5.6. EVPN Command Reference

This chapter describes the EVPN command reference.

5.6.1. Command Hierarchies

5.6.1.1. EVPN Configuration Commands

config
— service
epipe service-id [customer customer-id] [test] [create] [vpn vpn-id] [vc-switching]
— no epipe service-id
oper-group name
bgp
route-distinguisher [ip-addr:comm-val | as-number:ext-comm-val | auto-rd]
route-target {ext-community | export ext-community] | import ext-community}
[no] bgp-evpn
[no] evi value
[no] local-ac-name ac-name
[no] eth-tag value
[no] remote-ac-name ac-name
[no] eth-tag value
vxlan
[no] mpls [bgp bgp]
resolution {disabled | any | filter}
[no] bgp
[no] ldp
[no] rsvp
[no] sr-isis
[no] sr-ospf
[no] sr-policy
[no] sr-te
[no] udp
[no] control-word
ecmp max-ecmp-routes
[no] shutdown
[no] entropy-label
send-evpn-encap [mpls] [mp l soudp]
[no] shutdown
vxlan [bgp bgp] [vxlan-instance vxlan-instance]
— no vxlan [bgp bgp]
ecmp max-ecmp-routes
[no] shutdown
vxlan vni vni-id [create] [instance instance-id]
— no vxlan vni vni-id
egr-vtep {ip-address | ipv6-address}
— no egr-vtep
oper-group name
— no oper-group
vxlan-src-vtep {ip-address | ipv6-address}
mac-list name [create]
— no mac-list name
[no] mac ieee-address
vpls service-id [customer customer-id] [vpn vpn-id] [m-vpls] [{b-vpls | i-vpls}] [etree] [create]
— no vpls service-id
bgp [bgp-instance]
— no bgp [bgp-instance]
route-distinguisher [{ip-addr:comm-val | as-number:ext-comm-val | auto-rd}]
route-target ext-community
route-target export ext-community [import ext-community]
route-target import ext-community
vsi-export policy-name [policy-name...(up to 5 max)]
— no vsi-export
vsi-import policy-name [policy-name...(up to 5 max)]
— no vsi-import
[no] bgp-evpn
[no] evi value
incl-mcast-orig-ip ip-address
[no] ip-route-advertisement [incl-host]
[no] ip-route-advertisement [incl-host]
isid-range from [to to] {auto-rt | route-target rt}
[no] isid-range from
detect num-moves num-moves window minutes
[no] retry minutes
[no] mpls [bgp bgp]
resolution {disabled | any | filter}
[no] bgp
[no] ldp
[no] rsvp
[no] sr-isis
[no] sr-ospf
[no] sr-policy
[no] sr-te
[no] udp
[no] control-word
ecmp max-ecmp-routes
[no] entropy-label
[no] send-evpn-encap [mpls] [mplsoudp]
[no] shutdown
max-nbr-mac-addr [bgp bgp] [vxlan-instance vxlan-instance]
[no] vxlan [bgp bgp]
[no] shutdown
pbb
leaf-source-bmac ieee-address
[no] use-es-bmac
[no] mldp
[no] root-and-leaf
[no] owner {bgp-ad | bgp-vpls | bgp-evpn-mpls}
[no] shutdown
[no] proxy-arp
[no] age-time seconds
dup-detect [anti-spoof-mac mac-address] [static-black-hole] window minutes num-moves count hold-down minutes | max
dynamic ip-address [create]
— no dynamic ip-address
mac-list name
[no] mac-list name
resolve mins
[no] send-refresh seconds
[no] static ip-address ieee-address
table-size table-size
[no] shutdown
[no] proxy-nd
[no] age-time seconds
dup-detect [anti-spoof-mac mac-address] [static-black-hole] window minutes num-moves count hold-down {minutes | max}
dynamic ipv6-address [create]
— no dynamic ipv6-address
mac-list name
[no] mac-list
resolve mins
evpn-nd-advertise {host | router}
[no] send-refresh seconds
[no] static ip-address ieee-address {host | router}
table-size table-size
[no] shutdown
— sap
— spoke-sdp
mac ieee-address [create] sap sap-id monitor fwd-status
mac ieee-address [create] spoke-sdp sdp-id:vc-id monitor fwd-status
mac ieee-address [create] black-hole
— no mac ieee-address
vsd-domain name
— no vsd-domain vni
vxlan-src-vtep {ip-address | ipv6-address}
vxlan vni vni-id [create] [instance instance-id]
— no vxlan vni vni-id [instance instance-id]
assisted-replication {replicator | leaf] [replicator-activation-time seconds}
egr-vtep {ip-address | ipv6-address} [create]
— no egr-vtep {ip-address | ipv6-address}
[no] disable-aging
max-nbr-mac-addr table-size
rx-discard-on-ndf {bm | bum | none}
— vprn
— interface
vpls
[no] evpn-tunnel [ipv6-gateway-address {ip| mac}]
vxlan
tunnel-termination {ip-address | ipv6-address} fpe fpe-id [create]
— no tunnel-termination {ip-address | ipv6-address}
vsd
domain name [type {l2-domain | vrf-gre | vrf-vxlan | l2-domain-irb}] [create]
— no domain name
description description-string
[no] shutdown
service-range svc-id to svc-id
config
— service
— system
[no] bgp-auto-rd-range ip-address comm-val [1 to 65535] to [1 to 65535]
[no] bgp-evpn
ad-per-es-route-target [evi-rt | evi-rt-set route-distinguisher ip-address]
ethernet-segment name [virtual] [create]
— no ethernet-segment name
dot1q
q-tag-range qtag1 [to qtag1]
— no q-tag-range qtag1
esi esi
— no esi
lag lag-id
— no lag
pw-port pw-port-id
— no pw-port
multi-homing single-active [no-esi-label]
multi-homing all-active
es-orig-ip {ip-address | ipv6-address}
— no es-orig-ip
route-next-hop {ip-address | ipv6-address}
port port-id
— no port
qinq
s-tag qtag1 c-tag-range qtag2 [to qtag1]
— no s-tag qtag1 c-tag-range qtag2
s-tag-range qtag1 [to qtag1]
— no s-tag-range qtag1
sdp sdp-id
— no sdp
manual
evi start [to to]
— no evi start
isid start [to to]
— no isid start
preference [create] [non-revertive]
— no preference
value value
mode {manual | auto | off}
service-range svc-id [to svc-id]
— no service-range svc-id
[no] shutdown
[no] source-bmac-lsb MAC-lsb [ex-bmac-table-size size]
vc-id-range from [to to]
— no vc-id-range vc-id
vxlan
assisted-replication-ip ip-address
evpn-tunnel ip-address fpe fpe-id [create]
— no evpn-tunnel ip-address
config
boot-timer seconds
config
— system
vsd
system-id name
— no system-id
xmpp
server xmpp-server-name [domain-name fqdn] [username user-name] [password password] [create] [service-name service-name]
server xmpp-server-name [domain-name fqdn] [username user-name] [password password] [create] [router router-instance]
— no server xmpp-server-name
[no] shutdown
vsd
[no] cli-user user-name
config
router
bgp
group
neighbor ip-address
def-recv-evpn-encap [mpls | vxlan]
policy-options
policy-statement
from
evpn-type type
config
python
python-policy name
vsd script script
<root>

5.6.1.2. Show Commands

show
— service
evpn-mpls [tep-ip-address]
— id service-id
bgp bgp-instance
proxy-arp ip-address [detail]
proxy-arp ip-address dynamic
es-pbr
esi esi
es-bmac ieee-address
vxlan [instance instance]
vxlan esi esi
assisted-replication replicator
instance instance oper-flags
provider-tunnel-using leaf-only [bgp-ad | bgp-vpls | bgp-evpn-mpls]
provider-tunnel-using root-and-leaf [bgp-ad | bgp-vpls | bgp-evpn-mpls]
mac-list name
mac-list name associations
mac-list name
service-using [vsd] [origin creation-origin]
system
ethernet-segment name name [all]
ethernet-segment name name evi [evi]
ethernet-segment name name isid [isid]
ethernet-segment name name virtual-ranges
vsd [vsd] [origin creation-origin]
domain [domain-name] [association]
script
snippets snippet-name [instance snippet-instance] [detail]
summary
vxlan [ip-address]
vxlan-instance-using ethernet-segment [name]
— system
— xmpp
server [name]
vsd [entry]
— vsd
domain [domain-name] [association]
vxlan

5.6.1.3. Clear Commands

clear
— service
— id
— evpn
mac-dup-detect {ieee-address | all}
fdb {all | mac ieee-address | sap sap-id | mesh-sdp sdp-id [:vc-id] | spoke-sdp sdp-id [:vc-id] | vxlan-instance 1...2 [vtep ip-address]}
— statistics
— vsd
domain name
scripts name
clear
— system
— statistics
— xmpp
server xmpp-server-name

5.6.1.4. Debug Commands

debug
— system
xmpp [connection] [gateway] [message] [vsd] [iq] [all]
[no] xmpp
— vsd
scripts
[no] event
[no] cli
[no] errors
[no] executed-cmd
[no] state-change
[no] warnings
instance instance
[no] event
[no] cli
[no] errors
[no] executed-cmd
[no] state-change
[no] warnings

5.6.1.5. Tools Commands

tools
— dump
domain name name
evpn
usage
id service-id
— evpn-mpls [clear] [default-multicast-list]
vxlan [clear]
— evpn
usage
— system
ethernet-segment name evi evi df
ethernet-segment name isid isid df
vxlan [vtep]
dup-vtep-egrvni [clear]
tools
— perform
— service
— id
dynamic-resolve all [force]
dynamic-resolve ip-address [force]
dynamic-resolve all [force]
dynamic-resolve ipv6-address [force]
— vsd
domain name [name] refresh-config
fd-domain-sync {full | diff}
evaluate-script domain-name [domain-name] type [type] action script-action [vni vni-id] [rt-i ext-community] [rt-e ext-community] [metadata metadata] policy python-policy
tools
— perform
— system
xmpp

5.6.2. Command Descriptions

5.6.2.1. EVPN Configuration Commands

epipe

Syntax 
epipe service-id customer customer-id [vpn vpn-id] [vc-switching] [create]
epipe service-id [test] [create]
no epipe service-id
Context 
config>service
Description 

This command configures an Epipe service instance. This command is used to configure a point-to-point epipe service. An Epipe connects two endpoints defined as Service Access Points (SAPs). Both SAPs may be defined in one or they may be defined in separate devices connected over the service provider network. When the endpoint SAPs are separated by the service provider network, the far end SAP is generalized into a Service Distribution Point (SDP). This SDP describes a destination and the encapsulation method used to reach it. In addition to the SDPs, endpoint SAPs can also be connected by EVPN destinations.

No MAC learning or filtering is provided on an Epipe.

When a service is created, the customer keyword and customer-id must be specified and associates the service with a customer. The customer-id must already exist having been created using the customer command in the service context. After a service has been created with a customer association, it is not possible to edit the customer association. The service must be deleted and recreated with a new customer association.

After a service is created, the use of the customer customer-id is optional for navigating into the service configuration context. Attempting to edit a service with the incorrect customer-id specified will result in an error.

By default, no Epipe services exist until they are explicitly created with this command.

The no form of this command deletes the Epipe service instance with the specified service-id. The service cannot be deleted until the service has been shutdown.

Parameters 
service-id—
The unique service identification number or string identifying the service in the service domain. This ID must be unique to this service and may not be used for any other service of any type. The service-id must be the same number used for every node on which this service is defined.
Values—
service-id: 1 to 2147483648
svc-name: 64 characters maximum

 

customer customer-id
Specifies the customer ID number to be associated with the service. This parameter is required on service creation and optional for service editing or deleting.
Values—
1 to 2147483647

 

vpn vpn-id—
Specifies the VPN ID number which allows you to identify virtual private networks (VPNs) by a VPN ID. If this parameter is not specified, the VPN ID uses the same service ID number.
Values—
1 to 2147483647

 

Default—
null (0)
vc-switching—
Specifies if the pseudowire switching signaling is used for the spoke-SDPs configured in this service. When an Epipe is configured with vc-switching, no bgp-evpn is allowed.
test—
Specifies a unique test service type for the service context which will contain only a SAP configuration. The test service can be used to test the throughput and performance of a path for MPLS-TP PWs. This parameter applies to the 7450 ESS and 7750 SR only.
create—
Keyword used to create the service instance. The create keyword requirement can be enabled/disabled in the environment>create context.

proxy-arp-nd

Syntax 
proxy-arp-nd
Context 
config>service
Description 

This command enables the context to configure the service-level proxy-arp-nd commands.

mac-list

Syntax 
mac-list name [create]
no mac-list name
Context 
config>service>proxy-arp-nd
Description 

This command creates a list of MAC addresses that can be pointed at from the service for a specified IP. The list may contain up to 10 MAC addresses; an empty list is also allowed.

The MAC list allows on-the-fly changes, but a change in the list deletes the proxy entries for all the IPs using that list.

The no form of the command deletes the entire MAC-list. Deleting a MAC list is only possible if it is not referenced in the configuration.

Parameters 
name—
Specifies the name of the MAC address list, which can be up to 32 characters.
create—
Mandatory keyword to create a MAC list.

mac

Syntax 
mac ieee-address
no mac ieee-address
Context 
config>service>proxy-arp-nd>mac-list
Description 

This command configures the proxy ARP or ND MAC address information.

The no form of the command deletes the MAC address.

