabled (shutdown) in configuration |
Up Time | The time since the server process was started, measured in days (d), hours, minutes, and seconds |
Configured UDP Port | The UDP port number used |
Test Packets Rx | The total number of test packets received from session senders |
Test Packets Tx | The total number of test packets sent to session senders |
TWAMP Light Controller Prefix List | The IP address prefixes of TWAMP Light clients |
This command displays the services matching certain usage properties.
If no optional parameters are specified, all services defined on the system are displayed.
The following output is an example of service-using information, and Table 153 describes the fields.
Label | Description |
Service Id | The service identifier |
Type | The service type configured for the service ID |
Name | The service name |
Description | A description of the service |
Adm | The desired state of the service |
Opr | The operating state of the service |
CustomerID | The ID of the customer who owns this service |
Last Mgmt Change | The date and time of the most recent management-initiated change to this service |
Matching Services | The number of services of the same type |
Note: The following command outputs are examples only; actual displays may differ depending on supported functionality and user configuration. |
This command provides access to the show commands for the service specified by the service-id.
Using service-id with this command applies only to VPRN service.
This command displays aggregated routes.
The following output is an example of aggregate route information, and Table 154 describes the fields.
Label | Description |
Prefix | The destination address of the aggregate route in dotted-decimal notation |
Summary | Specifies whether the aggregate or more specific components are advertised |
AS Set | Displays an aggregate where the path advertised for the route consists of all elements contained in all paths that are being summarized |
Aggr AS | The aggregator path attribute to the aggregate route |
Aggr IP-Address | The IP address of the aggregated route |
State | The operational state of the aggregated route |
No. of Aggregates | The total number of aggregated routes |
This command displays the router ARP table sorted by IP address.
If no command line options are specified, all ARP entries are displayed.
The following output is an example of ARP table information, and Table 155 describes the fields.
Label | Description |
IP Address | The IP address of the ARP entry |
MAC Address | The MAC address of the ARP entry |
Expiry | The age of the ARP entry |
Type | Dyn—the ARP entry is a dynamic ARP entry |
Inv—the ARP entry is an inactive static ARP entry (invalid) | |
Oth—the ARP entry is a local or system ARP entry | |
Sta—the ARP entry is an active static ARP entry | |
Interface | The IP interface name associated with the ARP entry |
No. of ARP Entries | The number of ARP entries displayed in the list |
This command enables the context to display BGP-related information.
This command displays BGP routes that have been dampened due to route flapping. This command can be entered with or without a route parameter. If no parameters are included, all dampened routes are listed.
If the keyword detail is included, more detailed information is displayed.
If a damp-type is specified, only those types of dampened routes (decayed, history, or suppressed) are displayed. Routes that have a state of decayed have gained penalties for flapping but have not yet reached the suppression limit. Routes that have a state of history have had a route flap and have been withdrawn. Routes that have a state of suppressed have reached the suppression limit and are not considered in BGP path selection.
The following output is an example of BGP damping information, and Table 156 describes the fields.
Label | Description |
BGP Router ID | The local BGP router ID |
AS | The configured autonomous system number |
Local AS | The configured or inherited local AS for the specified peer group; if not configured, it is the same value as the AS |
Network | The IP prefix and mask length for the route |
Flag/Flags | Legend: Status codes: u-used, s-suppressed, h-history, d-decayed, *-valid (if an * is not present, the status is invalid) Origin codes: i-IGP, e-EGP, ?-incomplete, >-best |
From | The originator ID path attribute value |
Reuse/Reuse time | The time when a suppressed route can be used again |
AS-Path | The BGP AS path for the route |
Peer | The router ID of the advertising router |
NextHop | The BGP next hop for the route |
Peer AS | The autonomous system number of the advertising router |
Peer Router-Id | The router ID of the advertising router |
Local Pref | The BGP local preference path attribute for the route |
Age | The time elapsed since the service was enabled |
Last update | The time that BGP was last updated |
FOM Present | The current Figure of Merit (FOM) value |
FOM Last upd. | The last updated FOM value |
Number of Flaps | The number of flaps in the neighbor connection |
Reuse time | The time when the route can be reused |
Path | The BGP AS path for the route |
Applied Policy | The applied route policy name |
This command displays group information for a BGP peer group. This command can be entered with or without parameters.
When this command is entered without a group name, information about all peer groups displays.
When the command is issued with a specific group name, information only pertaining to that specific peer group displays.
The “State” field displays the BGP group’s operational state. Valid states are:
The following output is an example of BGP group information, and Table 157 describes the fields.
Label | Description |
Group | The BGP group name |
Group Type | No Type: peer type not configured External: peer type configured as external BGP peers Internal: peer type configured as internal BGP peers |
State | Disabled: the BGP peer group has been operationally disabled Down: the BGP peer group is operationally inactive Up: the BGP peer group is operationally active |
Peer AS | The configured or inherited peer AS for the specified peer group |
Local AS | The configured or inherited local AS for the specified peer group |
Local Address | The configured or inherited local address for originating peering for the specified peer group |
Loop Detect | The configured or inherited loop detect setting for the specified peer group |
Connect Retry | The configured or inherited connect retry timer value |
Authentication | None: no authentication is configured MD5: MD5 authentication is configured |
Local Pref | The configured or inherited local preference value |
MED Out | The configured or inherited MED value that is assigned to advertised routes |
Multihop | The maximum number of router hops a BGP connection can traverse |
AS Override | The setting of the AS override |
Min Route Advt. | The minimum amount of time that must pass between route updates for the same IP prefix |
Min AS Originate | The minimum amount of time that must pass between updates for a route originated by the local router |
Prefix Limit | No Limit: no route limit assigned to the BGP peer group 1 — 4294967295: the maximum number of routes BGP can learn from a peer |
Passive | Disabled: BGP attempts to establish a BGP connection with a neighbor in the specified peer group Enabled: BGP will not actively attempt to establish a BGP connection with a neighbor in the specified peer group |
Next Hop Self | Disabled: BGP is not configured to send only its own IP address as the BGP next hop in route updates to neighbors in the peer group Enabled: BGP sends only its own IP address as the BGP next hop in route updates to neighbors in the specified peer group |
Aggregator ID 0 | Disabled: BGP is not configured to set the aggregator ID to 0.0.0.0 in all originated route aggregates sent to the neighbor in the peer group Enabled: BGP is configured to set the aggregator ID to 0.0.0.0 in all originated route aggregates sent to the neighbor in the peer group |
Remove Private | Disabled: BGP will not remove all private AS numbers from the AS path attribute in updates sent to the neighbor in the peer group Enabled: BGP removes all private AS numbers from the AS path attribute in updates sent to the neighbor in the peer group |
Damping | Disabled: the peer group is configured not to dampen route flaps Enabled: the peer group is configured to dampen route flaps |
Import Policy | The configured import policies for the peer group |
Export Policy | The configured export policies for the peer group |
Hold Time | The configured hold-time setting |
Keep Alive | The configured keepalive setting |
Min Hold Time | The configured minimum hold-time setting |
Cluster Id | The configured route reflector cluster ID None: No cluster ID has been configured |
Client Reflect | Disabled: the BGP route reflector will not reflect routes to this neighbor Enabled: the BGP route reflector is configured to reflect routes to this neighbor |
NLRI | The type of network layer reachability information that the specified peer group can accept Unicast: IPv4 unicast routing information can be carried |
Preference | The configured route preference value for the peer group |
TTL Security | Enabled: TTL security is enabled Disabled: TTL security is disabled |
Min TTL Value | The minimum TTL value configured for the peer |
Graceful Restart | The state of graceful restart |
Stale Routes Time | The length of time that stale routes are kept in the route table |
Auth key chain | The value for the authentication key chain |
Bfd Enabled | Enabled: BFD is enabled Disabled: BFD is disabled |
Creation Origin | The creation method of the peer group |
Split Horizon | The configured split-horizon setting |
List of Peers | A list of BGP peers configured under the peer group |
Total Peers | The total number of peers configured under the peer group |
Established | The total number of peers that are in an established state |
Peer Groups | The number of peer groups |
This command displays BGP neighbor information. This command can be entered with or without any parameters.
