This command creates a text description stored in the configuration file for a configuration context. This associates a text string with a configuration context to help identify the context in the configuration file.
The no form of this command removes the description string from the context.
No description is associated with the configuration context.
This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command.
The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they can be deleted.
Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system-generated configuration files.
The no form of the command puts an entity into the administratively enabled state.
This command enables the context to configure Virtual Residential Gateway parameters.
This command enables the context to configure Bridged Residential Gateway parameters.
This command creates the profile for Bridged Residential Gateway (BRG) devices. The BRG profile specifies default parameters that are used for host management under a single BRG.
The no form of the command removes the profile name from the configuration.
This command configures the BRG connectivity verification. The system uses ICMP Echo request messages for connectivity verification.
When the last host associated with a BRG is removed, a ping mechanism is used to verify if the BRG is still active. This command specifies the parameters used in this mechanism.
The no form of this command disables the BRG ping mechanism and removes the BRG without verification. Any configured hold time still applies.
count 3 timeout 30 retry-time 900
This command enables the context to configure per-subscriber IPv4 address pool parameters to be used for address allocation. Pools for different subscribers can overlap. Specific pool parameters can be overridden by RADIUS.
This command configures the lease time, in seconds, to be used when allocating addresses from the pool. This time value should always be longer than the renew/rebind time.
The no form of the command reverts to the default.
600
This command enables the context to configure options that are reflected in DHCP.
This command configures the subnet that will be used for the L2aware-subscriber. This subnet is only locally significant and can overlap with other subscribers. The subnet is derived by ignoring the host bits of the IP address. The IP address specifies the default gateway that will be signaled in DHCP along with the netmask derived from the prefix length.
The start and end addresses specify the range of addresses that are suitable for allocation within the given subnet. If the subnet address (host bits 0), broadcast address (host bits 1) or default-gw address fall in this range, they will not be considered for allocation.
Changing the subnet will only affect new subscribers. New and existing hosts for existing subscribers will keep allocating from the original subnet.
subnet 192.168.0.1/24 start 192.168.0.2 end 192.168.0.254
This command defines how long these addresses will be kept aside when standby addresses are signaled to the pool. During this time these addresses can only be used by devices explicitly requesting the IP (for example, datatrigger or DHCP renew/rebind). When the timer expires the addresses will again become available for dynamic allocation.
standby-ip-lifetime 21600
This command holds the BRG object for the specified time. This applies when the connectivity verification fails or when the last host is removed and no connectivity-verification is enabled. Hold time does not apply to an explicit removal via the radius or clear commands.
The no form of the command disables the hold time.
no hold-time
This hold time applies to BRG instances that are created without any hosts; for example, triggered due to proxy authentication. During this initial hold-time the BRG is not deleted and no connectivity-verification is started. When this timer expires, connectivity verification is started. If connectivity verification is disabled and no hosts are associated with the BRG upon expiry, the regular hold time is started and the BRG instance will be removed.
This command allows an operator to have fast BRG removal (no connectivity-verification and no hold-time) but still use BRG proxy authentication. Without an initial hold time the BRG would be removed immediately after creation.
This command does not apply to BRG instances that are created through host setup.
The no form of the command reverts to the default.
300
This command enables the context to configure parameters related to RADIUS authentication performed for the BRG.
This command configures the value of the user password as signaled in RADIUS. The no form of this command indicates that no password field should be sent in RADIUS.
This command is used if the BRG needs to be authenticated to the controller/PCMP by the vRGW. This is required if the BRG does not perform RADIUS authentication via the proxy server. The vRGW will originate a valid Access Request using the BRG ID as the username.
The no form of this command removes the radius-server-policy from the configuration. Setup of an unauthenticated BRG will now fail.
no radius-server-policy
This command enables BRG processing on the specified RADIUS proxy server. Whenever an Access-Accept message is received with the attribute Alc-BRG-Id present, this will trigger the creation of a BRG. The BRG will use the brg-profile specified in the Access-Accept message or fall back to this BRG profile. When the specified radius-proxy-server has a cache enabled, no cache entries will be created for a transaction identified as BRG. A RADIUS proxy server can only be listed in one BRG profile.
This command can be executed multiple times.
The no form of this command removes BRG processing for the specified radius-proxy server.
This command configures the SLA profile string that will be used as a default for SLA profile lookup. This string can be overridden during BRG or host authentication.
