For complete descriptions of all local DHCP and DHCPv6 server commands, refer to the Router Configuration Guide, “Local DHCP and DHCPv6 Server Commands”.
For complete descriptions of all VPRN IPSec commands, refer to the IPSec Command Reference.
For complete descriptions of all local DHCP and DHCPv6 server show commands, refer to the Router Configuration Guide, “IP Router Command Reference, Show Commands”.
Note: The inter-as-label command appears in the show>router>bgp command hierarchy; however, it is not applicable in the VPRN BGP context and, if executed, will return empty output. |
This command creates a text description that is stored in the configuration file for a configuration context.
The description command associates a text string with a configuration context to help identify the contents in the configuration file.
The no form of this command removes the string from the configuration.
no description
This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.
The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they can be deleted.
Services are created in the administratively down (shutdown) state. When a no shutdown command is entered, the service becomes administratively up and then tries to enter the operationally up state. Default administrative states for services and service entities are described below in Special Cases.
The no form of this command places the entity into an administratively enabled state.
A service is regarded as operational providing that one IP Interface SAP and one SDP is operational.
This command creates or edits a Virtual Private Routed Network (VPRN) service instance.
If the service-id does not exist, a context for the service is created. If the service-id exists, the context for editing the service is entered.
VPRN services allow the creation of customer-facing IP interfaces in a separate routing instance from the one used for service network core routing connectivity. VPRN services allow the IP addressing scheme used by the subscriber to overlap with other addressing schemes used by other VPRN services or by the provider and, potentially, the entire Internet.
IP interfaces defined within the context of a VPRN service ID must have a SAP created as the access point to the subscriber network.
When a service is created, the customer keyword and customer-id must be specified, which associates the service with a customer. The customer-id must already exist, having been created using the customer command in the service context. When a service is created with a customer association, it is not possible to edit the customer association. To change the association between service and customer, the service must be deleted and recreated with a new customer association.
Once a service is created, the use of customer customer-id is optional to navigate into the service configuration context. Attempting to edit a service with an incorrect customer-id results in an error.
Multiple VPRN services are created in order to separate customer-owned IP interfaces. More than one VPRN service can be created for a single customer ID. More than one IP interface can be created within a single VPRN service ID. All IP interfaces created within a VPRN service ID belong to the same customer.
The no form of the command deletes the VPRN service instance with the specified service-id. The service cannot be deleted until all the IP interfaces and all routing protocol configurations defined within the service ID have been shut down and deleted.
n/a
This command creates an aggregate route.
Use this command to group a number of routes with common prefixes into a single entry in the routing table. This reduces the number of routes that need to be advertised by this router and reduces the number of routes in the routing tables of downstream routers.
Both the original components and the aggregated route (source protocol aggregate) are offered to the Routing Table Manager (RTM). Subsequent policies can be configured to assign protocol-specific characteristics, such as the OSPF tag, to aggregate routes.
Multiple entries with the same prefix but a different mask can be configured; routes are aggregated to the longest mask. If one aggregate is configured as 10.0/16 and another as 10.0.0/24, then route 10.0.128/17 would be aggregated into 10.0/16 and route 10.0.0.128/25 would be aggregated into 10.0.0/24. If multiple entries are made with the same prefix and the same mask, the previous entry is overwritten.
The no form of the command removes the aggregate.
no aggregate
This command specifies the type of automatic binding for the SDP assigned to this service. When auto-bind is used, it is not required that a spoke-SDP be configured for the service.
no auto-bind
This command defines the autonomous system (AS) to be used by this VPN virtual routing/forwarding table (VRF).
The no form of the command removes the defined AS from the given VPRN context.
no autonomous-system
This command enables ECMP in the VPRN service context and configures the number of routes for path sharing; for example, the value 2 means two equal-cost routes will be used for cost sharing.
ECMP (Equal-Cost Multipath Protocol) refers to the distribution of packets over two or more outgoing links that share the same routing cost. ECMP provides a fast local reaction to route failures. ECMP is supported on static routes and dynamic (OSPF, IS-IS, and BGP) routes.
ECMP can only be used for routes with the same preference and same protocol. See the static-route command for information on preferences.
When more ECMP routes are available at the best preference than configured in max-ecmp-routes, then the lowest next-hop IP address algorithm is used to select the number of routes configured in max-ecmp-routes.
The no form of the command disables ECMP path sharing. If ECMP is disabled and multiple routes are available at the best preference and equal cost, the route with the lowest next-hop IP address is used.
The no form of the command disables ECMP path sharing.
no ecmp
This command is used to bind a key group to a VPRN service for inbound or outbound packet processing. When configured in the outbound direction, packets egressing the node use the active-outbound-sa associated with the key group configured. When configured in the inbound direction, received packets must be encrypted using one of the valid security associations configured for the key group.
The encryption (enabled or disabled) configured on an SDP used to terminate a Layer 3 spoke SDP of a VPRN always overrides any VPRN-level configuration for encryption.
Encryption is enabled once the outbound direction is configured.
The no form of the command removes the key group from the service in the specified direction (inbound or outbound).
n/a
This command enables the context for global routing table lookup within a VPRN, for in-band node management on the 7705 SAR. The GRT lookup occurs only on the local 7705 SAR system IP address within a VPRN.
This command enables global routing table lookup of the 7705 SAR system IP address on network ingress traffic in a VPRN, so that only management traffic is transported using the VPRN.
On network ingress, when a packet arrives from the transport tunnel to the VPRN, a lookup is performed within the VPRN on the inner customer packet IP header. If the destination IP address in the header matches the local 7705 SAR system IP address, and the enable-grt-local-management-only command is configured, then the packet is extracted to the CSM for processing as management traffic. If enable-grt-local-management-only is not enabled, the packet is routed using the 7705 SAR VRF FIB.
The no form of the command disables the global routing table lookup function for the 7705 SAR system IP address.
no enable-grt-local-management-only
This command enables specific route policies to be exported to the GRT RIB.
On network egress, packets generated from the CSM with a source IP address that matches the 7705 SAR system IP address and the destination IP address of either the far-end 5620 SAM or other management entity must perform a GRT lookup in order to be resolved. A route policy can be configured with the IP address prefix of the far-end management entity and with the action to accept. This policy can be configured under the config>router> policy-options context, and can be installed in the GRT RIB using the export-grt-rib-only command. The route installed in the GRT RIB will have a next hop of the corresponding VRF tunnel.
This prevents any user data traffic in the GRT data path from leaking into the VPRN, and ensures that only the management traffic originating from the system IP address and the CSM gets transported through the VPRN. The management packets get routed by the corresponding VPRN transport tunnel, which means the VPRN route is leaked into the GRT so the GRT resolves the route using the corresponding VPRN.
Up to ten policies can be exported to the GRT RIB.
The no form of the command restores the default of not exporting routes to the GRT RIB.
no export-grt-rib-only
This command limits the number of IPv4 routes that can be placed in a route policy to be exported to the GRT RIB.
The no form of the command reverts to the default of allowing five routes to be placed in a route policy to be exported from the VPRN to the GRT RIB.
no export-limit
This command limits the number of IPv6 routes that can be placed in a route policy to be exported to the GRT RIB.
The no form of the command reverts to the default of allowing five IPv6 routes to be placed in a route policy to be exported from the VPRN to the GRT RIB.
no export-v6-limit
This command specifies the maximum number of IPv6 routes that can be held within a VPN virtual routing /forwarding (VRF) context. Local, host, static, and aggregate routes are not counted.
The VPRN service ID must be in a shutdown state before maximum-ipv6-routes command parameters can be modified.
If the log-only parameter is not specified and the maximum-ipv6-routes value is set to a value below the existing number of IPv6 routes in a VRF, then the extra IPv6 routes will not be added to the VRF.
The maximum IPv6 route threshold can dynamically change to increase the number of supported IPv6 routes even when the maximum has already been reached. Protocols will resubmit the IPv6 routes that were initially rejected.
The no form of the command disables any limit on the number of IPv6 routes within a VRF context. Issue the no form of the command only when the VPRN instance is shut down.
no maximum-ipv6routes (0 or disabled)
This command specifies the maximum number of IPv4 routes that can be held within a VPN virtual routing /forwarding (VRF) context. Local, host, static, and aggregate routes are not counted.
The VPRN service ID must be in a shutdown state before maximum-routes command parameters can be modified.
If the log-only parameter is not specified and the maximum-routes value is set to a value below the existing number of IPv4 routes in a VRF, then the extra IPv4 routes will not be added to the VRF.
The maximum IPv4 route threshold can dynamically change to increase the number of supported IPv4 routes even when the maximum has already been reached. Protocols will resubmit the IPv4 routes that were initially rejected.
The no form of the command disables any limit on the number of IPv4 routes within a VRF context. Issue the no form of the command only when the VPRN instance is shut down.
no maximum-routes (0 or disabled)
This command sets the identifier that gets attached to routes to which the VPN belongs. Each routing instance must have a unique (within the carrier’s domain) route distinguisher associated with it. A route distinguisher must be defined for a VPRN to be operationally active.
AS numbers can be either 2-byte or 4-byte values.
no route-distinguisher
This command sets the router ID for a specific VPRN context.
If neither the router ID nor system interface are defined, the router ID from the base router context is inherited.
The no form of the command removes the router ID definition from the given VPRN context.
no router-id
This command configures a service name that can be used for reference in configuration and show commands.
This command enables the context to configure DSCP/dot1p re-marking for self-generated traffic.
This set of commands configures DSCP marking for self-generated IP traffic or dot1p marking for self-generated non-IP traffic (specifically, IS-IS and ARP traffic).
When an IP or Layer 3 application is configured using the dscp-app-name parameter, the specified DSCP name or DSCP value is used for all packets generated by this application within the router instance in which it is configured. The value set in this command sets the DSCP value in the egress IP header. The egress QoS policy will not overwrite this value.
When a Layer 2 application is configured using the dot1p-app-name parameter, the specified dot1p priority value is used for all packets generated by this application within the router instance in which it is configured.
Only one name or value can be configured per application. If multiple entries are configured, then a subsequent entry overrides the previously configured entry.
The no form of this command resets the DSCP or dot1p value for the application to its default value.
none (that is, sgt-qos does not enforce a DSCP or dot1p value and the application uses its default value, as shown in Table 116)
Application | Supported Marking | Default DSCP/dot1p |
ARP | dot1p | 7 |
IS-IS | dot1p | 7 |
BGP | DSCP | NC1 |
DHCP | DSCP | NC1 |
DNS | DSCP | AF41 |
FTP | DSCP | AF41 |
ICMP (ping) | DSCP | BE |
IGMP | DSCP | NC1 |
LDP (T-LDP) | DSCP | NC1 |
MLD | DSCP | NC1 |
NDIS | DSCP | NC1 |
NTP | DSCP | NC1 |
OSPF | DSCP | NC1 |
PIM | DSCP | NC1 |
1588 PTP | DSCP | NC1 |
RADIUS | DSCP | AF41 |
RIP | DSCP | NC1 |
RSVP | DSCP | NC1 |
SNMP (get, set, etc.) | DSCP | AF41 |
SNMP trap/log | DSCP | AF41 |
SSH (SCP) | DSCP | AF41 |
syslog | DSCP | AF41 |
TACACS+ | DSCP | AF41 |
Telnet | DSCP | AF41 |
TFTP | DSCP | AF41 |
Traceroute | DSCP | BE |
VRRP | DSCP | NC1 |
This command creates a mapping between the DSCP of the self-generated traffic and the forwarding class. The forwarding class dot1p SAP egress QoS policy mapping is used to mark the dot1p bits of the Layer 3 or IP application. For example, configuring the dscp-name parameter as be and the fc-name parameter as l1 results in marking the dot1p bits of the outgoing Ethernet frame, which is transporting self-generated IP traffic with DSCP bits set to BE, to the value that FC L1 points to in the SAP egress QoS policy (as configured in the config>qos>sap-egress>fc context).
Note: The dot1p class of service may not apply to all IP traffic and is dependent on the egress port encapsulation type. |
Based on this configured FC, the SAP egress QoS policy for the egress forwarding complex sets the IEEE 802.1 dot1p bits.
Multiple commands can be entered to associate some or all of the 64 DSCP values with the forwarding class. For undefined code points, packets are assigned to the default forwarding class for the DSCP value. Table 117 lists the default forwarding class for each DSCP value.
The no form of the command resets the DSCP value to its default forwarding class.
DSCP Value | Default FC |
be | nc |
cp1 | be |
cp2 | be |
cp3 | be |
cp4 | be |
cp5 | be |
cp6 | be |
cp7 | be |
cs1 | be |
cp9 | be |
af11 | af |
cp11 | be |
af12 | af |
cp13 | be |
af13 | af |
cp15 | be |
cs2 | be |
cp17 | be |
af21 | l1 |
cp19 | be |
af22 | l1 |
cp21 | be |
af23 | l1 |
cp23 | be |
cs3 | be |
cp25 | be |
af31 | l1 |
cp27 | be |
af32 | l1 |
cp29 | be |
af33 | l1 |
cp31 | be |
cs4 | be |
cp33 | be |
af41 | nc |
cp35 | be |
af42 | h2 |
cp37 | be |
af43 | h2 |
cp39 | be |
cs5 | be |
cp41 | be |
cp42 | be |
cp43 | be |
cp44 | be |
cp45 | be |
ef | ef |
cp47 | be |
nc1 | nc |
cp49 | be |
cp50 | h2 |
cp51 | be |
cp52 | be |
cp53 | be |
cp54 | be |
cp55 | be |
nc2 | nc |
cp57 | be |
cp58 | be |
cp59 | be |
cp60 | be |
cp61 | be |
cp62 | be |
cp63 | be |
See Table 117 for the default forwarding class for each DSCP value.
This command sets the SNMP community name to be used with the associated VPRN instance.
If an SNMP community name is not specified, SNMP access is not allowed.
The no form of the command removes the SNMP community name from the given VPRN context.
n/a
This command enters the context to specify the source address and application that should be used in all unsolicited packets.
This command configures the application to use the IPv4 source address.
The no form of the command removes the application name from using the IPv4 source address.
This command configures the application to use the IPv6 source address.
The no form of the command removes the application name from using the IPv6 source address.
ipv6-address: | x:x:x:x:x:x:x:x (eight 16-bit pieces) x:x:x:x:x:x:d.d.d.d x - [0..FFFF]H d - [0..255] D |
This command binds a service to an existing Service Distribution Point (SDP).
The SDP has an operational state that determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service will be down.
The SDP must already be defined in the config>service>sdp context in order to associate an SDP with a VPRN service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id exists, a binding between that sdp-id and the service is created.
SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end routers can participate in the service. Alternatively, auto-bind can be used. With auto-bind, no vprn>spoke-sdp configuration is required. When both auto-bind and spoke-sdp are configured, spoke-sdp takes precedence. Spoke-sdp must be deconfigured for auto-bind to take effect.
The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service is affected. Once the SDP is removed, no packets are forwarded to the far-end router.
n/a
This command creates static route entries within the associated router instance. When configuring an IPv4 static route, either next-hop, ipsec-tunnel, or black-hole must be configured. For an IPv6 static route, ipsec-tunnel must be used.
The no form of the command deletes the static route entry. If a static route needs to be removed when multiple static routes exist to the same destination, then enter as many parameters as necessary to uniquely identify that static route.
If a CPE connectivity check target address is already being used as the target address in a different static route, then cpe-check parameters must match. If they do not match, the new configuration command will be rejected.
If a static-route command is issued with no cpe-check target but the destination prefix/netmask and next-hop matches a static route that did have an associated cpe-check, then the cpe-check test will be removed from the associated static route.
no static-route
If multiple routes are learned with an identical preference using the same protocol, the lowest- cost route is used. If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, then the decision of which route to use is determined by the ecmp command.
If there are multiple static routes with the same preference but unequal metric values, the lower-cost (metric) route is installed. If there are multiple static routes with equal preference and metrics, then the 7705 SAR OS chooses the route with the lowest next-hop IP address as the best route. If there are multiple routes with unequal preferences, then the lower preference route is installed.
The administrative state is maintained in the configuration file.
The next-hop, ipsec-tunnel, and black-hole keywords are mutually exclusive. If a static route is configured with the same destination address, subnet mask, and next-hop IP address as a previously configured static route, the newly configured route replaces the previous one, and unless specified, the respective defaults for preference and metric will be applied.
The next-hop ip-address can be either on the network side or the access side on this node. This address must be associated with a network directly connected to a network configured on this node.
The ipsec-tunnel, black-hole, and next-hop keywords are mutually exclusive. If a static route is configured with the same destination address, subnet mask, and IPSec tunnel name as a previously configured static route, the newly configured route replaces the previous one, and unless specified, the respective defaults for preference and metric will be applied.
The black-hole, ipsec-tunnel, and next-hop keywords are mutually exclusive. If a static route is configured with the same destination address and subnet mask as a previously configured static route, the newly configured route replaces the previous one, and unless specified, the respective defaults for preference and metric will be applied.
This command designates the type of VPRN instance being configured for hub and spoke topologies.
The no form of the command resets to the default of a fully meshed VPRN.
no type
This command specifies the export policies to control routes exported from the local VPN virtual routing/ forwarding table (VRF) to other VRFs on the same or remote PE routers (via MP-BGP). The policy (and policy-name) are defined under the config>router>policy-options>policy-statement command.
The no form of the command removes all route policy names from the export list.
n/a
This command sets the import policies to control routes imported to the local VPN virtual routing/ forwarding table (VRF) from other VRFs on the same or remote PE routers (via MP-BGP). BGP-VPN routes imported with a vrf-import policy will use the BGP preference value of 170 when imported from remote PE routers, or retain the protocol preference value of the exported route when imported from other VRFs on the same router, unless the preference is changed by the policy.
The no form of the command removes all route policy names from the import list.
n/a
This command facilitates a simplified method to configure the route target to be added to advertised routes or compared against received routes from other VRFs on the same or remote PE routers (via MP-BGP).
BGP-VPN routes imported with a vrf-target statement will use the BGP preference value of 170 when imported from remote PE routers, or retain the protocol preference value of the exported route when imported from other VRFs in the same router.
Specified vrf-import or vrf-export policies override the vrf-target policy.
The no form of the command removes the route target from the VRF.
no vrf-target
This command enables the BGP protocol on the VPRN service.
The no form of this command disables the BGP protocol on the VPRN service.
no bgp
This command enables the advertising of inactive BGP routes to other BGP peers. By default, BGP only advertises BGP routes to other BGP peers if a given BGP route is chosen by the route table manager as the most preferred route within the system and is active in the forwarding plane. This command allows system administrators to advertise a BGP route even though it is not the most preferred route within the system for a given destination.
The no form of this command disables the advertising of inactive BGP routes to other BGP peers.
no advertise-inactive
This command is used to set the router ID in the BGP aggregator path attribute to 0 when BGP aggregates routes. This prevents different routers within an AS from creating aggregate routes that contain different AS paths.
When BGP is aggregating routes, it adds the aggregator path attribute to the BGP Update messages. By default, BGP adds the AS number and router ID to the aggregator path attribute.
When this command is enabled, BGP adds only the router ID (set to 0) to the aggregator path attribute. This command is used at the group level to revert to the value defined under the global level, and this command is used at the neighbor level to revert to the value defined under the group level.
The no form of the command used at the global level reverts to the default, where BGP adds the AS number and router ID to the aggregator path attribute.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no aggregator-id-zero
This command enables BGP Fast Reroute (FRR) with Prefix-Independent Convergence (PIC), allowing for the creation of a backup path for IPv4 or IPv6 BGP learned prefixes belonging to a VPRN. Multiple paths must be received for a prefix in order to take advantage of this feature.
When a prefix has a backup path, and its primary paths fail, the affected traffic is rapidly diverted to the backup path without waiting for control plane reconvergence to occur. The time to reroute the traffic is independent of the number of prefixes sharing the primary or backup paths.
no backup-path
This command enables path selection configuration.
This command specifies how the Multi-Exit Discriminator (MED) path attribute is used in the BGP route selection process. If this command is set to zero or infinity, the MED attribute is always used in the route selection process regardless of the peer AS that advertised the route.
This command determines what MED value is inserted in the RIB-IN.
The no form of the command means that only the MEDs of routes that have the same peer ASs are compared.
no always-compare-med
This command determines whether the AS path is used to determine the best BGP route.
If this command is enabled, the AS paths of incoming routes are not used in the route selection process.
When as-path-ignore is used without specifying one or more keywords, then all keywords are configured. When one or more keywords are specified, then only those keywords are configured.
The no form of the command means that the AS paths of incoming routes are used to determine the best BGP route.
no as-path-ignore
This command replaces all instances of the peer's AS number with the local AS number in a BGP route's AS path.
This command breaks the BGP loop detection mechanism. It should be used carefully.
no as-override
This command configures the BGP authentication key.
Authentication is performed between neighboring routers before setting up the BGP session by verifying the password. Authentication is performed using the MD5 message-based digest.
The authentication key can be any combination of ASCII characters up to 255 characters long.
The no form of the command removes the authentication password from the configuration and effectively disables authentication.
Authentication is disabled and the authentication password is empty.
This command enables the use of bidirectional forwarding (BFD) to control the state of the associated protocol interface. By enabling BFD on a given protocol interface, the state of the protocol interface is tied to the state of the BFD session between the local node and the remote node. The parameters used for BFD are set via the BFD command under the IP interface.
The no form of this command removes BFD from the associated BGP protocol peering.
no bfd-enable
This command configures the BGP connect retry timer value in seconds. When this timer expires, BGP tries to reconnect to the configured peer. This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
The no form of the command used at the global level reverts to the default value.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
120 s
This command enables BGP damping for learned routes that are defined within the VPRN service. Damping parameters are set at the route policy level. Refer to the 7705 SAR OS Router Configuration Guide, “Route Policy Command Reference”.
The no form of the command disables learned route damping.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no damping
This command configures BGP to disable sending communities.
no disable-communities
This command configures BGP fast external failover.
For EBGP neighbors, fast external failover controls whether the router should drop an EBGP session immediately upon an interface-down event, or whether the BGP session is kept up until the hold-time expires.
When fast external failover is disabled, the EBGP session stays up until the hold-time expires or the interface comes back up again. If the BGP routes become unreachable as a result of the interface going down, they are immediately withdrawn from other peers.
no disable-fast-external-failover
This command allows BGP-VPN routes imported into the VPRN to be used as backup paths for IPv4 or IPv6 BGP learned prefixes.
This command enables BGP peer tracking. BGP peer tracking allows a BGP peer to be dropped immediately if the route used to resolve the BGP peer address is removed from the IP routing table and there is no alternative available. The BGP peer will not wait for the hold timer to expire; therefore, the BGP reconvergence process is accelerated.
The no form of the command disables peer tracking.
no enable-peer-tracking
This command specifies the export policies used to control routes advertised to BGP neighbors. Route policies are configured in the config>router>policy-options context. Refer to the section on “Route Policy” in the 7705 SAR OS Router Configuration Guide.
When multiple policy names are specified, the policies are evaluated in the order in which they are specified. A maximum of five (5) policy names can be configured. The first policy that matches is applied.
If a non-existent route policy is applied to a VPRN instance, the CLI generates a warning message. This message is only generated during an interactive CLI session. No warning message is generated when a non-existent route policy is applied to a VPRN instance in a configuration file or when SNMP is used.