When this command is issued without any parameters, information about all BGP peers displays.
When the command is issued with a specific IP address or ASN, information regarding only that specific peer or peers with the same AS displays.
Note: This information is not available when using SNMP. |
Note: When either received-routes or advertised-routes is specified, the routes that are received from or sent to the specified peer are listed. When either history or suppressed is specified, the routes that are learned from those peers that either have a history or are suppressed are listed. |
The following outputs are examples of BGP neighbor information:
Label | Description |
Peer | The IP address of the configured BGP peer |
Group | The BGP peer group to which this peer is assigned |
Peer AS | The configured or inherited peer AS for the peer group |
Peer Address | The configured address for the BGP peer |
Peer Port | The TCP port number used on the far-end system |
Local AS | The configured or inherited local AS for the peer group |
Local Address | The configured or inherited local address for originating peering for the peer group |
Local Port | The TCP port number used on the local system |
Peer Type | External: peer type configured as external BGP peers |
Internal: peer type configured as internal BGP peers | |
Dynamic Peer | Yes: the session is dynamic (that is, unconfigured) |
No: the session is statically configured | |
State | Idle: The BGP peer is not accepting connections. (Shutdown) is also displayed if the peer is administratively disabled. |
Active: BGP is listening for and accepting TCP connections from this peer | |
Connect: BGP is attempting to establish a TCP connection with this peer | |
Open Sent: BGP has sent an OPEN message to the peer and is waiting for an OPEN message from the peer | |
Open Confirm: BGP has received a valid OPEN message from the peer and is awaiting a KEEPALIVE or NOTIFICATION | |
Established: BGP has successfully established a peering session and is exchanging routing information | |
Last State | Idle: The BGP peer is not accepting connections |
Active: BGP is listening for and accepting TCP connections from this peer | |
Connect: BGP is attempting to establish a TCP connections with this peer | |
Open Sent: BGP has sent an OPEN message to the peer and is waiting for an OPEN message from the peer | |
Open Confirm: BGP has received a valid OPEN message from the peer and is awaiting a KEEPALIVE or NOTIFICATION | |
Last Event | start: BGP has initialized the BGP neighbor |
stop: BGP has disabled the BGP neighbor | |
open: BGP transport connection is opened | |
close: BGP transport connection is closed | |
openFail: BGP transport connection failed to open | |
error: BGP transport connection error | |
connectRetry: the connect retry timer expired | |
holdTime: the hold time timer expired | |
keepAlive: the keepalive timer expired | |
recvOpen: BGP has received an OPEN message | |
revKeepalive: BGP has received a KEEPALIVE message | |
recvUpdate: BGP has received an UPDATE message | |
recvNotify: BGP has received a NOTIFICATION message | |
None: no events have occurred | |
Last Error | The last BGP error and subcode to occur on the BGP neighbor |
Local Family | The configured local family value |
Remote Family | The configured remote family value |
Connect Retry | The configured or inherited connect retry timer value |
Local Pref. | The configured or inherited local preference value |
Min Route Advt. | The minimum amount of time that must pass between route updates for the same IP prefix |
Min AS Originate | The minimum amount of time that must pass between updates for a route originated by the local router |
Multihop | The maximum number of router hops a BGP connection can traverse |
Damping | Disabled: the BGP neighbor is configured not to dampen route flaps |
Enabled: the BGP neighbor is configured to dampen route flaps | |
Loop Detect | Ignore: The BGP neighbor is configured to ignore routes with an AS loop |
Drop: The BGP neighbor is configured to drop the BGP peering if an AS loop is detected | |
Off: AS loop detection is disabled for the neighbor | |
MED Out | The configured or inherited MED value that is assigned to advertised routes |
Authentication | None: no authentication is configured |
MD5: MD5 authentication is configured | |
Next Hop Self | Disabled: BGP is not configured to send only its own IP address as the BGP next hop in route updates to the specified neighbor |
Enabled: BGP will send only its own IP address as the BGP next hop in route updates to the neighbor | |
AggregatorID Zero | Disabled: the BGP neighbor is not configured to set the aggregator ID to 0.0.0.0 in all originated route aggregates |
Enabled: the BGP neighbor is configured to set the aggregator ID to 0.0.0.0 in all originated route aggregates | |
Remove Private | Disabled: BGP will not remove all private AS numbers from the AS path attribute in updates sent to the specified neighbor |
Enabled: BGP will remove all private AS numbers from the AS path attribute in updates sent to the specified neighbor | |
Passive | Disabled: BGP will actively attempt to establish a BGP connection with the specified neighbor |
Enabled: BGP will not actively attempt to establish a BGP connection with the specified neighbor | |
Peer Identifier | The IP identifier for the peer router |
Prefix Limit | No Limit: no route limit assigned to the BGP peer group |
1 — 4294967295: the maximum number of routes BGP can learn from a peer | |
Pref Limit Idle Time* | The length of time that the session is held in the idle state after it is taken down as a result of reaching the prefix limit |
Hold Time | The configured hold-time setting |
Keep Alive | The configured keepalive setting |
Min Hold Time | The configured minimum hold-time setting |
Active Hold Time | The negotiated hold time, if the BGP neighbor is in an established state |
Active Keep Alive | The negotiated keepalive time, if the BGP neighbor is in an established state |