The no form of the command removes the string from the configuration.
no sla-profile-string
This command is used as a default for subscriber profile lookup. This string can be overridden during BRG or host authentication. The no form of the command removes the string from the configuration.
no sub-profile-string
This command specifies how long to wait for the uplink to fully establish when using a non-routed uplink such as a PPPoE client. During this initial wait time, setup of devices in the home is blocked.
After the timer expires, if an uplink was successful on only one of two IP stacks, devices continue to be configured with the successful IP stack. Control plane message for the failed IP stack are dropped.
uplink-initial-wait 30
This command provisions a policy containing a set of parameters to be used to configure a PPPoE client.
The no version of this command removes the policy from the system. The policy can only be removed when it is not in use.
This command defines the keepalive interval and the number of times the keepalive can be missed before the session is declared down for this PPPoE client policy.
The no version of this command reverts to the default.
keepalive 30 hold-up-multiplier 3
This command defines which Maximum Receive Unit (MRU) value is signaled by the PPPoE client.
The no version of this command reverts to the default.
mru 1492
This command defines which Maximum Transmission Unit (MTU) is applied, by default, for packets egressing the PPP link. If a lower MRU is sent during PPP link establishment, the MRU value is used.
The no version of this command reverts to the default.
mtu 1492
This command applies a Python policy to all messages sent and received by the PPPoE client.
The no version of this command removes the associated Python policy from the PPPoE client.
no python-policy
This command configures backoff timer parameters that determine how often and how long the system will attempt to restart a PPPoE client after a failure. When a client first fails, the system immediately tries to re-establish connectivity. If this attempt is also unsuccessful, the system initiates a backoff timer and waits until it expires before attempting to restart the client again, to avoid flooding the BNG. The initial duration of the backoff timer is configured with the initial-time parameter. With each subsequent failure, the backoff timer is doubled until the configured max-time is reached.The no version of this command reverts to the default.
restart-backoff initial-time 30 max-time 600
This command defines which NCP session is started in the PPPoE client and how addresses are retrieved within that NCP session.
stack ipv4
This command specifies a subscriber RADIUS-based accounting policy.
The no form of the command removes the policy name from the configuration.
This command enables the context to specify the RADIUS parameters that the system should include in RADIUS authentication-request messages.
The no form of the command reverts to the default values.
This command specifies authentication policy configured under the aaa context for authenticating users on the WLAN-GW ISA.
The no form of the command removes the policy name from the configuration.
This command includes the Alc-Num-Attached-UEs attribute. For session/host accounting, this is the tunnel of the associated UE. For queue-instance accounting, this attribute will not be included.
The no form of the command removes the attribute from inclusion.
no wifi-num-attached-ues
This command indicates the number of IPoE sessions that are currently active on the BRG to which this accounting message relates. The no form of the command removes the attribute from inclusion.
disabled
This command enables the context to configure subscriber management entities. A subscriber is uniquely identified by a subscriber identification string. Each subscriber can have several DHCP sessions active at any time. Each session is referred to as a subscriber host and is identified by its IP address and MAC address.
All subscriber hosts belonging to the same subscriber are subject to the same hierarchical QoS (HQoS) processing. The HQoS processing is defined in the sub-profile (the subscriber profile). A sub-profile refers to an existing scheduler policy (configured in the configure>qos>scheduler-policy context) and offers the possibility to overrule the rate of individual schedulers within this policy.
Because all subscriber hosts use the same scheduler policy instance, they must all reside on the same complex.
This command enables the context to configure BRG parameters. In the config>service>ies>sub-if>grp-if and config>service>vprn>sub-if>grp-if contexts, these commands are only available in the vlan-tag-ranges level.
This command indicates that only BRGs that are pre-authenticated using the RADIUS proxy are allowed in this context.
The no form of the command removes the restriction.
no authentication-brg-only
This command indicates that the default BRG profile must be used for new BRGs. This profile can be overridden by RADIUS.
no default-brg-profile
This command enables the sending of ARP or ND packets on the WLAN-GW GRE tunnel for certain events. The target IP address in the ARP/ND packet is the endpoint IP address of the AP. The ARP/ND response from the AP should contain the AP MAC, which subsequently can be reported in a called-station-id message. When enabled, a message will be sent for following events:
This configuration is ignored for L2-AP and L2TPv3 access.
The no form of this command disables this mechanism.
This command enables data-triggered subscriber creation for WIFI subscribers. Data- triggered UE creation is currently only supported for UDP and TCP packets.
The no form of the command disables the data-triggered subscriber creation for WIFI subscribers.