The no form of this command removes all route policy names from the export list.
no export—BGP routes are advertised and non-BGP routes are not advertised
This command specifies the address families to be negotiated with one or more multiprotocol BGP peers of the VPRN.
The no form of this command removes the specified address family from the associated BGP sessions.
ipv4
This command enables graceful restart for BGP in the VPRN context. If the control plane of a GR-capable router fails, the VPRN BGP peers (GR helpers) temporarily preserve neighbor information, so packets continue to be forwarded through the failed GR router using the last known routes. The helper state remains until the peer completes its restart or exits if the GR timer value is exceeded.
The 7705 SAR acts as a GR helper; it does not request graceful restart but agrees to graceful restart requests from a peer.
The no form of the command disables graceful restart and removes all graceful restart configurations in the VPRN BGP instance.
no graceful-restart
This command configures the maximum amount of time in seconds that stale routes should be maintained after a graceful restart is initiated.
The no form of the command resets the stale routes time back to the default value.
360 s
This command creates a context to configure a BGP peer group.
The no form of the command deletes the specified peer group and all configurations associated with the peer group. The group must be shut down before it can be deleted.
no group—no peer groups are defined
This command creates a BGP peer/neighbor instance within the context of the BGP group.
This command can be issued repeatedly to create multiple peers and their associated configurations.
The no form of the command is used to remove the specified neighbor and the entire configuration associated with the neighbor. The neighbor must be administratively shut down before it can be deleted. If the neighbor is not shut down, the command will not result in any action except a warning message on the CLI indicating that the neighbor is still administratively up.
no neighbor—no neighbors are defined
This command configures the BGP hold time, expressed in seconds.
The BGP hold time specifies the maximum time BGP waits between successive messages (either Keepalive or Update) from its peer, before closing the connection. This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
The strict option ensures that the negotiated hold time value is not set to a value less than the configured value.
Even though the 7705 SAR OS implementation allows setting the keepalive time separately, the configured keepalive timer is overridden by the hold-time value under the following circumstances.
The no form of the command used at the global level reverts to the default value.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
90 s
This command specifies the import route policy to be used to determine which routes are accepted from peers. Route policies are configured in the config>router>policy-options context. Refer to the section on “Route Policy” in the 7705 SAR OS Router Configuration Guide.
When multiple policy names are specified, the policies are evaluated in the order in which they are specified. A maximum of five (5) policy names can be specified. The first policy that matches is applied.
When multiple import commands are issued, the last command entered will override the previous command.
The no form of the command removes all route policy names from the import list.
no import—BGP routes are accepted by default
This command configures the BGP keepalive timer. A Keepalive message is sent every time this timer expires.
The keepalive parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used. The keepalive value is generally one-third of the hold-time interval. Even though the 7705 SAR OS implementation allows the keepalive value and the hold-time interval to be independently set, under the following circumstances, the configured keepalive value is overridden by the hold-time value.
The no form of the command used at the global level reverts to the default value.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
30 s
This command configures the local IP address used by the group or neighbor when communicating with BGP peers.
Outgoing connections use the local-address as the source of the TCP connection when initiating connections with a peer.
When a local address is not specified, the 7705 SAR OS uses the interface address for directly connected EBGP peers. This command is used at the neighbor level to revert to the value defined under the group level.
The no form of the command removes the configured local address for BGP.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no local-address
This command configures a BGP virtual autonomous system (AS) number.
In addition to the AS number configured for BGP in the config>router>autonomous-system context, a virtual (local) AS number is configured. The virtual AS number is added to the as-path attribute before the router’s AS number makes the virtual AS the second AS in the AS path.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). By specifying this parameter at each neighbor level, it is possible to have a separate AS number per EBGP session.
When a command is entered multiple times for the same AS, the last command entered is used in the configuration. The private attribute can be added or removed dynamically by reissuing the command.
Changing the local AS at the global level in an active BGP instance causes the BGP instance to restart with the new local AS number.
Changing the local AS at the group level in an active BGP instance causes BGP to re-establish the peer relationships with all peers in the group with the new local AS number.
Changing the local AS at the neighbor level in an active BGP instance causes BGP to re-establish the peer relationship with the new local AS number.
This is an optional command and can be used in the following example:
Example: Provider router P is moved from AS1 to AS2. The customer router that is connected to P, however, is configured to belong to AS1. To avoid reconfiguring the customer router, the local-as value on router P can be set to AS1. Thus, router P adds AS1 to the as-path message for routes it advertises to the customer router.
The no form of the command used at the global level will remove any virtual AS number configured.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no local-as
This command configures the default value of the BGP local preference attribute if it is not already specified in incoming routes.
This value is used if the BGP route arrives from a BGP peer without the local-preference integer set.
The specified value can be overridden by any value set via a route policy. This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
The no form of the command at the global level specifies that incoming routes with local preference set are not overridden and routes arriving without local preference set are interpreted as if the route had a local preference value of 100.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no local-preference
This command configures how the BGP peer session handles loop detection in the AS path.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
When applied to an ongoing BGP peer session, this command does not take effect until the BGP peer session is re-established.
The no form of the command used at the global level reverts to the default (ignore- loop).
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
ignore-loop
This command enables advertising the Multi-Exit Discriminator (MED) and assigns the value used for the path attribute for the advertised MED to BGP peers if the MED is not already set.
The specified value can be overridden by any value set via a route policy.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
The no form of the command used at the global level reverts to the default where the MED is not advertised.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no med-out
This command configures the minimum interval, in seconds, at which a path attribute, originated by the local router, can be advertised to a peer.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
The no form of the command used at the global level reverts to the default.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
15 s
This command configures the minimum interval, in seconds, at which a prefix can be advertised to a peer.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
The no form of the command used at the global level reverts to the default.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
30 s
This command configures the time to live (TTL) value at an originating EBGP peer. The TTL value is entered in the IP header of packets that are sent to a terminating EBGP peer that is multiple hops away.
The no form of the command used at the global level reverts to the default value.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
1 — EBGP peers are directly connected
This command enables BGP multipath.
When multipath is enabled, BGP load-shares traffic across multiple links. Multipath can be configured to load-share traffic across a maximum of 16 routes. If the equal-cost routes available are more than the configured value, then routes with the lowest next-hop IP address value are chosen.
This configuration parameter is set at the global level (applies to all peers).
Multipath is disabled if the value is set to 1. When multipath is disabled and multiple equal-cost routes are available, the route with the lowest next-hop IP address will be used.
The no form of the command reverts to the default where multipath is disabled.
no multipath
This command configures the group or neighbor to always set the next-hop path attribute to its own physical interface when advertising to a peer.
This command is primarily used to avoid third-party route advertisements when connected to a multi-access network.
The no form of the command used at the group level allows third-party route advertisements in a multi-access network.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no next-hop-self
This command enables and disables passive mode for the BGP group or neighbor. When in passive mode, BGP will not attempt to actively connect to the configured BGP peers but responds only when it receives a connect open request from the peer.
The no form of the command used at the group level disables passive mode, and BGP actively attempts to connect to its peers.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no passive
This command configures the autonomous system number for the remote peer. The peer AS number must be configured for each configured peer.
For EBGP peers, the peer AS number configured must be different from the autonomous system number configured for this router under the global level. This requirement is necessary since the peer will be in a different autonomous system than that of this router.
This command may be configured under the group level for all neighbors in a particular group.
no AS numbers defined
This command configures the route preference for routes learned from the configured peers.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
The lower the preference, the higher the chance of the route being the active route. The 7705 SAR OS assigns the highest default preference to BGP routes as compared to routes that are direct, static, or learned via MPLS or OSPF.
The no form of the command used at the global level reverts to the default value.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
170
This command configures the maximum number of routes that BGP can learn from a peer.
When the number of routes reaches 90% of this limit, an SNMP trap is sent. When the limit is exceeded, the BGP peering is dropped and disabled.
The no form of the command removes the prefix-limit.
no prefix-limit
This command disables the delay on issuing BGP withdrawals.
By default, BGP withdrawals (messages containing the routes that are no longer valid) are delayed up to the min-route-advertisement to allow for efficient packing of BGP Update messages. However, when the rapid-withdrawal command is enabled, the delay on sending BGP withdrawals is disabled.
The no form of the command returns BGP withdrawal processing to its default behavior.
no rapid-withdrawal
This command allows all private AS numbers to be removed from the AS path before advertising them to BGP peers. The no form of the command includes private AS numbers in the AS path attribute.
If the limited keyword is included, only the leading private ASNs up to the first public ASN are removed.
When the remove-private parameter is set at the global level, it applies to all peers regardless of group or neighbor configuration. When the parameter is set at the group level, it applies to all peers in the group regardless of the neighbor configuration.
The 7705 SAR OS recognizes the set of AS numbers that are defined by IANA as private. These are AS numbers in the range 64512 through 65535, inclusive.
The no form of the command used at the global level reverts to the default value.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
no remove-private
This command configures TTL security parameters for incoming packets. When the feature is enabled, BGP accepts incoming IP packets from a peer only if the TTL value in the packet is greater than or equal to the minimum TTL value configured for that peer.
The no form of the command disables TTL security.
no ttl-security
This command enables access to the context to define OSPF parameters for VPRN.
When an OSPF instance is created, the protocol is enabled. To start or suspend execution of the OSPF protocol without affecting the configuration, use the no shutdown command.
The no form of the command deletes the OSPF protocol instance and removes all associated configuration parameters.
no ospf
This command enables access to the context to define OSPFv3 parameters for VPRN.
When an OSPFv3 instance is created, the protocol is enabled. To start or suspend execution of the OSPF protocol without affecting the configuration, use the no shutdown command.
The no form of the command deletes the OSPFv3 protocol instance and removes all associated configuration parameters.
no ospf3
This command creates the context to configure an OSPF or OSPFv3 area. An area is a collection of network segments within an AS that have been administratively grouped together. The area ID can be specified in dotted-decimal notation or as a 32-bit decimal integer.
The no form of the command deletes the specified area from the configuration. Deleting the area also removes the OSPF or OSPFv3 configuration of all the interfaces, virtual links, address ranges, and so on, that are currently assigned to this area.
The 7705 SAR supports a maximum of four areas.
no area — no OSPF or OSPFv3 areas are defined
This command creates ranges of addresses on an Area Border Router (ABR) for the purpose of route summarization or suppression. When a range is created, the range is configured to be advertised or not advertised to other areas. Multiple range commands can be used to summarize or hide ranges. In the case of overlapping ranges, the most specific range command applies.
ABRs send summary link advertisements to describe routes to other areas. To minimize the number of advertisements that are flooded, you can summarize a range of IP addresses and send reachability information about these addresses in an LSA.
The ip-prefix/mask parameter applies in the ospf context. The ipv6-prefix/prefix-length parameter applies in the ospf3 context.
The no form of the command deletes the range advertisement or non-advertisement.
no area-range — no range of addresses is defined
This command installs a low-priority blackhole route for the entire aggregate. Existing routes that make up the aggregate will have a higher priority and only the components of the range for which no route exists will be blackholed.
When performing area aggregation, addresses may be included in the range for which no actual route exists. This can cause routing loops. To avoid this problem, configure the blackhole aggregate option.
The no form of this command removes this option.
blackhole-aggregate
This command creates a context to configure an OSPF or OSPFv3 interface.
By default, interfaces are not activated in any interior gateway protocol, such as OSPF or OSPFv3, unless explicitly configured.
The no form of the command deletes the OSPF or OSPFv3 interface configuration for this interface. The shutdown command in the config>router>ospf>interface context or config>router>ospf3>interface context can be used to disable an interface without removing the configuration.
no interface
If the IP interface name does not exist or does not have an IP address configured, an error message will be returned.
If the IP interface exists in a different area, it will be moved to this area.
This command enables advertising point-to-point interfaces as subnet routes (network number and mask). When disabled, point-to-point interfaces are advertised as host routes.
This command is not supported in the ospf3 context.
The no form of the command disables advertising point-to-point interfaces as subnet routes, meaning they are advertised as host routes.
advertise-subnet
This command configures an interface with a static security association (SA) used to authenticate OSPFv3 packets.
This command is not supported in the ospf context.
The no form of the command removes the SA name from the configuration.
This command configures the password used by the OSPF interface or virtual link to send and receive OSPF protocol packets on the interface when simple password authentication is configured.
All neighboring routers must use the same type of authentication and password for correct protocol communication. If the authentication-type is configured as password, the authentication key must be configured.
By default, no authentication key is configured.
This command is not supported in the ospf3 context.
The no form of the command removes the authentication key.
no authentication-key
This is useful when a user must configure the parameter, but for security purposes, the actual unencrypted key value is not provided.
This command enables authentication and specifies the type of authentication to be used on the OSPF interface or virtual link.
Both simple password and message-digest authentication are supported.
By default, authentication is not enabled on an interface or link.
This command is not supported in the ospf3 context.
The no form of the command disables authentication on the interface or link.
no authentication-type
This command enables the use of bidirectional forwarding detection (BFD) to control the state of the associated OSPF or OSPFv3 interface. By enabling BFD on an OSPF or OSPFv3 interface, the state of the interface is tied to the state of the BFD session between the local node and the remote node. The parameters used for BFD are set using the bfd command under the IP interface.
The optional remain-down-on-failure parameter can be specified on OSPF or OSPFv3 interfaces that are enabled for BFD, to keep OSPF or OSPFv3 from reaching the Full state if the BFD session to that neighbor cannot be established. This option is disabled by default and should be used only if there is a chance that unicast packets might be discarded while multicast packets are forwarded.
The no form of this command removes BFD from the associated OSPF or OSPFv3 adjacency.
no bfd-enable
This command configures the time, in seconds, that OSPF or OSPFv3 waits before declaring a neighbor router or virtual-link neighbor down. If no Hello packets are received from a neighbor for the duration of the dead interval, the router or link is assumed to be down. The minimum interval must be two times the hello interval.
The no form of the command resets the configured interval to the default value.
40
This command configures the interval between OSPF or OSPFv3 Hellos issued on the interface or virtual link.
The hello interval, in combination with the dead interval, is used to establish and maintain the adjacency.
Reducing the interval, in combination with an appropriate reduction in the associated dead-interval, allows for faster detection of link and/or router failures but results in higher processing costs.
The no form of this command resets the configured interval to the default value.
10
This command configures the interface type to be either broadcast or point-to-point.
Use this command to set the interface type of an Ethernet link to point-to-point to avoid having to carry the broadcast adjacency maintenance overhead of the link, provided that the link is used as a point-to-point link.
If the interface type is not known when the interface is added to OSPF or OSPFv3, and the IP interface is subsequently bound (or moved) to a different interface type, this command must be entered manually.
The no form of the command resets the configured interface type to the default value.
broadcast – if the physical interface is Ethernet or unknown
point-to-point – if the physical interface is T1, E1, or SONET/SDH
This command applies a route next-hop policy template to an OSPF or OSPFv3 interface. When a route next-hop policy template is applied to an interface in OSPF or OSPFv3, it is applied in all areas.
If the interface has been excluded from LFA with the loopfree-alternate-exclude command, the LFA policy has no effect on the interface.
If the route next-hop policy template is applied to a loopback interface or to the system interface, the command will not be rejected, but the policy will have no effect on the interface.
The no form of the command deletes the mapping of a route next-hop policy template to an OSPF or OSPFv3 interface.
no lfa-policy-map
This command instructs OSPF or OSPFv3 to exclude a specific interface or all interfaces participating in a specific OSPF or OSPFv3 area from the LFA SPF calculation. The LFA SPF calculation can therefore be run only where it is needed.
If an interface is excluded from the LFA SPF in OSPF or OSPFv3, it is excluded in all areas.
no loopfree-alternate-exclude
This command configures a message digest key when MD5 authentication is enabled on the interface or virtual link. Multiple message digest keys can be configured.
This command is not supported in the ospf3 context.
The no form of the command removes the message digest key identified by the key-id.
no message-digest-key
This is useful when a user must configure the parameter, but for security purposes, the actual unencrypted key value is not provided.
This is useful when a user must configure the parameter, but for security purposes, the actual unencrypted key value is not provided.
This command configures an explicit route cost metric for the OSPF or OSPFv3 interface that overrides the metrics calculated based on the speed of the underlying link.
The no form of the command deletes the manually configured interface metric, so the interface uses the computed metric based on the reference-bandwidth command setting and the speed of the underlying link.
no metric
This command configures the OSPF or OSPFv3 interface MTU value used when negotiating an OSPF or OSPFv3 adjacency.
The operational OSPF MTU value is calculated as follows.
If this command is not configured:
If this command is configured:
To determine the actual packet size, add 14 bytes for an Ethernet packet and 18 bytes for a tagged Ethernet packet to the size of the OSPF (IP) packet MTU configured with this command.
If the OSPF mtu command is configured to a value less than the interface or port MTU value, the OSPF MTU value will be used to transmit OSPF packets.
Use the no form of this command to revert to the default.
no mtu — uses the value derived from the port MTU
This command adds the passive property to an OSPF or OSPFv3 interface.
By default, only interface addresses that are configured for OSPF or OSPFv3 will be advertised as OSPF or OSPFv3 interfaces. The passive parameter allows an interface to be advertised as an OSPF or OSPFv3 interface without running the OSPF or OSPFv3 protocol.
While in passive mode, the interface will ignore ingress OSPF or OSPFv3 protocol packets and will not transmit any OSPF or OSPFv3 protocol packets.
The no form of the command removes the passive property from the OSPF or OSPFv3 interface.
Service interfaces defined with the config>router>service-prefix command are passive. All other interfaces are not passive.
This command configures the priority of the OSPF or OSPFv3 interface that is used in an election of the designated router on the subnet.
This parameter is only used if the interface is of type broadcast. The router with the highest-priority interface becomes the designated router. A router with priority 0 is not eligible to be a designated router or backup designated router.
The no form of the command resets the interface priority to the default value.
1
This command specifies the length of time, in seconds, that OSPF or OSPFv3 will wait before retransmitting an unacknowledged LSA to an OSPF or OSPFv3 neighbor.
The value should be longer than the expected round-trip delay between any two routers on the attached network. If the retransmit interval expires and no acknowledgment has been received, the LSA will be retransmitted.
The no form of this command resets the configuration to the default interval.
5
This command configures the estimated time, in seconds, that it takes to transmit an LSA on the interface or virtual link.
The no form of this command resets the configuration to the default delay time.
1
This command configures the key rollover interval.The no form of the command resets the configured interval to the default setting.
10
This command enables filtering of outgoing OSPF LSAs on the selected OSPFv3 interface. There are three filtering options.
The no form of this command disables OSPF LSA filtering (normal operation).
no lsa-filter-out
This command creates the context to configure an OSPF or OSPFv3 Not So Stubby Area (NSSA) and adds or removes the NSSA designation from the area.
NSSAs are similar to stub areas in that no external routes are imported into the area from other OSPF or OSPFv3 areas. The major difference between a stub area and an NSSA is that an NSSA has the capability to flood external routes that it learns throughout its area and via an ABR to the entire OSPF or OSPFv3 domain.
Existing virtual links of a non-stub area or NSSA are removed when the designation is changed to NSSA or stub.
An area can be designated as stub or NSSA but never both at the same time.
By default, an area is not configured as an NSSA area.
The no form of the command removes the NSSA designation and configuration context from the area.
no nssa
This command enables the generation of a default route and its LSA type into an NSSA by an NSSA ABR or ASBR.
The functionality of the type-7 parameter and the type-nssa parameter is the same. The type-7 parameter is available in the ospf context; the type-nssa parameter is available in the ospf3 context. Include the type-7 or type-nssa parameter to inject a type 7 LSA default route instead of a type 3 LSA into the NSSA configured with no summaries.
To return to a type 3 LSA, enter the originate-default-route command without the type-7 or type-nssa parameter.
When configuring an NSSA with no summaries, the ABR will inject a type 3 LSA default route into the NSSA area. Some older implementations expect a type 7 LSA default route.
The no form of the command disables origination of a default route.
no originate-default-route
This command enables the redistribution of external routes into the NSSA on an NSSA ABR that is exporting the routes into non-NSSA areas.
NSSAs are similar to stub areas in that no external routes are imported into the area from other OSPF or OSPFv3 areas. The major difference between a stub area and an NSSA is that the NSSA has the capability to flood external routes that it learns (providing it is an ASBR) throughout its area and via an ABR to the entire OSPF or OSPFv3 domain.
The no form of the command disables the default behavior to automatically redistribute external routes into the NSSA area from the NSSA ABR.
redistribute-external
This command enables sending summary (type 3) advertisements into a stub area or NSSA on an ABR.
This parameter is particularly useful to reduce the size of the routing and link-state database (LSDB) tables within the stub or NSSA area.
By default, summary route advertisements are sent into the stub area or NSSA.
The no form of the command disables sending summary route advertisements and, for stub areas, only the default route is advertised by the ABR.
summaries
This command enables access to the context to configure an OSPF or OSPFv3 stub area and adds or removes the stub designation from the area.
External routing information is not flooded into stub areas. All routers in the stub area must be configured with the stub command.
Existing virtual links of a non-stub area or NSSA are removed when its designation is changed to NSSA or stub.
An OSPF or OSPFv3 area cannot be both an NSSA and a stub area at the same time.
By default, an area is not a stub area.
The no form of the command removes the stub designation and configuration context from the area.
no stub
This command configures the metric used by the ABR for the default route into a stub area.
The default metric should only be configured on an ABR of a stub area.
An ABR generates a default route if the area is a stub area.
The no form of the command resets the configuration to the default value.
default-metric 1
This command configures a virtual link to connect ABRs to the backbone.
The backbone area (area 0.0.0.0) must be contiguous and all other areas must be connected to the backbone area. If it is not practical or possible to connect an area to the backbone, the ABRs must be connected via a virtual link. The two ABRs form a point-to-point-like adjacency across the transit area. A virtual link can only be configured while in the area 0.0.0.0 context.
The router-id specified in this command must be associated with the virtual neighbor. The transit area cannot be a stub area or an NSSA.
The no form of the command deletes the virtual link.
no virtual-link
This command specifies export route policies to determine which routes are exported from the routing table manager to OSPF or OSPFv3. Export policies are only in effect if OSPF or OSPv3 is configured as an ASBR.
If no export policy is specified, routes that are not OSPF or OSPFv3 are not exported from the routing table manager to OSPF or OSPFv3.
If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If multiple export commands are issued, the last command entered will override the previous command. A maximum of five policy names can be specified.
The no form of the command removes all policies from the configuration.
Refer to the 7705 SAR OS Router Configuration Guide for information on defining route policies.
no export — no export route policies specified
This command enables limits on the number of non-default, AS-external LSA entries that can be stored in the link-state database (LSDB) and specifies a wait timer before processing these entries after the limit is exceeded.
The limit value specifies the maximum number of entries that can be stored in the LSDB. Placing a limit on these LSAs in the LSDB protects the router from receiving an excessive number of external routes that consume excessive memory or CPU resources. If the number of routes reaches or exceeds the limit, the table is in an overflow state. When in an overflow state, the router will not originate any new AS-external LSAs and will withdraw all the self-originated non-default external LSAs.
The seconds value specifies the time to wait after an overflow state before regenerating and processing non-default, AS-external LSAs. The waiting period acts like a dampening period, preventing the router from continuously running shortest path first (SPF) calculations caused by the excessive number of non-default, AS-external LSAs.
The external-db-overflow must be set identically on all routers attached to any regular OSPF or OSPFv3 area. OSPF or OSPFv3 stub areas and NSSAs are excluded.