Cluster Id | The configured route reflector cluster ID |
None: no cluster ID has been configured | |
Client Reflect | Disabled: The BGP route reflector is configured not to reflect routes to this neighbor |
Enabled: The BGP route reflector is configured to reflect routes to this neighbor | |
Preference | The configured route preference value for the peer group |
Num of Flaps | The number of route flaps in the neighbor connection |
Recd. Paths | The number of unique sets of path attributes received from the BGP neighbor |
IPv4 Recd. Prefixes | The number of unique sets of IPv4 path attributes received from the BGP neighbor |
IPv4 Active Prefixes | The number of IPv4 routes received from the BGP neighbor and active in the forwarding table |
IPv4 Suppressed Pfxs | The number of unique sets of IPv4 path attributes received from the BGP neighbor and suppressed due to route damping |
VPN-IPv4 Suppr. Pfxs | The number of unique sets of VPN-IPv4 path attributes received from the BGP neighbor and suppressed due to route damping |
VPN-IPv4 Recd. Pfxs | The number of unique sets of VPN-IPv4 path attributes received from the BGP neighbor |
VPN-IPv4 Active Pfxs | The number of VPN-IPv4 routes received from the BGP neighbor and active in the forwarding table |
IPv6 Suppressed. Pfxs | The number of unique sets of IPv6 path attributes received from the BGP neighbor and suppressed due to route damping |
IPv6 Recd. Prefixes | The number of unique sets of IPv6 path attributes received from the BGP neighbor |
IPv6 Active Prefixes | The number of IPv6 routes received from the BGP neighbor and active in the forwarding table |
VPN-IPv6 Recd. Pfxs | The number of unique sets of VPN-IPv6 path attributes received from the BGP neighbor |
VPN-IPv6 Active Pfxs | The number of VPN-IPv6 routes received from the BGP neighbor and active in the forwarding table |
VPN-IPv6 Suppr. Pfxs | The number of unique sets of VPN-IPv6 path attributes received from the BGP neighbor and suppressed due to route damping |
MVPN-IPv4 Suppr. Pfxs | The number of unique sets of MVPN-IPv4 path attributes received from the BGP neighbor and suppressed due to route damping |
MVPN-IPv4 Recd. Pfxs | The number of unique sets of MVPN-IPv4 path attributes received from the BGP neighbor |
MVPN-IPv4 Active Pfxs | The number of MVPN-IPv4 routes received from the BGP neighbor and active in the forwarding table |
Flow-IPv4 Suppr. Pfxs | N/A |
Flow-IPv4 Recd. Pfxs | N/A |
Flow-IPv4 Active Pfxs | N/A |
Rte-Tgt Suppr. Pfxs | The number of unique sets of route target path attributes received from the BGP neighbor and suppressed due to route damping |
Rte-Tgt Recd. Pfxs | The number of unique sets of route target path attributes received from the BGP neighbor |
Rte-Tgt Active. Pfxs | The number of route target routes received from the BGP neighbor and active in the forwarding table |
Backup IPv4 Pfxs | The number of BGP Fast Reroute backup path IPv4 prefixes |
Backup IPv6 Pfxs | The number of BGP Fast Reroute backup path IPv6 prefixes |
Mc Vpn Ipv4 Suppr. P* | N/A |
Backup Vpn IPv4 Pfxs | The number of BGP Fast Reroute backup path VPN IPv4 prefixes |
Backup Vpn IPv6 Pfxs | The number of BGP Fast Reroute backup path VPN IPv6 prefixes |
Input Queue | The number of BGP messages to be processed |
Output Queue | The number of BGP messages to be transmitted |
i/p Messages | The total number of packets received from the BGP neighbor |
o/p Messages | The total number of packets sent to the BGP neighbor |
i/p Octets | The total number of octets received from the BGP neighbor |
o/p Octets | The total number of octets sent to the BGP neighbor |
i/p Updates | The total number of updates received from the BGP neighbor |
o/p Updates | The total number of updates sent to the BGP neighbor |
Evpn Suppr. Pfxs | The number of unique sets of EVPN-IPv4 path attributes received from the BGP neighbor and suppressed due to route damping |
Evpn Recd. Pfxs | The number of unique sets of EVPN-IPv4 path attributes received from the BGP neighbor |
Evpn Active Pfxs | The number of EVPN-IPv4 routes received from the BGP neighbor and active in the forwarding table |
MS-PW Suppr. Pfxs | N/A |
MS-PW Recd. Pfxs | N/A |
MS-PW Active Pfxs | N/A |
TTL Security | Enabled: TTL security is enabled Disabled: TTL security is disabled |
Min TTL Value | The minimum TTL value configured for the peer |
Graceful Restart | The state of graceful restart |
Stale Routes Time | The length of time that stale routes are kept in the route table |
Advertise Inactive | The state of advertising inactive BGP routes to other BGP peers (enabled or disabled) |
Peer Tracking | The state of tracking a neighbor IP address in the routing table for a BGP session |
Advertise Label | Indicates the enabled address family for supporting RFC 3107 BGP label capability |
Auth key chain | The value for the authentication key chain |
Disable Cap Nego | N/A |
Bfd Enabled | Enabled: BFD is enabled Disabled: BFD is disabled |
Flowspec Validate | N/A |
Default Route Tgt | Indicates that the default RTC route (zero prefix length) is originated towards the selected peers |
Aigp Metric | Indicates whether accumulated IGP (AIGP) path attribute support with one or more BGP peers is enabled or disabled |
Split Horizon | Indicates whether split horizon is enabled or disabled, When enabled, split horizon prevents routes from being reflected back to a peer that sends the best route. |
Local Capability | The capability of the local BGP speaker; for example, route refresh, MP-BGP, ORF |
Remote Capability | The capability of the remote BGP peer; for example, route refresh, MP-BGP, ORF |
Local AddPath Capabi* | The state of the local BGP add-paths capabilities. The add-paths capability allows the router to send and receive multiple paths per prefix to or from a peer. |
Remote AddPath Capab* | The state of the remote BGP add-paths capabilities |
Import Policy | The configured import policies for the peer group |
Export Policy | The configured export policies for the peer group |
