Subscriber Management Command Reference

ANCP Commands

GSMP Configuration Commands

Note: The commands listed in this section apply only to the 7750 SR.

Authentication Policy Commands

RADIUS Accounting Policy Commands

RADIUS Route Download Commands

Diameter Policy Commands

Subscriber Management Diameter Application Policy Commands

Category Map and Credit Control Policy Commands

Filter Commands

BGP Peering Policy Commands

Note: The commands listed in this section apply only to the 7750 SR.

Explicit Subscriber Mapping Commands

IGMP Policy Command

Note: The commands listed in this section apply only to the 7750 SR.

Host Lockout Commands

Note: The commands listed in this section apply only to the 7750 SR.

Host Tracking Policy Commands

PIM Policy Commands

SLA Profile Commands

Subscriber Identification Policy Commands

Auto-Generated Subscriber Identification Key Commands

Note: These commands are supported on the 7450 ESS in mixed mode.

Auto-Generated Subscriber Identification Key Service Commands

Note: Refer to the Layer 2 Services and EVPN Guide: VLL, VPLS, PBB, and EVPN and Layer 3 Services Guide: Internet Enhanced Services and Virtual Private Routed Network Services for further services commands.

Subscriber MCAC Policy Commands

Subscriber Profile Commands

For information about configuring accounting policies, refer to the SR OS System Management Guide.

IPoE Session Policy Commands

Multi-Chassis Redundancy Commands

SHCV Policy Commands

Subscriber Management Service Commands

VPRN Subscriber Interface Configuration Commands

Note: The commands listed in this section apply only to the 7750 SR.

config

— service

— vprn service-id [customer customer-id]

— no vprn service-id

— subscriber-interface ip-int-name [create]

— subscriber-interface ip-int-name [create] fwd-service service-id fwd-subscriber-interface fwd-int-name

— no subscriber-interface ip-int-name

— address {ip-address/mask | ip-address netmask} [gw-ip-address ip-address] [populate-host-routes]

— no address

— [no] allow-unmatching-subnets

— authentication-policy name

— no authentication-policy

— delayed-enable seconds [init-only]

— no delayed-enable

— description description-string

— no description

— dhcp

— client-applications {[dhcp] [ppp]}

— no client-applications

— description description-string

— no description

— gi-address ip-address [src-ip-addr]

— no gi-address

— lease-populate [nbr-of-entries]

— no lease-populate

— [no] option

— [no] vendor-specific-option

— [no] client-mac-address

— [no] sap-id

— [no] service-id

— string text

— no string

— [no] system-id

— python-policy name

— no python-policy

— proxy-server

— emulated-server ip-address

— no emulated-server

— lease-time [days days] [hrs hours] [min minutes] [sec seconds] [override]

— no lease-time

— [no] shutdown

— shutdown [release-update-src-ip] [siaddr-override <ip-address>]

— no relay-proxy

— server server1 [server2...(up to 8 max)]

— no server

— [no] shutdown

— [no] export-host-routes

— [no] ipoe-linking

— [no] gratuitous-rtr-adv

— [no] ipoe-session

— session-limit session-limit

— ipv6

— address ipv6-address/prefix-length [pd] [wan-host] [track-srrp srrp-instance] [holdup-time milli-seconds]

— no address ipv6-address/prefix-length

— [no] allow-unmatching-prefixes

— [no] auto-reply

— [no] neighbor-solicitation

— [no] router-solicitation

— default-dns ipv6-address [secondary ipv6-address]

— no default-dns

— delegated-prefix-length bits

— delegated-prefix-length variable

— no delegated-prefix-length

— link-local-address ipv6-address

— no link-local-address

— subscriber-prefixes

— prefix ipv6-address/prefix-length [pd] [wan-host] track-srrp srrp-instance [holdup-time milli-seconds]

— no prefix ipv6-address/prefix-length

— prefix ipv6-address/prefix-length [pd] [wan-host]

— [no] allow-multiple-wan-addresses

— [no] dhcp6

— filter filter-id

— no filter

— [no] override-slaac

— pd-managed-route [next-hop {ipv4 | ipv6}]

— no pd-managed-route

— [no] proxy-server

— client-applications [dhcp] [ppp]

— no client-applications

— preferred-lifetime [days days] [hrs hours] [min minutes] [sec seconds]

— preferred-lifetime infinite

— no preferred-lifetime

— rebind-timer [days days] [hrs hours] [min minutes] [sec seconds]

— no rebind-timer

— renew-timer [days days] [hrs hours] [min minutes] [sec seconds]