The no form of the command disables limiting the number of non-default, AS-external LSA entries.
no external-db-overflow
This command configures the preference for OSPF or OSPFv3 external routes. The preference for internal routes is set with the preference command.
A route can be learned by the router from different protocols, in which case, the costs are not comparable. When this occurs, the preference is used to decide which route will be used.
Different protocols should not be configured with the same preference. If this occurs, the tiebreaker is based on the default preferences as defined in Table 118.
Route Type | Preference | Configurable |
Direct attached | 0 | No |
Static routes | 5 | Yes |
OSPF/OSPFv3 internal | 10 | Yes |
IS-IS level 1 internal | 15 | Yes |
IS-IS level 2 internal | 18 | Yes |
OSPF/OSPFv3 external | 150 | Yes |
IS-IS level 1 external | 160 | Yes |
IS-IS level 2 external | 165 | Yes |
If multiple routes are learned with the same preference using the same protocol, the lowest-cost route is used. If multiple routes are learned with the same preference using the same protocol and the costs (metrics) are equal, the decision of which route to use is determined by the configuration of ECMP in the config>router context. Refer to the 7705 SAR OS Router Configuration Guide for information on ECMP.
Note: To configure a preference for static routes, use the config>router>static-route command. Refer to the 7705 SAR OS Router Configuration Guide for information. |
The no form of the command returns the setting to the default value.
external-preference 150 — OSPF or OSPFv3 external routes have a default preference of 150
This command specifies whether to ignore the DN (down) bit for OSPF or OSPFv3 LSA packets for this instance of OSPF or OSPFv3 on the router. When enabled, the DN bit for OSPF or OSPFv3 LSA packets will be ignored. When disabled, the DN bit will not be ignored for OSPF or OSPFv3 LSA packets.
no ignore-dn-bit
This command applies one or more (up to 5) route polices as OSPFv3 import policies. When a prefix received in an OSPFv3 LSA is accepted by an entry in an OSPFv3 import policy, it is installed in the routing table if it is the most preferred route to the destination. When a prefix received in an OSPFv3 LSA is rejected by an entry in an OSPFv3 import policy, it is not installed in the routing table even if it has the lowest preference value among all the routes to that destination. The flooding of LSAs is unaffected by OSPFv3 import policy actions.
no import
This command enables Loop-Free Alternate (LFA) computation by SPF under the OSPF or OSPFv3 routing protocol instance.
When this command is enabled, the OSPF or OSPFv3 SPF attempts to precalculate both a primary next hop and a LFA backup next hop for every learned prefix. When found, the LFA next hop is populated into the routing table along with the primary next hop for the prefix.
The no form of this command disables the LFA SPF calculation.
no loop-free alternate
This command excludes from the LFA SPF calculation any prefixes that match a prefix entry in a prefix policy. If a prefix is excluded, it is not included in the LFA SPF calculation, regardless of its priority. Prefix policies are created with the command config>router> policy-options>prefix-list (for information on prefix lists, refer to the 7705 SAR OS Router Configuration Guide, “Route Policies”).
The default action of the loopfree-alternate-exclude command, when not explicitly specified in the prefix policy, is to “reject”. Therefore, even if the default-action reject statement was not explicitly stated for the prefix policy, a prefix that does not match any entry in the policy will be used in the LFA SPF calculation.
The no form of the command deletes the excluded prefix policy.
no loop-free-alternate-exclude
This command changes the overload state of the local router so that it appears to be overloaded. When overload is enabled, the router can participate in OSPF or OSPFv3 routing, but is not used for transit traffic. Traffic destined for directly attached interfaces continues to reach the router.
To put the IGP in an overload state, enter a timeout value. The IGP will enter the overload state until the timeout timer expires or a no overload command is executed.
If no timeout is specified, the overload state is maintained indefinitely.
If the overload command is encountered during the execution of an overload-on-boot command, the overload command takes precedence. This situation could occur as a result of a saved configuration file where both parameters are saved. When the file is saved by the system, the overload-on-boot command is saved after the overload command.
Use the no form of this command to return to the default. When the no overload command is executed, the overload state is terminated regardless of the reason the protocol entered the overload state.
no overload
This command is used to determine if the OSPF or OSPFv3 stub networks should be advertised with a maximum metric value when the system goes into an overload state for any reason. When enabled, the system uses the maximum metric value. When this command is enabled and the router is in overload, all stub interfaces, including loopback and system interfaces, will be advertised at the maximum metric.
no overload-include-stub
When the router is in an overload state, the router is used only if there is no other router to reach the destination. This command configures OSPF or OSPFv3 upon bootup in the overload state until one of the following events occurs:
If no timeout is specified, the overload state is maintained indefinitely.
The no overload command does not affect the overload-on-boot function.
The no form of the command removes the overload-on-boot functionality from the configuration.
no overload-on-boot
This command configures the preference for OSPF or OSPFv3 internal routes.
A route can be learned by the router from different protocols, in which case, the costs are not comparable. When this occurs, the preference is used to decide which route will be used.
Different protocols should not be configured with the same preference. If this occurs, the tiebreaker is based on the default preferences as defined in Table 118. If multiple routes are learned with the same preference using the same protocol and the costs (metrics) are equal, the decision of which route to use is determined by the configuration of ECMP in the config>router context. Refer to the 7705 SAR OS Router Configuration Guide for information on ECMP.
The no form of the command resets the preference configuration to the default value.
preference 10 — OSPF or OSPFv3 internal routes have a preference of 10
This command configures the reference bandwidth used to calculate the default costs of interfaces based on their underlying link speed.
The default interface cost is calculated as follows:
cost = reference bandwidth/bandwidth
The default reference bandwidth is 100 000 000 kb/s or 100 Gb/s; therefore, the default auto-cost metrics for various link speeds are as follows:
The reference-bandwidth command assigns a default cost to the interface based on the interface speed. To override this default cost on an interface, use the metric command in the config>router>ospf>area>interface ip-int-name context or config>router >ospf3>area> interface ip-int-name context.
The no form of the command resets the reference bandwidth to the default value.
reference-bandwidth 100000000
This command configures the router ID for a specific VPRN context. If the router ID is not defined under VPRN, the router ID from the base router context is inherited.
When configuring the router ID in the base instance of OSPF or OSPFv3, the value overrides the router ID configured in the config>router context.
The default value for the base instance is inherited from the configuration in the config>router context. If the router ID in the config>router context is not configured, the following applies:
When configuring a new router ID, the instance is not automatically restarted with the new router ID. The next time the instance is initialized, the new router ID is used.
To force the new router ID to be used, issue the shutdown and no shutdown commands for the instance, or reboot the entire router.
The no form of the command to resets the router ID to the default value.
0.0.0.0 (base OSPF)
This command specifies whether CE-PE functionality is required. The OSPF super-backbone indicates the type of the LSA generated as a result of routes redistributed into OSPF. When enabled, the redistributed routes are injected as summary, external, or NSSA LSAs. When disabled, the redistributed routes are injected as either external or NSSA LSAs only.
no super-backbone
This command specifies whether to suppress the setting of the DN (down) bit for OSPF or OSPFv3 LSA packets generated by this instance of OSPF or OSPFv3 on the router. When enabled, the DN bit will not be set. When disabled, this instance of the OSPF or OSPFv3 router will follow the usual procedure to determine whether to set the DN bit.
no suppress-dn-bit
This command enables the context that allows for the configuration of OSPF or OSPFv3 timers. Timers control the delay between receipt of an LSA requiring an SPF calculation and the minimum time between successive SPF calculations.
Changing the timers affects CPU usage and network reconvergence times. Lower values reduce reconvergence time but increase CPU usage. Higher values reduce CPU usage but increase reconvergence time.
n/a
This command defines the minimum delay that must pass between receipt of the same LSAs arriving from neighbors.
It is recommended that the configured lsa-generate lsa-second-wait interval for the neighbors be equal to or greater than the lsa-arrival-time.
Use the no form of this command to return to the default.
no lsa-arrival
This command customizes the throttling of OSPF or OSPFv3 LSA generation. Timers that determine when to generate the first, second, and subsequent LSAs can be controlled with this command. Subsequent LSAs are generated at increasing intervals of the lsa-second-wait timer until a maximum value is reached.
It is recommended that the lsa-arrival-time be equal to or less than the lsa-second-wait interval.
Use the no form of this command to return to the default.
no lsa-generate
When an LSA is generated, the initial wait period commences. If, within the specified lsa-initial-wait period, another topology change occurs, the lsa-initial-wait timer applies.
This command defines the maximum interval between two consecutive SPF calculations in milliseconds. Timers that determine when to initiate the first, second, and subsequent SPF calculations after a topology change occurs can be controlled with this command. Subsequent SPF runs (if required) will occur at exponentially increasing intervals of the spf-second-wait interval. For example, if the spf-second-wait interval is 1000, the next SPF will run after 2000 ms, and the next SPF will run after 4000 ms, and so on, until it reaches the spf-wait value. The SPF interval will stay at the spf-wait value until there are no more SPF runs scheduled in that interval. After a full interval without any SPF runs, the SPF interval will drop back to spf-initial-wait.
The timer must be entered in increments of 100 ms. Values entered that do not match this requirement will be rejected.
Use the no form of this command to return to the default.
no spf-wait
This command specifies the type of extended community attribute exchanged using BGP to carry the OSPF VPN domain ID. The command applies to VPRN instances of OSPF only. An attempt to modify the value of this attribute will result in an inconsistent value error when the instance is not a VPRN instance. The parameters are mandatory and can be entered in any order.
This command is not supported in the ospf3 context.
no vpn-domain
This command specifies the route tag for an OSPF VPN on a PE router and is used mainly to prevent routing loops. This field is set in the tag field of the OSPF external LSAs generated by the PE. The command applies to VPRN instances of OSPF only. An attempt to modify the value of this tag will result in an inconsistent value error when the instance is not a VPRN instance.
This command is not supported in the ospf3 context.
vpn-tag 0
This command enables the context to configure IGMP parameters.
The no form of the command disables IGMP.
disabled
This command enables the context to configure IGMP interface parameters.
This command enables or disables the IGMP router alert check option.
The no form of the command enables the router alert check.
no disable-router-alert-check
This command imports a policy to filter IGMP packets on this interface.
The no form of the command removes the policy association from the IGMP instance.
no import
This command specifies the maximum number of groups for which IGMP can have local receiver information based on received IGMP reports on this interface. When this configuration is changed dynamically to a value lower than the currently accepted number of groups, the groups that are already accepted are not deleted. Only new groups will not be allowed.
The no form of the command removes the value.
0 — no limit to the number of groups
This command configures the maximum number of group sources for which IGMP can have local receiver information based on received IGMP reports on this interface. When this configuration is changed dynamically to a value lower than the currently accepted number of group sources, the group sources that are already accepted are not deleted. Only new group sources will not be allowed.
The no form of the command reverts to the default.
0
This command enables the context to configure group ranges that are translated to SSM (S,G) entries. If the static entry needs to be created, it must be translated from an IGMPv1 or IGMPv2 request to a Source Specific Multicast (SSM) join request. An SSM translate source can only be added when the starg command is not enabled. An error message is generated when trying to configure the source command while the starg command is enabled.
This command is used to configure group ranges that are translated to SSM (S,G) entries.
This command specifies the source IP address for the group range. Whenever a (*,G) report is received and is in the range specified by grp-range start and end parameters, it is translated to an (S,G) report where ip-address is the source address.
This command accesses the context to test forwarding on an interface without a receiver host. When enabled, data is forwarded to an interface without having received membership reports from host members.
n/a
This command adds a static multicast group as either a (*,G) record or one or more (S,G) records. Use IGMP static group memberships to test multicast forwarding when there is no receiver host. When IGMP static groups are enabled, data is forwarded to an interface without receiving membership reports from host members.
When static IGMP group entries on point-to-point links that connect routers to a rendezvous point (RP) are configured, the static IGMP group entries do not generate join messages toward the RP.
n/a
This command specifies the source address of the multicast group. It is an IPv4 unicast address. By specifying the source address, a multicast receiver host signals to the router that the multicast group will only be receiving multicast traffic from this specific source.
The source command and the specification of individual sources for the same group are mutually exclusive.
The source command, in combination with the group command, is used to create a specific (S,G) static group entry.
The no form of the command removes the source from the configuration.
n/a
This command enables or disables subnet checking for IGMP messages received on this interface. All IGMP packets with a source address that is not in the local subnet are dropped.
The no form of the command disables subnet-check.
enabled
This command specifies the IGMP version. If routers run different versions of IGMP, they negotiate the lowest common version of IGMP that is supported by hosts on their subnet and operate in that version. For IGMP to function correctly, all routers on a LAN should be configured to run the same version of IGMP.
For IGMPv3, a multicast router that is also a group member performs both parts of IGMPv3, receiving and responding to its own IGMP message transmissions as well as those of its neighbors.
3
This command specifies the frequency at which the querier router transmits general host-query messages. The host-query messages solicit group membership information and are sent to the all-systems multicast group address, 224.0.0.1.
125
This command configures the frequency at which the querier sends group-specific query messages, including messages sent in response to leave-group messages; the shorter the interval, the faster the detection of the loss of the last member of a group.
1
This command specifies how long the querier router waits to receive a response to a host-query message from a host.
10
This command configures the robust count. The robust-count allows adjusting for the expected packet loss on a subnet. If a subnet anticipates losses, the robust-count can be increased.
2
This command configures a Protocol Independent Multicast (PIM) instance in the VPRN service. When a PIM instance is created, the protocol is enabled. PIM is used for multicast routing within the network. Devices in the network can receive the requested multicast feed and non-participating routers can be pruned. The router supports PIM sparse mode (PIM-SM).
The no form of the command deletes the PIM protocol instance, removing all associated configuration parameters.
n/a
This command creates a PIM interface configured with default parameters.
If a manually created interface or a modified interface is deleted, the interface will be recreated when the apply-to command is executed. If PIM is not required on a specific interface, execute a shutdown command on the interface.
The apply-to command is saved first in the PIM configuration structure; all subsequent apply-to commands either create new structures or modify the defaults as created by the apply-to command.
none
This command specifies up to five import route policies to be used for determining which routes are accepted from peers. Route policies are configured in the config>router>policy-options context. When an import policy is not specified, BGP routes are accepted by default.
The no form of the command removes the policy associations from the PIM instance for the specified type.
no import join-policy no import register-policy
This command enables PIM on an interface and enables the context to configure interface-specific parameters. By default, interfaces are activated in PIM based on the apply-to command, and do not have to be configured on an individual basis unless the default values must be changed.
The no form of the command deletes the PIM interface configuration for this interface. If the apply-to command parameter is configured, then the no interface form must be saved in the configuration to avoid automatic recreation of the interface after the next apply-to command is executed as part of a reboot.
The shutdown command can be used to disable an interface without removing the configuration for the interface.
Interfaces are activated in PIM based on the apply-to command.
This command configures the time between refreshes of PIM assert messages on an interface.
The no form of the command reverts to the default.
60
This command enables the use of bidirectional forwarding (BFD) to control the state of the associated protocol interface. By enabling BFD on a protocol interface, the state of the protocol interface is tied to the state of the BFD session between the local node and the remote node. The parameters used for the BFD session are set via the bfd command under the IP interface.
The no form of this command removes BFD from the associated IGP protocol adjacency.
no bfd-enable
This command configures the interval at which PIM hello messages are transmitted on this interface.
The no form of this command reverts to the default value.
30
This command configures the multiplier used to determine the hold time for a PIM neighbor.
The hello-multiplier in conjunction with the hello-interval determines the hold time for a PIM neighbor.
hello hold-time = (hello-interval * hello-multiplier) / 10
This allows the PIMv2 default timeout of 3.5 s to be supported. For example, if hello-interval = 1 s, and hello-multiplier = 35 deci-units, then hold-time = (1 * 35) / 10 = 3.5 s.
This command enables or disables instant PruneEcho for a PIM interface.
no instant-prune-echo
This command administratively disables or enables PIM operation for IPv4.
no ipv4-multicast-disable
This command configures the maximum number of groups for which PIM can have a downstream state based on received PIM join messages on this interface. This number does not include IGMP local receivers on the interface. When this configuration is changed dynamically to a value lower than the currently accepted number of groups, the groups that are already accepted are not deleted. Only new groups will not be allowed. When this configuration has a value of 0, there is no limit to the number of groups.
This command sets the priority value for the interface to become the designated router (DR), so that multiple PIM routers do not exist on one Layer 2 network.
The no form of the command resets the priority to the default value.
1 (the router is least likely to become the designated router)
This command enables sticky-dr operation on this interface. When enabled, the priority value used in PIM hello messages sent on this interface when elected as the designated router (DR) is changed to the value configured with this command. This is done to avoid forwarding delays caused by DR recovery, which occurs when switching back to the old DR on a LAN when the old DR comes back up.
By enabling sticky-dr on this interface, the interface continues to act as the DR for the LAN even after the old DR comes back up.
When sticky-dr is used without the priority keyword, the sticky-dr priority value is 1024 (default).
The no form of the command disables sticky-dr operation on this interface.
disabled (no sticky-dr)
This command configures the compatibility mode to enable three-way hello. By default, three-way hello is disabled on all interfaces and the standard two-way hello is supported.
no three-way-hello
This command sets the T-bit in the LAN prune delay option of the hello message. This indicates the router's capability to disable join-message suppression.
no tracking-support
This command specifies whether the router should ignore the designated router state and attract traffic even when it is not the designated router.
An operator can configure an interface (router or IES or VPRN interfaces) with IGMP and PIM. The interface IGMP state will be synchronized to the backup node if it is associated with the redundant peer port. The interface can be configured to use PIM, which will cause multicast streams to be sent to the elected DR only. The DR will also be the router sending traffic to the DSLAM. Since it may be required to attract traffic to both routers, a non-dr-attract-traffic flag can be used in the PIM context to have the router ignore the DR state and attract traffic when it is not the DR. While using this flag, the router may not send the stream to the DSLAM when it is not the DR.
The no form of the command disables the DR state. When disabled, the DR state is used.
no non-dr-attract-traffic
This command enables access to the context to configure the rendezvous point (RP) of a PIM protocol instance.
A PIM router acting as an RP must respond to a PIM register message that specifies an SSM multicast group address by sending stop register messages to the first-hop router. The PIM router does not build an (S, G) shortest path tree toward the first-hop router. An SSM multicast group address can be an address either from the SSM default range of 232/8 or from a multicast group address range that was explicitly configured for SSM.
rp enabled when PIM is enabled
This command exports policies to control the flow of bootstrap messages from the RP. Up to five policies can be defined.
The no form of this command removes the specified policy names from the configuration.
n/a
This command imports policies to control the flow of bootstrap messages to the RP. Up to five policies can be defined.
The no form of this command removes the specified policy names from the configuration.
n/a
This command enables the RIP protocol on a VPRN interface.
The no form of the command disables the RIP protocol on a VPRN interface.
This command sets the authentication password to be passed between RIP neighbors. The authentication type and authentication key must match exactly in order for the RIP message to be considered authentic.
The authentication key can be any combination of ASCII characters up to 16 characters long. The hash-key can be any combination of ASCII characters up to 33 characters long.
The no form of the command removes the authentication password from the configuration and disables authentication.
no authentication-key
This command sets the type of authentication to be used between RIP neighbors. Authentication type can be specified regardless of the configured send and receive parameters, but will only apply to RIPv2 packets.
The type and password must match exactly for the RIP message to be considered authentic and processed.
The no form of the command removes the authentication type from the configuration and disables authentication.
no authentication-type
This command enables checking for zero values in fields specified to be zero by the RIPv1 and RIPv2 specifications.
The check-zero enable command enables checking of the mandatory zero fields in the RIPv1 and RIPv2 specifications and rejecting of non-compliant RIP messages.
The check-zero disable command disables this check and allows the receipt of RIP messages even if the mandatory zero fields are non-zero.
The check-zero command can be enabled at all three RIP levels. The most specific value is used. If no check-zero value is set (no check-zero), the setting from the less-specific level is inherited by the lower level.
The no form of the command disables check-zero on the configuration.
no check-zero
This command specifies the export policies to be used to control routes advertised to RIP neighbors.
By default, when no export policies are specified, RIP routes are advertised and non-RIP routes are not advertised.
The no form of the command removes all route policy names from the export list.
no export
This command configures the maximum number of routes (prefixes) that can be exported into RIP from the route table.
The no form of the command removes the configured parameter values.
no export-limit
This command creates a context for configuring a RIP group of neighbors.
RIP groups logically associate RIP neighbor interfaces to facilitate a common configuration for RIP interfaces.
The no form of the command deletes the RIP neighbor interface group. Deleting the group will also remove the RIP configuration of all the neighbor interfaces currently assigned to this group.
no group
This command specifies the import policy to be used to control routes advertised from RIP neighbors.
By default, RIP accepts all routes from RIP neighbors. Import policies can be used to limit or modify the routes accepted and their corresponding parameters and metrics.
The no form of the command removes all route policy names from the import list.
no import
This command configures the maximum number of routes per RIP update message.
By default, each update can contain a maximum of 25 route advertisements. This limit is imposed by RIP specifications. RIP can be configured to send as many as 255 routes per update.
The no form of the command reverts to the default value.
no message-size
This command configures the metric added to routes received from a RIP neighbor. The specified metric value is added to the hop count and shortens the maximum distance of the route.
When applying an export policy to a RIP configuration, the policy overrides the metric values determined through calculations involving the metric-in and metric-out values.
The no form of the command reverts to the default value.
no metric-in
This command configures the metric added to routes exported into RIP and advertised to RIP neighbors. The specified metric value is added to the hop count and shortens the maximum distance of the route.
When applying an export policy to a RIP configuration, the policy overrides the metric values determined through calculations involving the metric-in and metric-out values.
The no form of the command removes the command from the configuration and resets the metric-in value to the default.
no metric-out
This command creates a context for configuring a RIP neighbor interface.
By default, interfaces are not activated unless explicitly configured.
The no form of the command deletes the RIP interface configuration for this interface. The shutdown command in the config>router>rip>group>neighbor context can be used to disable an interface without removing the configuration for the interface.
no neighbor
If the IP interface name does not exist or does not have an IP address configured, an error message will be returned.
This command configures the route preference assigned to RIP routes. This value can be overridden by route policies.
The no form of the command reverts to the default value.
no preference
This command allows the RIP metric to be used to set the MP-BGP MED attribute when RIP is used as the CE-PE routing protocol for VPRNs. This is similar to the way the OSPF metric can be used to set the MP-BGP metric when OSPF is used as the CE-PE protocol.
MP-BGP uses the RIP metric to set the MED attribute, which is flooded throughout the MP-BGP peers and is then used to set the RIP metric at the other end and re-advertise the RIP metric to the far-end RIP neighbors.
This command configures the types of RIP updates that will be accepted and processed.
If you specify both or version-2, the RIP instance listens for, and accepts, packets sent to the broadcast (255.255.255.255) and multicast (224.0.0.9) addresses.
If version-1 is specified, the router only listens for and accepts packets sent to the broadcast address.
The default behavior is to accept and process both RIPv1 and RIPv2 messages.
The no form of the command reverts to the default value.
both
both | specifies that RIP updates in either version 1 or version 2 format will be accepted |
none | specifies that RIP updates will not be accepted |
version-1 | specifies that only RIP updates in version 1 format will be accepted |
version-2 | specifies that only RIP updates in version 2 format will be accepted |
This command specifies the type of RIP messages sent to RIP neighbors.