Origin Validation | N/A |
EBGP Link Bandwidth | N/A |
IPv4 Rej. Pfxs | The number of unique sets of IPv4 path attributes received from the BGP neighbor and rejected by the router |
IPv6 Rej. Pfxs | The number of unique sets of IPv6 path attributes received from the BGP neighbor and rejected by the router |
VPN-IPv4 Rej. Pfxs | The number of unique sets of VPN-IPv4 path attributes received from the BGP neighbor and rejected by the router |
VPN-IPv6 Rej. Pfxs | The number of unique sets of VPN-IPv6 path attributes received from the BGP neighbor and rejected by the router |
Mc IPv4 Rej. Pfxs | The number of unique sets of MC IPv4 path attributes received from the BGP neighbor and rejected by the router |
Mc IPv6 Rej. Pfxs | The number of unique sets of MC IPv6 path attributes received from the BGP neighbor and rejected by the router |
MVPN-IPv4 Rej. Pfxs | The number of unique sets of MVPN-IPv4 path attributes received from the BGP neighbor and rejected by the router |
MVPN-IPv6 Rej. Pfxs | The number of unique sets of MVPN-IPv6 path attributes received from the BGP neighbor and rejected by the router |
Flow-IPv4 Rej. Pfxs | The number of unique sets of path attributes received from the BGP neighbor and rejected by the router |
Flow-IPv6 Rej. Pfxs | The number of unique sets of Flow-IPv6 path attributes received from the BGP neighbor and rejected by the router |
L2-VPN Rej. Pfxs | The number of unique sets of L2-VPN path attributes received from the BGP neighbor and rejected by the router |
MDT-SAFI Rej. Pfxs | The number of unique sets of MDT-SAFI path attributes received from the BGP neighbor and rejected by the router |
Rte-Tgt Rej. Pfxs | The number of unique sets of route target path attributes received from the BGP neighbor and rejected by the router |
MS-PW Rej. Pfxs | The number of unique sets of MS-PW path attributes received from the BGP neighbor and rejected by the router |
Mc Vpn Ipv4 Rej. Pfxs | The number of unique sets of MC VPN IPv4 path attributes received from the BGP neighbor and rejected by the router |
Evpn Rej. Pfxs | The number of unique sets of EVPN path attributes received from the BGP neighbor and rejected by the router |
Label-v4 Suppr. Pfxs | The number of unique sets of label-IPv4 path attributes received from the BGP neighbor and suppressed due to route damping |
Label-v4 Recd. Pfxs | The number of unique sets of label-IPv4 path attributes received from the BGP neighbor |
Label-v4 Active Pfxs | The number of label-IPv4 routes received from the BGP neighbor and active in the forwarding table |
Label-v4 Rej. Pfxs | The number of unique sets of label-IPv4 path attributes received from the BGP neighbor and rejected by the router |
Label-v6 Suppr. Pfxs | The number of unique sets of label-IPv6 path attributes received from the BGP neighbor and suppressed due to route damping |
Label-v6 Recd. Pfxs | The number of unique sets of label-IPv6 path attributes received from the BGP neighbor |
Label-v6 Active Pfxs | The number of label-IPv6 routes received from the BGP neighbor and active in the forwarding table |
Label-v6 Rej. Pfxs | The number of unique sets of label-IPv6 path attributes received from the BGP neighbor and rejected by the router |
Bgp-Ls Suppr. Pfxs | The number of unique sets of BGP LS path attributes received from the BGP neighbor and suppressed due to route damping |
Bgp-Ls Recd. Pfxs | The number of unique sets of BGP LS path attributes received from the BGP neighbor |
Bgp-Ls Active Pfxs | The number of BGP LS routes received from the BGP neighbor and active in the forwarding table |
Bgp-Ls Rej. Pfxs | The number of unique sets of BGP LS path attributes received from the BGP neighbor and rejected by the router |
Label | Description |
BGP Router ID | The local BGP router ID |
AS | The configured autonomous system number |
Local AS | The configured local AS setting. If not configured, then it is the same value as the AS. |
Flag/Flags | Legend: Status codes: u - used s - suppressed h - history d - decayed * - valid If an * is not present, then the status is invalid Origin codes: i - IGP e - EGP ? - incomplete > - best |
Network | The route IP prefix and mask length for the route |
Next Hop | The BGP next hop for the route |
LocalPref | The BGP local preference path attribute for the route |
MED | The BGP Multi-Exit Discriminator (MED) path attribute for the route |
AS-Path | The BGP AS path for the route |
Label | Description |
BGP Neighbor | The IP address of the BGP neighbor |
Graceful Restart locally configured for peer | The configured state of graceful restart for the local router |
Peer's Graceful Restart feature | The configured state of graceful restart for the peer router |
NLRI(s) that peer supports restart for | The families supported by the peer router for graceful restart |
NLRI(s) that peer saved forwarding for | The families for which the peer router continued to forward packets after graceful restart |
NLRI(s) that restart is negotiated for | The families that negotiate restart during graceful restart |
NLRI(s) of received end-of-rib markers | The families for which end-of-RIB markers have been received |
NLRI(s) of all end-of-rib markers sent | The families for which end-of-RIB markers have been sent |
Restart time locally configured for peer | The length of time configured on the local router for the peer router’s graceful restart |
Restart time requested by the peer | The length of time requested by the peer router for graceful restart |
Time stale routes from peer are kept for | The length of time that the local router continues to support stale routes |
Graceful restart status on the peer | The status of graceful restart on the peer router |
Number of Restarts | The number of restarts since graceful restart is enabled between peers |
Last Restart at | The local time of the last graceful restart |
This command displays BGP next-hop information.
The following output is an example of BGP next-hop information, and Table 161 describes the fields.