— no renew-timer

— server-id duid-en hex hex-string

— server-id duid-en string ascii-string

— server-id duid-ll

— no server-id

— no shutdown

— valid-lifetime [days days] [hrs hours] [min minutes] [sec seconds]

— valid-lifetime infinite

— no valid-lifetime

— python-policy name

— no python-policy

— no relay

— description description-string

— no description

— source-address ipv6-address

— no source-address

— link-address ipv6-address

— no link-address

— server ipv6-address [ipv6-address...(upto 8 max)]

— no server

— client-applications [dhcp] [pppoe]

— no client-applications

— [no] shutdown

— [no] ipoe-bridged-mode

— [no] router-advertisements

— current-hop-limit limit

— no current-hop-limit

— [no] dns-options

— [no] include-dns

— include-dns seconds

— rdnss-lifetime infinite

— no rdnss-lifetime

— force-mcast [ip] [mac]

— no force-mcast

— [no] managed-configuration

— max-advertisement seconds

— no max-advertisement

— min-advertisement seconds

— no min-advertisement

— mtu bytes

— no mtu

— [no] other-stateful-configuration

— [no] prefix-options

— [no] autonomous

— [no] on-link

— preferred-lifetime seconds

— preferred-lifetime infinite

— no preferred-lifetime

— valid-lifetime seconds

— valid-lifetime infinite

— no valid-lifetime

— reachable-time milli-seconds

— no reachable-time

— retransmit-time milli-seconds

— no retransmit-time

— router-lifetime seconds

— router-lifetime no-default-router

— no router-lifetime

— [no] shutdown

— [no] router-solicit

— inactivity-timer [days days] [hrs hours] [min minutes] [sec seconds]

— inactivity-timer infinite

— no inactivity-timer

— local-address-assignment

— client-application [ppp-v4]

— no client-application

— default-pool pool-name [secondary pool-name]

— no default-pool

— server server-name

— no server

— [no] shutdown

— [no] private-retail-subnets

— [no] shutdown

— unnumbered [ip-int-name|ip-address]

— no unnumbered

VPRN Subscriber Interface Group Interface Commands

Note: The commands listed in this section apply only to the 7750 SR.

config

— service

— vprn service-id [customer customer-id]

— no vprn service-id

— subscriber-interface ip-int-name [fwd-service service-id fwd-subscriber-interface ip-int-name] [create]

— no subscriber-interface ip-int-name

— group-interface ip-int-name [create]

— group-interface ip-int-name [create] lns

— group-interface ip-int-name [create] softgre

— no group-interface ip-int-name

— arp-host

— host-limit max-num-hosts

— no host-limit

— min-auth-interval min-auth-interval

— no min-auth-interval

— sap-host-limit max-num-hosts-sap

— no sap-host-limit

— [no] shutdown

— [no] arp-populate

— arp-timeout seconds

— no arp-timeout

— authentication-policy name

— no authentication-policy

— data-trigger

— [no] shutdown

— diameter-application-policy policy-name

— no diameter-application-policy

— diameter-auth-policy name

— no diameter-auth-policy

— description description-string

— no description

— dhcp

— client-applications {[dhcp] [pppoe]}

— no client-applications

— description description-string

— no description

— gi-address ip-address [src-ip-addr]

— no gi-address

— lease-populate [nbr-of-entries]

— no lease-populate

— [no] option

— [no] vendor-specific-option

— [no] client-mac-address

— [no] sap-id

— [no] service-id

— string text

— no string

— [no] system-id

— proxy-server

— emulated-server ip-address

— no emulated-server

— lease-time [days days] [hrs hours] [min minutes] [sec seconds] [override]

— no lease-time

— [no] shutdown

— relay-proxy [release-update-src-ip] [siaddr-override <ip-address>]

— no relay-proxy

— server server1 [server2...(up to 8 max)]

— no server

— [no] shutdown

— [no] trusted

— diameter-application-policy policy-name

— no diameter-application-policy

— [no] enable-ingress-stats

— host-connectivity-verify [interval interval] [action {remove|alarm}] [timeout retry-timeout] [retry-count count] [family family]

— host-limit max-num-hosts

— no host-limit

— host-connectivity-verify [interval interval] [action {remove|alarm}]

— icmp

— [no] mask-reply

— redirects [number seconds]

— no redirects

— ttl-expired number seconds]

— no ttl-expired

— unreachables [number seconds]