Parameters 
ieee-address—
Specifies the MAC address added to the list. The MAC list can be empty or contain up to 10 addresses.
Values—
xx:xx:xx:xx:xx:xx
xx-xx-xx-xx-xx-xx

 

vpls

Syntax 
vpls service-id customer customer-id vpn vpn-id [m-vpls] [{bvpls | i-vpls}] [etree] [create]
no vpls service-id
Context 
config>service
Description 

This command creates or edits a Virtual Private LAN Services (VPLS) instance. The vpls command is used to create or maintain a VPLS service. If the service-id does not exist, a context for the service is created. If the service-id exists, the context for editing the service is entered.

A VPLS service connects multiple customer sites together acting like a zero-hop, Layer 2 switched domain. A VPLS is always a logical full mesh.

When a service is created, the create keyword must be specified if the create command is enabled in the environment context. When a service is created, the customer keyword and customer-id must be specified and associates the service with a customer. The customer-id must already exist having been created using the customer command in the service context. After a service has been created with a customer association, it is not possible to edit the customer association. The service must be deleted and recreated with a new customer association.

To create a management VPLS on a 7450 ESS, the m-vpls keyword must be specified. See section Hierarchical VPLS Redundancy for an introduction to the concept of management VPLS.

After a service is created, the use of the customer customer-id is optional for navigating into the service configuration context. Attempting to edit a service with the incorrect customer-id specified will result in an error.

More than one VPLS service may be created for a single customer ID.

By default, no VPLS instances exist until they are explicitly created.

The no form of this command deletes the VPLS service instance with the specified service-id. The service cannot be deleted until all SAPs and SDPs defined within the service ID have been shutdown and deleted, and the service has been shutdown.

Parameters 
service-id—
The unique service identification number or string identifying the service in the service domain. This ID must be unique to this service and may not be used for any other service of any type. The service-id must be the same number used for every router on which this service is defined.
Values—
service-id: 1 to 2147483648
svc-name: 64 characters maximum

 

customer customer-id
Specifies the customer ID number to be associated with the service. This parameter is required on service creation and optional for service editing or deleting.
Values—
1 to 2147483647

 

vpn vpn-id—
Specifies the VPN ID number which allows you to identify virtual private networks (VPNs) by a VPN identification number.
Values—
1 to 2147483647

 

Default—
null (0)
m-vpls—
Specifies a management VPLS.
b-vpls | i-vpls—
Creates a backbone-vpls or ISID-vpls.
etree—
Creates an Ethernet-Tree (E-Tree) service.

bgp

Syntax 
bgp bgp-instance
Context 
config>service>epipe
Description 

This command enables the context to configure the BGP related parameters for BGP EVPN.

bgp

Syntax 
bgp bgp-instance
no bgp bgp-instance
Context 
config>service>vpls
Description 

This command enables the context to configure the BGP related parameters for BGP VPLS.

A maximum of two BGP instances can be configured in a VPLS service. The bgp-instance parameter value can be configured as 1 or 2. If it is not specified, the parameter value is configured as 1 by default.

The route-distinguisher configured in BGP instance 1 and 2 must be different. However, the route-target value may be configured the same or different for the two instances.

Only bgp-evpn mpls is allowed to be assigned to instance 2. Instance 1 must be used for the VXLAN and L2VPN address families.

BGP-EVPN VXLAN and BGP-EVPN MPLS can only be configured as no shutdown in the same service if they are associated with different instances (When the two BGP instances are created, the bgp-instance command must be configured in the bgp-evpn mpls context).

The evi value in bgp-evpn can be used to auto-derive the route distinguisher in instance 1 only. However, the evi value can be used to auto-derive the route-target in both instances.

The no version of the command removes the BGP instance.

Parameters 
bgp-instance
Specifies the value associated with the BGP instance.
Values—
1 to 2

 

route-target

Syntax 
route-target ext-community
route-target export ext-community [import ext-community]
route-target import ext-community
no route-target
Context 
config>service>vpls>bgp-ad
config>service>vpls>bgp
config>service>epipe>bgp
Description 

This command configures the route target (RT) component that will be signaled in the related MP- BGP attribute to be used for BGP auto-discovery, BGP VPLS, BGP multi-homing and EVPN if these features are configured in this VPLS service.

If this command is not used, the RT is built automatically using the VPLS ID. The ext-comm can have the same two formats as the VPLS ID, a two-octet AS-specific extended community, IPv4 specific extended community. For BGP EVPN enabled VPLS and Epipe services, the route target can also be auto-derived from the evi value (config>service>vpls>bgp-evpn>evi or config>service>epipe>bgp-evpn>evi) if this command is not configured. See the evi command description for more information.

Parameters 
export ext-community
Specifies communities allowed to be sent to remote PE neighbors.
import ext-community
Specifies communities allowed to be accepted from remote PE neighbors.

vsi-export

Syntax 
vsi-export policy-name [policy-name ... (up to 5 max)]
no vsi-export
Context 
config>service>vpls>bgp-ad
config>service>vpls>bgp
Description 

This command specifies the name of the VSI export policies to be used for BGP auto-discovery, BGP VPLS and BGP multi-homing if these features are configured in this VPLS service. If multiple policy names are configured, the policies are evaluated in the order they are specified. The first policy that matches is applied.

The policy name list is handled by the SNMP agent as a single entity.

Parameters 
policy-name—
Specifies a VSI export policy. 32 characters max.

vsi-import

Syntax 
vsi-import policy-name [policy-name ... (up to 5 max)]
no vsi-import
Context 
config>service>vpls>bgp-ad>vsi-id
config>service>vpls>bgp
Description 

This command specifies the name of the VSI import policies to be used for BGP auto-discovery, BGP VPLS and BGP multi-homing if these features are configured in this VPLS service. If multiple policy names are configured, the policies are evaluated in the order they are specified. The first policy that matches is applied.

The policy name list is handled by the SNMP agent as a single entity.

Parameters 
policy-name—
Specifies a VSI import policy. 32 characters max.

route-distinguisher

Syntax 
route-distinguisher [{ip-addr:comm-val | as-number:ext-comm-val}]
route-distinguisher auto-rd
no route-distinguisher
Context 
config>service>vpls>bgp
config>service>epipe>bgp
Description 

This command configures the Route Distinguisher (RD) component that will be signaled in the MP-BGP NLRI for L2VPN and EVPN families. This value will be used for BGP-AD, BGP VPLS and BGP multi-homing NLRI if these features are configured.

If this command is not configured, the RD is automatically built using the BGP-AD VPLS ID. The following rules apply:

  1. if BGP AD VPLS-id is configured and no RD is configured under BGP node - RD=VPLS-ID
  2. if BGP AD VPLS-id is not configured then an RD value must be configured under BGP node (this is the case when only BGP VPLS is configured)
  3. if BGP AD VPLS-id is configured and an RD value is also configured under BGP node, the configured RD value prevails

Values and format (6 bytes, other 2 bytes of type will be automatically generated)

Alternatively, the auto-rd option allows the system to automatically generate an RD based on the bgp-auto-rd-range command configured at the service level. For bgp-evpn enabled VPLS and Epipe services, the route-distinguisher value can also be auto-derived from the evi value (config>service>vpls>bgp-evpn>evi or config>service>epipe>bgp-evpn>evi) if this command is not configured. See the evi command description for more information.

Parameters 
ip-addr:comm-val—
Specifies the IP address.
Values—
ip-addr: a.b.c.d
comm-val: 0 to 65535

 

as-number:ext-comm-val—
Specifies the AS number.
Values—
as-number: 1 to 65535
ext-comm-val: 0 to 4294967295

 

auto-rd—
The system will generate an RD for the service according to the IP address and range configured in the bgp-auto-rd-range command.

bgp-auto-rd-range

Syntax 
bgp-auto-rd-range ip-address comm-val comm-val to comm-val
no bgp-auto-rd-range
Context 
config>service>system
Description 

This command defines the type-1 route-distinguisher IPv4 address and community value range within which the system will select a route-distinguisher for the bgp-enabled services using auto-rd.

Interactions:

This command is used along with the route-distinguisher auto-rd command supported in VPLS, VPRN and Epipe services. The system forces the user to create a bgp-auto-range before the auto-rd option can be used in the services.

The system will keep allocating values for services configured with route-distinguisher auto-rd as long as there are available community values within the configured range. After the command is added, the following changes are allowed:

  1. The ip-address can be changed without modifying the comm-val range, even if services using auto-rd are present. The affected routes will be withdrawn and re-advertised with the new route-distinguishers.
  2. The comm-val range can be modified as long as no conflicting values are present in the new range. For example, the user may expand the range as long as the new range does not overlap with existing manual route-distinguishers. The user may also reduce the range as long as the new range can accommodate the already allocated auto-RDs.
Parameters 
ip-address—
Specifies the IPv4 address used in the first 4 octets of all the type-1 auto route-distinguishers selected by the system.
comm-val—
Specifies the community value of the type-1 auto route-distinguisher.
Values—
0 to 65535

 

bgp-evpn

Syntax 
[no] bgp-evpn
Context 
config>service>vpls
config>service>system
config>service>epipe
Description 

This command enables the context to configure the BGP EVPN parameters in the base instance.

ad-per-es-route-target

Syntax 
ad-per-es-route-target {evi-rt | evi-rt-set route-distinguisher ip-address}
no ad-per-es-route-target
Context 
config>service>system>bgp-evpn
Description 

This command controls how Ethernet AD per-ES routes are generated.

The system can either send a separate Ethernet AD per-ES route per service, or an Ethernet AD per-ES routes aggregating the route-targets for multiple services. While both alternatives will inter-operate, RFC 7432 states that the EVPN Auto-Discovery per-ES route must be sent with a set of route-targets corresponding to all the EVIs defined on the Ethernet segment. The command supports both options.

The default option ad-per-es-route-target evi-rt configures the system to send a separate AD per-ES route per service.

When enabled, the evi-rt-set option allows the aggregation of routes: A single AD per-ES route with the associated RD (ip-address:1) and a set of EVI route-targets will be advertised (to a maximum of 128). When a significant number of EVIs are defined in the Ethernet segment (hence the number of route-targets), the system will send more than one route. For example:

  1. AD per-ES route for evi-rt-set 1 will be sent with RD ip-address:1
  2. AD per-ES route for evi-rt-set 2 will be sent with RD ip-address:2
Default 

ad-per-es-route-target evi-rt

Parameters 
evi-rt—
Specifies the option to advertise a separate AD per-ES route per service.
evi-rt-set—
Specifies the option to advertise a set of AD per-ES routes aggregating the route-targets for all the services in the Ethernet segment.
ip-address—
Specifies the ip-address part of the route-distinguisher being used in the evi-rt-set option.

route-distinguisher

Syntax 
route-distinguisher [ip-addr:comm-val | as-number:ext-comm-val]
no route-distinguisher
Context 
config>service>system>bgp-evpn
Description 

This command configures the Route Distinguisher (RD) component that will be signaled in the MP-BGP NLRI for EVPN corresponding to the base EVPN instance (Ethernet Segment routes). If the route-distinguisher component is not configured, the system will use system:ip-address as the default route-distinguisher

Default 

no route-distinguisher

Parameters 
ip-addr:comm-val—
Specifies the IP address.
Values—
ip-addr: a.b.c.d
comm-val: 0 to 65535

 

as-number:ext-comm-val—
Specifies the AS number.
Values—
as-number: 1 to 65535
ext-comm-val: 0 to 4294967295

 

evpn-etree-leaf-label

Syntax 
evpn-etree-leaf-label
no evpn-etree-leaf-label
Context 
config>service>system>bgp-evpn
Description 

This command enables EVPN Ethernet-Tree (E-Tree) VPLS services on the router (not B-VPLS). It allocates an E-Tree leaf label for the PE and programs the ILM entry.

The command ensures that in-flight traffic can perform an ILM entry lookup at any time, and therefore avoid the discards during shutdown or no shutdown services (or at least reduce the timing window so that it does not occur during normal operation or configuration).

Note:

The evpn-etree-leaf-label command must be configured to execute bgp-evpn mpls no shutdown.

ethernet-segment

Syntax 
ethernet-segment name [virtual] [create]
no ethernet-segment
Context 
config>service>system>bgp-evpn
Description 

This command configures an Ethernet segment instance and its corresponding name. The configuration of the dot1q or qinq nodes is only allowed if the Ethernet segment (ES) is created as virtual.

For a virtual ES, a port, LAG, or SDP must be created for the ES before configuring a VLAN or vc-id association.

When a port or LAG is added, the type and encap-type values are checked. If the encap-type is dot1q, then only the dot1q node can be configured; the qinq context is not allowed. In the same way, if the encap-type is qinq, then only the qinq node is allowed. A dot1q, qinq, or vc-id range is required for a virtual ES to be operationally active.

Parameters 
name—
Specifies the 28-character ES name.
virtual—
This keyword specifies that the ES is virtual and is associated to logical interfaces, in addition to ports, LAGs, or SDPs.
create—
Mandatory keyword for creating an ES.

dot1q

Syntax 
dot1q
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command creates the dot1q context for q-tag additions to the port or LAG virtual ES.

q-tag-range

Syntax 
q-tag-range qtag1 [to qtag1]
no q-tag-range qtag1
Context 
config>service>system>bgp-evpn>ethernet-segment>dot1q
Description 

This command determines the VIDs associated with the virtual Ethernet segment on a specific dot1q port or LAG based on the following considerations:

  1. Values *, 0 to 4094 are allowed.
  2. Any SAP for which the service-delimiting qtag matches the range is associated with the virtual ES, and only those, for example, sap 1/1/1:0 will not match port 1/1/1, qtag-range 100.
  3. Maximum 8 ranges are allowed in the dot1q context.
  4. A range can be comprised of a single qtag.
  5. Shutting down the ES is not required prior to changing the q-tag-range.

The no form of the command removes the configured range. Only the first qtag1 value is required to remove the range.