Label | Description |
BGP Router ID | The local BGP router ID |
AS | The configured autonomous system number |
Local AS | The configured local AS setting. If not configured, then the value is the same as the AS. |
Next Hop | The next-hop address |
Resolving Prefix | The prefix of the best next hop |
Pref: Preference | The BGP preference attribute for the routes |
Metric | The metric derived from the IGP for a particular next hop |
Reference Count | The number of routes using the resolving prefix |
Owner | The routing protocol used to derive the best next hop |
Resolved Next Hop | The IP address of the next hop |
Egress Label | The VPN label used for VPN-IPv4 data |
Next Hops | The number of next hops |
This command displays a summary of BGP path attributes.
The following output is an example of BGP path information, and Table 162 describes the fields.
Label | Description |
BGP Router ID | The local BGP router ID |
AS | The configured autonomous system number |
Local AS | The configured local AS setting. If not configured, then the value is the same as the AS. |
Path | The AS path attribute |
Next Hop | The advertised BGP next hop |
Origin | EGP: the NLRI is learned by an EGP protocol |
IGP: the NLRI is interior to the originating AS | |
Incomplete: NLRI was learned another way | |
Segments | The number of segments in the AS path attribute |
MED | The Multi-Exit Discriminator value |
Local Preference | The local preference value. This value is used if the BGP route arrives from a BGP peer without the Local Pref attribute set. It is overridden by any value set via a route policy. |
Refs | The number of routes using a specified set of path attributes |
ASes | The number of autonomous system numbers in the AS path attribute |
Flags | IBGP-learned: path attributes learned by an IBGP peering |
Community | The BGP community attribute list |
Cluster List | The route reflector cluster list |
Originator ID | The originator ID path attribute value |
This command displays BGP route information.
When this command is issued without any parameters, the entire BGP routing table displays.
When this command is issued with an IP prefix/mask or IP address, the best match for the parameter displays.
Note: To apply a family filter to the route output of the command, the family name must be specified before all other filtering parameters except for the IP prefix/mask or IP address, which, if present, must be placed before the family name in the command. |
as-number1 | 0 to 65535 | |
comm-val1 | 0 to 65535 | |
ext-comm | type:{ip-address:comm-val1 | as-number1:comm-val2 |as-number2:comm-val1 | as-number1:val-in-mbps} ext:xxyy:ovstate where type: target | origin | bandwidth (keywords) ip-address: ipv4-address: a.b.c.d ipv6-address:: x:x:x:x:x:x:x:x[-interface] x:x:x:x:x:x:d.d.d.d[-interface] interface - 32 chars max, mandatory for link local addresses x: [0 to FFFF]H d: [0 to 255]D | |
ext:xxyy:ovstate | xx: 43 yy: 0 ovstate: 0, 1, 2 (0 for valid, 1 for not-found, 2 for invalid) | |
well-known-comm | null | no-export | no-export-subconfed | no-advertise (keywords) |
The following output is an example of BGP route information, and Table 163 describes the fields.
Label | Description |
BGP Router ID | The local BGP router ID |
AS | The configured autonomous system number |
Local AS | The configured local AS setting. If not configured, the value is the same as the AS. |
Flag/Flags | Legend: Status codes: u - used s - suppressed h - history d - decayed * - valid If an * is not present, the status is invalid l - leaked x - stale > - best b - backup p - purge Origin codes: i - IGP e - EGP ? - incomplete > - best |
Network | The IP prefix and mask length |
Nexthop | The BGP next hop |
AS-Path | The BGP AS path attribute |
Local Pref. | The local preference value. This value is used if the BGP route arrives from a BGP peer without the Local Pref attribute set. It is overridden by any value set via a route policy. |
MED | The MED metric value |
none: MED metrics are not present | |
VPN Label | The label generated by the PE label manager |
Original Attributes | The received BGP attributes of a route from a peer without any modification from any policy |
Modified Attributes | The final BGP attributes of a route after the policies evaluation |
Route Dist. | The route distinguisher identifier attached to routes that distinguishes the VPN it belongs to |
From | The advertising BGP neighbor IP address |
Res. Nexthop | The resolved next hop |
Aggregator AS | The aggregator AS value |
none: aggregator AS attributes are not present | |
Aggregator | The aggregator attribute value |
none: aggregator attributes are not present | |
Atomic Aggr. | Atomic: the atomic aggregator flag is set |
Not Atomic: the atomic aggregator flag is not set | |
Community | The BGP community attribute list |
Cluster | The route reflector cluster list |
Originator Id | The originator ID path attribute value |
none: the originator ID attribute is not present | |
Peer Router Id | The router ID of the advertising router |
TieBreakReason | The step in the BGP decision process where a BGP route lost the tiebreaker with the next BGP route for the same prefix LocalPref — this route is not the best because the next better route has a higher LOCAL_PREF AIGP — this route is not the best because the next better route has a lower derived AIGP metric value ASPathLen — this route is not the best because the next better route has a shorter AS PATH length Origin — this route is not the best because the next better route has a lower origin value MED — this route is not the best because the next better route has a lower MED, and MED comparison of the routes was allowed IBGP — this IBGP route is not the best because the next better route is an EBGP route NHCost — this route is not the best because the next better route has a lower metric value to reach the BGP NEXT HOP BGPID — this route is not the best because the next better route has a lower originator ID or BGP identifier ClusterLen — this route is not the best because the next better route has a shorter cluster list length PeerIP — this route is not the best because the next better route has a lower neighbor IP address |
VPRN Imported | The VPRNs where a particular BGP-VPN received route has been imported and installed |
This command displays a summary of BGP neighbor information.
If confederations are not configured, that portion of the output will not display.
The “State” field displays the global BGP operational state. The valid values are:
For example, if a BGP peer is operationally disabled, then the state in the summary table shows the state ‘Disabled’.
The following output is an example of BGP summary information, and Table 164 describes the fields.