— no unreachables

— ingress

— policy-accounting template-name

— no policy-accounting

— ip-mtu octets

— no ip-mtu

— ipoe-linking

— [no] gratuitous-rtr-adv

— [no] gratuitous-rtr-adv

— [no] shutdown

— ipoe-session

— description description-string

— no description

— force-auth [cid-change] [rid-change]

— force-auth disabled

— no force-auth

— ipoe-session-policy policy-name

— no ipoe-session-policy

— min-auth-interval [days days] [hrs hours] [min minutes] [sec seconds]

— min-auth-interval infinite

— no min-auth-interval

— radius-session-timeout {backwards-compatible | ignore | absolute}

— no radius-session-timeout

— sap-session-limit sap-session-limit

— no sap-session-limit

— session-limit session-limit

— no session-limit

— user-db local-user-db-name

— no user-db

— [no] shutdown

— [no] ipv6

— allow-multiple-wan-addresses

— no allow-multiple-wan-addresses

— dns-options

— no dns-options

— include-dns

— no include-dns

— rdnss-lifetime seconds

— rdnss-lifetime infinite

— no rdnss-lifetime

— [no] ipoe-bridged-mode

— inactivity-timer

— inactivity-timer [days days] [hrs hours] [min minutes] [sec seconds]

— no inactivity-timer

— min-auth-interval [days days] [hrs hours] [min minutes] [sec seconds]

— no min-auth-interval

— shutdown

— no shutdown

— user-db

— no user-db

— local-address-assignment

— client-application [ppp-v4]

— no client-application

— default-pool pool-name [secondary pool-name]

— no default-pool

— ipv6

— client-application [ppp-slaac] [ipoe-wan] [ipoe-slaac]

— no client-application

— server server-name

— no server

— server server-name

— no server

— [no] shutdown

— [no] local-proxy-arp

— [no] mac ieee-address

— min-auth-interval min-auth-interval

— no min-auth-interval

— [no] oper-up-while-empty

— policy-control diameter-policy-name

— no policy-control

— sap-host-limit max-num-hosts-sap

— no sap-host-limit

— [no] shutdown

— [no] ppp

— description description-string

— no description

— policy ppp-policy-name

— no policy

— session-limit session-limit

— [no] shutdown

— user-db local-user-db-name

— no user-db

— [no] pppoe

— anti-spoof pppoe-anti-spoofing-type

— no anti-spoof

— description description-string

— no description

— dhcp-client

— [no] ccag-use-origin-sap

— policy ppp-policy-name

— no policy

— sap-session-limit sap-session-limit

— no sap-session-limit

— session-limit session-limit

— [no] shutdown

— user-db local-user-db-name

— no user-db

— [no] proxy-arp-policy policy-name [policy-name...(up to 5 max)]

— [no] qos-route-lookup

— redundant-interface red-ip-int-name

— no redundant-interface

— [no] remote-proxy-arp

— [no] sap sap-id

— accounting-policy acct-policy-id

— no accounting-policy [acct-policy-id]

— anti-spoof {ip | ip-mac | nh-mac}

— no anti-spoof

— app-profile app-profile-name

— no app-profile

— atm

— egress

— traffic-desc traffic-desc-profile-id

— no traffic-desc

— encapsulation atm-encap-type

— ingress

— traffic-desc traffic-desc-profile-id

— oam

— [no] alarm-cells

— [no] periodic-loopback

— [no] calling-station-id

— [no] collect-stats

— default-host ipv4-prefix/mask | ipv6-prefix/prefix-length next-hop ipv4-address | ipv6-address

— no default-host ipv4-prefix/mask | ipv6-prefix/prefix-length

— cpu-protection policy-id [mac-monitoring]

— no cpu-protection

— default-host ip-address/mask next-hop next-hop-ip

— no default-host ip-address/mask

— description description-string

— no description

— diameter-application-policy policy-name

— no diameter-application-policy

— egress

— [no] agg-rate

— [no] limit-unused-bandwidth

— [no] queue-frame-based-accounting

— rate {max | rate}

— no rate

— filter ip ip-filter-id

— filter ipv6 ipv6-filter-id

— no filter [ip ip-filter-id] [ipv6 ipv6-filter-id]

— no filter

— [no] qinq-mark-top-only

— [no] qos policy-id

— scheduler-policy scheduler-policy-name

— igmp-host-tracking

— [no] disable-router-alert-check

— expiry-time expiry-time

— no expiry-time

— import policy-name

— no import

— max-num-group max-num-groups

— no max-num-group

— max-num-sources max-num-sources

— no max-num-sources

— max-num-grp-sources [1..32000]