If multicast is specified, the router sends RIPv2 messages to the multicast (224.0.0.9) destination address.
If broadcast, or version-1 is specified, the router only listens for and accepts packets sent to the broadcast address.
The no form of this command reverts to the default value.
broadcast
broadcast | sends RIPv2 formatted messages to the broadcast address |
multicast | sends RIPv2 formatted messages to the multicast address |
none | does not to send any RIP messages (silent listener) |
version-1 | sends RIPv1 formatted messages to the broadcast address |
This command enables the use of split-horizon. RIP uses split-horizon with poison-reverse to protect from such problems as “counting to infinity”. Split-horizon with poison reverse means that routes learned from a neighbor through an interface are advertised in updates out of the same interface but with a metric of 16 (infinity).
The split-horizon disable command enables split-horizon without poison-reverse. This allows the routes to be re-advertised on interfaces other than the interface that learned the route, with the advertised metric equaling an increment of the metric-in value.
This parameter can be set at three levels: global level (applies to all groups and neighbor interfaces), group level (applies to all neighbor interfaces in the group), or neighbor level (only applies to the specified neighbor interface). The most specific value is used. If no value is set (no split-horizon), the setting from the less-specific level is inherited by the lower level.
The no form of the command disables split-horizon.
enable
This command configures values for the update, timeout, and flush RIP timers.
The RIP update timer determines how often RIP updates are sent.
If the route is not updated by the time the RIP timeout timer expires, the route is declared invalid but is maintained in the RIP database.
The RIP flush timer determines how long a route is maintained in the RIP database after it has been declared invalid. After the flush timer expires, the route is removed from the RIP database.
The no form of the command reverts all timers to their default values.
no timers
This command creates or specifies a security zone within a VPRN context. Each zone must have a unique ID.
All zones must be explicitly created with the create keyword. If no zones are created within a service or router context, a zone will not exist on that object.
Enter an existing zone without the create keyword to edit zone parameters.
The no form of this command deletes the zone. When a zone is deleted, all configuration parameters for the zone are also deleted.
This command discards changes made to a security feature.
n/a
This command enters the mode to create or edit security features.
n/a
This command saves changes made to security features.
n/a
This command creates a security zone on automatically bound GRE, MPLE, or LDP transport tunnels configured for this service. Depending on how the security policy is configured, any traffic entering or exiting the zone is firewalled; traffic traveling between auto-bind LSPs in the zone is not firewalled.
n/a
This command enables the context to configure limit parameters on inbound security sessions.
n/a
This command enables the context to configure limit parameters for outbound security sessions on the CSM.
n/a
This command enables the context to configure limits on concurrent sessions for inbound or outbound firewall sessions on the CSM.
n/a
This command configures the maximum number of concurrent firewall sessions that can be established per zone, in either the inbound or outbound direction.
n/a
This command creates a logical IP routing interface for a zone. Once created, attributes such as an IP address can be associated with the IP interface. Multiple interfaces can be configured on a zone.
The no form of this command removes the IP interface and all the associated configurations.
This command configures a log identifier for the specified zone. A log identifier can be configured in the config>router>zone context and the config>security>policy context.
The no form of this command removes logging for the zone.
This command configures a zone name. The zone name is unique within the system. It can be used to refer to the zone under configure, show, and clear commands.
This command enters the context to configure NAT security parameters for a zone.
This command configures the NAT pool for the security zone within a VPRN service. Each pool must have a unique ID.
All pools must be explicitly created with the create keyword.
Enter an existing pool without the create keyword to edit pool parameters.
The no form of this command deletes the specified NAT pool. When a pool is deleted, all configuration parameters for the pool will also be deleted.
This command configures the NAT pool direction for the security zone. A specific NAT pool can be configured for different directions while using the same policy. For example, if the security policy entry direction is set to both, separate inbound and outbound pools can be created for that policy.
The no form of this command deletes the direction.
This command configures a NAT pool entry within a VPRN service.
The no form of this command deletes the entry with the specified ID. When an entry is deleted, all configuration parameters for the entry will also be deleted.
This command configures the source IP address or IP address range to which packets that match NAT policy are routed using NAT. An interface can also be configured, in which case all packets that match NAT policy are routed to the interface IP address. If the interface IP address is changed dynamically, NAT is updated accordingly. Only one IP address can be associated with an IP interface. Source IP addresses and interfaces cannot be used together in a single NAT pool.
The IP address for the interface must be entered in dotted-decimal notation.
The no form of the command removes the IP address assignment. The no form of this command can only be performed when the IP interface is administratively shut down. Shutting down the IP interface brings the interface operationally down.
This command configures the UDP/TCP port or port range. Packets that match NAT policy undergo network port address translation (NPAT) and are routed to their source UDP/TCP port. Configuring a UDP/TCP port pool requires an IP-address pool because the 7705 SAR does not support port address translation (PAT) alone.
The no form of this command deletes the port or port range.
This command configures a zone pool name. Pool names must be unique within the group of pools defined for a zone. It can be used to refer to the pool under configure, show, and clear commands.
This command sets the policy to be used by the security zone to build its matching criteria for incoming packets.
The no form of this command deletes the specified policy.
This command enables the context to configure MVPN-related parameters for the IP VPN.
This command enables MVPN membership auto-discovery through BGP. When auto-discovery is enabled, PIM peering on the inclusive provider tunnel is disabled. Changing the auto-discovery configuration requires a shutdown of this VPRN instance.
default
This command specifies BGP for PE-to-PE signaling of CE multicast states.
bgp
This command allows the restriction of an MVPN instance per PE node to a specific role. By default, an MVPN instance on a PE node assumes the role of a sender as well as a receiver. This creates a mesh of MDT/PMSI across all PE nodes from this PE.
This command provides an option to configure either a sender-only or receiver-only mode per PE node. Restricting the role of a PE node avoids creating a full mesh of MDT/PMSI across all PE nodes that are participating in the MVPN instance.
The no version of this command restores the default (sender-receiver).
sender-receiver
This command enables the context to configure tunnel parameters for the MVPN.
This command enables the context for specifying inclusive provider tunnels.
This command enables the use of an mLDP LSP for the provider tunnel.
no mldp
This command administratively disables or enables the use of an mLDP LSP for the provider tunnel.
no shutdown
This command enables the context to specify selective provider tunnel parameters.
n/a
This command specifies the interval, in seconds, before a PE router connected to the source switches traffic from the inclusive provider tunnel to the selective provider tunnel.
The no form of the command resets the value to the default.
3 s
This command specifies the data rate threshold that triggers the switch from the inclusive provider tunnel to the selective provider tunnel for (C-S, C-G) within the group range. Optionally, PE thresholds for creating or deleting NG-MVPN S-PMSI may also be specified. Omitting the PE thresholds preserves the currently set value (or defaults, if never set). Multiple statements (one per unique group) are allowed in the configuration.
The no form of the command removes the values from the configuration.
no data-threshold
c-grp-ip-addr | multicast group address a.b.c.d | ||
mask | 4 to 32 | ||
netmask | a.b.c.d (network bits all 1 and host bits all 0) |
This command specifies the maximum number of LDP point-to-multipoint S-PMSI tunnels for the MVPN. When the limit is reached, no more LDP point-to-multipoint S-PMSI tunnels are created and traffic over the data threshold will stay on I-PMSI.
10
This command specifies which upstream multicast hop (UMH) selection mechanism to use, highest IP address, hash-based, or preferred unicast route.
The no form of the command resets it back to the default.
umh-selection highest-ip
This command specifies the export policy (up to 15) to control MVPN routes exported from the local VRF to other VRFs on the same or remote PE routers.
vrf-export unicast
This command specifies the import policy (up to 15) to control MVPN routes imported to the local VRF from other VRFs on the same or remote PE routers.
vrf-import unicast
This command specifies the route target to be added to the advertised routes or compared against the received routes from other VRFs on the same or remote PE routers. The VRF import or VRF export policies override the VRF target policy.
The no form of the command removes the VRF target.
no vrf-target
target:{ip-address:comm-val | 2byte-asnumber:ext-comm-val | 4byte-asnumber:comm-val} | ||
ip-address: | a.b.c.d | |
comm-val: | 0 to 65535 | |
2byte-asnumber: | 0 to 65535 | |
ext-comm-val: | 0 to 4294967295 | |
4byte-asnumber | 0 to 4294967295 |
This command specifies communities to be sent to peers.
target:{ip-address:comm-val | 2byte-asnumber:ext-comm-val | 4byte-asnumber:comm-val} | ||
ip-address: | a.b.c.d | |
comm-val: | 0 to 65535 | |
2byte-asnumber: | 0 to 65535 | |
ext-comm-val: | 0 to 4294967295 | |
4byte-asnumber | 0 to 4294967295 |
This command specifies communities to be accepted from peers.
target:{ip-address:comm-val | 2byte-asnumber:ext-comm-val | 4byte-asnumber:comm-val} | ||
ip-address: | a.b.c.d | |
comm-val: | 0 to 65535 | |
2byte-asnumber: | 0 to 65535 | |
ext-comm-val: | 0 to 4294967295 | |
4byte-asnumber | 0 to 4294967295 |
This command enables the context to configure router advertisement properties for all VPRN IPv6-enabled interfaces. By default, the command is disabled for all IPv6-enabled interfaces.
The no form of the command disables router advertisement on all IPv6 interfaces.
no router-advertisement
This command configures router advertisement properties on a specified interface. The interface name must already exist in the config>service>vprn>interface context.
The no form of the command disables router advertisement on the specified router interface.
n/a
This command configures the current hop limit in the router advertisement messages. It informs the nodes on the subnet about the hop limit when originating IPv6 packets.
64
This command sets the managed address configuration flag. This flag indicates that DHCPv6 is available for address configuration in addition to any address autoconfigured using stateless address autoconfiguration.
no managed-configuration
This command configures the maximum interval between sending router advertisement messages.
600
This command configures the minimum interval between sending ICMPv6 router advertisement messages.
200
This command configures the MTU for the nodes to use when sending packets on the link.
The no form of the command means that the MTU option is not sent in the router advertisement messages.
no mtu
This command sets the “Other configuration” flag. This flag indicates that DHCPv6lite is available for autoconfiguration of other (non-address) information such as DNS-related information or information on other servers in the network.
no other-stateful configuration
This command configures an IPv6 prefix in the router advertisement messages. To support multiple IPv6 prefixes, use multiple prefix statements. No prefix is advertised until it is explicitly configured using prefix statements.
n/a
This command specifies whether the prefix can be used for stateless address autoconfiguration.
autonomous
This command specifies whether the prefix can be used for on-link determination.
on-link
This command configures the time that this prefix will continue to be preferred (time until deprecation). The address generated from a deprecated prefix should not be used as a source address in new communications. However, packets received on such an interface are processed as expected.
604800
This command specifies the length of time, in seconds, that the prefix is valid for the purpose of onlink determination. The address generated from an invalidated prefix should not appear as the destination or source address of a packet.
2592000
This command configures how long the router should be considered reachable by other nodes on the link after receiving a reachability confirmation.
no reachable-time
This command configures the retransmission frequency of neighbor solicitation messages.
no retransmit-time
This command configures the router lifetime.
no router-lifetime
For complete descriptions of all local DHCP and DHCPv6 server commands, refer to the Router Configuration Guide, “Local DHCP and DHCPv6 Server Commands”.
This command creates a local DHCP or DHCPv6 server instance. A local DHCP or DHCPv6 server can serve multiple interfaces but is limited to the routing context in which it was created.
The no form of the command removes the local DHCP or DHCPv6 server instance.
n/a
This command creates a logical IP routing interface for a Virtual Private Routed Network (VPRN). Once created, attributes such as an IP address and a service access point (SAP) can be associated with the IP interface.
The interface command, under the context of services, is used to create and maintain IP routing interfaces within VPRN service IDs. The interface command can be executed in the context of a VPRN service ID. The IP interface created is associated with the VPRN service routing instance and VPRN service routing table.
Interface names are case-sensitive and must be unique within the group of defined IP interfaces defined for config router interface and config service vprn interface. Interface names must not be in the dotted-decimal notation of an IP address. For example, the name “1.1.1.1” is not allowed, but “int-1.1.1.1” is allowed. Show commands for router interfaces use either interface names or the IP addresses. Use unique IP address values and IP address names to maintain clarity. It could be unclear to the user if the same IP address and IP address name values are used. Although not recommended, duplicate interface names can exist in different router instances.
When a new name is entered, a new logical router interface is created. When an existing interface name is entered, the user enters the router interface context for editing and configuration.
There are no default IP interface names defined within the system. All VPRN IP interfaces must be explicitly defined. Interfaces are created in an enabled state.
The no form of this command removes the interface and all the associated configurations. The interface must be administratively shut down before issuing the no interface command.
This command assigns an IP address, IP subnet, and broadcast address format to a VPRN IP router interface.
An IP address must be assigned to each VPRN IP interface. An IP address and a mask are used together to create a local IP prefix. The defined IP prefix must be unique within the context of the routing instance. It cannot overlap with other existing IP prefixes defined as local subnets on other IP interfaces in the same routing context within the 7705 SAR.
The IP address for the interface can be entered in either CIDR (Classless Inter-Domain Routing) or traditional dotted-decimal notation. The show commands display CIDR notation, which is stored in configuration files.
By default, no IP address or subnet association exists on an IP interface until it is explicitly created.
Use the no form of this command to remove the IP address assignment from the IP interface. When the no address command is entered, the interface becomes operationally down, as shown in Table 119.
Address | Administrative State | Operational State |
No address | Up | Down |
No address | Down | Down |
1.1.1.1 | Up | Up |
1.1.1.1 | Down | Down |
The operational state is a read-only variable, and the only controlling variables are the address and administrative states. The address and administrative states are independent and can be set independently. If an interface is in an administratively up state and an address is assigned, it becomes operationally up and the protocol interfaces and the MPLS LSPs associated with that IP interface will be reinitialized.
The broadcast format on an IP interface can be specified when the IP address is assigned or changed.
This parameter does not affect the type of broadcasts that can be received by the IP interface. A host sending either the local broadcast (all-ones) or the valid subnet broadcast address (host-ones) will be received by the IP interface.
The broadcast parameter within the address command does not have a negation feature, which is usually used to revert a parameter to the default value. To change the broadcast type to host-ones after being changed to all-ones, the address command must be executed with the broadcast parameter defined.
This command controls the forwarding of directed broadcasts out of the IP interface.
A directed broadcast is a packet received on a local router interface destined for the subnet broadcast address on another IP interface. The allow-directed-broadcasts command on an IP interface enables or disables the transmission of packets destined for the subnet broadcast address of the egress IP interface.
When enabled, a frame destined for the local subnet on this IP interface will be sent as a subnet broadcast out this interface. Care should be exercised when allowing directed broadcasts as it is a well-known mechanism used for denial-of-service attacks.
When disabled, directed broadcast packets discarded at this egress IP interface will be counted in the normal discard counters for the egress SAP.
By default, directed broadcasts are not allowed and will be discarded at this egress IP interface.
The no form of this command disables the forwarding of directed broadcasts out of the IP interface.
no allow-directed-broadcasts
This command specifies the length of time, in 100s of milliseconds, that the system waits before reissuing a failed ARP request.
The no form of the command resets the interval to the default value.
Note: The ARP retry default value of 5000 ms is intended to protect CPU cycles on the 7705 SAR, especially when it has a large number of interfaces. Configuring the ARP retry timer to a value shorter than the default should be done only on mission-critical links, such as uplinks or aggregate spoke SDPs transporting mobile traffic; otherwise, the retry interval should be left at the default value. |
50 (in 100s of ms)
This command configures the minimum time, in seconds, that an ARP entry learned on the IP interface will be stored in the ARP table. ARP entries are automatically refreshed when an ARP request or gratuitous ARP is seen from an IP host; otherwise, the ARP entry is aged from the ARP table. If arp-timeout is set to a value of 0 s, ARP aging is disabled.
The no form of this command restores arp-timeout to the default value.
14400 s
This command specifies the BFD parameters for the associated IP interface. If no parameters are defined, the default values are used.
The multiplier specifies the number of consecutive BFD messages that must be missed from the peer before the BFD session state is changed to down. In addition, the Route Table Manager (RTM) is notified and the static routes with BFD enabled will go down, based on BFD status.
The no form of the command removes BFD from the associated IGP protocol adjacency.
no bfd
Note: The BFD session must be disabled before the type np parameter can be changed. The type np parameter is only supported on VPRN services for SAPs. |
This command configures the IP maximum transmit unit (packet) for this interface.
The default value is derived from the port MTU.
The no form of the command returns the default value.
no ip-mtu — uses the value derived from the port MTU
This command allows access to the Internet Protocol Control Protocol (IPCP) context within the interface configuration. Within this context, IPCP extensions can be configured to define such things as the remote IP address and DNS IP address to be signaled via IPCP on the associated PPP interface.
This command is only applicable if the associated SAP/port is a PPP/MLPPP interface.
n/a
This command defines the DNS addresses to be assigned to the far end of the associated PPP/MLPPP link via IPCP extensions.
This command is only applicable if the associated SAP/port is a PPP/MLPPP interface with an IPCP encapsulation.
The no form of the command deletes the specified primary DNS address, the secondary DNS address, or both addresses from the IPCP extension peer-ip-address configuration.
no dns
This command defines the remote IP address to be assigned to the far end of the associated PPP/ MLPPP link via IPCP extensions.
This command is only applicable if the associated SAP/port is a PPP/MLPPP interface with an IPCP encapsulation.
The interface must be shut down to modify the IPCP configuration.
The no form of the command deletes the IPCP extension peer-ip-address configuration.
no peer-ip-address (0.0.0.0)
This command configures Layer 4 load balancing at the interface level. Configuration must be done on the ingress network interface (that is, the interface on the node that the packet is received on). When enabled, Layer 4 source and destination port fields of incoming TCP/UDP packets are included in the hashing calculation to randomly determine the distribution of packets.
You can add additional fields to generate more randomness and more equal distribution of packets with the teid-load-balancing command.
The default configuration on the interface is to match the Layer 4 load balancing configuration in the config>system context. Using this command to modify Layer 4 load-balancing configuration on an interface overrides the system-wide load-balancing settings for that interface.
This command associates the interface with a local DHCP server configured on the system. A routed VPLS interface may not be associated with a local DHCP server.
The no form of the command removes the association of the interface with the local DHCP server.
none
This command enables local proxy ARP on the interface.
Local proxy ARP allows the 7705 SAR to respond to ARP requests received on an interface for an IP address that is part of a subnet assigned to the interface. The router responds to all requests for IP addresses within the subnet with its own MAC address and forwards all traffic between the hosts in the subnet.
Local proxy ARP is used on subnets where hosts are prevented from communicating directly.
When local-proxy-arp is enabled, ICMP redirects on the ports associated with the service are automatically blocked.
no local-proxy-arp
This command specifies that the interface is a loopback interface that has no associated physical interface. If this command is enabled, a SAP cannot be defined on the interface.
no loopback
This command assigns a specific MAC address to a VPRN IP interface.
The no form of this command returns the MAC address of the IP interface to the default value.
The physical MAC address associated with the Ethernet interface that the SAP is configured on.
This command enables proxy ARP on the interface and specifies an existing policy statement that controls the flow of routing information by analyzing match and action criteria. The policy statement is configured in the config>router>policy-options context (refer to the 7705 SAR OS Router Configuration Guide, “Route Policy Command Reference, Route Policy Options”). When proxy ARP is enabled, the 7705 SAR responds to ARP requests on behalf of another device.
no proxy-arp-policy
This command enables remote proxy ARP on the interface, allowing a router on one network to respond to ARP requests intended for another node that is physically located on another network. The router effectively pretends to be the destination node by sending an ARP response to the originating node that associates the router’s MAC address with the destination node’s IP address (acts as a proxy for the destination node). The router then takes responsibility for routing traffic to the real destination.
no remote-proxy-arp
This command assigns an secondary IP address, IP subnet, and broadcast address format to the interface.
no secondary
The broadcast format on an IP interface can be specified when the IP address is assigned or changed.
This parameter does not affect the type of broadcasts that can be received by the IP interface. A host sending either the local broadcast (all-ones) or the valid subnet broadcast address (host-ones) will be received by the IP interface.
The broadcast parameter within the secondary command does not have a negation feature, which is usually used to revert a parameter to the default value. To change the broadcast type to host-ones after being changed to all-ones, the secondary command must be executed with the broadcast parameter defined.
This command configures a static address resolution protocol (ARP) entry associating a subscriber IP address with a MAC address for the core router instance. This static ARP will appear in the core routing ARP table. A static ARP can only be configured if it exists on the network attached to the IP interface. If an entry for a particular IP address already exists and a new MAC address is configured for the IP address, the existing MAC address will be replaced with the new MAC address.
Static ARP is used when a 7705 SAR needs to know about a device on an interface that cannot or does not respond to ARP requests. Therefore, the 7705 SAR OS configuration can specify to send a packet with a particular IP address to the corresponding ARP address.
The no form of the command removes a static ARP entry.
n/a
This command configures TEID load balancing at the interface level. Configuration must be done on the ingress network interface (that is, the interface on the node that the packet is received on). The TEID attribute is included in the header of GTP (general packet radio system tunneling protocol) packets. When TEID load balancing is enabled, the TEID field of incoming TCP/UDP packets is included in the hashing calculation to randomly determine the distribution of packets.
You can add additional fields to generate more randomness and more equal distribution of packets with the l4-load-balancing command.
no teid-load-balancing
This command configures an IP interface as an unnumbered interface and specifies an IP address or interface name to be used for the interface. Unnumbered interfaces are point-to-point interfaces that are not explicitly configured with a dedicated IP address and subnet; instead, they borrow (or link to) an IP address from another interface on the system (the system IP address, another loopback interface, or any other numbered interface) and use it as the source IP address for packets originating from the interface.
By default, no IP address exists on an IP interface until it is explicitly created.
The no form of the command removes the IP address assignment from the IP interface.
no unnumbered
This command enables the context to configure parameters for a VPRN IPv6 interface.
This command assigns an address to the IPv6 interface.
This command enables the context to configure DHCPv6 relay parameters for the interface.
The no form of the command disables DHCPv6 relay.
This command enables the context to configure DHCPv6 relay information options.
The no form of the command disables DHCPv6 relay information options.
This command enables the sending of interface ID options in the DHCPv6 relay packet.
The no form of the command disables the sending of interface ID options in the DHCPv6 relay packet.
This command enables the sending of the remote ID option in the DHCPv6 relay packet.
The client DHCP Unique Identifier (DUID) is used as the remote ID.
The no form of the command disables the sending of remote ID option in the DHCPv6 relay packet.
This command configures an IPv6 address to the DHCPv6 server.
The no form of the command disables the specified IPv6 address.
This command assigns the source IPv6 address of the DHCPv6 relay messages.
The no form of the command disables the specified IPv6 address.
This command enables the context to configure DHCPv6 server parameters for the VPRN interface.
The no form of the command disables the DHCPv6 server.
This command configures the maximum number of lease states installed by the DHCPv6 server function allowed on this interface.
The no form of the command returns the value to the default.
8000
This command configures prefix delegation options for delegating a long-lived prefix from a delegating router to a requesting router, where the delegating router does not require knowledge about the topology of the links in the network to which the prefixes will be assigned.