Label | Description |
BGP Router ID | The local BGP router ID |
AS | The configured autonomous system number |
Local AS | The configured local AS setting. If not configured, then the value is the same as the AS. |
BGP Admin State | Down: BGP is administratively disabled |
Up: BGP is administratively enabled | |
BGP Oper State | Down: BGP is operationally disabled |
Up: BGP is operationally enabled | |
Total Peer Groups | The total number of configured BGP peer groups |
Total Peers | The total number of configured BGP peers |
Total BGP Paths | The total number of unique sets of BGP path attributes learned from BGP peers |
Total Path Memory | The total amount of memory used to store the path attributes |
Total IPv4 Remote Rts | The total number of IPv4 routes learned from BGP peers |
Total IPv4 Remote Act. Rts | The total number of IPv4 routes used in the forwarding table |
Total Supressed Rts | The total number of suppressed routes due to route damping |
Total Hist. Rts | The total number of routes with history due to route damping |
Total Decay Rts | The total number of decayed routes due to route damping |
Total VPN Peer Groups | The total number of configured VPN peer groups |
Total VPN Peers | The total number of configured VPN peers |
Total VPN Local Rts | The total number of configured local VPN routes |
Total VPN-IPv4 Rem. Rts | The total number of configured remote VPN-IPv4 routes |
Total VPN-IPv4 Rem. Act. Rts | The total number of active remote VPN-IPv4 routes used in the forwarding table |
Total VPN Supp. Rts | The total number of suppressed VPN routes due to route damping |
Total VPN Hist. Rts | The total number of VPN routes with history due to route damping |
Total VPN Decay Rts | The total number of decayed routes due to route damping |
Neighbor | The BGP neighbor address |
AS (Neighbor) | The BGP neighbor autonomous system number |
PktRcvd | The total number of packets received from the BGP neighbor |
PktSent | The total number of packets sent to the BGP neighbor |
InQ | The number of BGP messages to be processed |
OutQ | The number of BGP messages to be transmitted |
Up/Down | The amount of time that the BGP neighbor has either been established or not established depending on its current state |
State|Recv/Actv/Sent (Addr Family) | The BGP neighbor’s current state (if not established) or the number of received routes, active routes and sent routes (if established), along with the address family |
This command lists the local DHCP or DHCPv6 servers.
The following output is an example of DHCP server information, and Table 165 describes the fields.
Label | Description |
Active Leases | The number of active leases |
Maximum Leases | The maximum number of leases available |
Router | The name of the router |
Server | The name of the DHCP or DHCPv6 server |
Admin State | The administrative state of the DHCP or DHCPv6 server |
This command displays statistics for DHCP Relay and DHCPv6 Relay.
If no interface name or IP address is specified, then all configured interfaces are displayed. If the statistics command is used in the dhcp6 context, the interface name or IP address cannot be specified.
The following outputs are examples of DHCP or DHCPv6 statistics information:
Label | Description |
DHCP Global Statistics (Router: Base) | |
Rx Packets | The number of packets received |
Tx Packets | The number of packets transmitted |
Rx Malformed Packets | The number of malformed packets received |
Rx Untrusted Packets | The number of untrusted packets received |
Client Packets Discarded | The number of packets from the DHCP client that were discarded |
Client Packets Relayed | The number of packets from the DHCP client that were forwarded |
Server Packets Discarded | The number of packets from the DHCP server that were discarded |
Server Packets Relayed | The number of packets from the DHCP server that were forwarded |
Label | Description |
DHCP6 Statistics (Router: Base) | |
Msg-type | The number of messages received, transmitted, or dropped by the router for each message type |
Dhcp6 Drop Reason Counters | The number of times that a message was dropped for a particular reason |
This command displays a summary of DHCP and DHCPv6 configuration.
The following outputs are examples of DHCP or DHCPv6 summary information:
Label | Description |
DHCP Summary (Router: Base) | |
Interface Name SapId/Sdp | The name of the interface or SAP/SDP identifier |
Arp Populate | Specifies whether ARP populate is enabled or disabled |
Used/Provided | Used — number of lease-states that are currently in use on the specified interface; that is, the number of clients on the interface that got an IP address by DHCP. This number is always less than or equal to the “Provided” field. |
Provided — lease-populate value configured for the specified interface | |
Info Option | Keep — the existing information is kept on the packet and the router does not add any additional information |
Replace — on ingress, the existing information-option is replaced with the information-option from the router | |
Drop — the packet is dropped and an error is logged | |
Admin State | The administrative state |
Interfaces | The total number of DHCP interfaces |
Label | Description |
DHCP Summary (Router: Base) | |
Interface Name SapId | The name of the interface or SAP/SDP identifier |
Nbr Resol. | Yes — neighbor resolution (discovery) is enabled |
No — neighbor resolution (discovery) is disabled | |
Used/Max Relay: | Used — number of relay routes currently being used on the interface |
Max Relay — maximum number of relay routes on the interface | |
Used/Max Server | Used — number of server routes currently being used on the interface |
Max Server — maximum number of server routes currently being used on the interface | |
Admin | The administrative state |
Oper Relay | The operating state of the relay routes |
Oper Server | The operating state of the server routes |
Interfaces | The total number of DHCPv6 interfaces |
This command displays the router IP interface table sorted by interface index.
The following output is an example of standard IP interface information, and Table 170 describes the fields.
Label | Description |
Interface Table (Service: x) | |
Interface-Name | The name of the interface |
IP-Address | The IP address of the interface |
Adm | The administrative state of the interface |
Opr (v4/v6) | The operational state of the interface (only ipv4 addresses apply) |
Type | The service type |
Port/SapId PfxState | The port or SAP associated with the interface |
This command enables the context to display MSDP information.
This command displays information about MSDP groups.
The following output is an example of MSDP group information, and Table 171 describes the fields.
Label | Description |
Group Name | Displays the MSDP group name |
Mode | Displays the mode of peers in the group, either Mesh-group or Standard |
Act Srcs | Displays the configured maximum number of SA messages that will be accepted by MSDP |
Local Address | Displays the local end of an MSDP session |
Admin State | Displays the administrative state |
Receive Msg Rate | Displays the rate that the messages are read from the TCP session |
Receive Msg Time | Displays the time interval in which the number of MSDP messages set by the receive-msdp-msg-rate number parameter are read from the TCP session |
Receive Msg Thd | Displays the configured threshold for the number of MSDP messages that can be processed before the MSDP message rate-limiting function is activated |
SA Limit | Displays the SA message limit |
Export Policy | Displays whether an export policy is configured or inherited |
Import Policy | Displays whether an import policy is configured or inherited |
This command displays information about an MSDP peer.
The following output is an example of MSDP peer information, and Table 172 describes the fields.
Label | Description |
Peer | Displays the IP address of the peer |
Local Address | Displays the local IP address |
State | Displays the current state of the peer |
Last State Change | Displays the date and time of the peer’s last state change |
SA Learnt | Displays the number of SAs learned through a peer |
This command displays the discovery method for the specified multicast source. By default, all user-created sources are displayed.
The following output is an example of MSDP source information and Table 173 describes the fields.