Parameters 
qtag1—
Specifies the VID. When configuring a range of qtags (and not a single value), the second qtag1 value must be greater than the first qtag1.
Values—
*, 0 to 4094

 

qinq

Syntax 
qinq
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command creates the qinq context for q-tag and s-tag additions to the port or LAG virtual Ethernet segments.

s-tag-range

Syntax 
s-tag-range qtag1 [to qtag1]
no s-tag-range qtag1
Context 
config>service>system>bgp-evpn>ethernet-segment>qinq
Description 

This command determines the VIDs associated with the virtual Ethernet segment on a specific qinq port or LAG based on the following considerations:

  1. Values *, 0 to 4094 are allowed.
  2. Any SAP for which the service-delimiting qtag matches the range is associated with the virtual ES, and only those, for example, sap 1/1/1:0.* will not match port 1/1/1, s-tag-range 100.
  3. Maximum 8 ranges are allowed in the qinq context.
  4. A range can be comprised of a single qtag.
  5. Shutting down the ES is not required prior to making changes in the q-tag-range.

The no form of the command removes the configured range. Only the first qtag1 value is required to remove the range.

Parameters 
qtag1—
Specifies the outer VID. When configuring a range of qtags (and not a single value), the second qtag1 value must be greater than the first qtag1.
Values—
*, 0 to 4094

 

s-tag

Syntax 
s-tag qtag1 c-tag-range qtag2 [to qtag2]
no s-tag qtag1 c-tag-range qtag2
Context 
config>service>system>bgp-evpn>ethernet-segment>qinq
Description 

This command determines the inner VIDs (for a specified outer VID) associated with the virtual Ethernet segment on a specific qinq port or LAG based on the following:

  1. Values *, 0 to 4094 are allowed.
  2. Any SAP for which the outer and inner service-delimiting qtags match the range is associated with the virtual ES, and only those, for example, sap 1/1/1:10.* will not match port 1/1/1, s-tag 10 c-tag-range 10 to 100.
  3. A maximum of 8 ranges (including the s-tag ranges) are allowed in the qinq context.
  4. A c-tag range can be comprised of a single qtag.
  5. Shutting down the ES is not required prior to making changes.
  6. A qtag included in the s-tag-range command cannot be included in the s-tag qtag of this command.
Note:

Not all qtag1 and qtag2 combinations are valid for values 0, *, and null. The following combinations are allowed:

  1. s-tag 0 c-tag-range *
  2. s-tag * c-tag-range *
  3. s-tag * c-tag-range null
  4. s-tag X c-tag-range 0 (where: X=1 to 4094)
  5. s-tag X c-tag-range * (where: X=1 to 4094)

The no form of the command removes the configured range. Only the first qtag1 value is required to remove the range.

Parameters 
qtag1—
Specifies the outer VID for the c-tag range.
Values—
*, 0 to 4094

 

qtag2—
Specifies the inner VID for the c-tag range. When configuring a range of qtags (and not a single value), the second qtag1 value must be greater than the value of the first qtag1.
Values—
*, null, 0 to 4094

 

vc-id-range

Syntax 
vc-id-range vc-id [to vc-id]
no vc-id-range vc-id
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command determines the VC-IDs associated with the virtual Ethernet segment on a specific SDP based on the following considerations:

  1. VC-IDs for manual spoke-sdp and bgp-ad are included in the range.
  2. Th mesh-sdp VC-IDs are not allowed on a SDP used by a virtual ES.
  3. A maximum of 8 ranges are allowed.
  4. A range can be comprised of a single VC-ID.
  5. A vc-id-range can be comprised of a single VC-ID.
  6. Shutting down the ES is not required prior to making changes.

The no form of the command removes the configured range. Only the first VC-ID value is required to remove the range.

Parameters 
vc-id—
Specifies the VC-ID. When configuring a range of VC-IDs (and not a single value), the value of the second VC-ID must be greater than the first VC-ID.
Values—
1 to 4294967295

 

es-activation-timer

Syntax 
es-activation-timer seconds
no es-activation-timer
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command configures the Ethernet segment activation timer for a specified Ethernet segment. The es-activation-timer delays the activation of a specified ethernet-segment on a specified PE that has been elected as DF (Designated Forwarder). Only when the es-activation-timer has expired, the SAP/SDP-binding associated to an ethernet-segment can be activated (in case of single-active multi-homing) or added to the default-multicast-list (in case of all-active multi-homing).

If no es-activation-timer is configured, the system uses the value configured in the config>redundancy>bgp-evpn-multi-homing>es-activation-timer context, if configured. Otherwise the system uses a default value of 3 seconds.

Default 

no es-activation-timer

Parameters 
seconds—
Specifies the number of seconds for the es-activation-timer.
Values—
0 to 100

 

Default—
3

esi

Syntax 
esi value
no esi
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command configures the 10-byte Ethernet segment identifier (ESI) associated to the Ethernet-Segment that will be signaled in the BGP-EVPN routes. The ESI value cannot be changed unless the Ethernet-Segment is shutdown. Reserved esi values (0 and MAX-ESI) are not allowed.

Parameters 
value—
Specifies the 10-byte esi.
Values—
00-11-22-33-44-55-66-77-88-99
Using any of these separators ('-',':')

 

lag

Syntax 
lag lag-id
no lag
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command configures a lag-id associated to the Ethernet-Segment. When the Ethernet-Segment is configured as all-active, then only a lag or PW port can be associated to the Ethernet-Segment. When the Ethernet-Segment is configured as single-active, then a lag, port or sdp can be associated to the Ethernet-Segment. In either case, only one of the four objects can be configured in the Ethernet-Segment. A specified lag can be part of only one Ethernet-Segment.

Default 

no lag

Parameters 
lag-id—
Specifies the lag-id associated with the Ethernet-Segment.
Values—
1 to 800

 

pw-port

Syntax 
pw-port pw-port-id
no pw-port
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command configures a PW port associated to the Ethernet-Segment. When the Ethernet- Segment is configured as all-active, then only a lag or a PW port can be associated to the Ethernet-Segment. When the Ethernet-Segment is configured as single-active, then a lag, port or sdp can be associated to the Ethernet-Segment, but not a PW port. In either case, only one of the four objects can be configured in the Ethernet-Segment. A specified PW port can be part of only one Ethernet-Segment.

The no version of this command removes the PW port from the Ethernet-Segment.

Default 

no pw-port

Parameters 
pw-port-id —
Specifies the PW port identifier.
Values—
1 to 32767

 

multi-homing

Syntax 
multi-homing single-active [no-esi-label]
multi-homing all-active
no multi-homing
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command configures the multi-homing mode for the Ethernet-Segment as single-active or all-active multi-homing, as defined in RFC7432.

By default, the use of esi-label is enabled for all-active and single-active as defined in RFC7432 (for single-active multi-homing, the esi-label is used to avoid transient loops).

When single-active no-esi-label is specified, the system will not allocate a label for the esi and hence advertise esi label 0 to peers. Even if the esi is configured to not send the esi-label, upon reception of an esi-label from a peer, the PE will always send traffic to that peer using the received esi-label.

Default 

no multi-homing

Parameters 
single-active—
Configures single-active mode for the Ethernet-Segment.
all-active—
Configures the system to not send an esi-label for single-active mode.
no-esi-label—
Configures single-active mode for the Ethernet-Segment.

network-interconnect-vxlan

Syntax 
network-interconnect-vxlan instance
no network-interconnect-vxlan
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command associates the VXLAN instance with the virtual Ethernet segment. The association of the virtual ES is based on the VXLAN instance and range of services where the VXLAN instance is configured.

The no form of this command removes the VXLAN instance from the Ethernet segment association.

Parameters 
instance
Specifies the VXLAN instance that is to be associated with the virtual ES.
Values—
1

 

port

Syntax 
port port-id
no port
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command configures a port-id associated with the Ethernet-Segment. If the Ethernet-Segment is configured as all-active, then only a lag or a PW port can be associated to the Ethernet-Segment. If the Ethernet-Segment is configured as single-active, then a lag, port or sdp can be associated to the Ethernet-Segment. In any case, only one of the four objects can be configured in the Ethernet-Segment. A specified port can be part of only one Ethernet-Segment. Only Ethernet ports can be added to an Ethernet-Segment.

Default 

no port

Parameters 
port-id—
Specifies the port ID associated to the Ethernet-Segment.

port-id

slot/mda/port [.channel]

eth-sat-id

esat-id/slot/port

esat

keyword

id

1 to 20

pxc-id

pxc-id.sub-port

pxc

keyword

id

1 to 64

sub-port

a, b

sdp

Syntax 
sdp sdp-id
no sdp
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command configures an sdp-id associated to the Ethernet-Segment. If the Ethernet-Segment is configured as all-active, then only a lag or PW port can be associated to the Ethernet-Segment. If the Ethernet-Segment is configured as single-active, then lag, port or sdp can be associated to the Ethernet-Segment. In any case, only one of the four objects can be configured in the Ethernet-Segment. A specified SDP can be part of only one Ethernet-Segment. Only user-configured SDPs can be added to an Ethernet-Segment.

Default 

no sdp

Parameters 
sdp-id—
Specifies the IP address.
Values—
1 to 17407

 

service-carving

Syntax 
service-carving
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command enables the context to configure service-carving in the Ethernet-Segment. The service-carving algorithm determines which PE is the Designated Forwarder (DF) in a specified Ethernet segment and for a specific service.

mode

Syntax 
mode {manual | auto | off}
Context 
config>service>system>bgp-evpn>ethernet-segment>service-carving
Description 

This command configures the service-carving mode. This determines how the DF is elected for a specified Ethernet-Segment and service.

Default 

mode auto

Parameters 
auto—
This mode is the service-carving algorithm defined in RFC 7432. The DF for the service is calculated based on the modulo function of the service (identified by either the evi or the isid) and the number of PEs.
manual—
In this mode the DF is elected based on the manual configuration added in the service-carving>manual context.
off—
In this mode all the services elect the same DF PE (assuming the same PEs are active for all the configured services). The PE with the lowest IP is elected as DF for the Ethernet-Segment.

manual

Syntax 
manual
Context 
config>service>system>bgp-evpn>ethernet-segment>service-carving
Description 

This command enables the context to manually configure the service-carving algorithm, that is, configure the EVIs or ISIDs for which the PE is DF.

evi

Syntax 
evi start [to to]
no evi
Context 
config>service>system>bgp-evpn>ethernet-segment>service-carving>manual
Description 

This command configures the evi ranges for which the PE is primary, or uses the lowest preference algorithm.

Note:

Multiple individual evi values and ranges are allowed.

There are two service-carving manual algorithms for DF election:

  1. Manual non-preference
    A preference command is not configured for this algorithm. The primary PE for the configured EVIs is determined by the EVI range. The manual non-preference algorithm only supports two PEs in the Ethernet segment
  2. Manual preference-based
    If a preference command is configured, the algorithm uses the configured value to determine the DF election. For EVIs not defined in the range, the highest-preference algorithm is used. For configured EVIs, the lowest-preference algorithm is used.
Parameters 
start—
Specifies the initial evi value of the range.
Values—
1 to 65535

 

to—
Specifies the end evi value of the range. If not configured, only the individual start value is considered.
Values—
1 to 65535

 

isid

Syntax 
isid start [to to]
no isid
Context 
config>service>system>bgp-evpn>ethernet-segment>service-carving>manual
Description 

This command configures the ISID ranges for which the PE is primary, or uses the lowest preference algorithm.

Note:

Multiple individual ISID values and ranges are allowed.

The following service-carving manual algorithms are supported for DF election:

  1. Manual non-preference
    A preference command is not configured for this algorithm. The primary PE for the configured ISIDs is determined by the ISID range. The manual non-preference algorithm only supports two PEs in the Ethernet segment
  2. Manual preference-based
    If a preference command is configured, the algorithm uses the configured value to determine the DF election. For ISIDs not defined in the range, the highest-preference algorithm is used. For configured ISIDs, the lowest-preference algorithm is used.
Parameters 
start—
Specifies the initial isid value of the range.
Values—
1 to 16777215

 

to—
Specifies the end isid value of the range. If not configured, only the individual start value is considered.
Values—
1 to 16777215

 

preference

Syntax 
preference [create] [non-revertive]
no preference
Context 
config>service>system>bgp-evpn>ethernet-segment>service-carving>manual
Description 

This command creates the preference context for the Ethernet segment (ES) and determines whether the DF election for the ES is revertive or not. Creation of the preference context ensures that the PE will run the preference-based DF election algorithm.

Parameters 
create—
Mandatory keyword required to create the preference context in an ES.
non-revertive—
Configures a non-revertive ES, which ensures that when the Ethernet segment comes back after a failure, it does not take over an existing active DF PE.

value

Syntax 
value value
Context 
config>service>system>bgp-evpn>ethernet-segment>service-carving>manual>preference
Description 

This command modifies the default preference value used for the PE in the ES. An ES shutdown is not required to modify this value during maintenance operations.

Default 

32767

Parameters 
value
Determines the preference value used in the preference-based DF election algorithm.
Values—
0 to 65535

 

service-id

Syntax 
service-id
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command enables the service-id context within the virtual ethernet-segment configuration.

service-range

Syntax 
service-range svc-id [to svc-id]
no service-range svc-id
Context 
config>service>system>bgp-evpn>ethernet-segment>service-id
Description 

This command associates a specified service range to a virtual ES, along with the network-interconnect-vxlan command. Up to eight service ranges per VXLAN instance can be configured, where the ranges may overlap. The service range may be configured before the service.

The no form of this command removes the association of the service range to the virtual ES for the configured VXLAN instance.