The no form of the command disables prefix delegation.
This command specifies the IPv6 prefix that is delegated by the system.
This command configures the DHCP Unique Identifier (DUID) of the DHCPv6 server client.
This command configures the IPv6 prefix preferred lifetime. The preferred-lifetime value cannot be larger than the valid-lifetime value.
The no form of the command reverts to the default value.
604800 seconds (7 days)
This command configures the time, in seconds, that the prefix is valid.
The no form of the command reverts to the default value.
2592000 seconds (30 days)
This command configures ICMPv6 parameters for the interface.
This command specifies whether, and how often, “packet-too-big” ICMPv6 messages should be sent. When enabled, ICMPv6 “packet-too-big” messages are generated by this interface.
The no form of the command disables the sending of ICMPv6 “packet-too-big” messages.
100 10
This command specifies whether, and how often, “parameter-problem” ICMPv6 messages should be sent. When enabled, “parameter-problem” ICMPv6 messages are generated by this interface.
The no form of the command disables the sending of “parameter-problem” ICMPv6 messages.
100 10
This command specifies whether, and how often, “time-exceeded” ICMPv6 messages should be sent. When enabled, ICMPv6 “time-exceeded” messages are generated by this interface.
100 10
This command specifies whether, and how often, ICMPv6 host and network destination unreachable messages are generated by this interface.
100 10
This command assigns the IPv6 link local address to the interface.
n/a
This command configures IPv6-to-MAC address mapping on the interface.
n/a
This command specifies the time that an IPv6 neighbor remains in a reachable state.
no reachable-time
This command specifies the time that an IPv6 neighbor cache entry remains in a stale state. When the specified time elapses, the system removes the neighbor cache entry.
no stale-time
This command enables the context to configure DHCP parameters.
This command configures the gateway interface address for the DHCP Relay Agent. By default, the GIADDR used in the relayed DHCP packet is the primary address of an interface. Specifying the GIADDR allows the user to choose a secondary address.
no gi-address
This command enables DHCP Option 82 (Relay Agent Information Option) parameters processing and enters the context for configuring Option 82 suboptions.
The no form of this command returns the system to the default.
no option
This command configures the processing required when the 7705 SAR receives a DHCP request that already has a Relay Agent Information Option (Option 82) field in the packet.
The no form of this command returns the system to the default value.
keep—(as per RFC 3046, DHCP Relay Agent Information Option, section 2.1.1, Reforwarded DHCP requests, the default is to keep the existing information intact. The exception to this occurs if the gi-addr (gateway interface address) of the received packet is the same as the ingress address on the router. In this case, the packet is dropped and an error is logged.)
The behavior is slightly different in the case of Vendor Specific Options (VSOs). When the keep parameter is specified, the router will insert its own VSO into the Option 82 field. This will only be done when the incoming message has an Option 82 field already.
If no Option 82 field is present, the router will not create the Option 82 field. In this case, no VSO will be added to the message.
This command sends either an ASCII tuple or the interface index (If Index) on the specified SAP ID in the circuit-id suboption of the DHCP packet. The If Index of a router interface can be displayed using the command show>router>interface> detail. This option specifies data that must be unique to the router that is relaying the circuit.
If disabled, the circuit-id suboption of the DHCP packet is left empty.
The no form of this command returns the system to the default.
ascii-tuple
This command sends the MAC address of the remote end (typically, the DHCP client) in the remote-id suboption of the DHCP packet. This command identifies the host at the other end of the circuit. If disabled, the remote-id suboption of the DHCP packet will be left empty.
The no form of this command returns the system to the default.
remote-id
This command enables the Nokia vendor-specific suboption of the DHCP relay packet and enters the context for configuring the vendor-specific suboptions.
This command enables the sending of the MAC address in the Nokia vendor-specific suboption of the DHCP relay packet.
The no form of the command disables the sending of the MAC address in the Nokia vendor- specific suboption of the DHCP relay packet.
no client-mac-address
This command enables the sending of the SAP ID in the Nokiat vendor-specific suboption of the DHCP relay packet.
The no form of the command disables the sending of the SAP ID in the Nokia vendor-specific suboption of the DHCP relay packet.
no sap-id
This command enables the sending of the service ID in the Nokia vendor-specific suboption of the DHCP relay packet.
The no form of the command disables the sending of the service ID in the Nokia vendor- specific suboption of the DHCP relay packet.
no service-id
This command specifies the vendor-specific suboption string of the DHCP relay packet.
The no form of the command returns the default value.
no string
This command specifies whether the system ID is encoded in the Nokia vendor-specific suboption of Option 82.
n/a
This command specifies a list of servers where requests will be forwarded. The list of servers can be entered as either IP addresses or fully qualified domain names. There must be at least one server specified for DHCP Relay to work. If there are multiple servers specified, the request is forwarded to all of the servers in the list. There can be a maximum of 8 DHCP servers configured.
no server
This command enables or disables trusted mode on an IP interface.
According to RFC 3046, DHCP Relay Agent Information Option, a DHCP request where the gi-addr (gateway interface address) is 0.0.0.0 and which contains an Option 82 field in the packet, should be discarded, unless it arrives on a “trusted” circuit.
If trusted mode is enabled on an IP interface, the relay agent (the 7705 SAR) will modify the request gi-addr to be equal to the ingress interface and forward the request.
This behavior only applies when the action in the Relay Agent Information Option is “keep”.
In the case where the Option 82 field is being replaced by the relay agent (action = “replace”), the original Option 82 information is lost. Thus, in this case, there is no reason for enabling the trusted option.
The no form of this command returns the system to the default.
no trusted
This command configures Internet Control Message Protocol (ICMP) parameters on a VPRN service and enters the context for configuring ICMP.
This command enables responses to ICMP mask requests on the router interface.
If a local node sends an ICMP mask request to the router interface, the mask-reply command configures the router interface to reply to the request.
By default, the router instance will reply to mask requests.
The no form of this command disables replies to ICMP mask requests on the router interface.
mask-reply
This command configures the rate at which ICMP TTL-expired messages are issued by the IP interface.
By default, generation of ICMP TTL-expired messages is enabled at a maximum rate of 100 per 10-s time interval.
The no form of this command disables limiting the rate of TTL-expired messages on the router interface.
ttl-expired 100 10
This command enables and configures the rate of ICMP host and network destination unreachable messages issued on the router interface.
The unreachables command enables the generation of ICMP destination unreachables on the router interface. The rate at which ICMP unreachables is issued can be controlled with the number and seconds parameters by indicating the maximum number of destination unreachable messages that can be issued on the interface for a given time interval.
By default, generation of ICMP destination unreachable messages is enabled at a maximum rate of 100 per 10-s time interval.
The no form of this command disables the generation of ICMP destination unreachable messages on the router interface.
unreachables 100 10
This command creates a Service Access Point (SAP) within a service when used with the create keyword. The create keyword is not needed when entering an existing SAP to edit SAP parameters.
A SAP is a combination of port and encapsulation parameters that identify the service access point on the interface and within the 7705 SAR. Each SAP must be unique.
All SAPs must be explicitly created. If no SAPs are created within a service or on an IP interface, a SAP will not exist on that object.
The SAP is owned by the service in which it was created.
A SAP can only be associated with a single service. A SAP can only be defined on a port that has been configured as an access port using the config interface port-type port-id mode access command. Channelized TDM ports are always access ports.
If a port is shut down with the shutdown command, all SAPs on that port become operationally down. When a service is shut down, SAPs for the service are not displayed as operationally down although all traffic traversing the service will be discarded. The operational state of a SAP is relative to the operational state of the port on which the SAP is defined.
To configure a VPRN interface SAP that is used for a private IPSec tunnel interface, see sap in Service Interface Tunnel Commands.
If the VPRN interface has been configured as a loopback interface with the loopback command, a SAP cannot be defined on the interface.
The no form of this command deletes the SAP with the specified port. When a SAP is deleted, all configuration parameters for the SAP will also be deleted.
no SAPs are defined
This command creates the accounting policy context that can be applied to an interface SAP.
An accounting policy must be defined before it can be associated with a SAP. Accounting policies are configured in the config log context. A maximum of one accounting policy can be associated with a SAP at one time.
If the acct-policy-id does not exist, an error message is generated.
The no form of this command removes the accounting policy association from the SAP, and the accounting policy reverts to the default.
no accounting policy
This command enables accounting and statistical data collection for either an interface SAP or network port. When applying accounting policies, the data, by default, is collected in the appropriate records and written to the designated billing file.
When the no collect-stats command is issued, the statistics are still accumulated. However, the CPU will not obtain the results and write them to the billing file. If a subsequent collect-stats command is issued, then the counters written to the billing file include all the traffic while the no collect-stats command was in effect.
collect-stats
This command enables the context to configure egress SAP QoS policies and filter policies.
If no sap-egress QoS policy is defined, the system default sap-egress QoS policy is used for egress processing. If no egress filter policy is defined, no filtering is performed.
This command enables the context to configure ingress SAP QoS policies and filter policies.
If no sap-ingress QoS policy is defined, the system default sap-ingress QoS policy is used for ingress processing. If no ingress filter policy is defined, no filtering is performed.
This command sets the aggregate rate limits (PIR and CIR) for the SAP. The agg-rate sets the PIR value. The cir-rate sets the CIR value. When aggregate rate limits are configured on a second-generation (Gen-2) Ethernet adapter card, the scheduler mode must be set to 16-priority. On a third-generation (Gen-3) Ethernet adapter card, the scheduler mode is always 4-priority. For information on adapter card generations, refer to the “Evolution of Ethernet Adapter Cards, Modules, and Platforms” section in the 7705 SAR OS Interface Configuration Guide.
Configuring the cir-rate is optional. If a cir-rate is not entered, then the cir-rate is set to its default value (0 kb/s). If a cir-rate has been set and the agg-rate is changed without re-entering the cir-rate, the cir-rate automatically resets to 0 kb/s. For example, to change the agg-rate from 2000 to 1500 while maintaining a cir-rate of 500, use the command agg-rate-limit 1500 cir 500.
If the specified SAP is a LAG SAP, then agg-rate and cir-rate can be configured regardless of the scheduler mode setting on Gen-2 or Gen-3 hardware—it is not configurable if one of the ports configured in the LAG SAP is on Gen-1 hardware. If the active port is on a Gen-3 card or platform, then agg-rate and cir-rate are applicable. If the active port is on a Gen-2 card or platform, then agg-rate and cir-rate apply when the scheduler mode is set to 16-priority. If the active port is on a Gen-1 card, then agg-rate and cir-rate are not applicable. For details on the behavior of a mix-and-match LAG SAP, refer to the “LAG Support on Third-Generation Ethernet Adapter Cards, Ports, and Platforms” and “Network LAG Traffic Management” sections in the 7705 SAR OS Interface Configuration Guide.
Note: From Release 7.0.R6, schedulers on Gen-3 adapter cards and platforms have been updated to better align with the scheduling behavior supported on the other 7705 SAR adapter cards and platforms. The updated scheduler mode is called “4-priority” scheduler-mode throughout the CLI. Prior to Release 7.0.R6, the CLI designation was “4-priority-hqos”. In the updated mode of operation, arbitration among different flows at the second-tier aggregate (per-SAP or per-VLAN) and third-tier aggregate (per-customer (MSS)) levels are carried out in a round-robin manner, scheduling cir-rate first from the shapers, followed by the pir-rate. |
Caution: Any Gen-3 adapter card or platform running Release 7.0.R6 or later software uses 4-priority scheduling instead of 4-priority-hqos scheduling, which was supported previously. The migration of scheduler mode is automatic with an upgrade and there is no operator action required. As part of the migration, all CIR values at second-tier (per-SAP and per-VLAN) and third-tier (per-customer (MSS)) aggregate shaper levels are set to zero. Operators must exercise caution when performing an upgrade to Release 7.0.R6 or later from a previous Release 7.0 version, and must adjust the affected CIR values in accordance with the needs of their applications as soon as possible. |
The no form of the command sets the agg-rate to the maximum and the cir-rate to 0 kb/s.
no agg-rate-limit
This command associates an IPv4 or IPv6 filter policy with an ingress or egress SAP or IP interface. Filter policies control the forwarding and dropping of packets based on IP matching criteria.
The filter command is used to associate a filter policy with a specified ip-filter-id or ipv6-filter-id with an ingress or egress SAP. The ip-filter-id or ipv6-filter-id must already be defined before the filter command is executed. If the filter policy does not exist, the operation will fail and an error message will be returned.
Only one filter ID can be assigned to an interface unless the interface is dual-stack (supports both IPv4 and IPv6). A dual-stack interface can have one IPv4 and one IPv6 filter ID assigned to it.
In general, filters applied to SAPs apply to all packets on the SAP. One exception is that IP match criteria are not applied to non-IP packets, in which case the default action in the filter policy applies to these packets.
The no form of this command removes any configured filter ID association with the SAP or IP interface. The filter ID is not removed from the system unless the scope of the created filter is set to local. To avoid deletion of the filter ID and only break the association with the service object, use the scope command within the filter definition to change the scope to local or global. The default scope of a filter is local.
This command specifies which dot1q tag position (top or bottom) in a qinq-encapsulated packet should be used when QoS evaluates dot1p classification.
The no form of the command restores the default dot1p evaluation behavior for the SAP, which means that the inner (bottom) tag (second tag) dot1p bits are used for classification.
By default, the dot1p bits from the inner tag service-delineating dot1q tag are used.
Table 120 shows which set of dot1p bits are used for QoS purposes when match-qinq-dot1p is configured. To use the table, find the row that represents the settings for Port/SAP Type and Match-QinQ-Dot1q Setting. Use the Existing Packet Tags column to identify which dot1q tags are available in the packet. Then use the P-bits Used for Match column to identify which dot1q tag contains the dot1p bits that are used for QoS dot1p classification.
no match-qinq-dot1p
Port/ SAP Type | Match-QinQ-Dot1p Setting 1 | Existing Packet Tags | P-bits Used for Match |
Null | n/a | None | None |
Null | n/a | Dot1p (VLAN ID 0) | None 2 |
Null | n/a | Dot1q | None 2 |
Null | n/a | TopQ BottomQ | None 2 |
Dot1Q | n/a | None | None |
Dot1Q | n/a | Dot1p (default SAP VLAN ID 0) | Dot1p P-bits |
Dot1Q | n/a | Dot1q | Dot1q P-bits |
QinQ/ X.Y | Top | TopQ BottomQ | TopQ P-bits |
QinQ/ X.Y | Default or Bottom | TopQ BottomQ | BottomQ P-bits |
QinQ/ X.0 | Top | TopQ | TopQ P-bits |
QinQ/ X.0 | Default or Bottom | TopQ | TopQ P-bits |
QinQ/ X.0 | Top | TopQ BottomQ | TopQ P-bits |
QinQ/ X.0 | Default or Bottom | TopQ BottomQ | BottomQ P-bits |
QinQ/ X.* | Top | TopQ | TopQ P-bits |
QinQ/ X.* | Default or Bottom | TopQ | TopQ P-bits |
QinQ/ X.* | Top | TopQ BottomQ | TopQ P-bits |
QinQ/ X.* | Default or Bottom | TopQ BottomQ | BottomQ P-bits |
QinQ/ 0.* | Top | None | None |
QinQ/ 0.* | Default or Bottom | None | None |
QinQ/ 0.* | Top | TopQ | TopQ P-bits |
QinQ/ 0.* | Default or Bottom | TopQ | TopQ P-bits |
QinQ/ 0.* | Top | TopQ BottomQ | TopQ P-bits |
QinQ/ 0.* | Default or Bottom | TopQ BottomQ | BottomQ P-bits |
QinQ/ *.* | Top | None | None |
QinQ/ *.* | Default or Bottom | None | None |
QinQ/ *.* | Top | TopQ | TopQ P-bits |
QinQ/ *.* | Default or Bottom | TopQ | TopQ P-bits |
QinQ/ *.* | Top | TopQ BottomQ | TopQ P-bits |
QinQ/ *.* | Default or Bottom | TopQ BottomQ | BottomQ P-bits |
Notes:
When enabled, the qinq-mark-top-only command specifies which P-bits to mark during packet egress. When disabled, both sets of P-bits are marked. When enabled, only the P-bits in the top Q-tag are marked. The no form of the command is the default state (disabled).
Table 121 shows the dot1p remarking behavior for different egress port type/SAP type combinations and qinq-mark-top-only state, where “False” represents the default (disabled) state.
If a new tag is pushed, the dot1p bits of the new tag will be zero (unless the new tag is re-marked by the egress policy. The dot1p bits are configured using the dot1p parameter under the config>qos context.
Egress Port Type/SAP Type | QinQ-mark-top-only State | Egress P-Bits Marked or Re-marked |
Null 1 | n/a | None |
Dot1q/ X 1 | n/a | Outer tag |
Dot1q/ * 2 | n/a | None |
Dot1q/ 0 2 | n/a | Outer tag |
QinQ/ X.Y 1 | False | Two outer tags 3 |
True | Outer tag 3 | |
QinQ/ X.* 1 | True or False | Outer tag |
QinQ/ X.0 1 | True or False | Outer tag |
QinQ/ 0.* 1 | True or False | None |
QinQ/ *.* 2 | True or False | None |
Notes:
no qinq-mark-top-only
This command associates a QoS policy with an ingress or egress SAP. QoS ingress and egress policies are important for the enforcement of SLA agreements. The policy ID must be defined prior to associating the policy with a SAP. If the policy-id does not exist, an error will be returned.
The qos command is used to associate both ingress and egress QoS policies. The qos command only allows ingress policies to be associated on SAP ingress and egress policies on SAP egress. Attempts to associate a QoS policy of the wrong type returns an error; for example, trying to associate an egress policy on SAP ingress.
Only one ingress and one egress QoS policy can be associated with a SAP at one time. Attempts to associate a second QoS policy of a given type returns an error.
By default, no specific QoS policy is associated with the SAP for ingress or egress, so the default QoS policy is used.
The no form of this command removes the QoS policy association from the SAP, and the QoS policy reverts to the default.
This command sets the scheduler mode for the SAP and is part of the hierarchical QoS (H-QoS) feature on the 7705 SAR.
If the mode is 4-priority, then the SAP is considered an unshaped 4-priority SAP and the agg-rate-limit cannot be changed from its default values.
If the mode is 16-priority and the agg-rate limit parameters are configured to be non-default values, then the SAP is considered a shaped SAP. If the agg-rate limit parameters are left in their default settings, the SAP is considered an unshaped, 16-priority SAP.
This command is blocked on third-generation (Gen-3) Ethernet adapter cards and platforms, such as the 6-port Ethernet 10Gbps Adapter card and the 7705 SAR-X, which only support 4-priority scheduling mode.
If the specified SAP is a LAG SAP, scheduler-mode can be configured but is not applied to Gen-3 adapter cards and platforms. If one of the ports in the LAG is on a Gen-1 adapter card, then scheduler-mode cannot be configured.
4-priority
This command applies a shaper group to a SAP. The shaper group must already be created and must be within the shaper policy assigned to the Ethernet MDA (for ingress) or port (for egress). A shaper group is a dual-rate aggregate shaper used to shape aggregate access ingress or egress SAPs at a shaper group rate. Multiple aggregate shaper groups ensure fair sharing of available bandwidth among different aggregate shapers.
The default shaper group cannot be deleted.
The no form of this command removes the configured shaper-group.
shaper-group “default”
This command binds a service to an existing Service Distribution Point (SDP).
A spoke SDP is treated like the equivalent of a traditional bridge “port”, where flooded traffic received on the spoke SDP is replicated on all other “ports” (other spoke SDPs or SAPs) and not transmitted on the port it was received on.
The SDP has an operational state that determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service is down.
The SDP must already be defined in the config>service>sdp context in order to associate it with a service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id does exist, a binding between that sdp-id and the service is created.
SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end devices can participate in the service.
Class-based forwarding is not supported on a spoke SDP used for termination on an IES or VPRN service. All packets are forwarded over the default LSP.
The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to the service. Once the binding is removed, no packets are forwarded to the far-end router. The spoke SDP must be shut down first before it can be deleted from the configuration.
n/a
This command enables the context to configure egress SDP parameters.
This command configures the static MPLS VC label used by the 7705 SAR to send packets to the far-end device in this service via this SDP.
This command enables the context to configure ingress SDP parameters.
This command associates an IPv4 or IPv6 filter policy with a spoke SDP. Filter policies control the forwarding and dropping of packets based on IP or MAC matching criteria.
The ip-filter-id or ipv6-filter-id must already be defined before the filter command is executed. If the filter policy does not exist, the operation will fail and an error message will be returned.
Only one filter ID can be assigned to an interface unless the interface is dual-stack (supports both IPv4 and IPv6). A dual-stack interface can have one IPv4 and one IPv6 filter ID assigned to it.
In general, filters applied to ingress spoke SDPs will apply to all packets on the spoke SDP. One exception is that non-IP packets are not applied to IP match criteria, so the default action in the filter policy applies to these packets.
The no form of this command removes any configured filter ID association with the spoke SDP.
This command configures the static MPLS VC label used by the far-end device to send packets to the 7705 SAR in this service via this SDP.
This command within the IP interface context binds the IP interface to the specified VPLS service name.
The system does not attempt to resolve the service name until the IP interface is placed into the administratively up state (no shutdown). Once the IP interface is administratively up, the system scans the available VPLS services that have the allow-ip-int-binding flag set for a VPLS service associated with the service name. If the IP interface is already in the administratively up state, the system immediately attempts to resolve the given service name.
This command within the VPLS binding context defines the routed IPv4 optional filter override.
This command specifies an IPv4 filter ID applied to all ingress packets entering the VPLS service. The filter overrides the existing ingress IPv4 filter applied to SAPs or SDP bindings for packets associated with the routing IP interface. The override filter is optional, and if not defined or removed, the IPv4 routed packets use the existing ingress IPv4 filter on the VPLS virtual ports.
The no form of the command removes the IPv4 routed override filter from the ingress IP interface.
n/a
This command specifies an IPv6 filter ID applied to all ingress packets entering the VPLS service. The filter overrides the existing ingress IPv6 filter applied to SAPs or SDP bindings for packets associated with the routing IP interface. The override filter is optional, and if not defined or removed, the IPv6 routed packets use the existing ingress IPv6 filter on the VPLS virtual ports.
The no form of the command removes the IPv6 routed override filter from the ingress IP interface.
n/a
This command creates or edits a virtual router ID on the service IP interface. A virtual router ID is internally represented in conjunction with the IP interface name. This allows the virtual router ID to be used on multiple IP interfaces while representing different virtual router instances.
Two VRIDs can be defined on an IP interface. One, both, or none may be defined as owner.
The no form of this command removes the specified virtual router ID from the IP interface. This terminates VRRP participation for the virtual router and deletes all references to the virtual router ID. The virtual router ID does not need to be shutdown in order to remove the virtual router instance.
n/a
This command assigns a simple text password authentication key to generate master VRRP advertisement messages and validate received VRRP advertisement messages.
If the command is re-executed with a different password key defined, the new key will be used immediately. If a no authentication-key command is executed, the password authentication key is restored to the default value. The authentication-key command can be executed at any time.
To change the current in-use password key on multiple virtual router instances:
The no form of this command restores the default value of the key.
The authentication data field contains the value 0 in all 16 octets.
The authentication-key parameter is expressed as a string consisting up to eight alpha-numeric characters. Spaces must be contained in quotation marks ( “ ” ). The quotation marks are not considered part of the string.