Label | Description |
Source | Displays the IP address of the MSDP peer |
Type | Displays the type of peer |
SA Limit | Displays the local IP address |
Num Excd | Displays the number of times the global active source limit has been exceeded |
Last Exceeded | Displays the date and time of the last state change of the peer |
This command displays source-active (SA) messages accepted by MSDP.
The following output is an example of accepted MSDP SA messages information, and Table 174 describes the fields.
Label | Description |
Grp Address | Displays the IP address of the group |
Src Address | Displays the IP address of the source |
Origin RP | Displays the originating rendezvous point (RP) address |
Peer Address | Displays the IP address of the peer |
State Timer | Displays the state timeout value. If the value reaches 0, the SA entry is removed. |
This command displays SA messages rejected by MSDP.
The following output is an example of rejected MSDP SA messages information, and Table 175 describes the fields.
Label | Description |
Grp Address | Displays the IP address of the group |
Src Address | Displays the IP address of the source |
Origin RP | Displays the originating rendezvous point (RP) address |
Peer Address | Displays the address of the peer |
Reject Reason | Displays the reason why this SA entry is rejected |
This command displays statistics information related to an MSDP peer.
The following output is an example of MSDP statistics information, and Table 176 describes the fields.
Label | Description |
Glo ActSrc Lim Excd | Displays the number of global active source messages that exceed the configured limit |
Peer Address | Displays the address of the MSDP peer |
Last State Change | Displays the date and time the peer state changed |
Last message Peer | Displays the time the last message was received from the peer |
RPF Failures | Displays the number of reverse path forwarding (RPF) failures |
Remote Closes | Displays the number of times the remote peer closed |
SA Msgs Sent | Displays the number of SA messages sent |
SA Msgs Recvd | Displays the number of SA messages received |
SA req. Msgs Sent | Displays the number of SA request messages sent |
SA req. Msgs Recvd | Displays the number of SA request messages received |
SA res. Msgs Sent | Displays the number of SA response messages sent |
SA res. Msgs Recvd | Displays the number of SA response messages received |
KeepAlive Msgs Sent | Displays the number of keepalive messages sent |
KeepAlive Msgs Recd | Displays the number of keepalive messages received |
Unknown Msgs Sent | Displays the number of unknown messages sent |
Error Msgs Recvd | Displays the number of error messages received |
This command displays MSDP status information.
The following output is an example of MSDP status information, and Table 177 describes the fields.
Label | Description |
Admin State | Displays the administrative state |
Local Address | Displays the local IP address |
Global Statistics | Displays global MSDP statistics |
Active Src Limit | Displays the active source limit |
Act Src Lim Excd | Displays the number of times that the active source limit was exceeded |
Num. Peers | Displays the number of peers |
Num. Peers Estab | Displays the number of peers established |
Num. Source Active | Displays the number of active sources |
Policies | Specifies the policy used to export the SA state from the SA list into MSDP |
Data Encapsulation | Specifies whether the rendezvous point (RP) encapsulates multicast data received in MSDP register messages inside forwarded MSDP SA messages |
Rate | The receive message rate |
Time | The receive message interval |
Threshold | The number of MSDP messages that can be processed before the MSDP message rate-limiting function is activated |
Last Msdp Enabled | The time the last MSDP was triggered |
This command displays the active routes in the routing table.
If no command line arguments are specified, all routes are displayed, sorted by prefix.
The following adapter cards and platforms support the full IPv6 subnet range for IPv6 static routes:
For these cards and platforms, the supported route range for statically provisioned or dynamically learned routes is from /1 to /128.
For all other cards, modules, and ports (including the v-port on the 2-port 10GigE (Ethernet) module), the supported range for statically provisioned or dynamically learned routes is from /1 to /64 or is /128 (indicating a host route).
The following outputs are examples of routing table information:
Label | Description |
Dest Prefix | The route destination address and mask |
[Flags] | n — Number of times nexthop is repeated Backup — BGP backup route LFA — Loop-free alternate next hop S — Sticky ECMP requested |
Next Hop | The next-hop IP address for the route destination |
Type | Local — the route is a local route |
Remote — the route is a remote route | |
Protocol | The protocol through which the route was learned |
Age | The route age in seconds for the route |
Metric | The route metric value for the route |
Pref | The route preference value for the route |
No. of Routes | The number of routes displayed in the list |
Interface | The interface name of the next hop |
QoS | The FC and priority associated with the next hop |
Source-Class | The source class value, 0 to 255 |
Dest-Class | The destination class value, 0 to 255 |
ECMP-Weight | The fractional share of bandwidth for the next hop, either N/A or 1 to 32 |
No. of Destinations | The total number of next-hop destinations |
Label | Description |
Dest Prefix[Flags] | The route destination address and mask, and flags (if applicable) |
Next Hop | The next hop IP address for the route destination |
Type | Local — the route is a local route |
Remote — the route is a remote route | |
Proto | The protocol through which the route was learned |
Age | The route age in seconds for the route |
Metric | The route metric value for the route |
Pref | The route preference value for the route |
No. of Routes | The number of routes displayed in the list |
Alt-NextHop | The backup next hop |
Alt-Metric | The metric of the backup route |
This command displays QoS information about self-generated traffic.
This command displays application QoS settings.
Note:
|
The following output is an example of application QoS information, and Table 180 describes the fields.
Label | Description |
Application | The DSCP or dot1p application |
DSCP Value | The DSCP name or value assigned to the application; if you assign a value to the application (0 to 63), the DSCP name that maps to the value is displayed |
Default DSCP Value | The default DSCP value |
Dot1p Value | The dot1p priority assigned to the application (applies only to ARP and IS-IS) |
Default Dot1p Value | The default dot1p value |
This command displays the DSCP-to-FC mappings.
The following output is an example of DSCP-to-FC mapping information, and Table 181 describes the fields.
Label | Description |
DSCP Value | The DSCP values (displayed as names) of the self-generated traffic |
FC Value | The FC value mapped to each DSCP value |
Default FC Value | The default FC value |
This command displays the router static ARP table sorted by IP address.
If no options are present, all ARP entries are displayed.
The following output is an example of static ARP table information, and Table 182 describes the fields.
Label | Description |
IP Address | The IP address of the static ARP entry |
MAC Address | The MAC address of the static ARP entry |
Expiry | The age of the ARP entry. Static ARPs always have 00:00:00 for the age. |
Type | Inv—the ARP entry is an inactive static ARP entry (invalid) |
Sta—the ARP entry is an active static ARP entry | |
Interface | The IP interface name associated with the ARP entry |
No. of ARP Entries | The number of ARP entries displayed in the list |
This command displays the static entries in the routing table.