Parameters 
svc-id
Specifies which service range will be associated with the virtual Ethernet segment.
Values—
1 to 2147483647

 

shutdown

Syntax 
no shutdown
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command changes the administrative status of the Ethernet-Segment.

The user can do no shutdown only when esi, multi-homing and lag/port/sdp are configured. If the Ethernet-Segment or the corresponding lag/port/sdp shutdown, the Ethernet-Segment route and the AD per-ES routes will be withdrawn. No changes are allowed when the Ethernet-Segment is no shutdown.

Default 

shutdown

source-bmac-lsb

Syntax 
source-bmac-lsb MAC-Lsb [es-bmac-table-size size]
no source-bmac-lsb
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command configures the least significant two bytes of the BMAC used as the source BMAC for packets generated from the Ethernet-Segment in PBB-EVPN.

When the multi-homing mode is all-active, this value and the first high order four bytes must match on all the PEs that are part of the same Ethernet-Segment.

The es-bmac-table-size parameter modifies the default value (8) for the maximum number of virtual bmacs that can be associated to the Ethernet-Segment, that is, the es-bmacs. When the source-bmac-lsb is configured, the associated es-bmac-table-size is reserved out of the total FDB. The es-bmac will consume a separate BMAC per B-VPLS that is linked to an Ethernet-Segment.

Parameters 
MAC-Lsb—
Specifies the two least significant bytes of the es-bmac.
Values—
1 to 65535, or xx-xx or xx:xx

 

size—
Specifies the reserved space in the FDB for a specified es-bmac. By default the system reserves 8 entries for a specified Ethernet-Segment BMAC.
Values—
1 to 511999

 

Default—
8

es-orig-ip

Syntax 
es-orig-ip ip-address
no es-orig-ip
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command modifies the Originating IP field advertised in the ES route for a given Ethernet Segment. By default, the Originating IP is the system-ip of the PE. However, this value can be changed to the IPv4 or IPv6 address configured with this command.

With the es-orig-ip configured, ES shutdown is required, for the following cases:

  1. When adding Local ES routes, the command changes how the ES routes are added to the candidate list; the configured IP address is added, instead of the system-ip.
  2. When advertising local ES routes, the configured IP address is used for the orig-ip of the route.

The no form of the command changes the originating IP address back to the system-ip.

Default 

no es-orig-ip

Parameters 
ip-address —
Specifies an IPv4 or IPv6 address.
Values—
{ip-address | ipv6-address}

 

route-next-hop

Syntax 
route-next-hop ip-address
no route-next-hop
Context 
config>service>system>bgp-evpn>ethernet-segment
Description 

This command modifies the next hop to the configured IP address value, for the following routes:

  1. ES
  2. AD per-ES (irrespective of the evi-rt-set or evi-rt configuration mode)

The no form of the command changes the originating IP address back to the system-ip.

Default 

no route-next-hop

Parameters 
ip-address —
Specifies an IPv4 or IPv6 address.
Values—
ip-address | ipv6-address

 

vxlan

Syntax 
vxlan
Context 
config>service>system
Description 

This command enables the context where the vxlan global parameters are configured.

assisted-replication-ip

Syntax 
assisted-replication-ip ip-address
no assisted-replication-ip
Context 
config>service>system>vxlan
Description 

The assisted-replication-ip (AR-IP) command defines the IP address that supports the AR-R function in the router. The AR-IP address must also be defined as a loopback address in the base router and advertised in the IGP/BGP so that it is accessible to the remote NVE/PEs in the Overlay network.

If the AR-R function is enabled in a service, the Broadcast and Multicast frames encapsulated in VXLAN packets arriving at the router are replicated to the other VXLAN destinations within the service (except the destination pointing at the originator of the packet).

The no version of this command removes the AR IP address.

Default 

no assisted-replication-ip

Parameters 
ip-address—
Specifies the assisted replication IP address.

tunnel-termination

Syntax 
tunnel-termination ip-address fpe fpe-id [create]
no tunnel-termination ip-address
Context 
config>service>system>vxlan
Description 

This command instructs the system to redirect traffic to the corresponding PXC interface associated with the configured Forwarding Path Extension (FPE) when the destination IP address matches the configured tunnel-termination IP address. The IP address is also registered, which enables the system to respond to ICMP packets directed to it.

Parameters 
ip-address—
Specifies the non-system IPv4 or IPv6 address that terminates the VXLAN.
fpe fpe-id
Specifies the FPE identifier associated with the PXC port or LAG that will process and terminate the VXLAN.
Values—
1 to 64

 

create—
Creates the FPE.

redundancy

Syntax 
redundancy
Context 
config
Description 

This command enables the context to configure the global redundancy parameters.

bgp-evpn-multi-homing

Syntax 
bgp-evpn-multi-homing
Context 
config>redundancy
config>redundancy
Description 

This command enables the context to configure the BGP-EVPN global timers

boot-timer

Syntax 
boot-timer seconds
Context 
config>redundancy>bgp-evpn-multi-homing
Description 

When the PE boots up, the boot-timer will allow the necessary time for the control plane protocols to come up before bringing up the Ethernet-Segments and running the DF algorithm.

The following considerations apply to the functionality:

  1. The boot-timer is configured at the system level config>redundancy>bgp-evpn-multi-homing# boot-timer. The configured value must provide enough time to allow the IOMs and BGP sessions to come up before exchanging ES routes and running the DF election for each EVI/ISID.
  2. The boot-timer is synchronized across CPMs and is relative to the System UP-time; hence it is not subject to change or reset upon CPM switchover.
  3. The boot-timer is never interrupted (the es-activation-timer, however, can be interrupted if there is a new event triggering the DF election).
  4. The boot-timer runs per EVI/ISID on the ES's in the system. While system-up-time < boot-timer is true, the system does not run the DF election for any EVI/ISID. When the boot-timer expires, the DF election for the EVI/ISID is run and if the system is elected DF for the EVI/ISID, the es-activation-timer will kick-in.
  5. The system will not advertise ES routes until the boot timer has expired. This guarantees that the peer ES PEs do not run the DF election until the PE is ready to become the DF, if required.
Default 

boot-timer 10

Parameters 
seconds—
Specifies the number of seconds for the boot-timer.
Values—
0 to 600

 

es-activation-timer

Syntax 
es-activation-timer seconds
Context 
config>redundancy>bgp-evpn-multi-homing
Description 

This command configures the global Ethernet-Segment activation timer. The es-activation-timer delays the activation of a specified Ethernet-Segment on a specified PE that has been elected as DF (Designated Forwarder). Only when the es-activation-timer has expired, the SAP/SDP-binding associated to an Ethernet-Segment can be activated (in case of single-active multi-homing) or added to the default-multicast-list (in case of all-active multi-homing).

The es-activation-timer configured at the Ethernet-Segment level supersedes this global es-activation-timer.

Default 

es-activation-timer 3

Parameters 
seconds—
Specifies the number of seconds for the es-activation-timer.
Values—
0 to 100

 

accept-ivpls-evpn-flush

Syntax 
accept-ivpls-evpn-flush
no accept-ivpls-evpn-flush
Context 
config>service>vpls>bgp-evpn
Description 

This command enables the system to accept non-zero Ethernet tag MAC routes and process them only for CMAC flushing. This command can be changed on the fly without shutting down bgp-evpn mpls.

The no version of the command prevents the router from processing BMAC/ISID routes for cmac-flush.

Default 

no accept-ivpls-evpn-flush

cfm-mac-advertisement

Syntax 
[no] cfm-mac-advertisement
Context 
config>service>vpls>bgp-evpn
Description 

This command enables the advertisement and withdrawal, as appropriate, of the IEEE MAC address associated with the MP (MEP and MIP) created on a SAP, Spoke or Mesh, in an EVPN service.

The up-date occurs each time an MP is added or deleted, or an IEEE MAC address is changed for an MP on a SAP, Spoke or Mesh within the service. The size of the update depends on the number of MPs in the service affected by the modification.

Only enable this functionality, as required, for services that require a resident MAC address to properly forward unicast traffic and that do not perform layer two MAC learning as part of the dataplane.

Local MP IEEE MAC addresses are not stored in the local FDB and, as such, cannot be advertised through a control plane to a peer without this command.

The no version of the command disables the functionality and withdraws all previously advertised MP IEEE MAC addresses.

evi

Syntax 
evi value
[no] evi
Context 
config>service>vpls>bgp-evpn
config>service>epipe>bgp-evpn
Description 

This command allows you to specify a 2-byte EVPN instance unique in the system. It is used for the service-carving algorithm for multi-homing and auto-deriving route-target and route-distinguishers.

If not specified, the value will be zero and no route-distinguisher or route-targets will be auto-derived from it. If the evi value is specified and no other route-distinguisher/route-target are configured in the service, then the following rules apply:

  1. the route distinguisher is derived from <system_ip>:evi
  2. the route-target is derived from <autonomous-system>:evi

If vsi-import and export policies are configured, the route-target must be configured in the policies and those values take preference over the auto-derived route-targets. If bgp-ad>vpls-id and bgp-evpn>evi are both configured on the same service, the vpls-id auto-derived route-target/route-distinguisher takes precedence over the evi auto-derived ones The operational route-target for a service will be shown in the show service id bgp command.

The no version of the command will set the evi value back to zero.

Parameters 
value
Specifies the EVPN instance.
Values—
1 to 65535

 

incl-mcast-orig-ip

Syntax 
incl-mcast-orig-ip ip-address
no incl-mcast-orig-ip
Context 
config>service>vpls>bgp-evpn>mpls
Description 

The IP address configured by the user in the incl-mcast-orig-ip command is encoded in the originating-ip field of EVPN Inclusive Multicast Routes with tunnel type Ingress Replication (value 6), mLDP (2), and Composite IR and mLDP (130).

The configured address does not need to be reachable in the base router or have an interface in the base router. The originating-ip address is used solely for BGP route-key selection.

The originating-ip is never changed for Inclusive Multicast Routes with tunnel type AR (Assisted Replication, value 10).

The no version of the command withdraws the affected Inclusive Multicast Routes and re-advertises it with the default system-ip address in the originating-ip field.

Default 

1

Parameters 
ip-address
Specifies the IPv4 address value.
Values—
a.b.c.d

 

ingress-repl-inc-mcast-advertisement

Syntax 
[no] ingress-repl-inc-mcast-advertisement
Context 
config>service>vpls>bgp-evpn
Description 

This command enables and disables the advertisement of the Inclusive Multicast Ethernet Tag route (IMET route) with tunnel-type Ingress-Replication in the PMSI Tunnel Attribute, or with the tunnel-type Composite Point-to-Multipoint and Ingress-Replication (P2MP+IR) in the root-and-leaf nodes. The following considerations must be taken into account:

  1. When no ingress-repl-inc-mcast-advertisement is configured, no IMET routes will be sent for the service unless the provider-tunnel is configured with owner bgp-evpn-mpls and root-and-leaf, in which case, an IMET-P2MP route is sent.
  2. When ingress-repl-inc-mcast-advertisement and provider-tunnel are configured for bgp-evpn-mpls with root-and-leaf, the system will send an IMET-P2MP-IR route, that is, an IMET route with a composite P2MP+IR tunnel type.
  3. When no ingress-repl-inc-mcast-advertisement and assisted-replication replicator are configured, the system will send IMET-AR routes, but IMET-IR routes will not be sent.
Default 

ingress-repl-inc-mcast-advertisement

ip-route-advertisement

Syntax 
ip-route-advertisement [incl-host]
no ip-route-advertisement
Context 
config>service>vpls>bgp-evpn
Description 

This command enables and disables the advertisement of IP prefixes in EVPN. If enabled, any active route in the R-VPLS VPRN route table will be advertised in EVPN using the VPLS BGP configuration. The interface host addresses are not advertised in EVPN unless the ip-route-advertisement incl-host command is enabled.

Default 

no ip-route-advertisement

Parameters 
incl-host—
Specifies to advertise the interface host addresses in EVPN.

isid-route-target

Syntax 
isid-route-target
no isid-route-target
Context 
config>service>vpls>bgp-evpn
Description 

This command enables the context for the configuration of isid-range to route-target associations.

isid-range

Syntax 
isid-range from [to to] {auto-rt | route-target rt}
no isid-range from
Context 
config>service>vpls>bgp-evpn>isid-route-target
Description 

This command creates a range of ISIDs associated with a specified route-target that is advertised with BMAC-ISID and IMET-ISID routes for the ISID. The route-target can be explicitly configured or automatically assigned by the system if the auto-rt option is configured. Auto routes assignment is based on RFC 7623 as follows:

<2-byte-as-number>:<4-byte-value>, where 4-byte-value = 0x30+ISID

The no form of the command deletes the isid-range and its association with the route-target.

The no form is the default action, which advertises the BMAC-ISID and IMET-ISID routes with the B-VPLS configured route-target.

Default 

no isid-range

Parameters 
from
Specifies the start of the ISID range.
Values—
1 to 16777215

 

to
Specifies the end of the ISID range. If it is not configured, the range is comprised of (only) the ISID specified in the to option.
Values—
1 to 16777215

 

auto-rt
Automatically generates an ISID-derived route-target in the format: AS_number:0x30+ISID.
route-target—
Specifies an explicit route target.
Values—
rt - target:{<ip-addr:comm-val>|<2byte-as-number:extcomm-val>|<4byte-asnumber:comm-val>}
ip-addr: a.b.c.d
comm-val: [0 to 65535]
2byte-as-number: [0 to 65535]
ext-comm-val: [0 to 4294967295]
4byte-asnumber: [0 to 4294967295]

 

local-ac-name

Syntax 
[no] local-ac-name ac-name
Context 
config>service>epipe>bgp-evpn
Description 

This command enables and disables the context in which the local Ethernet tag value is configured.