The string is case-sensitive and is left-justified in the VRRP advertisement message authentication data fields. The first field contains the first four characters with the first octet containing the first character. The second field holds the fifth through eighth characters. Any unspecified portion of the authentication data field is padded with the value 0 in the corresponding octet.
This option is useful when a user must configure the parameter, but for security purposes, the actual unencrypted key value is not provided.
This command configures virtual router IP addresses for backup.
This commands assigns a BFD session that provides a heart-beat mechanism for the given VRRP instance. Only one BFD session can be assigned to any given VRRP instance, but multiple VRRP sessions can use the same BFD session.
BFD controls the state of the associated interface. By enabling BFD on a given protocol interface, the state of the protocol interface is tied to the state of the BFD session between the local node and the remote node. The parameters used for the BFD session are set with the bfd-enable command under the IP interface.
The no form of this command removes BFD from the configuration.
n/a
This command configures a VRRP initialization delay timer.
no init-delay
This command assigns a specific MAC address to a VPRN IP interface.
The no form of the command returns the MAC address of the IP interface to the default value.
the physical MAC address associated with the Ethernet interface that the SAP is configured on (the default MAC address assigned to the interface, assigned by the system)
This command allows the master instance to dictate the master down timer (non-owner context only).
The master down interval is the time that the master router can be down before backup takes over. The master down interval is used to specify the master down timer. If the master down timer expires, the backup virtual router enters the master state.
no master-int-inherit
This command sets the advertisement timer and indirectly sets the master down timer on the virtual router instance. The message-interval setting must be the same for all virtual routers with the same VRID. Any VRRP advertisement message received with an advertisement interval field different from the virtual router instance configured message-interval value will be silently discarded.
The message-interval command is available for both non-owner and owner virtual routers. If the message-interval command is not executed, the default message interval is 1 s.
The no form of this command restores the default message-interval value of 1 s to the virtual router instance.
This command enables the non-owner master to reply to ICMP echo requests directed to the virtual router instance IP addresses. The ping request can be received on any routed interface.
Ping must not have been disabled at the management security level (either on the parental IP interface or based on the ping source host address). When ping reply is not enabled, ICMP echo requests to non-owner master virtual IP addresses are silently discarded.
Non-owner backup virtual routers never respond to ICMP echo requests regardless of the setting of the ping reply configuration.
The ping-reply command is only available for non-owner virtual routers. If the ping-reply command is not executed, ICMP echo requests to the virtual router instance IP addresses are silently discarded.
The no form of this command restores the default operation of discarding all ICMP echo request messages destined for the non-owner virtual router instance IP addresses.
no ping-reply
This command associates a VRRP priority control policy with the virtual router instance (non-owner context only).
n/a
This command provides the ability to override an existing non-owner master with a virtual router backup that has a higher priority. Enabling preempt mode enhances the operation of the base priority and VRRP policy ID definitions on the virtual router instance. If the virtual router cannot preempt an existing non-owner master, the affect of the dynamic changing of the in-use priority is greatly diminished.
The preempt command is only available for non-owner VRRP virtual routers. The owner cannot be preempted because the priority of non-owners can never be higher than the owner. The owner will always preempt all other virtual routers when it is available.
Non-owner backup virtual router instances will only preempt when preempt is set and the current master has an in-use message priority value less than the backup virtual router instance in-use priority.
A master non-owner virtual router will only allow itself to be preempted when the incoming VRRP advertisement message priority field value is one of the following:
The no form of this command prevents a non-owner virtual router instance from preempting another, less-desirable, virtual router.
preempt
This command configures a specific priority value for the virtual router instance. In conjunction with the optional policy command, the base priority derives the in-use priority of the virtual router instance.
The priority command is only available for non-owner VRRP virtual routers. The priority of owner virtual router instances is permanently set to 255 and cannot be changed. For non-owner virtual router instances, if the priority command is not executed, the base priority is set to 100.
The no form of this command restores the default value of 100.
This command enables the non-owner master to reply to SSH requests directed at the IP addresses of the virtual router instances. The SSH request can be received on any routed interface. SSH must not have been disabled at the management security level (either on the parental IP interface or based on the SSH source host address). Proper login and CLI command authentication are enforced.
When the ssh-reply command is not enabled, SSH packets to non-owner master virtual IP addresses are silently discarded.
Non-owner backup virtual routers never respond to SSH requests regardless of the SSH reply configuration.
The ssh-reply command is only available for non-owner VRRP virtual routers.
The no form of this command restores the default operation of discarding all SSH packets destined to the non-owner virtual router instance IP addresses.
no ssh-reply
This command allows the forwarding of packets by a standby router when sent to the virtual router MAC address.
The no form of the command specifies that a standby router should not forward traffic sent to the virtual router MAC address. The standby router should forward traffic sent to the real MAC address of the standby router.
no standby-forwarding
This command enables the non-owner master to reply to TCP port 23 Telnet requests directed at the IP addresses of the virtual router instance. The Telnet request can be received on any routed interface. Telnet must not have been disabled at the management security level (either on the parental IP interface or based on the Telnet source host address). Proper login and CLI command authentication are enforced.
If the telnet-reply command is not enabled, TCP port 23 Telnet packets to non-owner master virtual IP addresses are silently discarded.
Non-owner backup virtual routers never respond to Telnet requests regardless of the Telnet reply configuration.
The telnet-reply command is only available for non-owner VRRP virtual routers.
The no form of this command restores the default operation of discarding all Telnet packets destined for the non-owner virtual router instance IP addresses.
no telnet-reply
This command enables a non-owner master to reply to traceroute requests directed to the virtual router instance IP addresses. The command is valid only if the VRRP virtual router instance associated with this entry is a non-owner. A non-owner backup virtual router never responds to traceroute requests regardless of the traceroute reply status.
no traceroute-reply
This command enables the context for configuring TWAMP Light functionality.
disabled
This command enables the context for configuring TWAMP Light session reflector functionality. The relector functionality is enabled using the no shutdown command.
disabled
This command configures an IP address prefix containing one or more TWAMP Light session controllers. It is used to define which TWAMP Light packet prefixes the reflector will process. Once the prefix is configured, the TWAMP Light session reflector only responds to TWAMP Light packets from source addresses that are part of the prefix list.
no prefix
This command configures the specific UDP port that the session reflector listens to for TWAMP Light packets. The session controller launching the TWAMP Light packets must have the same UDP port configured as on the session reflector.
no udp-port
Note: The following command outputs are examples only; actual displays may differ depending on supported functionality and user configuration. |
This command displays service information using the range of egress labels.
If only the mandatory start-label parameter is specified, only services using the specified label are displayed.
If both start-label and end-label parameters are specified, the services using the labels in the specified range are displayed.
Use the show router ldp bindings command to display dynamic labels.
The following output is an example of service egress label information, and Table 122 describes the fields.
In the example below, services 3, 5 and 6 are IES, and services 5000 and 5001 are VPLS services.
Label | Description |
Svc Id | The ID that identifies a service |
Sdp Binding | The ID that identifies an SDP |
Type | Indicates whether the SDP binding is a spoke or a mesh |
I. Lbl | The VC label used by the far-end device to send packets to this device in this service by the SDP |
E. Lbl | The VC label used by this device to send packets to the far-end device in this service by the SDP |
Number of Bindings Found | The total number of SDP bindings that exist within the specified label range |
This command accesses the context to display information for a particular service ID. Once the particular service context has been accessed, the filtering commands listed below are available.
This command displays detailed information for all aspects of the service.
The following output is an example of service ID all information, and Table 123 describes the fields.
Label | Description |
Service Detailed Information | |
Service Id | The service identifier |
Service Type | The type of service (VPRN) |
Name | The service name |
Description | A description of the service |
Customer Id | The customer identifier |
Last Status Change | The date and time of the most recent change in the administrative or operating status of the service |
Last Mgmt Change | The date and time of the most recent management-initiated change to this service |
Admin State | The desired state of the service |
Oper State | The current operational state of the service |
Route Dist. | The route distribution number |
VPRN Type | Only valid in services that accept mesh SDP bindings. It validates the VC ID portion of each mesh SDP binding defined in the service. |
AS Number | The autonomous system number |
Router Id | The router ID for this service |
ECMP | Displays equal cost multipath information |
ECMP Max Routes | The maximum number of routes that can be received from the neighbors in the group or for the specific neighbor |
Max IPv4 Routes | The maximum number of routes that can be used for path sharing |
Max IPv6 Routes | Not applicable |
Auto Bind | The automatic binding type for the SDP assigned to this service |
Vrf Target | The route target in the VRF applied to this service |
Vrf Import | The VRF import policy applied to this service |
Vrf Export | The VRF export policy applied to this service |
SAP Count | The number of SAPs specified for this service |
SDP Bind Count | The number of SDPs bound to this service |
Service Destination Points (SDPs) | |
SDP Id | The SDP identifier |
Type | Indicates whether this service SDP binding is a spoke or a mesh |
VC Type | The VC type: ether or vlan |
VC Tag | The explicit dot1Q value used when encapsulating to the SDP far end |
Admin Path MTU | The desired largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented |
Oper Path MTU | The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented |
Far End | Specifies the IP address of the remote end of the GRE, MPLS, or IP tunnel defined by this SDP |
Delivery | Specifies the type of delivery used by the SDP: GRE, MPLS, or IP |
Admin State | The administrative state of this SDP |
Oper State | The operational state of this SDP |
Acct. Pol | The accounting policy applied to the SDP |
Collect Stats | Specifies whether accounting statistics are collected on the SDP |
Ingress Label | The label used by the far-end device to send packets to this device in this service by this SDP |
Egress Label | The label used by this device to send packets to the far-end device in this service by this SDP |
Ing mac Fltr | Not applicable |
Egr mac Fltr | Not applicable |
Ing ip Fltr | The SDP ingress filter policy ID |
Egr ip Fltr | The SDP egress filter policy ID |
Ing ipv6 Fltr | Not applicable |
Egr ipv6 Fltr | Not applicable |
Admin ControlWord | The administrative state of the control word: Preferred (control word enabled) or Not Preferred (control word disabled) |
Oper ControlWord | The operational state of the control word: True (control word enabled) or False (control word disabled) |
Last Status Change | The date and time of the most recent status change to this SDP |
Signaling | The signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on this SDP |
Last Mgmt Change | The date and time of the most recent management-initiated change to this SDP |
Class Fwding State | Not applicable |
Flags | Specifies the conditions that affect the operating status of this SAP. Display output includes: ServiceAdminDown, SapAdminDown, InterfaceAdminDown, PortOperDown, PortMTUTooSmall, L2OperDown, SapIngressQoSMismatch, SapEgressQoSMismatch, RelearnLimitExceeded, RxProtSrcMac, ParentIfAdminDown, NoSapIpipeCeIpAddr, TodResourceUnavail, TodMssResourceUnavail, SapParamMismatch, CemSapNoEcidOrMacAddr, StandByForMcRing, ServiceMTUTooSmall, SapIngressNamedPoolMismatch, SapEgressNamedPoolMismatch, NoSapEpipeRingNode |
KeepAlive Information | |
Admin State | The operating status of the keepalive protocol |
Oper State | The current status of the keepalive protocol |
Hello Time | Specifies how often the SDP echo request messages are transmitted on this SDP |
Hello Msg Len | The length of the SDP echo request messages transmitted on this SDP |
Max Drop Count | The maximum number of consecutive SDP Echo Request messages that can be unacknowledged before the keepalive protocol reports a fault |
Hold Down Time | The time to wait before the keepalive operating status is eligible to enter the alive state |
Statistics | |
I. Fwd. Pkts. | The number of forwarded ingress packets |
I. Dro. Pkts. | The number of dropped ingress packets |
I. Fwd. Octs. | The number of forwarded ingress octets |
I. Dro. Octs. | The number of dropped ingress octets |
E. Fwd. Pkts. | The number of forwarded egress packets |
E. Fwd. Octets | The number of forwarded egress octets |
Associated LSP LIST | If the SDP type is MPLS, a list of LSPs used to reach the far-end router displays. All the LSPs in the list must terminate at the IP address specified in the far-end field. If the SDP type is GRE, the following message displays: SDP delivery mechanism is not MPLS |
Number of SDPs | The total number of SDPs applied to this service ID |
Service Access Points | |
Service Id | The service identifier |
SAP | The SAP identifier |
Encap | The encapsulation type of the SAP |
Admin State | The administrative state of the SAP |
Oper State | The operating state of the SAP |
Flags | Specifies the conditions that affect the operating status of this SAP. Display output includes: ServiceAdminDown, SapAdminDown, InterfaceAdminDown, PortOperDown, PortMTUTooSmall, L2OperDown, SapIngressQoSMismatch, SapEgressQoSMismatch, RelearnLimitExceeded, RxProtSrcMac, ParentIfAdminDown, NoSapIpipeCeIpAddr, TodResourceUnavail, TodMssResourceUnavail, SapParamMismatch, CemSapNoEcidOrMacAddr, StandByForMcRing, ServiceMTUTooSmall, SapIngressNamedPoolMismatch, SapEgressNamedPoolMismatch, NoSapEpipeRingNode |
Multi Svc Site | Indicates the multiservice site that the SAP is a member of |
Last Status Change | The time of the most recent operating status change to this SAP |
Last Mgmt Change | The time of the most recent management-initiated change to this SAP |
Sub Type | The supported sub type: regular |
Dot1Q Ethertype | The value of the dot1q Ethertype |
QinQ Ethertype | The value of the qinq Ethertype |
Admin MTU | The desired largest service frame size (in octets) that can be transmitted through the SAP to the far-end router, without requiring the packet to be fragmented |
Oper MTU | The actual largest service frame size (in octets) that can be transmitted through the SAP to the far-end router, without requiring the packet to be fragmented |
Ingr IP Fltr-Id | The ingress filter policy ID assigned to the SAP |
Egr IP Fltr-Id | The egress filter policy ID assigned to the SAP |
Ingr Mac Fltr-Id | Not applicable |
Ingr IPv6 Fltr-ID | Not applicable |
Egr IPv6 Fltr-ID | Not applicable |
tod-suite | Indicates whether a time-based policy is applied to a multiservice site |
qinq-pbit-marking | Indicates the qinq P-bit marking for the service: both or top |
Ing Scheduler Mode | Indicates the ingress scheduler mode for the SAP |
Egr Scheduler Mode | Indicates the egress scheduler mode for the SAP |
Ing Agg Rate Limit | Indicates the PIR rate limit in the access ingress direction for the aggregate of the SAP queues |
Egr Agg Rate Limit | Indicates the PIR rate limit in the access egress direction for the aggregate of the SAP queues |
Ing Agg cir | Indicates the CIR rate limit in the access ingress direction for the aggregate of the SAP queues |
Egr Agg cir | Indicates the CIR rate limit in the access egress direction for the aggregate of the SAP queues |
Ing Shaper Group | Indicates the ingress shaper group for the SAP |
Egr Shaper Group | Indicates the egress shaper group for the SAP |
Q Frame-Based Acct | Not applicable |
Acct. Pol | The accounting policy applied to the SAP |
Collect Stats | Specifies whether accounting statistics are collected on the SAP |
Anti Spoofing | Not applicable |
Nbr Static Hosts | Not applicable |
QOS | |
Ingress qos-policy | The SAP ingress QoS policy ID |
Egress qos-policy | The SAP egress QoS policy ID |
Shared Q plcy | Not applicable |
Multipoint shared | Not applicable |
TWAMP-Light Reflector | |
Admin State | Displays one of the following: Up—the server or prefix is administratively enabled (no shutdown) in configuration Down—the server or prefix is administratively disabled (shutdown) in configuration |
Up Time | The time since the server process was started, measured in days (d), hours, minutes, and seconds |
Configured UDP Port | The UDP port number used |
Test Packets Rx | The total number of test packets received from session senders |
Test Packets Tx | The total number of test packets sent to session senders |
TWAMP Light Controller Prefix List | The IP address prefixes of TWAMP Light clients |
SAP Statistics | |
Last Cleared time | The date and time that a clear command was issued on the statistics |
Forwarding Engine Stats | |
Dropped | The number of packets or octets dropped by the forwarding engine |
Off. HiPrio | The number of high-priority packets or octets offered to the forwarding engine |
Off. LowPrio | The number of low-priority packets offered to the forwarding engine |
Queueing Stats (Ingress QoS Policy) | |
Dro. HiPrio | The number of high-priority packets or octets discarded, as determined by the SAP ingress QoS policy |
Dro. LowPrio | The number of low-priority packets discarded, as determined by the SAP ingress QoS policy |
For. InProf | The number of in-profile packets or octets (rate below CIR) forwarded, as determined by the SAP ingress QoS policy |
For. OutProf | The number of out-of-profile packets or octets (rate above CIR) forwarded, as determined by the SAP ingress QoS policy |
Queueing Stats (Egress QoS Policy) | |
Dro. InProf | The number of in-profile packets or octets discarded, as determined by the SAP egress QoS policy |
Dro. OutProf | The number of out-of-profile packets or octets discarded, as determined by the SAP egress QoS policy |
For. InProf | The number of in-profile packets or octets (rate below CIR) forwarded, as determined by the SAP egress QoS policy |
For. OutProf | The number of out-of-profile packets or octets (rate above CIR) forwarded, as determined by the SAP egress QoS policy |
Sap per Queue stats | |
Ingress Queue n | The index of the ingress QoS queue of this SAP, where n is the index number |
Off. HiPrio | The number of packets or octets of high-priority traffic for the SAP (offered) |
Off. LoPrio | The number of packets or octets count of low-priority traffic for the SAP (offered) |
Dro. HiPrio | The number of high-priority traffic packets or octets dropped |
Dro. LoPrio | The number of low-priority traffic packets or octets dropped |
For. InProf | The number of in-profile packets or octets (rate below CIR) forwarded |
For. OutProf | The number of out-of-profile packets or octets (rate above CIR) forwarded |
Egress Queue n | The index of the egress QoS queue of the SAP, where n is the index number |
For. InProf | The number of in-profile packets or octets (rate below CIR) forwarded |
For. OutProf | Number of out-of-profile packets or octets (rate above CIR) forwarded |
Dro. InProf | The number of in-profile packets or octets dropped for the SAP |
Dro. OutProf | The number of out-of-profile packets or octets discarded |
Service Interfaces | |
Interface | |
If Name | The name used to refer to the interface |
Admin State | The desired state of the interface |
Oper (v4/v6) | The operating state of the interface |
Protocols | The protocols supported on the interface |
IP Addr/mask | The IP address/IP subnet/broadcast address of the interface |
Details | |
If Index | The index corresponding to this interface. The primary index is 1. For example, all interfaces are defined in the Base virtual router context. |
Virt. If Index | The virtual interface index of the VPRN interface |
Last Oper Chg | The date and time of the last operating state change on the interface |
Global If Index | The global interface index of the VPRN interface |
TOS Marking | Specifies whether the ToS marking is trusted or untrusted for the interface |
If Type | The interface type |
SNTP B.Cast | Specifies whether SNTP broadcast client mode is enabled or disabled |
MAC Address | The 48-bit IEEE 802.3 MAC address |
Arp Timeout | The timeout for an ARP entry learned on the interface |
IP MTU | The IP maximum transmit unit for the interface |
ICMP Mask Reply | Specifies whether ICMP mask reply is enabled or disabled |
ARP Populate | Specifies if ARP is enabled or disabled |
Host Conn Verify | Not applicable |
LdpSyncTimer | Not applicable |
Proxy ARP Details | |
Rem Proxy ARP | Indicates whether remote proxy ARP is enabled or disabled |
Local Proxy ARP | Indicates whether local proxy ARP is enabled or disabled |
Policies | Specifies the policy statements applied to proxy ARP |
DHCP Details | |
Admin State | The desired state of DHCP |
Lease Populate | Not applicable |
Action | The processing required that occurs when the 7705 SAR receives a DHCP request that already has a Relay Agent Information Option (Option 82): |
Trusted | Indicates whether trusted mode is enabled or disabled on the IP interface |
ICMP Details | |
Redirects | The rate for ICMP redirect messages |
Unreachables | The rate for ICMP unreachable messages |
TTL Expired | The rate for ICMP TTL messages |
IPCP Address Extension Details | |
Peer IP Addr | Specifies the remote IP address to be assigned to the far-end of the associated PPP/MLPPP link via IPCP extensions |
Peer Pri DNS Addr | Specifies a unicast IPv4 address for the primary DNS server to be signaled to the far-end of the associate PPP/MLPPP link via IPCP extensions |
Peer Sec DNS Addr | Specifies a unicast IPv4 address for the secondary DNS server to be signaled to the far-end of the associate PPP/MLPPP link via IPCP extensions |
This command displays the ARP table for the VPRN instance.
The following output is an example of service ID ARP information, and Table 124 describes the fields.
Label | Description |
IP Address | The IP address of the ARP entry |
MAC Address | The MAC address of the ARP entry |
Type | Dyn—the ARP entry is a dynamic ARP entry |
Inv—the ARP entry is an inactive static ARP entry (invalid). | |
Oth—the ARP entry is a local or system ARP entry | |
Sta—the ARP entry is an active static ARP entry | |
Expiry | The age of the ARP entry |
Interface | The IP interface name associated with the ARP entry |
SAP | The port identifier of the SAP |
This command displays basic information about the service ID, including service type, description, SAPs and SDPs.
The following output is an example of service ID base information, and Table 125 describes the fields.
Label | Description |
Service Id | The service identifier |
Service Type | The type of service: VPRN |
Name | The service name |
Description | Generic information about the service |
Customer Id | The customer identifier |
Last Status Change | The date and time of the most recent status change to this service |
Last Mgmt Change | The date and time of the most recent management-initiated change to this service |
Admin State | The desired state of the service |
Oper State | The operating state of the service |
Route Dist. | The largest frame size (in octets) that the service can handle |
VPRN Type | Only valid in services that accept mesh SDP bindings. It validates the VC ID portion of each mesh SDP binding defined in the service. |
AS Number | The autonomous system number |
Router ID | The router ID for this service |
ECMP | Displays equal cost multipath information |
ECMP Max Routes | The maximum number of routes that can be received from the neighbors in the group or for the specific neighbor |
Max IPv4 Routes | The maximum number of routes that can be used for path sharing |
Auto Bind | The automatic binding type for the SDP assigned to this service |
Max IPv6 Routes | Not applicable |
Vrf Target | The route target in the VRF applied to this service |
Vrf Import | The VRF import policy applied to this service |
Vrf Export | The VRF export policy applied to this service |
SAP Count | The number of SAPs defined on the service |
SDP Bind Count | The number of SDPs bound to the service |
Service Access and Destination Points | |
Identifier | The service access (SAP) and destination (SDP) points |
Type | The signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on the SDP |
AdmMTU | The desired largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented |
OprMTU | The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented |
Adm | The administrative state of the SAP or SDP |
Opr | The operating state of the SAP or SDP |
This command enables the context to display DHCP information for the specified service.
This command displays DHCP statistics information.
The following output is an example of server ID DHCP statistics information, and Table 126 describes the fields.