If no options are present. all static routes are displayed sorted by prefix.
The following adapter cards and platforms support the full IPv6 subnet range for IPv6 static routes:
For these cards and platforms, the supported route range for statically provisioned or dynamically learned routes is from /1 to /128.
For all other cards, modules, and ports (including the v-port on the 2-port 10GigE (Ethernet) module), the supported range for statically provisioned or dynamically learned routes is from /1 to /64 or is /128 (indicating a host route).
The following output is an example of static route information, and Table 183 describes the fields.
Label | Description |
Prefix | The static route destination address and mask |
Next Hop Nexthop | The next hop for the static route destination |
Tag | The 32-bit integer tag added to the static route |
Met Metric | The route metric value for the static route |
Pref Preference | The route preference value for the static route |
Type | BH—the static route is a blackhole route, where the next hop for this type of route is black-hole |
ID—the static route is an indirect route, where the next hop for this type of route is the non-directly connected next hop | |
NH—the route is a static route with a directly connected next hop | |
GRT—the route is a static route for the GRT next hop | |
IPSec—the route is a static route for the IPSec tunnel next hop | |
Act Active | N—the static route is inactive; for example, the static route is disabled or the next-hop IP interface is down |
Y—the static route is active | |
Interface | The egress IP interface name for the static route n/a — indicates there is no current egress interface because the static route is inactive or a blackhole route |
Prefix List | Identifies the prefix list used for this static route |
Prefix List Type | Identifies the type of prefix list used for this static route |
Admin State | The administrative state for this static route |
Creation Origin | The method by which the static route was created: manual or automatic (dynamic) |
BFD | The BFD state for this static route (enabled or disabled) |
CPE-check | The configured state of CPE check for this static route (enabled or disabled) |
Tunnel Resolution | n/a |
Disallow-IGP | n/a |
RSVP-TE Tunnels | n/a |
LDP Tunnels | n/a |
SR-ISIS Tunnels | n/a |
SR-OSPF Tunnels | n/a |
SR-TE Tunnels | n/a |
Inactive Reason | Indicates the reason for the static route being inactive |
No. of Static Routes: | The number of static routes displayed in the list |
This command displays tunnel table information.
If the auto-bind-tunnel command is used when configuring a VPRN service, it means that the MP-BGP next-hop resolution is referring to the core routing instance for IP reachability. For a VPRN service, the next hop specifies the lookup to be used by the routing instance if no SDP to the destination exists.
The following output is an example of tunnel table information, and Table 184 describes the fields.
Label | Description |
Destination | The route destination address and mask |
Owner | The tunnel owner (protocol) |
Encap | The tunnel encapsulation type |
Tunnel ID | The tunnel (SDP) identifier |
Pref Preference | The route preference for routes learned from the configured peers |
Nexthop | The next hop for the route destination |
Metric | The route metric value for the route |
CBF Classes | n/a |
Tunnel Flags | The tunnel flags |
Tunnel Label | The tunnel label |
Tunnel Metric | The tunnel metric |
Tunnel MTU | The tunnel MTU |
Max Label Stack | The maximum label stack depth |
Age | The tunnel age (that is, how long the tunnel has been operational) |
This command enables the context to clear and reset Multicast Source Discovery Protocol (MSDP) entities and statistics.
This command clears IP addresses from the MSDP cache.
This command clears IP address statistics for the peer to which MSDP SA requests for groups matching this entry's group range were sent.
This command clears data for a specific service.
This command clears all ARP entries.
This command enables the context to clear and reset DHCP entities.
This command clears DHCP statistics for a specified IP interface.
This command enables the context to clear and reset DHCPv6 entities.
This command clears DHCPv6 statistics for this IP interface.
This command clears configured information pertaining to a specified IP transport subservice.
If no port identifier is specified, information is cleared for all IP transport subservices.
This command clears configured information pertaining to a specified remote host assigned to this IP transport subservice.
This command clears statistics-related information pertaining to all configured IP transport subservices or to all configured remote hosts for a specified IP transport subservice.
This command clears and resets the mesh SDP binding for the service.
This command enables the context to clear Multicast Forwarding Information Base (MFIB)-related data.
This command clears MFIB statistics.
This command clears and resets the spoke SDP binding for the service.
This command enables the context to clear statistics data.
This command clears Circuit Emulation (CEM) statistics for the service.
This command clears all traffic queue counters statistics associated with the service.
This command clears and resets the mesh SDP binding statistics for the service.
This command clears statistics for the spoke SDP bound to the service.
This command clears statistics for the SAP bound to the service.
This command clears statistics for a specified SAP aggregation group.
This command clears keepalive statistics associated with the SDP ID.
This command enables debugging for Multicast Source Discovery Protocol (MSDP).
The no form of the command disables MSDP debugging.
This command enables debugging for MSDP packets.
The no form of the command disables MSDP packet debugging.
This command enables debugging for MSDP PIM.
The no form of the command disables MSDP PIM debugging.
This command enables debugging for MSDP route table manager (RTM).
The no form of the command disables MSDP RTM debugging.
This command enables debugging for MSDP source-active (SA) requests.
The no form of the command disables the MSDP SA database debugging.
This command enables the debugging context for a specific service.
The no form of the command disables debugging for the service.
This command enables the context for DHCP debugging.
The no form of the command disables DHCP debugging.
This command enables DHCP and DHCPv6 detail level tracing.
The no form of the command disables the detail level tracing.
This command enables debugging for a specified MAC address.
The no form of the command disables debugging for the MAC address.
This command enables the DHCP tracing mode.
The no form of the command disables the tracing mode.
This command enables debugging for a specific SAP.
The no form of the command disables the debugging for the SAP.
This command enables debugging for a specific SDP.
The no form of the command disables the debugging for the SDP.
This command enables the context for DHCPv6 debugging.
The no form of the command disables DHCPv6 debugging.
This command enables the DHCPv6 tracing mode.
The no form of the command disables the tracing mode.
This command enables debugging for an event type.
The no form of the command disables debugging on the event type.
This command enables debugging for a specific SAP.
The no form of the command disables debugging for the SAP.
This command enables debugging for a specific SDP.
The no form of the command disables the debugging for the SDP.