— no max-num-grp-sources

— ingress

— filter ip ip-filter-id

— filter ipv6 ipv6-filter-id

— no filter [ip ip-filter-id] [ipv6 ipv6-filter-id]

— no filter

— match-qinq-dot1p {top | bottom}

— no match-qinq-dot1p

— qos policy-id [shared-queuing]

— no qos policy-id

— scheduler-policy scheduler-policy-name

— no scheduler-policy

— multi-service-site customer-site-name

— no multi-service-site

— static-host ip ip/did-address [mac ieee-address] [create]

— no static-host [ip ip-address] mac ieee-address

— no static-host all [force]

— no static-host ip ip-address

— ancp-string ancp-string

— no ancp-string

— app-profile app-profile-name

— no app-profile

— inter-dest-id intermediate-destination-id

— no inter-dest-id

— managed-routes

— route {ip-prefix/length | ip-prefix netmask} [create]

— no route {ip-prefix/length | ip-prefix netmask}

— retail-svc-id service-id

— no retail-svc-id

— rip-policy policy-name

— no rip-policy

— [no] shutdown

— sla-profile sla-profile-name

— no sla-profile

— sub-profile sub-profile-name

— no sub-profile

— subscriber sub-ident

— no subscriber

— [no] subscriber-sap-id

— managed-routes

— [no] mac-learning-options

— [no] data-triggered

— [no] single-mac

— [no] shutdown

— [no] sub-sla-mgmt

— def-app-profile default-app-profile-name

— no def-app-profile

— def-sla-profile default-sla-profile-name

— no def-sla-profile

— def-sub-id string sub-ident-string

— def-sub-id use-sap-id

— no def-sub-id

— def-sub-profile default-subscriber-profile-name

— no def-sub-profile

— multi-sub-sap subscriber-limit

— no multi-sub-sap

— [no] shutdown

— single-sub-parameters

— non-sub-traffic sub-profile sub-profile-name sla-profile sla-profile-name [subscriber sub-ident-string]

— no non-sub-traffic

— [no] profiled-traffic-only

— sub-ident-policy sub-ident-policy-name

— no sub-ident-policy

— [no] shutdown

— [no] srrp srrp-id

— description description-string

— no description

— gw-mac mac-address

— no gw-mac

— keep-alive-interval interval

— no keep-alive-interval

— message-path sap-id

— no message-path

— [no] policy vrrp-policy-id

— priority priority

— no priority

— [no] shutdown

— srrp-enabled-routing [hold-time hold-time]

— no srrp-enabled-routing

— tos-marking-state {trusted | untrusted}

— no tos-marking-state

— [no] urpf-check

— wpp

— [no] enable-triggered-hosts

— initial-app-profile app-profile-name

— no initial-app-profile

— initial-sla-profile sla-profile-name

— no initial-sla-profile

— initial-sub-profile sub-profile-name

— no initial-sub-profile

— lease-time [days days] [hrs hours] [min minutes] [sec seconds]

— no lease-time

— portal router router-instance name wpp-portal-name

— no portal

— restore-disconnected {restore|no-restore}

— no restore-disconnected

— user-db local-user-db-name

— no user-db

IES Subscriber Management Configuration Commands

Note: The commands listed in this section apply only to the 7750 SR.

1. IES Interface Commands
2. IES Subscriber Interface Commands
3. IES Subscriber Interface Group Interface Commands

config

— service

— ies service-id [customer customer-id] [vpn vpn-id]

— [no] interface ip-int-name

IES Interface Commands

— address {ip-address/mask | ip-address netmask} [gw-ip-address ip-address] [populate-host-routes]

— no address

— [no] allow-directed-broadcast

— [no] arp-populate

— arp-timeout seconds

— no arp-timeout

— cflowd [acl | interface]

— no cflowd

— description description-string

— no description

— dhcp

— client-applications {[dhcp] [pppoe]}

— no client-applications

— description description-string

— no description

— gi-address ip-address [src-ip-addr]

— no gi-address

— lease-populate nbr-of-leases

— no lease-populate

— [no] option

— action {replace | drop | keep}

— no action

— circuit-id [ascii-tuple | ifindex | sap-id]

— no circuit-id

— [no] remote-id

— [no] relay-plain-bootp

— relay-proxy [release-update-src-ip]

— no relay-proxy

— server server1 [server2...(up to 8 max)]

— no server

— [no] shutdown

— [no] trusted

— host-connectivity-verify [source {vrrp | interface}] [interval interval] [action {remove | alarm}]

— icmp

— [no] mask-reply

— redirects [number seconds]

— no redirects

— ttl-expired number seconds]

— no ttl-expired

— unreachables [number seconds]