Label | Description |
DHCP Global Statistics, service x | |
Rx Packets | The number of packets received from the DHCP clients |
Tx Packets | The number of packets transmitted to the DHCP clients |
Rx Malformed Packets | The number of corrupted/invalid packets received from the DHCP clients |
Rx Untrusted Packets | The number of untrusted packets received from the DHCP clients. In this case, a frame is dropped due to the client sending a DHCP packet with Option 82 filled in before “trust” is set under the DHCP interface command. |
Client Packets Discarded | The number of packets received from the DHCP clients that were discarded |
Client Packets Relayed | The number of packets received from the DHCP clients that were forwarded |
Server Packets Discarded | The number of packets received from the DHCP server that were discarded |
Server Packets Relayed | The number of packets received from the DHCP server that were forwarded |
This command displays DHCP configuration summary information.
The following output is an example of service ID DHCP summary information, and Table 127 describes the fields.
Label | Description |
DHCP Summary, service x | |
Interface Name Sap/Sdp | The name of the interface |
Arp Populate | Specifies whether ARP populate is enabled or disabled |
Used/Provided | Used—the number of lease-states that are currently in use on the specified interface, that is, the number of clients on the interface that got an IP address by DHCP. This value is always less than or equal to the “Provided” field. |
Provided—the lease-populate value that is configured for a specific interface | |
Info Option | Keep—the existing information is kept on the packet and the router does not add any additional information |
Replace—on ingress, the existing information-option is replaced with the information-option from the router | |
Drop—the packet is dropped and an error is logged | |
Admin State | The administrative state |
This command displays information for the IP interfaces associated with the service.
If no optional parameters are specified, a summary of all IP interfaces associated to the service are displayed.
The following output is an example of service ID interface information, and Table 128 describes the fields.
Label | Description |
Interface | |
If Name | The name used to refer to the interface |
Admin State | The desired state of the interface |
Oper (v4/v6) | The operating state of the interface |
Protocols | The protocols supported on this interface |
IP Addr/mask | The IP address/IP subnet/broadcast address of the interface |
Details | |
If Index | The index corresponding to this interface. The primary index is 1. For example, all interfaces are defined in the Base virtual router context. |
Virt. If Index | The virtual interface index of the VPRN interface |
Last Oper Chg | The date and time of the last operating state change on the interface |
Global If Index | The global interface index of the VPRN interface |
TOS Marking | Specifies whether the ToS marking is trusted or untrusted for the interface |
If Type | The interface type |
SNTP B.Cast | Specifies whether SNTP broadcast client mode is enabled or disabled |
MAC Address | The 48-bit IEEE 802.3 MAC address |
Arp Timeout | The timeout for an ARP entry learned on the interface |
IP MTU | The IP maximum transmit unit for the interface |
ICMP Mask Reply | Specifies whether ICMP mask reply is enabled or disabled |
ARP Populate | Specifies if ARP is enabled or disabled |
Host Conn Verify | Not applicable |
LdpSyncTimer | Not applicable |
Proxy ARP Details | |
Rem Proxy ARP | Indicates whether remote proxy ARP is enabled or disabled |
Local Proxy ARP | Indicates whether local proxy ARP is enabled or disabled |
Policies | Specifies the policy statements applied to proxy ARP |
DHCP Details | |
Admin State | The administrative state of DHCP |
Lease Populate | Not applicable |
Action | The processing required that occurs when the 7705 SAR receives a DHCP request that already has a Relay Agent Information Option (Option 82): |
Trusted | Indicates whether trusted mode is enabled or disabled on the IP interface |
ICMP Details | |
Redirects | The rate for ICMP redirect messages |
Unreachables | The rate for ICMP unreachable messages |
TTL Expired | The rate for ICMP TTL messages |
IPCP Address Extension Details | |
Peer IP Addr | The remote IP address to be assigned to the far-end of the associated PPP/MLPPP link via IPCP extensions |
Peer Pri DNS | The unicast IPv4 address for the primary DNS server to be signaled to the far-end of the associate PPP/MLPPP link via IPCP extensions |
Peer Sec DNS | The unicast IPv4 address for the secondary DNS server to be signaled to the far-end of the associate PPP/MLPPP link via IPCP extensions |
This command displays information for the SAPs associated with the service.
If no optional parameters are specified, a summary of all associated SAPs is displayed.
The following output is an example of service SAP information, and Table 129 describes the fields.
Label | Description |
Service Id | The service identifier |
SAP | The SAP identifier |
Encap | The encapsulation type of the SAP |
Admin State | The administrative state of the SAP |
Oper State | The operating state of the SAP |
Flags | Specifies the conditions that affect the operating status of this SAP. Display output includes: ServiceAdminDown, SapAdminDown, InterfaceAdminDown, PortOperDown, PortMTUTooSmall, L2OperDown, SapIngressQoSMismatch, SapEgressQoSMismatch, RelearnLimitExceeded, RxProtSrcMac, ParentIfAdminDown, NoSapIpipeCeIpAddr, TodResourceUnavail, TodMssResourceUnavail, SapParamMismatch, CemSapNoEcidOrMacAddr, StandByForMcRing, ServiceMTUTooSmall, SapIngressNamedPoolMismatch, SapEgressNamedPoolMismatch, NoSapEpipeRingNode |
Last Status Change | The time of the most recent operating status change to this SAP |
Last Mgmt Change | The time of the most recent management-initiated change to this SAP |
Sub Type | The supported sub type: regular |
Dot1Q Ethertype | The value of the dot1q Ethertype |
QinQ Ethertype | The value of the qinq Ethertype |
Admin MTU | The desired largest service frame size (in octets) that can be transmitted through the SAP to the far-end router, without requiring the packet to be fragmented |
Oper MTU | The actual largest service frame size (in octets) that can be transmitted through the SAP to the far-end router, without requiring the packet to be fragmented |
Ingr IP Fltr-Id | The ingress filter policy ID assigned to the SAP |
Egr IP Fltr-Id | The egress filter policy ID assigned to the SAP |
Ingr Mac Fltr-Id | Not applicable |
Egr Mac Fltr-Id | Not applicable |
tod-suite | Indicates whether a time-based policy is applied to a multiservice site |
qinq-pbit-marking | Indicates the qinq P-bit marking for the service: both or top |
Ing Scheduler Mode | The scheduler mode for the SAP in the access ingress direction: 4-priority or 16-priority |
Egr Scheduler Mode | The scheduler mode for the SAP in the access egress direction: 4-priority or 16-priority |
Ing Agg Rate Limit | The PIR rate limit in the access ingress direction for the aggregate of the SAP queues |
Egr Agg Rate Limit | The PIR rate limit in the access egress direction for the aggregate of the SAP queues |
Ing Agg cir | The CIR rate limit in the access ingress direction for the aggregate of the SAP queues |
Egr Agg cir | The CIR rate limit in the access egress direction for the aggregate of the SAP queues |
Ing Shaper Group | The ingress shaper group for the SAP |
Egr Shaper Group | The egress shaper group for the SAP |
Acct. Pol | The accounting policy ID assigned to the SAP |
Collect Stats | Specifies whether accounting statistics are collected on the SAP |
Anti Spoofing | Not applicable |
Nbr Static Hosts | Not applicable |
QOS | |
Ingress qos-policy | The ingress QoS policy ID assigned to the SAP |
Egress qos-policy | The egress QoS policy ID assigned to the SAP |
Shared Q plcy | Not applicable |
Multipoint shared | Not applicable |
Sap Statistics | |
Last Cleared Time | The date and time that a clear command was issued on statistics |
Forwarding Engine Stats | |
Dropped | The number of packets or octets dropped by the forwarding engine |
Off. HiPrio | The number of high-priority packets or octets offered to the forwarding engine |
Off. LowPrio | The number of low-priority packets offered to the forwarding engine |
Queueing Stats (Ingress QoS Policy) | |
Dro. HiPrio | The number of high-priority packets or octets discarded, as determined by the SAP ingress QoS policy |
Dro. LowPrio | The number of low-priority packets discarded, as determined by the SAP ingress QoS policy |
For. InProf | The number of in-profile packets or octets (rate below CIR) forwarded, as determined by the SAP ingress QoS policy |
For. OutProf | The number of out-of-profile packets or octets (rate above CIR) forwarded, as determined by the SAP ingress QoS policy |
Queueing Stats (Egress QoS Policy) | |
Dro. InProf | The number of in-profile packets or octets discarded, as determined by the SAP egress QoS policy |
Dro. OutProf | The number of out-of-profile packets or octets discarded, as determined by the SAP egress QoS policy |
For. InProf | The number of in-profile packets or octets (rate below CIR) forwarded, as determined by the SAP egress QoS policy |
For. OutProf | The number of out-of-profile packets or octets (rate above CIR) forwarded, as determined by the SAP egress QoS policy |
Sap per Queue stats | |
Ingress Queue n | The index of the ingress QoS queue of this SAP, where n is the index number |
Off. HiPrio | The number of packets or octets of high-priority traffic for the SAP (offered) |
Off. LoPrio | The number of packets or octets count of low-priority traffic for the SAP (offered) |
Dro. HiPrio | The number of high-priority traffic packets or octets dropped |
Dro. LoPrio | The number of low-priority traffic packets or octets dropped |
For. InProf | The number of in-profile packets or octets (rate below CIR) forwarded |
For. OutProf | The number of out-of-profile packets or octets (rate above CIR) forwarded |
Egress Queue n | The index of the egress QoS queue of the SAP, where n is the index number |
For. InProf | The number of in-profile packets or octets (rate below CIR) forwarded |
For. OutProf | The number of out-of-profile packets or octets (rate above CIR) forwarded |
Dro. InProf | The number of in-profile packets or octets dropped for the SAP |
Dro. OutProf | The number of out-of-profile packets or octets discarded |
This command displays service information using the range of ingress labels.
If only the mandatory start-label parameter is specified, only services using the specified label are displayed.
If both start-label and end-label parameters are specified, the services using the labels in the specified range are displayed.
Use the show router ldp bindings command to display dynamic labels.
The following output is an example of service ingress label information, and Table 130 describes the fields.
In the example below, services 3, 5 and 6 are IES, and services 5000 and 5001 are VPLS services.
Label | Description |
Svc Id | The ID that identifies a service |
Sdp Binding | The ID that identifies an SDP |
Type | Indicates whether the SDP binding is a spoke or a mesh |
I. Lbl | The VC label used by the far-end device to send packets to this device in this service by the SDP |
E. Lbl | The VC label used by this device to send packets to the far-end device in this service by the SDP |
Number of Bindings Found | The total number of SDP bindings that exist within the specified label range |
This command displays information for the SDPs associated with the service. If no optional parameters are specified, a summary of all associated SDPs is displayed.
The following output is an example of service ID SDP information, and Table 131 describes the fields.
Label | Description |
Sdp Id | The SDP identifier |
Type | Indicates whether the SDP is a spoke or a mesh |
VC Type | The VC type: ether or vlan |
VC Tag | The explicit dot1Q value used when encapsulating to the SDP far end |
Admin Path MTU | The operating path MTU of the SDP is equal to the admin path MTU (when one is set) or the dynamically computed tunnel MTU, when no admin path MTU is set (the default case) |
Oper Path MTU | The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented |
Far End | The IP address of the remote end of the GRE, MPLS, or IP tunnel defined by this SDP. |
Delivery | Specifies the type of delivery used by the SDP: GRE, MPLS, or IP |
Admin State | The administrative state of this SDP |
Oper State | The operational state of this SDP |
Acct. Pol | The accounting policy applied to the SDP |
Collect Stats | Specifies whether accounting statistics are collected on the SDP |
Ingress Label | The label used by the far-end device to send packets to this device in this service by this SDP |
Egress Label | The label used by this device to send packets to the far-end device in this service by the SDP |
Ing mac Fltr | Not applicable |
Egr mac Fltr | Not applicable |
Ing ip Fltr | The ingress filter policy ID assigned to the SDP |
Egr ip Fltr | The egress filter policy ID assigned to the SDP |
Admin ControlWord | The administrative state of the control word: Preferred (control word enabled) or Not Preferred (control word disabled) |
Oper ControlWord | The operational state of the control word: True (control word enabled) or False (control word disabled) |
Last Status Change | The date and time of the most recent change to the SDP |
Signaling | The signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on this SDP |
Last Mgmt Change | The date and time of the most recent management-initiated change to this SDP |
Class Fwding State | Not applicable |
Flags | Specifies the conditions that affect the operating status of this SAP. Display output includes: ServiceAdminDown, SapAdminDown, InterfaceAdminDown, PortOperDown, PortMTUTooSmall, L2OperDown, SapIngressQoSMismatch, SapEgressQoSMismatch, RelearnLimitExceeded, RxProtSrcMac, ParentIfAdminDown, NoSapIpipeCeIpAddr, TodResourceUnavail, TodMssResourceUnavail, SapParamMismatch, CemSapNoEcidOrMacAddr, StandByForMcRing, ServiceMTUTooSmall, SapIngressNamedPoolMismatch, SapEgressNamedPoolMismatch, NoSapEpipeRingNode |
KeepAlive Information | |
Admin State | The administrative state of the keepalive process |
Oper State | The operational state of the keepalive process |
Hello Time | Specifies how often the SDP echo request messages are transmitted on this SDP |
Hell Msg Length | The length of the SDP echo request messages transmitted on this SDP |
Max Drop Count | The maximum number of consecutive SDP echo request messages that can be unacknowledged before the keepalive protocol reports a fault |
Hold Down Time | The time to wait before the keepalive operating status is eligible to enter the alive state |
Statistics | |
I. Fwd. Pkts. | The number of forwarded ingress packets |
I. Dro. Pkts. | The number of dropped ingress packets |
I. Fwd. Octs. | The number of forwarded ingress octets |
I. Dro. Octs. | The number of dropped ingress octets |
E. Fwd. Pkts. | The number of forwarded egress packets |
E. Fwd. Octets | The number of forwarded egress octets |
Associated LSP LIST | If the SDP type is MPLS, a list of LSPs used to reach the far-end router displays. All the LSPs in the list must terminate at the IP address specified in the far-end field. If the SDP type is GRE, the following message displays: SDP delivery mechanism is not MPLS. |
Number of SDPs | The total number of SDPs applied to this service ID |
This command displays OAM TWAMP Light status information.
The following output is an example of TWAMP Light information, and Table 132 describes the fields.
Label | Description |
TWAMP Light Reflector | |
Admin State | Displays one of the following: Up—the server or prefix is administratively enabled (no shutdown) in configuration Down—the server or prefix is administratively disabled (shutdown) in configuration |
Up Time | The time since the server process was started, measured in days (d), hours, minutes, and seconds |
Configured UDP Port | The UDP port number used |
Test Packets Rx | The total number of test packets received from session senders |
Test Packets Tx | The total number of test packets sent to session senders |
TWAMP Light Controller Prefix List | The IP address prefixes of TWAMP Light clients |
This command displays the services matching certain usage properties.
If no optional parameters are specified, all services defined on the system are displayed.
The following output is an example of service-using information, and Table 133 describes the fields.
Label | Description |
Service Id | The service identifier |
Type | The service type configured for the service ID |
Name | The service name |
Description | A description of the service |
Adm | The desired state of the service |
Opr | The operating state of the service |
CustomerID | The ID of the customer who owns this service |
Last Mgmt Change | The date and time of the most recent management-initiated change to this service |
Matching Services | The number of services of the same type |
Note: The following command outputs are examples only; actual displays may differ depending on supported functionality and user configuration. |
This command provides access to the show commands for the service specified by the service-id.
Using service-id with this command applies only to VPRN service.
This command displays aggregated routes.
The following output is an example of aggregate route information, and Table 134 describes the fields.
Label | Description |
Prefix | The destination address of the aggregate route in dotted-decimal notation |
Summary | Specifies whether the aggregate or more specific components are advertised |
AS Set | Displays an aggregate where the path advertised for the route consists of all elements contained in all paths that are being summarized |
Aggr AS | The aggregator path attribute to the aggregate route |
Aggr IP-Address | The IP address of the aggregated route |
State | The operational state of the aggregated route |
No. of Aggregates | The total number of aggregated routes |
This command displays the router ARP table sorted by IP address.
If no command line options are specified, all ARP entries are displayed.
The following output is an example of ARP table information, and Table 135 describes the fields.
Label | Description |
IP Address | The IP address of the ARP entry |
MAC Address | The MAC address of the ARP entry |
Expiry | The age of the ARP entry |
Type | Dyn—the ARP entry is a dynamic ARP entry |
Inv—the ARP entry is an inactive static ARP entry (invalid) | |
Oth—the ARP entry is a local or system ARP entry | |
Sta—the ARP entry is an active static ARP entry | |
Interface | The IP interface name associated with the ARP entry |
No. of ARP Entries | The number of ARP entries displayed in the list |
This command enables the context to display BGP-related information.
This command displays BGP routes that have been dampened due to route flapping. This command can be entered with or without a route parameter. If no parameters are included, all dampened routes are listed.
If the keyword detail is included, more detailed information is displayed.
If a damp-type is specified, only those types of dampened routes (decayed, history, or suppressed) are displayed. Routes that have a state of decayed have gained penalties for flapping but have not yet reached the suppression limit. Routes that have a state of history have had a route flap and have been withdrawn. Routes that have a state of suppressed have reached the suppression limit and are not considered in BGP path selection.
The following output is an example of BGP damping information, and Table 136 describes the fields.
Label | Description |
BGP Router ID | The local BGP router ID |
AS | The configured autonomous system number |
Local AS | The configured or inherited local AS for the specified peer group; if not configured, it is the same value as the AS |
Network | The IP prefix and mask length for the route |
Flag/Flags | Legend: Status codes: u-used, s-suppressed, h-history, d-decayed, *-valid (if an * is not present, the status is invalid) Origin codes: i-IGP, e-EGP, ?-incomplete, >-best |
From | The originator ID path attribute value |
Reuse/Reuse time | The time when a suppressed route can be used again |
AS-Path | The BGP AS path for the route |
Peer | The router ID of the advertising router |
NextHop | The BGP next hop for the route |
Peer AS | The autonomous system number of the advertising router |
Peer Router-Id | The router ID of the advertising router |
Local Pref | The BGP local preference path attribute for the route |
Age | The time elapsed since the service was enabled |
Last update | The time that BGP was last updated |
FOM Present | The current Figure of Merit (FOM) value |
FOM Last upd. | The last updated FOM value |
Number of Flaps | The number of flaps in the neighbor connection |
Reuse time | The time when the route can be reused |
Path | The BGP AS path for the route |
Applied Policy | The applied route policy name |
This command displays group information for a BGP peer group. This command can be entered with or without parameters.
When this command is entered without a group name, information about all peer groups displays.
When the command is issued with a specific group name, information only pertaining to that specific peer group displays.
The “State” field displays the BGP group’s operational state. Valid states are:
The following output is an example of BGP group information, and Table 137 describes the fields.
Label | Description |
Group | The BGP group name |
Group Type | No Type: peer type not configured External: peer type configured as external BGP peers Internal: peer type configured as internal BGP peers |
State | Disabled: the BGP peer group has been operationally disabled Down: the BGP peer group is operationally inactive Up: the BGP peer group is operationally active |
Peer AS | The configured or inherited peer AS for the specified peer group |
Local AS | The configured or inherited local AS for the specified peer group |
Local Address | The configured or inherited local address for originating peering for the specified peer group |
Loop Detect | The configured or inherited loop detect setting for the specified peer group |
Connect Retry | The configured or inherited connect retry timer value |
Authentication | None: no authentication is configured MD5: MD5 authentication is configured |
Local Pref | The configured or inherited local preference value |
MED Out | The configured or inherited MED value that is assigned to advertised routes |
Multihop | The maximum number of router hops a BGP connection can traverse |
AS Override | The setting of the AS override |
Min Route Advt. | The minimum amount of time that must pass between route updates for the same IP prefix |
Min AS Originate | The minimum amount of time that must pass between updates for a route originated by the local router |
Prefix Limit | No Limit: no route limit assigned to the BGP peer group 1 — 4294967295: the maximum number of routes BGP can learn from a peer |
Passive | Disabled: BGP attempts to establish a BGP connection with a neighbor in the specified peer group Enabled: BGP will not actively attempt to establish a BGP connection with a neighbor in the specified peer group |
Next Hop Self | Disabled: BGP is not configured to send only its own IP address as the BGP next hop in route updates to neighbors in the peer group Enabled: BGP sends only its own IP address as the BGP next hop in route updates to neighbors in the specified peer group |
Aggregator ID 0 | Disabled: BGP is not configured to set the aggregator ID to 0.0.0.0 in all originated route aggregates sent to the neighbor in the peer group Enabled: BGP is configured to set the aggregator ID to 0.0.0.0 in all originated route aggregates sent to the neighbor in the peer group |
Remove Private | Disabled: BGP will not remove all private AS numbers from the AS path attribute in updates sent to the neighbor in the peer group Enabled: BGP removes all private AS numbers from the AS path attribute in updates sent to the neighbor in the peer group |
Damping | Disabled: the peer group is configured not to dampen route flaps Enabled: the peer group is configured to dampen route flaps |
Import Policy | The configured import policies for the peer group |
Export Policy | The configured export policies for the peer group |
Hold Time | The configured hold time setting |
Keep Alive | The configured keepalive setting |
Cluster Id | The configured route reflector cluster ID None: No cluster ID has been configured |
Client Reflect | Disabled: the BGP route reflector will not reflect routes to this neighbor Enabled: the BGP route reflector is configured to reflect routes to this neighbor |
NLRI | The type of network layer reachability information that the specified peer group can accept Unicast: IPv4 unicast routing information can be carried |
Preference | The configured route preference value for the peer group |
TTL Security | Enabled: TTL security is enabled Disabled: TTL security is disabled |
Min TTL Value | The minimum TTL value configured for the peer |
Graceful Restart | The state of graceful restart |
Stale Routes Time | The length of time that stale routes are kept in the route table |
Auth key chain | The value for the authentication key chain |
Bfd Enabled | Enabled: BFD is enabled Disabled: BFD is disabled |
List of Peers | A list of BGP peers configured under the peer group |
Total Peers | The total number of peers configured under the peer group |
Established | The total number of peers that are in an established state |
Peer Groups | The number of peer groups |
This command displays BGP neighbor information. This command can be entered with or without any parameters.
When this command is issued without any parameters, information about all BGP peers displays.
When the command is issued with a specific IP address or ASN, information regarding only that specific peer or peers with the same AS displays.