Default 

no local-ac-name

Parameters 
ac-name
Specifies the name of the local attachment circuit.

remote-ac-name

Syntax 
[no] remote-ac-name ac-name
Context 
config>service>epipe>bgp-evpn
Description 

This command enables and disables the context in which the remote Ethernet tag value is configured.

Default 

no remote-ac-name

Parameters 
ac-name
Specifies the name of the remote attachment circuit.

eth-tag

Syntax 
[no] eth-tag tag-value
Context 
config>service>epipe>bgp-evpn>local-ac-name
config>service>epipe>bgp-evpn>remote-ac-name
Description 

This command configures the Ethernet tag value. When configured in the local-ac-name context, the system will use the value in the advertised AD per-EVI route sent for the attachment circuit. When configured in the remote-ac-name context, the system will compare that value with the eth-tag value of the imported AD per-EVI routes for the service. If there is a match, the system will create an EVPN destination for the Epipe.

Parameters 
tag-value
Specifies the Ethernet tag value of the attachment circuit.
Values—
1 to 16777215

 

mac-advertisement

Syntax 
[no] mac-advertisement
Context 
config>service>vpls>bgp-evpn
Description 

The mac-advertisement command enables the advertisement in BGP of the learned macs on SAPs and SDP bindings. When the mac-advertisement is disabled, the local macs will be withdrawn in BGP.

Default 

mac-advertisement

mac-duplication

Syntax 
mac-duplication
Context 
config>service>vpls>bgp-evpn
Description 

This command enables the context to configure the BGP EVPN MAC duplication parameters.

detect

Syntax 
detect num-moves num-moves window minutes
Context 
config>service>vpls>bgp-evpn>mac-duplication
Description 

The mac-duplication featured is always enabled by default. This command modifies the default behavior. mac-duplication monitors the number of moves of a MAC address for a period of time (window).

Default 

num-moves 5 window 3

Parameters 
num-moves—
Identifies the number of MAC moves in a VPLS service. The counter is incremented when a specified MAC is locally relearned in the FDB or flushed from the FDB due to the reception of a better remote EVPN route for that MAC.
Values—
3 to 10

 

Default—
3
minutes—
Specifies the length of the window in minutes.
Values—
1 to 15

 

Default—
3

retry

Syntax 
retry minutes
no retry
Context 
config>service>vpls>bgp-evpn>mac-duplication
Description 

Specifies the timer after which the MAC in hold-down state is automatically flushed and the mac-duplication process starts again. This value is expected to be equal to two times or more than that of window.

If no retry is configured, this implies that, when mac-duplication is detected, MAC updates for that MAC will be held down till the user intervenes or a network event (that flushes the MAC) occurs.

Default 

9

Parameters 
minutes—
Specifies the BGP EVPN MAC duplication retry in minutes.
Values—
2 to 60

 

black-hole-dup-mac

Syntax 
black-hole-dup-mac
no black-hole-dup-mac
Context 
config>service>vpls>bgp-evpn>mac-duplication
Description 

The black-hole-dup-mac command is disabled by default. If enabled, a duplicated MAC detected in the network is programmed as a black-hole MAC in the FDB and displayed in the show service id fdb detail command as follows:

  1. Source-Identifier—black-hole
  2. Type—EvpnD:P

Because the MAC is now programmed in the FDB as a black-hole, all received frames with MAC DA matching the duplicate MAC are discarded. The duplicate black-hole MACs are installed as Protected, therefore, all received frames with MAC SA matching the duplicate MAC are discarded by default.

A BGP-EVPN (MPLS or VXLAN) shutdown is required to add or remove the black-hole-dup-mac command.

The no form of the command removes the feature, and duplicate MACs are no longer programmed as black-hole MACs.

Default 

no black-hole-dup-mac

mpls

Syntax 
[no] mpls [bgp bgp]
Context 
config>service>vpls>bgp-evpn
config>service>epipe>bgp-evpn
Description 

This command enables the context to configure the BGP EVPN MPLS parameters. In VPLS, either instance BGP 1 or BGP 2 can be configured, but not both simultaneously in the same service. Epipe services only support instance 1. If the bgp bgp parameter is not specified, the instance is set to 1.

The no version of this command will remove the MPLS instance from the service.

Parameters 
bgp
Indicates the bgp instance identifier.
Values—
1, 2

 

auto-bind-tunnel

Syntax 
auto-bind-tunnel
Context 
config>service>vpls>bgp-evpn>mpls
config>service>epipe>bgp-evpn>mpls
Description 

This command enables the context to configure automatic binding of a BGP-EVPN service using tunnels to MP-BGP peers.

The auto-bind-tunnel node is simply a context to configure the binding of EVPN routes to tunnels. The user must configure the resolution option to enable auto-bind resolution to tunnels in TTM. The following configurations are available:

  1. If the resolution option is explicitly set to disabled, the auto-binding to the tunnel is removed.
  2. If resolution is set to any, then any supported tunnel type in EVPN context will be selected following TTM preference.
  3. If one or more explicit tunnel types are specified using the resolution-filter option, then only these tunnel types will be selected again following the TTM preference.

enforce-strict-tunnel-tagging

Syntax 
[no] enforce-strict-tunnel-tagging
Context 
config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel
config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel
Description 

This command forces the system to only consider LSPs marked with an admin tag for next hop resolution. Untagged LSPs will not be considered.

The no form of this command reverts to default behavior. While tagged RSVP and SR-TE LSPs will be considered first, the system can fall back to using untagged LSP of other types and not exclude them depending on the auto-bind-tunnel configuration.

Default 

no enforce-strict-tunnel-tagging

resolution

Syntax 
resolution {disabled | any | filter}
Context 
config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel
config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel
Description 

This command configures the resolution mode in the automatic binding of a BGP-EVPN MPLS service to tunnels to MP-BGP peers.

Parameters 
any—
Enables the binding to any supported tunnel type in a BGP-EVPN MPLS context following TTM preference.
disabled—
Disables the automatic binding of a BGP-EVPN MPLS service to tunnels to MP-BGP peers.
filter—
Enables the binding to the subset of tunnel types configured under resolution-filter.

resolution-filter

Syntax 
resolution-filter
Context 
config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel
config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel
Description 

This command enables the context that allows the configuration of the subset of tunnel types that can be used in the resolution of BGP-EVPN routes within the automatic binding of BGP-EVPN MPLS service to tunnels to MP-BGP peers.

The following tunnel types are supported in a BGP-EVPN MPLS context: RSVP, SR-TE, LDP, SR-ISIS, SR-OSPF, SR-policy, BGP, and UDP.

The user must set resolution to filter to activate the list of tunnel-types configured under resolution-filter.

Note:

UDP tunnels are created through import policies with action create-udp-tunnel.

bgp

Syntax 
[no] bgp
Context 
config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter
config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter
Description 

Selects the BGP tunnel type.

The bgp value instructs BGP EVPN to search for a BGP LSP to the address of the BGP next hop. If the user does not enable the BGP tunnel type, inter-area or inter-as prefixes will not be resolved.

ldp

Syntax 
[no] ldp
Context 
config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter
config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter
Description 

Selects the LDP tunnel type.

The ldp value instructs BGP to search for an LDP LSP with a FEC prefix corresponding to the address of the BGP next hop.

rsvp

Syntax 
[no] rsvp
Context 
config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter
config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter
Description 

Selects the RSVP-TE tunnel type.

The rsvp value instructs BGP to search for the best metric RSVP LSP to the address of the BGP next hop. This address can correspond to the system interface or to another loopback interface used by the BGP instance on the remote node. The LSP metric is provided by MPLS in the tunnel table. In the case of multiple RSVP LSPs with the same lowest metric, BGP selects the LSP with the lowest tunnel-id.

sr-isis

Syntax 
[no] sr-isis
Context 
config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter
config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter
Description 

Selects the Segment Routing (SR) tunnel type programed by an IS-IS instance in TTM.

When the sr-isis value (or sr-ospf) is enabled, an SR tunnel to the BGP next hop is selected in the TTM from the lowest-numbered IS-IS (OSPF) instance.

sr-ospf

Syntax 
[no] sr-ospf
Context 
config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter
config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter
Description 

Selects the Segment Routing (SR) tunnel type programed by an OSPF instance in TTM.

When the sr-ospf (or sr-isis) value is enabled, a SR tunnel to the BGP next hop is selected in the TTM from the lowest-numbered IS-IS (OSPF) instance.

sr-policy

Syntax 
[no] sr-policy
Context 
config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter
Description 

Selects the SR-policy tunnel type.

The sr-policy value instructs BGP to search for an SR policy with a non-null endpoint and color value that matches the BGP next hop and color extended community value, respectively, of the EVPN route.

sr-te

Syntax 
[no] sr-te
Context 
config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter
config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter
Description 

Selects the Segment Routing (SR) Traffic Engineered (SR-TE) LSP programmed in TTM.

The sr-te value instructs the system to search for the best metric SR-TE LSP to the address of the BGP next hop. The LSP metric is provided by MPLS in the tunnel table. In the case of multiple SR-TE LSPs with the same lowest metric, BGP selects the LSP with the lowest tunnel-id.

udp

Syntax 
[no] udp
Context 
config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter
config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter
Description 

Selects the MPLS-over-UDP tunnel type programmed in TTM.

The udp value instructs BGP EVPN to search for a UDP LSP to the address of the BGP next hop.

control-word

Syntax 
[no] control-word
Context 
config>service>vpls>bgp-evpn>mpls
config>service>epipe>bgp-evpn>mpls
Description 

This command enables the transmission and reception of the control-word. As defined in RFC7432, the use of the control-word helps avoid frame disordering.

It is enabled or disabled for all EVPN-MPLS destinations at the same time.

Default 

no control-word

ecmp

Syntax 
ecmp max-ecmp-routes
Context 
config>service>epipe>bgp-evpn>mpls
config>service>epipe>bgp-evpn>vxlan
config>service>vpls>bgp-evpn>mpls
Description 

When configured in a VPLS service, this command controls the number of paths to reach a specified MAC address when that MAC in the FDB is associated to a remote all-active multi-homed ES.

The configuration of two or more ECMP paths to a specified MAC enables the aliasing function described in RFC 7432.

When used in an Epipe service, this command controls the number of paths to reach a specified remote Ethernet tag that is associated to an ES destination.

Parameters 
max-ecmp-routes—
Specifies the number of paths allowed to the same multi-homed MAC address or Ethernet tag.
Values—
1 to 32

 

Default—
1

entropy-label

Syntax 
[no] entropy-label
Context 
config>service>vpls>bgp-evpn>mpls
config>service>epipe>bgp-evpn>mpls
Description 

If entropy-label is configured, the Entropy label and Entropy Label Indicator are inserted in packets for which at least one LSP in the stack for the far-end of the tunnel used by the service has advertised entropy label capability. If the tunnel is RSVP type, entropy-label can also be controlled under the config>router>mpls or config>router>mpls>lsp context.

The entropy label is mutually exclusive with the hash label feature. The entropy label cannot be configured on a spoke-sdp or service where the hash label feature has already been configured unless no hash label is set, and vice-versa.

force-vlan-vc-forwarding

Syntax 
[no] force-vlan-vc-forwarding
Context 
config>service>vpls>bgp-evpn>mpls
config>service>epipe>bgp-evpn>mpls
Description 

This command allows the system to preserve the VLAN ID and 802.1p bits of the service-delimiting qtag in a new tag added in the customer frame before sending it to the EVPN-MPLS destinations.

This command may be used in conjunction with the sap ingress vlan-translation command. If so used, the configured translated VLAN ID will be the VLAN ID sent to the EVPN-MPLS destinations as opposed to the service-delimiting tag VLAN ID. If the ingress SAP/SDP binding is 'null'-encapsulated, the output VLAN ID and pbits will be zero.

Default 

no force-vlan-vc-forwarding

ingress-replication-bum-label

Syntax 
[no] no-ingress-replication-bum-label
Context 
config>service>vpls>bgp-evpn>mpls
Description 

This command allows the user to configure the system so that a separate label is sent for BUM (Broadcast, Unknown unicast and Multicast) traffic in a specified service. By default (no ingress-replication-bum-label), the same label is used for unicast and flooded BUM packets when for-warding traffic to remote PEs.

When saving labels, this might cause transient traffic duplication for all-active multi-homing. By enabling ingress-replication-bum-label, the system will advertise two labels per EVPN VPLS instance, one for unicast and one for BUM traffic. The ingress PE will use the BUM label for flooded traffic to the advertising egress PE, so that the egress PE can determine if the unicast traffic has been flooded by the ingress PE. Depending on the scale required in the network, the user may choose between saving label space or avoiding transient packet duplication sent to an all-active multi-homed CE for certain macs.

Default 

no ingress-replication-bum-label

shutdown

Syntax 
shutdown
[no] shutdown
Context 
config>service>epipe>bgp-evpn>mpls
config>service>epipe>bgp-evpn>vxlan
config>service>vpls>bgp-evpn>mpls
config>service>vpls>bgp-evpn>vxlan
Description 

This command controls the administrative state of EVPN-MPLS or EVPN-VXLAN in the service.

split-horizon-group

Syntax 
split-horizon-group name
no split-horizon-group
Context 
config>service>vpls>bgp-evpn>mpls
Description 

This command allows the user to configure an explicit split-horizon-group for all BGP-EVPN MPLS destinations that can be shared by other SAPs and/or spoke-SDPs. The use of explicit split-horizon-groups for EVPN-MPLS and spoke-SDPs allows the integration of VPLS and EVPN-MPLS networks.