This command allows the operator to create special subscriber-based interfaces. It is used to contain multiple group interfaces. Multiple subnets associated with the subscriber interface can be applied to any of the contained group interfaces in any combination. The subscriber interface allows subnet sharing between group interfaces.
The no form of the command removes the subscriber interface.
This command creates a group interface. This interface is designed for triple-play services where multiple SAPs are part of the same subnet. A group interface may contain one or more SAPs.
The no form of the command removes the group interface from the subscriber interface.
no group interfaces configured
This command enables the context to configure WLAN GW parameters.
This command creates or enters the context of specified VLAN range for configuration applicable to that range of VLANs.
This command enables the context to configure VLAN-to-retail-map parameters to map dot1q tags to the retail service ID. The WIFI AP inserts a dot1Q tag in the Layer 2 frame within the GRE tunnel to indicate the retail service provider for the subscriber.
This command enables the context to configure WLAN-GW cross-connect UE-related parameters.
This command configures the IPv6 address and prefix for the tunnel source.
The no form of the command removes IPv6 address and prefix length from the cross-connect configuration.
This command configures the identifier of the WLAN Gateway ISA group that processes the cross-connect.
The no form of the command removes the NAT group IP from the cross-connect configuration.
This command configures the ISA RADIUS accounting policy for the cross-connect.
The no form of the command removes the ISA RADIUS accounting policy from the cross-connect UE.
This command configures the time interval between consecutive interim accounting update messages. If not configured, the system does not send interim accounting update messages.
The no form of the command removes the value from the cross-connect configuration.
This command enables the administrative state to send mobility-triggered accounting interim updates.
The no form of the command disables sending the mobility-triggered accounting updates.
This command enables the context to configure router Virtual Residential Gateway parameters.
This command enables the context to configure HLE parameters.
The no form of the command disables the context.
This command specifies the destination UDP port for both ingress and egress VXLAN packets for HLE services.
The no form of the command reverts to the default.
4789
This command specifies the address range to be used as the local VXLAN VTEP on the ISA for HLE services. The system allocates one address for each ISA in the WLAN GW group out of the specified range. The allocated address appears as /32 or /128 routes in the global routing table with the route type nat.
The no form of the command removes the values from the configuration.
This command specifies the WLAN GW group that is used for HLE services.
The no form of the command removes the group from the configuration.
This command specifies a subscriber RADIUS-based accounting policy.
The no form of the command removes the policy name from the configuration.
This command enables the context to specify the RADIUS parameters that the system should include in RADIUS authentication-request messages.
The no form of the command disables any RADIUS parameters enabled in this context.
This command enables the system to include the HLE service’s bridge ID (ALC-BRIDGE-ID) in RADIUS accounting packets.
The no form of the command excludes the HLE service’s bridge ID (ALC-BRIDGE-ID) from RADIUS accounting packets.
This command enables the system to include the HLE host’s device type (ALC-HLE-DEVICE-TYPE) in RADIUS accounting packets.
The no form of the command excludes the HLE host’s device type (ALC-HLE-DEVICE-TYPE) from RADIUS accounting packets.
This command enables the system to include the HLE service’s EVPN route distinguisher (ALC-RD) in RADIUS accounting packets.
The no form of the command excludes the HLE service’s EVPN route distinguisher (ALC-RD) from RADIUS accounting packets.
This command enables the system to include the HLE service’s EVPN route target (ALC-RT) in RADIUS accounting packets.
The no form of the command excludes the HLE service’s EVPN route target (ALC-RT) from RADIUS accounting packets.
This command enables the system to include the HLE service’s EVPN VXLAN VNI (ALC-VXLAN-VNI) in RADIUS accounting packets.
The no form of the command excludes the HLE service’s EVPN VXLAN VNI (ALC-VXLAN-VNI) from RADIUS accounting packets.
This command enables the context to configure router Virtual Residential Gateway (vRGW). parameters.
This command enables the context to configure subscriber management vRGW home HLE parameters.
The no form of the command disables the context.
This command specifies the AS number for the HLE service. It is used to derive the route target (RT) and route distinguisher (RD) for the HLE EVPN service only when the RADIUS server does not return a specific route target or route distinguisher.
The derived RT is in the “target:<configured-router-target-as-number>:<returned ALC-BRIDGE-ID>” format.
The derived RD is in the “<configured-router-target-as-number>:<returned ALC-BRIDGE-ID>” format.
The no form of the command removes the AS number from the configuration.