Note: This information is not available when using SNMP. |
Note: When either received-routes or advertised-routes is specified, the routes that are received from or sent to the specified peer are listed. When either history or suppressed is specified, the routes that are learned from those peers that either have a history or are suppressed are listed. |
The following outputs are examples of BGP neighbor information:
Label | Description |
Peer | The IP address of the configured BGP peer |
Group | The BGP peer group to which this peer is assigned |
Peer AS | The configured or inherited peer AS for the peer group |
Peer Address | The configured address for the BGP peer |
Peer Port | The TCP port number used on the far-end system |
Local AS | The configured or inherited local AS for the peer group |
Local Address | The configured or inherited local address for originating peering for the peer group |
Local Port | The TCP port number used on the local system |
Peer Type | External: peer type configured as external BGP peers |
Internal: peer type configured as internal BGP peers | |
State | Idle: The BGP peer is not accepting connections |
Active: BGP is listening for and accepting TCP connections from this peer | |
Connect: BGP is attempting to establish a TCP connection with this peer | |
Open Sent: BGP has sent an OPEN message to the peer and is waiting for an OPEN message from the peer | |
Open Confirm: BGP has received a valid OPEN message from the peer and is awaiting a KEEPALIVE or NOTIFICATION | |
Established: BGP has successfully established a peering session and is exchanging routing information | |
Last State | Idle: The BGP peer is not accepting connections |
Active: BGP is listening for and accepting TCP connections from this peer | |
Connect: BGP is attempting to establish a TCP connections with this peer | |
Open Sent: BGP has sent an OPEN message to the peer and is waiting for an OPEN message from the peer | |
Open Confirm: BGP has received a valid OPEN message from the peer and is awaiting a KEEPALIVE or NOTIFICATION | |
Last Event | start: BGP has initialized the BGP neighbor |
stop: BGP has disabled the BGP neighbor | |
open: BGP transport connection is opened | |
close: BGP transport connection is closed | |
openFail: BGP transport connection failed to open | |
error: BGP transport connection error | |
connectRetry: the connect retry timer expired | |
holdTime: the hold time timer expired | |
keepAlive: the keepalive timer expired | |
recvOpen: BGP has received an OPEN message | |
revKeepalive: BGP has received a KEEPALIVE message | |
recvUpdate: BGP has received an UPDATE message | |
recvNotify: BGP has received a NOTIFICATION message | |
None: no events have occurred | |
Last Error | The last BGP error and subcode to occur on the BGP neighbor |
Local Family | The configured local family value |
Remote Family | The configured remote family value |
Connect Retry | The configured or inherited connect retry timer value |
Local Pref. | The configured or inherited local preference value |
Min Route Advt. | The minimum amount of time that must pass between route updates for the same IP prefix |
Min AS Originate | The minimum amount of time that must pass between updates for a route originated by the local router |
Multihop | The maximum number of router hops a BGP connection can traverse |
Damping | Disabled: the BGP neighbor is configured not to dampen route flaps |
Enabled: the BGP neighbor is configured to dampen route flaps | |
Loop Detect | Ignore: The BGP neighbor is configured to ignore routes with an AS loop |
Drop: The BGP neighbor is configured to drop the BGP peering if an AS loop is detected | |
Off: AS loop detection is disabled for the neighbor | |
MED Out | The configured or inherited MED value that is assigned to advertised routes |
Authentication | None: no authentication is configured |
MD5: MD5 authentication is configured | |
Next Hop Self | Disabled: BGP is not configured to send only its own IP address as the BGP next hop in route updates to the specified neighbor |
Enabled: BGP will send only its own IP address as the BGP next hop in route updates to the neighbor | |
AggregatorID Zero | Disabled: the BGP neighbor is not configured to set the aggregator ID to 0.0.0.0 in all originated route aggregates |
Enabled: the BGP neighbor is configured to set the aggregator ID to 0.0.0.0 in all originated route aggregates | |
Remove Private | Disabled: BGP will not remove all private AS numbers from the AS path attribute in updates sent to the specified neighbor |
Enabled: BGP will remove all private AS numbers from the AS path attribute in updates sent to the specified neighbor | |
Passive | Disabled: BGP will actively attempt to establish a BGP connection with the specified neighbor |
Enabled: BGP will not actively attempt to establish a BGP connection with the specified neighbor | |
Peer Identifier | The IP identifier for the peer router |
Prefix Limit | No Limit: no route limit assigned to the BGP peer group |
1 — 4294967295: the maximum number of routes BGP can learn from a peer | |
Hold Time | The configured hold time setting |
Keep Alive | The configured keepalive setting |
Active Hold Time | The negotiated hold time, if the BGP neighbor is in an established state |
Active Keep Alive | The negotiated keepalive time, if the BGP neighbor is in an established state |
Cluster Id | The configured route reflector cluster ID |
None: no cluster ID has been configured | |
Client Reflect | Disabled: The BGP route reflector is configured not to reflect routes to this neighbor |
Enabled: The BGP route reflector is configured to reflect routes to this neighbor | |
Preference | The configured route preference value for the peer group |
Num of Flaps | The number of route flaps in the neighbor connection |
Recd. Prefixes | The number of routes received from the BGP neighbor |
Recd. Paths | The number of unique sets of path attributes received from the BGP neighbor |
IPv4 Recd. Prefixes | The number of unique sets of IPv4 path attributes received from the BGP neighbor |
IPv4 Active Prefixes | The number of IPv4 routes received from the BGP neighbor and active in the forwarding table |
IPv4 Suppressed Pfxs | The number of unique sets of IPv4 path attributes received from the BGP neighbor and suppressed due to route damping |
VPN-IPv4 Suppr. Pfxs | The number of unique sets of VPN-IPv4 path attributes received from the BGP neighbor and suppressed due to route damping |
VPN-IPv4 Recd. Pfxs | The number of unique sets of VPN-IPv4 path attributes received from the BGP neighbor |
VPN-IPv4 Active Pfxs | The number of VPN-IPv4 routes received from the BGP neighbor and active in the forwarding table |
Mc IPv4 Recd. Pfxs | The number of unique sets of multiclass IPv4 path attributes received from the BGP neighbor |
Mc IPv4 Active Pfxs | The number of multiclass IPv4 routes received from the BGP neighbor and active in the forwarding table |
Mc IPv4 Suppr. Pfxs | The number of unique sets of multiclass IPv4 path attributes received from the BGP neighbor and suppressed due to route damping |
Input Queue | The number of BGP messages to be processed |
Output Queue | The number of BGP messages to be transmitted |
i/p Messages | The total number of packets received from the BGP neighbor |
o/p Messages | The total number of packets sent to the BGP neighbor |
i/p Octets | The total number of octets received from the BGP neighbor |
o/p Octets | The total number of octets sent to the BGP neighbor |
i/p Updates | The total number of updates received from the BGP neighbor |
o/p Updates | The total number of updates sent to the BGP neighbor |
TTL Security | Enabled: TTL security is enabled Disabled: TTL security is disabled |
Min TTL Value | The minimum TTL value configured for the peer |
Graceful Restart | The state of graceful restart |
Stale Routes Time | The length of time that stale routes are kept in the route table |
Auth key chain | The value for the authentication key chain |
Bfd Enabled | Enabled: BFD is enabled Disabled: BFD is disabled |
Local Capability | The capability of the local BGP speaker; for example, route refresh, MP-BGP, ORF |
Remote Capability | The capability of the remote BGP peer; for example, route refresh, MP-BGP, ORF |
Export Policy | The configured export policies for the peer group |
Import Policy | The configured import policies for the peer group |
Label | Description |
BGP Router ID | The local BGP router ID |
AS | The configured autonomous system number |
Local AS | The configured local AS setting. If not configured, then it is the same value as the AS. |
Flag/Flags | Legend: Status codes: u - used s - suppressed h - history d - decayed * - valid If an * is not present, then the status is invalid Origin codes: i - IGP e - EGP ? - incomplete > - best |
Network | The route IP prefix and mask length for the route |
Next Hop | The BGP next hop for the route |
LocalPref | The BGP local preference path attribute for the route |
MED | The BGP Multi-Exit Discriminator (MED) path attribute for the route |
AS-Path | The BGP AS path for the route |
Label | Description |
BGP Neighbor | The IP address of the BGP neighbor |
Graceful Restart locally configured for peer | The configured state of graceful restart for the local router |
Peer's Graceful Restart feature | The configured state of graceful restart for the peer router |
NLRI(s) that peer supports restart for | The families supported by the peer router for graceful restart |
NLRI(s) that peer saved forwarding for | The families for which the peer router continued to forward packets after graceful restart |
NLRI(s) that restart is negotiated for | The families that negotiate restart during graceful restart |
NLRI(s) of received end-of-rib markers | The families for which end-of-RIB markers have been received |
NLRI(s) of all end-of-rib markers sent | The families for which end-of-RIB markers have been sent |
Restart time locally configured for peer | The length of time configured on the local router for the peer router’s graceful restart |
Restart time requested by the peer | The length of time requested by the peer router for graceful restart |
Time stale routes from peer are kept for | The length of time that the local router continues to support stale routes |
Graceful restart status on the peer | The status of graceful restart on the peer router |
Number of Restarts | The number of restarts since graceful restart is enabled between peers |
Last Restart at | The local time of the last graceful restart |
This command displays BGP next-hop information.
The following output is an example of BGP next-hop information, and Table 141 describes the fields.
Label | Description |
BGP Router ID | The local BGP router ID |
AS | The configured autonomous system number |
Local AS | The configured local AS setting. If not configured, then the value is the same as the AS. |
Next Hop | The next-hop address |
Resolving Prefix | The prefix of the best next hop |
Pref: Preference | The BGP preference attribute for the routes |
Metric | The metric derived from the IGP for a particular next hop |
Reference Count | The number of routes using the resolving prefix |
Owner | The routing protocol used to derive the best next hop |
Resolved Next Hop | The IP address of the next hop |
Egress Label | The VPN label used for VPN-IPv4 data |
Next Hops | The number of next hops |
This command displays a summary of BGP path attributes.
The following output is an example of BGP path information, and Table 142 describes the fields.
Label | Description |
BGP Router ID | The local BGP router ID |
AS | The configured autonomous system number |
Local AS | The configured local AS setting. If not configured, then the value is the same as the AS. |
Path | The AS path attribute |
Next Hop | The advertised BGP next hop |
Origin | EGP: the NLRI is learned by an EGP protocol |
IGP: the NLRI is interior to the originating AS | |
Incomplete: NLRI was learned another way | |
Segments | The number of segments in the AS path attribute |
MED | The Multi-Exit Discriminator value |
Local Preference | The local preference value. This value is used if the BGP route arrives from a BGP peer without the Local Pref attribute set. It is overridden by any value set via a route policy. |
Refs | The number of routes using a specified set of path attributes |
ASes | The number of autonomous system numbers in the AS path attribute |
Flags | IBGP-learned: path attributes learned by an IBGP peering |
Community | The BGP community attribute list |
Cluster List | The route reflector cluster list |
Originator ID | The originator ID path attribute value |
This command displays BGP route information.
When this command is issued without any parameters, the entire BGP routing table displays.
When this command is issued with an IP prefix/mask or IP address, the best match for the parameter displays.
comm-id | as-number1:comm-val1 | ext-comm | well-known-comm | |
ext-comm | type:{ip-address:comm-val1 | as-number1:comm-val2 | as-number2:comm-val1} | |
as-number1 | 0 to 65535 | |
comm-val1 | 0 to 65535 | |
type | target, origin (keywords) | |
ip-address: | a.b.c.d | |
comm-val2 | 0 to 4294967295 | |
as-number2 | 0 to 4294967295 | |
well-known-comm | null | no-export | no-export-subconfed | no-advertise (keywords) |
The following output is an example of BGP route information, and Table 143 describes the fields.
Label | Description |
BGP Router ID | The local BGP router ID |
AS | The configured autonomous system number |
Local AS | The configured local AS setting. If not configured, then the value is the same as the AS. |
Flag/Flags | Legend: Status codes: u - used s - suppressed h - history d - decayed * - valid If an * is not present, then the status is invalid Origin codes: i - IGP e - EGP ? - incomplete > - best |
Network | The IP prefix and mask length |
Nexthop | The BGP next hop |
AS-Path | The BGP AS path attribute |
Local Pref. | The local preference value. This value is used if the BGP route arrives from a BGP peer without the Local Pref attribute set. It is overridden by any value set via a route policy. |
MED | The MED metric value |
none: MED metrics are present | |
VPN Label | The label generated by the PE’s label manager |
Original Attributes | The received BGP attributes of a route from a peer without any modification from any policy |
Modified Attributes | The final BGP attributes of a route after the policies evaluation |
Route Dist. | The route distinguisher identifier attached to routes that distinguishes the VPN it belongs to |
From | The advertising BGP neighbor’s IP address |
Res. Nexthop | The resolved next hop |
Aggregator AS | The aggregator AS value |
none: aggregator AS attributes are not present | |
Aggregator | The aggregator attribute value |
none: aggregator attributes are not present | |
Atomic Aggr. | Atomic: the atomic aggregator flag is set |
Not Atomic: the atomic aggregator flag is not set | |
Community | The BGP community attribute list |
Cluster | The route reflector cluster list |
Originator Id | The originator ID path attribute value |
none: the originator ID attribute is not present | |
Peer Router Id | The router ID of the advertising router |
VPRN Imported | The VPRNs where a particular BGP-VPN received route has been imported and installed |
This command displays a summary of BGP neighbor information.
If confederations are not configured, that portion of the output will not display.
The “State” field displays the global BGP operational state. The valid values are:
For example, if a BGP peer is operationally disabled, then the state in the summary table shows the state ‘Disabled’.
The following output is an example of BGP summary information, and Table 144 describes the fields.
Label | Description |
BGP Router ID | The local BGP router ID |
AS | The configured autonomous system number |
Local AS | The configured local AS setting. If not configured, then the value is the same as the AS. |
BGP Admin State | Down: BGP is administratively disabled |
Up: BGP is administratively enabled | |
BGP Oper State | Down: BGP is operationally disabled |
Up: BGP is operationally enabled | |
Total Peer Groups | The total number of configured BGP peer groups |
Total Peers | The total number of configured BGP peers |
Total BGP Paths | The total number of unique sets of BGP path attributes learned from BGP peers |
Total Path Memory | The total amount of memory used to store the path attributes |
Total IPv4 Remote Rts | The total number of IPv4 routes learned from BGP peers |
Total IPv4 Remote Act. Rts | The total number of IPv4 routes used in the forwarding table |
Total Supressed Rts | The total number of suppressed routes due to route damping |
Total Hist. Rts | The total number of routes with history due to route damping |
Total Decay Rts | The total number of decayed routes due to route damping |
Total VPN Peer Groups | The total number of configured VPN peer groups |
Total VPN Peers | The total number of configured VPN peers |
Total VPN Local Rts | The total number of configured local VPN routes |
Total VPN-IPv4 Rem. Rts | The total number of configured remote VPN-IPv4 routes |
Total VPN-IPv4 Rem. Act. Rts | The total number of active remote VPN-IPv4 routes used in the forwarding table |
Total VPN Supp. Rts | The total number of suppressed VPN routes due to route damping |
Total VPN Hist. Rts | The total number of VPN routes with history due to route damping |
Total VPN Decay Rts | The total number of decayed routes due to route damping |
Neighbor | The BGP neighbor address |
AS (Neighbor) | The BGP neighbor autonomous system number |
PktRcvd | The total number of packets received from the BGP neighbor |
PktSent | The total number of packets sent to the BGP neighbor |
InQ | The number of BGP messages to be processed |
OutQ | The number of BGP messages to be transmitted |
Up/Down | The amount of time that the BGP neighbor has either been established or not established depending on its current state |
State|Recv/Actv/Sent (Addr Family) | The BGP neighbor’s current state (if not established) or the number of received routes, active routes and sent routes (if established), along with the address family |
This command lists the local DHCP or DHCPv6 servers.
The following output is an example of DHCP server information, and Table 145 describes the fields.
Label | Description |
Active Leases | The number of active leases |
Maximum Leases | The maximum number of leases available |
Router | The name of the router |
Server | The name of the DHCP or DHCPv6 server |
Admin State | The administrative state of the DHCP or DHCPv6 server |
This command displays statistics for DHCP Relay and DHCPv6 Relay.
If no interface name or IP address is specified, then all configured interfaces are displayed. If the statistics command is used in the dhcp6 context, the interface name or IP address cannot be specified.
The following outputs are examples of DHCP or DHCPv6 statistics information:
Label | Description |
DHCP Global Statistics (Router: Base) | |
Rx Packets | The number of packets received |
Tx Packets | The number of packets transmitted |
Rx Malformed Packets | The number of malformed packets received |
Rx Untrusted Packets | The number of untrusted packets received |
Client Packets Discarded | The number of packets from the DHCP client that were discarded |
Client Packets Relayed | The number of packets from the DHCP client that were forwarded |
Server Packets Discarded | The number of packets from the DHCP server that were discarded |
Server Packets Relayed | The number of packets from the DHCP server that were forwarded |
Label | Description |
DHCP6 Statistics (Router: Base) | |
Msg-type | The number of messages received, transmitted, or dropped by the router for each message type |
Dhcp6 Drop Reason Counters | The number of times that a message was dropped for a particular reason |
This command displays a summary of DHCP and DHCPv6 configuration.
The following outputs are examples of DHCP or DHCPv6 summary information:
Label | Description |
DHCP Summary (Router: Base) | |
Interface Name SapId/Sdp | The name of the interface or SAP/SDP identifier |
Arp Populate | Specifies whether ARP populate is enabled or disabled |
Used/Provided | Used — number of lease-states that are currently in use on the specified interface; that is, the number of clients on the interface that got an IP address by DHCP. This number is always less than or equal to the “Provided” field. |
Provided — lease-populate value configured for the specified interface | |
Info Option | Keep — the existing information is kept on the packet and the router does not add any additional information |
Replace — on ingress, the existing information-option is replaced with the information-option from the router | |
Drop — the packet is dropped and an error is logged | |
Admin State | The administrative state |
Interfaces | The total number of DHCP interfaces |
Label | Description |
DHCP Summary (Router: Base) | |
Interface Name SapId | The name of the interface or SAP/SDP identifier |
Nbr Resol. | Yes — neighbor resolution (discovery) is enabled |
No — neighbor resolution (discovery) is disabled | |
Used/Max Relay: | Used — number of relay routes currently being used on the interface |
Max Relay — maximum number of relay routes on the interface | |
Used/Max Server | Used — number of server routes currently being used on the interface |
Max Server — maximum number of server routes currently being used on the interface | |
Admin | The administrative state |
Oper Relay | The operating state of the relay routes |
Oper Server | The operating state of the server routes |
Interfaces | The total number of DHCPv6 interfaces |
This command displays the router IP interface table sorted by interface index.
The following output is an example of standard IP interface information, and Table 150 describes the fields.
Label | Description |
Interface Table (Service: x) | |
Interface-Name | The name of the interface |
IP-Address | The IP address of the interface |
Adm | The administrative state of the interface |
Opr (v4/v6) | The operational state of the interface (only ipv4 addresses apply) |
Type | The service type |
Port/SapId PfxState | The port or SAP associated with the interface |
This command displays the active routes in the routing table.
If no command line arguments are specified, all routes are displayed, sorted by prefix.
The following output is an example of route table information, and Table 151 describes the fields.
Label | Description |
Dest Prefix | The route destination address and mask |
Next Hop | The next hop IP address for the route destination |
Type | Local—the route is a local route |
Remote—the route is a remote route | |
Proto | The protocol through which the route was learned |
Age | The route age in seconds for the route |
Metric | The route metric value for the route |
Pref | The route preference value for the route |
No. of Routes: | The number of routes displayed in the list |
This command displays QoS information about self-generated traffic.
This command displays application QoS settings.
Note:
|
The following output is an example of application QoS information, and Table 152 describes the fields.
Label | Description |
Application | The DSCP or dot1p application |
DSCP Value | The DSCP name or value assigned to the application; if you assign a value to the application (0 to 63), the DSCP name that maps to the value is displayed |
Default DSCP Value | The default DSCP value |
Dot1p Value | The dot1p priority assigned to the application (applies only to ARP and IS-IS) |
Default Dot1p Value | The default dot1p value |
This command displays the DSCP-to-FC mappings.
The following output is an example of DSCP-to-FC mapping information, and Table 153 describes the fields.
Label | Description |
DSCP Value | The DSCP values (displayed as names) of the self-generated traffic |
FC Value | The FC value mapped to each DSCP value |
Default FC Value | The default FC value |
This command displays the router static ARP table sorted by IP address.
If no options are present, all ARP entries are displayed.
The following output is an example of static ARP table information, and Table 154 describes the fields.
Label | Description |
IP Address | The IP address of the static ARP entry |
MAC Address | The MAC address of the static ARP entry |
Expiry | The age of the ARP entry. Static ARPs always have 00:00:00 for the age. |
Type | Inv—the ARP entry is an inactive static ARP entry (invalid) |
Sta—the ARP entry is an active static ARP entry | |
Interface | The IP interface name associated with the ARP entry |
No. of ARP Entries | The number of ARP entries displayed in the list |
This command displays the static entries in the routing table.
If no options are present. all static routes are displayed sorted by prefix.
The following output is an example of static route information, and Table 155 describes the fields.
Label | Description |
Prefix | The static route destination address and mask |
Tag | The 32-bit integer tag added to the static route |
Met | The route metric value for the static route |
Pref | The route preference value for the static route |
Type | BH—the static route is a blackhole route, where the next hop for this type of route is black-hole |
ID—the static route is an indirect route, where the next hop for this type of route is the non-directly connected next hop | |
NH—the route is a static route with a directly connected next hop | |
Act | N—the static route is inactive; for example, the static route is disabled or the next hop IP interface is down |
Y—the static route is active | |
Next Hop | The next hop for the static route destination |
No. of Routes: | The number of routes displayed in the list |
This command displays tunnel table information.
Auto-bind GRE tunnels are not displayed in the show command output. GRE tunnels are not the same as SDP tunnels that use the GRE encapsulation type. When the auto-bind command is used when configuring a VPRN service, it means the MP-BGP NH resolution is referring to the core routing instance for IP reachability. For a VPRN service, this object specifies the lookup to be used by the routing instance if no SDP to the destination exists.
The following output is an example of tunnel table information, and Table 156 describes the fields.
Label | Description |
Destination | The route’s destination address and mask |
Owner | The tunnel owner |
Encap | The tunnel encapsulation type |
TunnelID | The tunnel (SDP) identifier |
Pref | The route preference for routes learned from the configured peers |
Nexthop | The next hop for the route’s destination |
Metric | The route metric value for the route |
This command clears data for a specific service.
This command clears all ARP entries.
This command enables the context to clear and reset DHCP entities.
This command clears DHCP statistics for a specified IP interface.
This command enables the context to clear and reset DHCPv6 entities.
This command clears DHCPv6 statistics for this IP interface.
This command clears FDB entries for the service.
This command clears and resets the mesh SDP binding for the service.
This command enables the context to clear Multicast Forwarding Information Base (MFIB)-related data.
This command clears MFIB statistics.
This command clears and resets the spoke SDP binding for the service.
This command enables the context to clear statistics data.
This command clears Circuit Emulation (CEM) statistics for the service.
This command clears all traffic queue counters statistics associated with the service.
This command clears and resets the mesh SDP binding statistics for the service.
This command clears statistics for the spoke SDP bound to the service.
This command clears statistics for the SAP bound to the service.
This command clears statistics for a specified SAP aggregation group.
This command clears keepalive statistics associated with the SDP ID.
This command enables the debugging context for a specific service.
The no form of the command disables debugging for the service.
This command enables the context for DHCP debugging.
The no form of the command disables DHCP debugging.
This command enables DHCP and DHCPv6 detail level tracing.
The no form of the command disables the detail level tracing.
This command enables debugging for a specified MAC address.
The no form of the command disables debugging for the MAC address.
This command enables the DHCP tracing mode.
The no form of the command disables the tracing mode.
This command enables debugging for a specific SAP.
The no form of the command disables the debugging for the SAP.
This command enables debugging for a specific SDP.
The no form of the command disables the debugging for the SDP.
This command enables the context for DHCPv6 debugging.
The no form of the command disables DHCPv6 debugging.
This command enables the DHCPv6 tracing mode.
The no form of the command disables the tracing mode.
This command enables debugging for an event type.
The no form of the command disables debugging on the event type.
This command enables debugging for a specific SAP.
The no form of the command disables debugging for the SAP.
This command enables debugging for a specific SDP.
The no form of the command disables the debugging for the SDP.