If the split-horizon-group command for bgp-evpn>mpls> is not used, the default split-horizon-group (that contains all the EVPN destinations) is still used, but it is not possible to refer to it on SAPs/spoke-SDPs. User-configured split-horizon-groups can be configured within the service context. The same group-name can be associated to saps, spoke-sdps, pw-templates, pw-template-bindings and EVPN-MPLS destinations. The configuration of bgp-evpn>mpls> split-horizon-group will only be allowed if bgp-evpn>mpls is shutdown; no changes are allowed when bgp-evpn>mpls is no shutdown.

When the SAPs and/or spoke-SDPs (manual or BGP-AD-discovered) are configured within the same split-horizon-group as the EVPN-MPLS endpoints, MAC addresses will still be learned on them but they will not be advertised in BGP-EVPN. If provider-tunnel is enabled in the bgp-evpn service, the SAPs and SDP-bindings that share the same split-horizon-group of the EVPN-MPLS provider-tunnel will be brought operationally down if the point-to-multipoint tunnel is operationally up.

Default 

no split-horizon-group

Parameters 
name—
Specifies the split-horizon-group name.

send-evpn-encap

Syntax 
send-evpn-encap [mpls] [mplsoudp]
no send-evpn-encap
[no] send-evpn-encap
Context 
config>service>epipe>bgp-evpn>mpls
config>service>epipe>bgp-evpn>vxlan
config>service>vpls>bgp-evpn>mpls
config>service>vpls>bgp-evpn>vxlan
Description 

This command configures the encapsulation to be advertised with the EVPN routes for the service. The encapsulation is encoded in RFC5512-based tunnel encapsulation extended communities.

When used in the bgp-evpn>mpls context, the supported options are none (no send-evpn-encap), mpls, mplsoudp or both.

When used in the bgp-evpn>vxlan context, the supported options are send-evpn-encap (the router signals a VXLAN value) or no send-evpn-encap (no encapsulation extended community is sent).

Default 

send-evpn-encap mpls (in the config>service>vpls>bgp-evpn>mpls context)

send-evpn-encap (in the config>service>vpls>bgp-evpn>vxlan context)

Parameters 
mpls
Specifies the MPLS-over-UDP encapsulation value in the RFC5512 encapsulation extended community.
mplsoudp
Specifies the MPLS encapsulation value in the RFC5512 encapsulation extended community.

unknown-mac-route

Syntax 
[no] unknown-mac-route
Context 
config>service>vpls>bgp-evpn
Description 

This command enables the advertisement of the unknown-mac-route in BGP. This will be coded in an EVPN MAC route where the MAC address is zero and the MAC address length 48. By using this unknown-mac-route advertisement, the user may decide to optionally turn off the advertisement of MAC addresses learned from saps and sdp-bindings, hence reducing the control plane overhead and the size of the FDB tables in the data center. All the receiving NVEs supporting this concept will send any unknown-unicast packet to the owner of the unknown-mac-route, as opposed to flooding the unknown-unicast traffic to all other nodes part of the same VPLS. Although the 7750 SR, 7450 ESS, or 7950 XRS can be configured to generate and advertise the unknown-mac-route, the router will never honor the unknown-mac-route and will flood to the vpls flood list when an unknown-unicast packet arrives to an ingress sap/sdp-binding.

Use of the unknown-mac-route is only supported for BGP-EVPN VXLAN.

Default 

no unknown-mac-route

default-route-tag

Syntax 
default-route-tag tag
[no] default-route-tag
Context 
config>service>vpls>bgp-evpn>vxlan
config>service>vpls>bgp-evpn>mpls
config>service>epipe>bgp-evpn>vxlan
config>service>epipe>bgp-evpn>vxlan
Description 

This command configures a route tag that EVPN uses when sending a route to the BGP application (for the corresponding service and BGP instance). If the corresponding BGP EVPN instance is enabled, the command cannot be changed. Additionally, EVPN services can add tags to routes with proxy-arp/nd>evpn-route-tag or the route-table tag. Only one tag is passed from EVPN to the BGP. In case of conflict, the default-route-tag has the least priority.

Specifically these conditions are stated as below:

  1. If a service is configured with default-route-tag "X" and proxy-arp>evpn-route-tag "Y", then EVPN uses route tag "Y" when sending EVPN proxy-arp routes to the BGP RIB for advertisement.
  2. If a given IP-prefix route is tagged in the route-table with tag "A" and the R-VPLS, in which the route is advertised, uses "B" as the default-route-tag, then EVPN keeps tag "A" when sending the route to the BGP RIB.

The default-route-tag is only supported on EVPN service routes. Therefore, the route tag for ES and AD per-ES routes is always zero.

The no version of this command removes the default-route-tag (configures route-tag zero).

Default 

no default-route-tag

Parameters 
tag—
Specifies the route tag.
Values—
1 to 255

 

vxlan

Syntax 
vxlan vni vni-id [create] [instance instance-id]
no vxlan [vni vni-id]
Context 
config>service>epipe
Description 

This command enables the use of VXLAN in the Epipe service.

The no version of this command will remove the VXLAN instance from the service.

Parameters 
vni-id—
Specifies the VXLAN network identifier configured in the Epipe service. When EVPN is used in the control plane, the configured VNI will be encoded in the MPLS field of the NLRI. The VPLS service will be operationally up when the vxlan vni vni-id is successfully created.
Values—
1 to 16777215

 

Default—
1
instance-id—
Specifies the VXLAN instance identifier.
Values—
1, 2

 

create—
Mandatory keyword that creates a VXLAN instance.

oper-group

Syntax 
oper-group name
no oper-group
Context 
config>service>epipe
Description 

This command associates an operational group to the status of the Epipe. When this oper-group is used in Epipes with static VXLAN or BGP-EVPN, the oper-group behaves as follows:

  1. The Epipe (and the oper-group) will go down if a SAP or Spoke-SDP go oper-down due to admin shutdown, service shutdown, or non-DF status as a result of EVPN multi-homing single-active election.
  2. The Epipe (and oper-group) will go down if the Epipe's EVPN destination is removed (due to an EVPN AD per-EVI route withdrawal, for instance).
  3. The Epipe (and oper-group) will NOT go down if a static VXLAN destination exists and the egress VTEP is not in the global route-table.

The operational group must be monitored in a different service and not in the service where it is defined.

The no version of this command removes the oper-group association.

Parameters 
name—
Specifies the name of the oper-group, up to 32 characters.

egr-vtep

Syntax 
egr-vtep {ip-address | ipv6-address}
no egr-vtep
Context 
config>service>epipe>vxlan
config>service>vpls>vxlan
Description 

This command configures the static destination VTEP IP used when originating VXLAN packets for the service.

Parameters 
ip-address—
Specifies the IPv4 address used as the destination VTEP when originating VXLAN packets for the service.
ipv6-address—
Specifies the IPv6 address used as the destination VTEP when originating VXLAN packets for the service.

oper-group

Syntax 
oper-group name
no oper-group
Context 
config>service>epipe>vxlan>egr-vtep
Description 

This command associates an operational group to the VXLAN static egress VTEP. If the egress VTEP IP disappears from the routing table, the oper-group status will become operationally down.

The operational group must be monitored in a different service and not in the service where it is defined.

The no version of this command removes the oper-group association.

Parameters 
name—
Specifies the name of the oper-group, up to 32 characters.

assisted-replication

Syntax 
assisted-replication {replicator | leaf} [replicator-activation-time seconds]
no assisted-replication
Context 
config>service>vpls>vxlan
Description 

This command enables the Assisted Replication (AR) function for VXLAN tunnels in the service. The execution of this command triggers the BGP EVPN to send an update containing the inclusive multicast route for the service and the AR type=AR Replicator (AR-R) or AR Leaf (AR-L).

The Replicators switch the VXLAN traffic back to VXLAN destinations when the IP destination address matches their own AR-IP address. Leaf nodes select a Replicator node and send all the Broadcast or Multicast frames to it so that the Replicator can replicate the traffic on their behalf.

Enabling or disabling the AR function, or changing the role between the replicator and leaf requires the BGP EVPN MPLS to be shutdown.

If the leaf parameter is configured, the system creates a Broadcast or Multicast (BM) destination to the selected AR-R and Unknown Unicast (U) destinations to the rest of the VTEPs. If no replicator exists, the leaf creates BUM bindings to all the VTEPs.

If the replicator parameter is configured, the system will create BUM destinations to the remote leafs, Regular Network Virtualization Edge routers (RNVE), and other AR-Rs. The system will perform assisted replication for traffic from known VTEPs only (that is, where the routes have been received and programmed toward a VTEP).

The no version of this command removes the AR function from the service.

Default 

no assisted-replication

Parameters 
replicator-activation-time seconds
Optional parameter that can be added to the leaf parameter. It specifies the wait time before the leaf can begin sending traffic to a new replicator and is used to allow some time for the replicator to learn about the leaf.
Values—
1 to 255

 

Default—
0 seconds (indicates no replicator-activation-time and no delay in sending packets to the AR-R)
replicator | leaf—
Selects the AR role of the router for the service.

source-vtep-security

Syntax 
[no] source-vtep-security
Context 
config>service>vpls>vxlan
Description 

This command enables the outer IP Source Address lookup of incoming VXLAN packets, and discards those coming from untrusted VTEPs. The list of trusted VTEPs is shown in the show service vxlan command. Specifically, it shows the existing learned EVPN VTEPs (always trusted), and the statically configured VTEPs in any service (Epipe and VPLS).

The command is supported in VXLAN instances with static egress VTEPs or VXLAN instances with EVPN created VTEPs.

The no version of this command disables the outer IP source address lookup.

Default 

no source-vtep-security

rx-discard-on-ndf

Syntax 
rx-discard-on-ndf {bm | bum | none}
Context 
config>service>vpls>vxlan
Description 

This command, supported by static and BGP-EVPN VXLAN binds, determines the type of traffic that the Non Designated Forwarder (NDF) PE discards in an EVPN multi-homed Ethernet segment. It is only relevant when the VXLAN instance is associated to a network-interconnect-vxlan ES. The option BM is the default option and discards BM on reception (unicast, known and known is allowed). The option BUM discards any BUM frame on reception. Option none allows any BUM traffic on reception.

Default 

rx-discard-on-ndf bm

Parameters 
bm —
Discards Broadcast and Multicast on the EVPN Non Designated Forwarder (NDF) router, but not Unknown Unicast.
bum—
Discards Broadcast, Multicast and Unknown Unicast traffic on the NDF.
none—
Allows Broadcast, Multicast or Unknown Unicast traffic on the NDF.

disable-aging

Syntax 
[no] disable-aging
Context 
config>service>vpls
config>service>vpls>sap
config>service>vpls>spoke-sdp
config>service>template>vpls-template
config>service>vpls>vxlan
Description 

This command disables MAC address aging across a VPLS service, on a VPLS service SAP or spoke-SDP, or VXLAN instance with static binds. Learned MACs can be aged out if no packets are sourced from the MAC address for a period of time (aging time). In each VPLS service instance, there are independent aging timers for local learned MAC and remote learned MAC entries in the VPLS forwarding database (FDB).

The disable-aging command turns off aging for local and remote learned MAC addresses. When no disable-aging is specified for a VPLS, aging can be disabled for specific SAPs, spoke-SDPs, and VXLAN instances (or any combination) by entering the disable-aging command at the appropriate level.

When the disable-aging command is entered at the VPLS level, the aging state of individual SAPs or SDPs or VXLAN instance is ignored.

The no form of this command enables aging on the VPLS service.

Default 

no disable-aging

Except for VXLAN instances, where the disable-aging is the default mode

disable-learning

Syntax 
[no] disable-learning
Context 
config>service>vpls
config>service>vpls>sap
config>service>vpls>spoke-sdp
config>service>template>vpls-template
config>service>vpls>vxlan
Description 

This command disables learning of new MAC addresses in the VPLS forwarding database (FDB) for the service instance, SAP instance, spoke-SDP instance, or VXLAN instance. When disable-learning is enabled, new source MAC addresses are not entered in the VPLS service forwarding database. This applies for both local and remote MAC addresses.When disable-learning is disabled, new source MAC addresses are learned and entered into the VPLS forwarding database.

This parameter is mainly used in conjunction with the discard-unknown command.

The no form of this command enables learning of MAC addresses.

Default 

no disable-learning

Normal MAC learning is enabled. The default mode for VXLAN instances is disable-learning.

discard-unknown-source

Syntax 
[no] discard-unknown-source
Context 
config>service>vpls>sap
config>service>vpls>spoke-sdp
config>service>template>vpls-template
config>service>vpls>vxlan
Description 

When this command is enabled, packets received on a SAP, a spoke-SDP, or a static VXLAN instance with an unknown source MAC address, are dropped if the maximum number of MAC addresses is reached for that SAP, spoke-SDP or VXLAN instance (see max-nbr-mac-addr). However, if the max-nbr-mac-addr command is not set for the SAP or spoke-SDP, or VXLAN instance, then enabling discard-unknown-source has no effect.

When discard-unknown-source is disabled, the packets are forwarded based on the destination MAC addresses.

The no form of this command causes packets with an unknown source MAC addresses to be forwarded by destination MAC addresses in VPLS.

Default 

no discard-unknown-source

max-nbr-mac-addr

Syntax 
max-nbr-mac-addr table-size
no max-nbr-mac-addr
Context 
config>service>vpls>sap
config>service>vpls>spoke-sdp
config>service>vpls>endpoint
config>service>template>vpls-sap-template
config>service>vpls>vxlan
Description 

This command specifies the maximum number of FDB entries for both learned and static MAC addresses for this SAP, spoke-SDP, endpoint, or VXLAN instance.

When the configured limit is reached, and discard-unknown-source is enabled for this SAP, spoke-SDP, or static VXLAN instance (see discard-unknown-source), then packets with unknown source MAC addresses are discarded.