This command allows the operator to create special subscriber-based interfaces. It is used to contain multiple group interfaces. Multiple subnets associated with the subscriber interface can be applied to any of the contained group interfaces in any combination. The subscriber interface allows subnet sharing between group interfaces.
The no form of the command removes the subscriber interface.
This command creates a group interface. This interface is designed for triple-play services where multiple SAPs are part of the same subnet. A group interface can contain one or more SAPs.
The no form of the command removes the group interface from the subscriber interface.
no group interfaces configured
This command enables the context to configure WLAN GW parameters.
This command specifies the maximum number of HLE BDs for this group interface.
The no form of the command disables HLE for the group interface.
This command enables the context to configure IEEE 802.1q VLAN tag ranges.
This command creates a VLAN range or enters the context of the specified VLAN ranges for configuration applicable to that range of VLANs.
This command enables the context to configure Virtual Residential Gateway parameters.
This command enables the context to configure HLE parameters.
The no form of the command disables the vRGW parameters enabled in this context.
This command enables the context to configure the access side of HLE for the VLAN range.
The no form of the command disables the vRGW parameters enabled in this context.
This command specifies the maximum number of allowed MAC addresses on the access side of HLE.
The no form of the command reverts to the default.
20
This command enables access from multiple APs into a per-tenant BD and the associated vRGW (BRG) instance.
The no form of the command disables access from multiple APs and limits access from a single AP into per tenant bridge domain (BD) and the associated vRGW (BRG) instance.
This command enables assistive address resolution (AAR) for HLE services.
This command specifies the prefix of the HLE BD MAC address.
The no form of the command removes the MAC prefix from the configuration.
This command enables MAC address translation for HLE services.
The no form of the command disables MAC address translation for HLE services.
This command enables the context to configure network side attributes.
The no form of the command resets the network parameters to the default values.
This command displays Virtual Residential Gateway information.
This command enables the context to display operational information for connected BRGs and related hosts.
This command displays operational information for connected BRGs and related hosts.
The following output is an example of subscriber management BRG host information.
This command displays all operational data related to the BRG.
The following output is an example of subscriber management BRG gateway information.
This command lists all the DHCP bindings of the local pool associated with the specified BRG. If the MAC attribute is specified, only the binding for that MAC address is displayed.
The following output is an example of BRG gateway binding information.
This command lists pool information about a specific host in the BRG.
This command lists all the hosts connected to the BRG.
The following output is an example of BRG gateway host information.
This command shows associated home-aware pool standby IP addresses.
This command lists operational gateway information for all BRGs active on the system. This list can optionally be reduced by specifying a BRG profile.
The following output is an example of BRG gateway information.
This command displays Wireless LAN Gateway Home LAN Extension information.
This command displays information of PPPoE clients started by the vRGW.
The following output is an example of PPPoE client information.
This command displays BRG profile information.
This command displays information for the specified HLE bridge. If no bridge is specified, then all domains are listed.
The following output is an example of HLE bridge information.
This command enables debugging of PPPoE client messages linked to a BRG.
This command specifies the amount of detail present in debugging the specified PPPoE client.
detail-level high
This command specifies if debugging should only include ingress, egress or all messages.
direction both
This command, limits debugging only to the specified messages in the discovery phase.
This command specifies that only packets that are dropped by the vRGW will be shown in debugging.
dropped-only
This command specifies which messages in PPP setup are tracked by debugging. If no messages are specified, they are all tracked. LCP Echo Request and Echo Response are never shown during debugging.
This command clears vRGW data.
This command clears BRG data.
This command clears BRG gateway data.
This command forcibly restarts the PPPoE client linked to the BRG instance. The restart does not remove BRG or related session state, however, forwarding is impacted.
This command enables the context to dump tools information for WGLAN HLE parameter.
This command enables the context to enter the specified HLE BD to perform tools commands.
This command dumps the specified ARP table entries for the specified HLE BD.
The following output is an example of ARP table information.
This command dumps the specified flood table entries for the specified HLE BD.
The following output is an example of flood table information.
This command dumps the specified MAC table entries for the specified HLD BD.
The following output is an example of MAC table information.
This command dumps neighbor table entries for the specified HLE BD.
This command enables the context to clear tools information for WGLAN HLE parameter.
This command clears all ARP table entries for the specified HLE BD or a specific entry if an IPv4 address is specified.
This command clears all MAC table entries for the specified HLE BD or a specific entry if a MAC address is specified.
This command clears all neighbor table entries for the specified HLE BD or a specific entry if an IPv6 address is specified.