— no unreachables

— [no] local-proxy-arp

— [no] loopback

— [no] mac ieee-address

— [no] proxy-arp-policy policy-name [policy-name...(up to 5 max)]

— [no] remote-proxy-arp

— [no] sap sap-id

IES Subscriber Interface Commands

Note: The commands listed in this section apply only to the 7750 SR.

config

— service

— ies service-id [customer customer-id] [vpn vpn-id]

— subscriber-interface ip-int-name [create]

— subscriber-interface ip-int-name [create] fwd-service service-id fwd-subscriber-interface fwd-int-name

— no subscriber-interface ip-int-name

— [no] address {ip-address/mask | ip-address netmask}

— [no] allow-unmatching-subnets

— delayed-enable seconds [init-only]

— no delayed-enable

— description description-string

— no description

— [no] export-host-routes

— dhcp

— gi-address ip-address [src-ip-addr]

— no gi-address

— relay-proxy [release-update-src-ip]

— no relay-proxy

— ipoe-linking

— [no] gratuitous-rtr-adv

— [no] gratuitous-rtr-adv

— [no] shutdown

— [no] ipoe-session

— session-limit session-limit

— no session-limit

— ipv6

— [no] allow-unmatching-subnets

— [no] allow-unmatching-prefixes

— default-dns ipv6-address [secondary ipv6-address]

— no default-dns

— [no] allow-unmatching-prefixes

— default-dns ipv6-address [secondary ipv6-address]

— no default-dns

— delegated-prefix-length bits

— delegated-prefix-length variable

— no delegated-prefix-length

— link-local-address ipv6-address

— no link-local-address

— subscriber-prefixes

— prefix ipv6-address/prefix-length [pd] [wan-host] track-srrp srrp-instance [holdup-time milli-seconds]

— no prefix ipv6-address/prefix-length

— prefix ipv6-address/prefix-length [pd] [wan-host]

— [no] allow-multiple-wan-addresses

— [no] dhcp6

— [no] override-slaac

— pd-managed-route [next-hop {ipv4 | ipv6}]

— no pd-managed-route

— [no] proxy-server

— client-applications [dhcp] [ppp]

— no client-applications

— preferred-lifetime [days days] [hrs hours] [min minutes] [sec seconds]

— preferred-lifetime infinite

— no preferred-lifetime

— valid-lifetime [days days] [hrs hours] [min minutes] [sec seconds]

— valid-lifetime infinite

— no valid-lifetime

— rebind-timer [days days] [hrs hours] [min minutes] [sec seconds]

— no rebind-timer

— renew-timer [days days] [hrs hours] [min minutes] [sec seconds]

— no renew-timer

— server-id duid-en hex hex-string

— server-id duid-en string ascii-string

— server-id duid-ll

— no server-id

— no shutdown

— python-policy name

— no python-policy

— [no] relay

— description description-string

— no description

— source-address ipv6-address

— no source-address

— link-address ipv6-address

— no link-address

— server ipv6-address [ipv6-address...(upto 8 max)]

— no server

— client-applications [dhcp] [ppp]

— no client-applications

— [no] shutdown

— [no] ipoe-bridged-mode

— [no] router-advertisements

— current-hop-limit limit

— no current-hop-limit

— [no] dns-options

— [no] include-dns

— rdnss-lifetime seconds

— rdnss-lifetime infinite

— no rdnss-lifetime

— force-mcast [ip] [mac]

— no force-mcast

— [no] managed-configuration

— max-advertisement seconds

— no max-advertisement

— min-advertisement seconds

— no min-advertisement

— mtu bytes

— no mtu

— [no] other-stateful-configuration

— [no] prefix-options

— [no] autonomous

— [no] on-link

— preferred-lifetime seconds>

— preferred-lifetime infinite

— no preferred-lifetime

— valid-lifetime seconds

— valid-lifetime infinite

— no valid-lifetime

— reachable-time milli-seconds

— no reachable-time

— retransmit-time milli-seconds

— no retransmit-time

— router-lifetime seconds

— router-lifetime no-default-router

— no router-lifetime

— [no] shutdown

— [no] router-solicit

— inactivity-timer [days days] [hrs hours] [min minutes] [sec seconds]

— inactivity-timer infinite

— no inactivity-timer

— local-address-assignment

— client-application [ppp-v4]

— no client-application

— default-pool pool-name [secondary pool-name]

— no default-pool

— server server-name

— no server

— [no] shutdown

— ipv6

— client-application [ppp-slaac] [ipoe-wan] [ipoe-slaac]