The no form of the command restores the global MAC learning limitations for the SAP or spoke-SDP, or VXLAN instance.

Default 

no max-nbr-mac-addr

Parameters 
table-size—
Specifies the maximum number of learned and static entries allowed in theFDB of this service.
Values—
1 to 511999

 

vxlan

Syntax 
vxlan [bgp bgp] [vxlan-instance vxlan-instance]
no vxlan [bgp bgp]
Context 
config>service>epipe>bgp-evpn
config>service>vpls>bgp-evpn
Description 

This command enables the context to configure the VXLAN parameters when BGP EVPN is used as the control plane. In VPLS services, instance BGP 1 or BGP 2 can be configured, as well as VXLAN instances 1 or 2. Up to two instances of this command can be configured in the same service, as long as the BGP instance and the VXLAN instance are different in both commands. In Epipe services, only BGP instance 1 and VXLAN instance 1 is supported. If the BGP or VXLAN instance are not specified, the instances are by default set to 1.

The no version of this command will remove the vxlan instance from the service.

Parameters 
bgp—
Indicates the BGP instance identifier.
Values—
1 to 2

 

vxlan-instance—
Indicates the VXLAN instance identifier.
Values—
1 to 2

 

send-imet-ir-on-ndf

Syntax 
send-imet-ir-on-ndf
no send-imet-ir-on-ndf
Context 
config>service>vpls>bgp-evpn>vxlan
Description 

This command controls the advertisement of Inclusive Multicast Ethernet Tag (IMET) routes for ingress replication in the case where the PE is Non-DF for a specified network interconnect VXLAN virtual ES. When enabled, the router will advertise IMET-IR routes even if the PE is NDF. This attracts BUM traffic but also speeds up convergence in case of DF failure.

The no form of this command withdraws the advertisement of the IMET-IR route on the network interconnect VXLAN NDF router.

Default 

send-imet-ir-on-ndf

vxlan-src-vtep

Syntax 
vxlan-src-vtep {ip-address | ipv6-address}
no vxlan-src-vtep
Context 
config>service>vpls
config>service>epipe
Description 

This command enables the router to use the configured IP address as the tunnel source IP address (source VTEP) when originating VXLAN-encapsulated frames for this service. This IP address is also used to set the BGP NLRI next hop in EVPN route advertisements for the service.

Default 

no vxlan-src-vtep

Parameters 
ip-address
Specifies the non-system IPv4 address that terminates VXLAN for a service.
ipv6-address
Specifies the IPv6 address that terminates VXLAN for a service.

shutdown

Syntax 
[no] shutdown
Context 
config>service>vpls>bgp-evpn>vxlan
Description 

This command enables and disables the automatic creation of VXLAN auto-bindings by BGP-EVPN.

Default 

shutdown

pbb

Syntax 
pbb
Context 
config>service>vpls
Description 

This command enables the context where the PBB parameters are configured.

leaf-source-bmac

Syntax 
leaf-source-bmac ieee-address
no leaf-source-bmac
Context 
config>service>pbb
Description 

This command enables the use of PBB-EVPN E-Tree. The leaf-source-bmac address must be configured before any I-VPLS E-Tree type can be created. The leaf-source-bmac address is used as the BMAC SA in all PBB frames that encapsulate customer frames generated from leaf-ac SAPs and spoke-SDPs. When configured, the B-VPLS service accepts PBB traffic destined to the source BMAC as well as the leaf source BMAC address.

The no version of this command removes the leaf source BMAC address.

Default 

no leaf-source-bmac

Parameters 
ieee-address—
Specifies the MAC address assigned to the leaf source BMAC. The parameter is entered in the form xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx, where xx represents a hexadecimal number.

send-bvpls-evpn-flush

Syntax 
send-bvpls-evpn-flush
no send-bvpls-evpn-flush
Context 
config>service>vpls>pbb
Description 

This command triggers ISID-based CMAC-flush signaling in the PBB-EVPN. When the command is enabled in an I-VPLS service, a BMAC/ISID route is sent for the I-VPLS ISID.

Default 

no send-bvpls-evpn-flush

use-es-bmac

Syntax 
use-es-bmac
Context 
config>service>vpls>pbb
Description 

This command is only supported in B-VPLS instances where BGP-EVPN is enabled and controls the source BMAC used by the system for packets coming from the SAP or spoke-SDPs when they belong to an EVPN Ethernet-Segment.

If enabled, the system will use a source BMAC derived from the source-bmac (high order four bytes) and the least significant two bytes configured in config>service>system>bgp-evpn>ethernet-segment>source-bmac-lsb for all the packets coming from the local ethernet-segment.

If no use-es-bmac is configured, the system will use the regular source-bmac (provided by the config>service>vpls>pbb>source-bmac command, or the chassis bmac if the source-bmac is not configured).

Default 

no use-es-bmac

provider-tunnel

Syntax 
provider-tunnel
Context 
config>service>vpls
Description 

This command enables the context to configure the use of a P2MP LSP to forward Broadcast, Unknown unicast, and Multicast (BUM) packets of a VPLS or B-VPLS instance. The P2MP LSP is referred to as the Provider Multicast Service Interface (PMSI).

inclusive

Syntax 
inclusive
Context 
config>service>vpls>provider-tunnel
Description 

This command enables the context to configure the use of a P2MP LSP as the default tree for forwarding Broadcast, Unknown unicast, and Multicast (BUM) packets of a VPLS or B-VPLS instance. The P2MP LSP is referred to, in this case, as the Inclusive Provider Multicast Service Interface (I-PMSI).

When enabled, this feature relies on BGP Auto-Discovery (BGP-AD), BGP-VPLS or BGP-EVPN to discover the PE nodes participating in a specified VPLS/B-VPLS instance. In the case of BGP-AD or BGP-VPLS, the BGP route contains the information required to signal both point-to-point (P2P) PWs used to forward unicast known Ethernet frames, and the RSVP or mLDP P2MP LSP used to forward the BUM frames. In the case of BGP-EVPN, the EVPN IMET route contains the information to set up the mLDP P2MP LSP and may also contain the information that enables the remote leaf-only nodes to setup an EVPN destination to the sending PE.

Note:

The provider-tunnel for a specified service must be configured with an owner protocol (BGP-AD, BGP-VPLS or BGP-EVPN); only one owner must be configured. Use the owner {bgp-ad|bgp-vpls|bgp-evpn-mpls} command to configure an owner.

With an mLDP I-PMSI, each leaf node will initiate the signaling of the mLDP P2MP LSP upstream using the P2MP FEC information in the I-PMSI tunnel information discovered through the BGP.

If IGMP or PIM snooping are configured on the VPLS/B-VPLS instance, multicast packets matching an L2 multicast Forwarding Information Base (FIB) record will also be forwarded over the P2MP LSP.

Use the mldp command to enable the use of an LDP P2MP LSP as the I-PMSI for forwarding Ethernet BUM and IP multicast packets in a VPLS instance:

config>service>vpls [b-vpls]>provider-tunnel>inclusive>mldp

When a no shutdown is performed under the context of the inclusive node and the expiration of a delay timer, BUM packets will be forwarded over an automatically signaled mLDP P2MP LSP.

Use the root-and-leaf command to configure the node to operate as both root and leaf in the VPLS instance:

config>service>vpls [b-vpls]>provider-tunnel>inclusive>root-and-leaf

The node behaves as a leaf-only node by default. For the I-PMSI of type mLDP, the leaf-only node will join I-PMSI rooted at other nodes it discovered but will not include a PMSI Tunnel Attribute in BGP route update messages. This way a leaf-only node will forward packets to other nodes in the VPLS/B-VPLS using the point-to-point spoke-sdps in the case of BGP-AD or BGP-VPLS, or using EVPN destinations in the case of BGP-EVPN.

Note:

Either BGP-AD/VPLS or BGP-EVPN must be enabled in the VPLS/B-VPLS instance otherwise the execution of the no shutdown command under the context of the inclusive node will fail and the I-PMSI will not come up.

If the P2MP LSP instance goes down, the VPLS/B-VPLS immediately reverts the forwarding of BUM packets to the P2P PWs or EVPN destinations (in the case of BGP-EVPN). Performing a shutdown under the context of the inclusive node will allow the user to restore BUM packet forwarding over the P2P PWs or EVPN destinations.

This feature is supported with VPLS and B-VPLS; it is not supported with I-VPLS. Although Routed VPLS is supported, routed traffic cannot be sent over the I-PMSI tree.

data-delay-interval

Syntax 
data-delay-interval seconds
no data-delay-interval
Context 
config>service>vpls>provider-tunnel>inclusive
Description 

This command enables the context to configure the I-PMSI data delay timer.

For an mLDP P2MP LSP, the delay timer is started as soon as the P2MP FEC corresponding to the I- PMSI is resolved and installed at the root node. When configuring a value at the root node, the user must factor the configured IGP-LDP sync timer (config>router>if>ldp-sync-timer) on the network interfaces. This is required because the mLDP P2MP LSP may move to a different interface at the expiry of the sync timer as the routing upstream of the LDP Label Mapping message may change when the sync timer expires and the interface metric is restored.

When the data delay timer expires, the VPLS/B-VPLS begins forwarding BUM packets over the P2MP LSP instance even if all the paths are not up.

The no version of this command reinstates the default value for the delay timer.

Parameters 
seconds
Specifies the delay-time in seconds.
Values—
3 to 180

 

Default—
15

mldp

Syntax 
[no] mldp
Context 
config>service>vpls>provider-tunnel>inclusive
Description 

This command enables the context to configure the parameters of an LDP P2MP LSP used for forwarding Broadcast, Unicast unknown and Multicast (BUM) packets of a VPLS or B-VPLS instance.

root-and-leaf

Syntax 
[no] root-and-leaf
Context 
config>service>vpls>provider-tunnel>inclusive
Description 

This command enables the node to operate as both root and leaf of the I-PMSI in a specified VPLS/B-VPLS instance.

By default, a node will behave as a leaf-only node. For the I-PMSI of type mLDP, the leaf-only node will join I-PMSI rooted at other nodes it discovered but will not include a PMSI tunnel attribute in BGP route update messages. This way a leaf-only node will forward packets to other nodes in the VPLS/B-VPLS using the point-to-point spoke-sdp's or the EVPN destinations.

The no version of the command reinstates the default value.

owner

Syntax 
[no] owner {bgp-ad | bgp-vpls | bgp-evpn-mpls}
Context 
config>service>vpls>provider-tunnel>inclusive
Description 

This command selects the owner protocol of the inclusive PMSI tunnel in the service. Only one of the protocols will support the provider tunnel.

The bgp-vpls and bgp-evpn-mpls parameters cannot be configured together in the same service. Although bgp-ad and bgp-evpn can coexist in the same service, bgp-ad cannot be configured as the owner of the provider-tunnel. In addition, the following applies to this configuration:

  1. The owner must be explicitly set before the provider-tunnel can be no shutdown.
  2. If the owner is bgp-ad, then bgp-evpn mpls and bgp-evpn vxlan will fail to no shutdown.
  3. The provider-tunnel must be shutdown to change the owner; on the fly change is not allowed.
Default 

no owner

Parameters 
bgp-ad
Specifies that bgp-ad is the owner of the provider-tunnel.
bgp-vpls
Specifies that bgp-vpls is the owner of the provider-tunnel.
bgp-evpn-mpls
Specifies that bgp-evpn-mpls is the owner of the provider-tunnel.

shutdown

Syntax 
[no] shutdown
Context 
config>service>vpls>provider-tunnel>inclusive
Description 

This command administratively enables and disables the service.

proxy-arp

Syntax 
[no] proxy-arp
Context 
config>service>vpls
Description 

This command enables the context to configure the proxy-ARP parameters in a VPLS service.

Default 

no proxy-arp

proxy-nd

Syntax 
[no] proxy-nd
Context 
config>service>vpls
Description 

This command enables the context to configure the proxy-ND parameters in a VPLS service.

Default 

no proxy-arp

age-time

Syntax 
[no] age-time seconds
Context 
config>service>vpls>proxy-arp
config>service>vpls>proxy-nd
Description 

This command specifies the aging timer per proxy-ARP/proxy-ND entry for dynamic entries. When the aging expires, the entry is flushed. The age is reset when a new ARP/GARP/NA for the same MAC-IP is received. If the corresponding FDB MAC entry is flushed, the proxy-ARP/proxy-ND entry goes inactive and subsequent ARP/NS lookups are treated as "missed". EVPN will withdraw the IP→MAC if the entry goes inactive. The age-time should be set at send-refresh * 3 to ensure that no active entries are unnecessarily removed.

Default 

no age-time

Parameters 
seconds
Specifies the age-time in seconds.
Values—
60 to 86400

 

dup-detect

Syntax 
dup-detect [anti-spoof-mac mac-address] window minutes num-moves count hold-down [minutes | max]
dup-detect [anti-spoof-mac mac-address] window minutes num-moves count hold-down [minutes | max] [static-black-hole]
Context 
config>service>vpls>proxy-arp
config>service>vpls>proxy-nd
Description 

This command enables a mechanism that detects duplicate IPs and ARP/ND spoofing attacks. Attempts (relevant to dynamic and EVPN entry types) to add the same IP (different MAC) are monitored for window <minutes>. When <count> is reached within that window, the proxy-ARP/ND entry for the suspected IP is marked as duplicate. An alarm is also triggered. This condition is cleared when hold-down time expires (max does not expire) or a clear command is issued.

If the anti-spoof-mac is configured, the proxy-ARP/ND offending entry's MAC is replaced with this <mac-address> and advertised in an unsolicited GARP/NA for local SAP/SDP-bindings, and in EVPN to remote PEs. This mechanism assumes that the same anti-spoof-mac is configured in all the PEs for the same service and that traffic with destination anti-spoof-mac received on SAPs/SDP-bindings will be dropped. An ingress mac-filter may be configured to drop traffic to the anti-spoof-mac.

The anti-spoof-mac can also be combined with the static-black-hole option. To use a black-hole MAC entry for the anti-spoof-mac function in a proxy-ARP/ND service, the following must be configured:

  1. static-black-hole option for the anti-spoof-mac
  2. a static black-hole MAC using the same MAC address used for the anti-spoof-mac: static-mac mac <mac-address> create black-hole command.

When both anti-spoof-mac and static-black-hole commands are configured, the MAC is advertised in EVPN as Static. Locally, the MAC will be shown in the FDB as CStatic and associated with a black-hole.

The combination of the anti-spoof-mac and the static-black-hole options ensures that any frame arriving in the system with MAC DA=anti-spoof-mac will be discarded, regardless of the ingress endpoint type (SAP/SDP-binding or EVPN) and without the need for a filter.

If the user wants to redirect the traffic with MAC DA=anti-spoof-mac instead of discarding it, redirect filters should be configured on saps/sdp-bindings instead of the static-black-hole option.

If the static-black-hole option is not configured for the anti-spoof-mac, the behavior is as follows:

  1. The anti-spoof-mac is not programmed in the FDB.
  2. Any attempt to add a Static MAC (or any other MAC) with the anti-spoof-mac value will be rejected by the system.
  3. A mac-filter is needed to discard traffic with MAC DA=anti-spoof-mac.

Any changes to the configuration of anti-spoof-mac require proxy-arp or proxy-nd to first be shut down. See ARP/ND Snooping and Proxy Support for more information.

Default 

dup-detect window 3 num-moves 5 hold-down 9

Parameters 
window minutes
Specifies the window size in minutes.
Values—
1 to 15

 

Default—
3
count
Specifies the number of moves required so that an entry is declared duplicate.
Values—
3 to 10

 

Default—
5
hold-down minutes
Specifies the hold-down time for a duplicate entry.
Values—
2 to 60

 

Default—
9
hold-down max—
Specifies permanent hold-down time for a duplicate entry.
mac-address
Specifies the optional anti-spoof-mac to use.

dynamic

Syntax 
dynamic ip-address [create]
no dynamic ip-address
Context 
config>service>vpls>proxy-arp
config>service>vpls>proxy-nd
Description 

This command creates a dynamic IP that can be associated to a MAC list. The configured dynamic IP is only converted to a dynamic entry when the resolve process for the IP has passed successfully.

A summary of the IP resolution process is as follows:

  1. A resolve message is sent for the configured IP as soon as the dynamic IP is configured. The message is sent with a configurable frequency of 1 to 60 minutes (using the resolve command); the default value is 5 minutes. The actual resolve interval is a “jittered” value of the configured interval.
  2. The resolve message is an ARP-request or NS message flooded to all the non-EVPN endpoints in the service, irrespective of the status of the unknown-arp-request-flood-evpn or unknown-ns-flood-evpn commands. The router sends resolve messages at the configured frequency until a dynamic entry for the IP is created in the proxy-ARP or proxy-ND table. The IP entry is created only if all of the following conditions are true.
    1. An ARP, GARP, or NA message is received for the configured IP.
    2. The associated MAC exists in the configured MAC list for the IP.
      If the MAC list is empty or not configured, the router does not create an entry for the IP.
  3. After a dynamic entry is created in the proxy-ARP or proxy-ND table, the IP->MAC entry is advertised in the EVPN.

The no form of the command deletes the dynamic IP and the associated proxy-ARP or proxy-ND entry, if it exists.

Parameters 
ip-address—
Specifies the IPv4 or IPv6 address.
Values—
ip-address: a.b.c.d
ipv6-address: x:x:x:x:x:x:x:x (eight 16-bit pieces)
                       x:x:x:x:x:x:d.d.d.d
             where:
                        x: [0 to FFFF]H
                        d: [0 to 255]D

 

evpn-route-tag

Syntax 
evpn-route-tag tag
no evpn-route-tag
Context 
config>service>vpls>proxy-arp
config>service>vpls>proxy-nd
Description 

This command configures a local route tag that can be used on export policies to match MAC/IP routes generated by the proxy-ARP or proxy-ND module. For example, if a new active dynamic proxy-ARP entry is added to the proxy-ARP table and evpn-route-tag is 10, an export policy that matches on tag 10 and adds a site-of-origin community SOO-1, allows the router to advertise the MAC/IP route for the proxy-ARP entry with community SOO-1.

The no form of this command removes the route tag for the generated EVPN MAC/IP routes.

Parameters 
tag—
Specifies the route tag, in either decimal or hexadecimal form.
Values—
1 to 255

 

mac-list

Syntax 
mac-list name
no mac-list
Context 
config>service>vpls>proxy-arp>dynamic
config>service>vpls>proxy-nd>dynamic
Description 

This command associates a previously created MAC list to a dynamic IP. The MAC list is created using the config>service>proxy-arp-nd>mac-list command.

The no form of the command deletes the association of the MAC list and the dynamic IP.

Parameters 
name—
The name of the MAC list previously created using the config>service>proxy-arp-nd>mac-list command.

resolve

Syntax 
resolve minutes
Context 
config>service>vpls>proxy-arp>dynamic
config>service>vpls>proxy-nd>dynamic
Description 

This command configures the frequency at which a resolve message is sent. The resolve message is an ARP-request or NS message flooded to all the non-EVPN endpoints in the service irrespective of the current status of the unknown-arp-request-flood-evpn or unknown-ns-flood-evpn commands.

Parameters 
minutes—
Specifies the frequency in minutes at which the resolve message is issued.
Values—
1 to 60

 

Default—
5

dynamic-arp-populate

Syntax 
[no] dynamic-arp-populate
Context 
config>service>vpls>proxy-arp
Description 

This command enables the addition of dynamic entries to the proxy-ARP table (disabled by default). When executed, the system will populate proxy-ARP entries from snooped GARP/ARP messages on SAPs/SDP-bindings. These entries will be shown as dynamic.

When disabled, dynamic-arp entries will be flushed from the proxy-ARP table. Enabling dynamic-arp-populate is only recommended in networks with a consistent configuration of this command in all the PEs.

Default 

no dynamic-arp-populate

garp-flood-evpn

Syntax 
[no] garp-flood-evpn
Context 
config>service>vpls>proxy-arp
Description 

This command controls whether the system floods GARP-requests / GARP-replies to the EVPN. The GARPs impacted by this command are identified by the sender's IP being equal to the target's IP and the MAC DA being broadcast.

The no form of the command only floods to local saps/binds but not to EVPN destinations.

Disabling this command is only recommended in networks where CEs are routers that are directly connected to the PEs. Networks using aggregation switches between the host/routers and the PEs should flood GARP messages in the EVPN to ensure that the remote caches are updated and the BGP does not miss the advertisement of these entries.

Default 

garp-flood-evpn

send-refresh

Syntax 
[no] send-refresh seconds
Context 
config>service>vpls>proxy-arp
config>service>vpls>proxy-nd
Description 

If enabled, this command will make the system send a refresh at the configured time. A refresh message is an ARP-request message that uses 0s as sender's IP for the case of a proxy-ARP entry. For proxy-ND entries, a refresh is a regular NS message using the chassis-mac as MAC source-address.

Default 

no send-refresh

Parameters 
seconds
Specifies the send-refresh in seconds.
Values—
120 to 86400

 

static

Syntax 
[no] static ip-address ieee-address
Context 
config>service>vpls>proxy-arp
Description 

This command configures static entries to be added to the table. A static MAC-IP entry requires the addition of the MAC address to the FDB as either learned or CStatic (conditional static MAC) in order to become active.

Parameters 
ip-address
Specifies the IPv4 address for the static entry.
ieee-address—
Specifies a 48-bit MAC address in the form xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx, where xx represents a hexadecimal number.

table-size

Syntax 
table-size table-size
Context 
config>service>vpls>proxy-arp
config>service>vpls>proxy-nd
Description 

This command adds a table-size limit per service. By default, the table-size limit is 250; it can be set up to 16k entries per service. A non-configurable implicit high watermark of 95% and low watermark of 90% exists, per service and per system. When those watermarks are reached, a syslog/trap is triggered. When the system/service limit is reached, entries for a specified IP can be replaced (a different MAC can be learned and added) but no new IP entries will be added, regardless of the type (Static, evpn, dynamic). If the user attempts to change the table-size value to a value that cannot accommodate the number of existing entries, the attempt will fail.

Default 

250

Parameters 
table-size
Specifies the table-size as number of entries for the service.
Values—
1 to 16384

 

unknown-arp-request-flood-evpn

Syntax 
[no] unknown-arp-request-flood-evpn
Context 
config>service>vpls>proxy-arp
Description 

This command controls whether unknown ARP-requests are flooded into the EVPN network. By default, the system floods ARP-requests, including EVPN (with source squelching), if there is no active proxy-arp entry for the requested IP.

The no form of the command will only flood to local SAPs/SDP-bindings and not to EVPN destinations.

Default 

unknown-arp-request-flood-evpn

dynamic-nd-populate

Syntax 
[no] dynamic-nd-populate
Context 
config>service>vpls>proxy-nd
Description 

This command enables the addition of dynamic entries to the proxy-ND table. The command is disabled by default. When executed, the system will populate proxy-ND entries from snooped Neighbor Advertisement (NA) messages on SAPs/SDP-bindings, in addition to the entries coming from EVPN (if the EVPN is enabled). These entries will be shown as dynamic, as opposed to EVPN entries or static entries.

When disabled, dynamic-ND entries will be flushed from the proxy-ND table. Enabling dynamic-nd-populate is only recommended in networks with a consistent configuration of this command in all the PEs.

Default 

no dynamic-nd-populate

evpn-nd-advertise

Syntax 
evpn-nd-advertise {host | router}
Context 
config>service>vpls>proxy-nd
Description 

This command enables the advertisement of static or dynamic entries that are learned as host or routers (only one option is possible in a specified service), and determines the R flag (host or router) when sending Neighbor Advertisement (NA) messages for existing EVPN entries in the proxy-ND table.

This command cannot be modified without proxy-nd shutdown.

Default 

evpn-nd-advertise router

Parameters 
host—
Enables the advertisement of static or dynamic entries that are learned as host.
router—
Enables the advertisement of static or dynamic entries that are learned as routers.

host-unsolicited-na-flood-evpn

Syntax 
[no] host-unsolicited-na-flood-evpn
Context 
config>service>vpls>proxy-nd
Description 

This command controls whether the system floods host unsolicited Neighbor Advertisements to the EVPN. The NA messages impacted by this command are NA messages with the following flags: S=0 and R=0.

The no form of the command will only flood to local saps/binds but not to the EVPN destinations. This is only recommended in networks where CEs are routers that are directly connected to the PEs. Networks using aggregation switches between the host/routers and the PEs should flood unsolicited NA messages in the EVPN to ensure that the remote caches are updated and the BGP does not miss the advertisement of these entries.

Default 

host-unsolicited-na-flood-evpn

router-unsolicited-na-flood-evpn

Syntax 
[no] router-unsolicited-na-flood-evpn
Context 
config>service>vpls>proxy-nd
Description 

This command controls whether the system floods router unsolicited Neighbor Advertisements to EVPN. The NA messages impacted by this command are NA messages with the following flags: S=0 and R=1.

The no form of the command will only flood to local saps/binds but not to EVPN destinations. This is only recommended in networks where CEs are routers directly connected to the PEs. Networks using aggregation switches between the host/routers and the PEs should flood unsolicited NA messages in EVPN to ensure that the remote caches are updated and BGP does not miss the advertisement of these entries.

Default 

router-unsolicited-na-flood-evpn

static

Syntax 
static ipv6-address ieee-address {host | router}
no static ipv6-address
Context 
config>service>vpls>proxy-nd
Description 

This command configures static entries to be added to the table. A static MAC-IP entry requires the addition of the MAC address to the FDB as either dynamic or CStatic (Conditional Static MAC) in order to become active. Along with the IPv6 and MAC, the entry must also be configured as either host or router. This will determine if the received NS for the entry will be replied with the R flag set to 1 (router) or 0 (host).

Default 

router-unsolicited-na-flood-evpn

Parameters 
ipv6-address
Specifies the IPv6 address for the static entry.
ieee-address—
Specifies a 48-bit MAC address in the form xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx, where xx represents a hexadecimal number.
host—
Specifies that the entry is type “host”.
router—
Specifies that the entry is type “router”.

unknown-ns-flood-evpn

Syntax 
[no] unknown-ns-flood-evpn
Context 
config>service>vpls>proxy-nd
Description 

This command controls whether unknown Neighbor Solicitation messages are flooded into the EVPN network. By default, the system floods NS (with source squelching) to SAPs/SDP-bindings including EVPN, if there is no active proxy-nd entry for the requested IPv6.

The no form of the command will only flood to local SAPs/SDP-bindings but not to EVPN destinations.

Default 

unknown-ns-flood-evpn

shutdown

Syntax 
[no] shutdown
Context 
config>service>vpls>proxy-arp
config>service>vpls>proxy-nd
Description 

This command enables and disables the proxy-ARP and proxy-nd functionality. ARP/GARP/ND messages will be snooped and redirected to the CPM for lookup in the proxy-ARP/proxy-ND table. The proxy-ARP/proxy-ND table is populated with IP->MAC pairs received from different sources (EVPN, static, dynamic). When the shutdown command is issued, it flushes the dynamic/EVPN dup proxy-ARP/proxy-ND table entries and instructs the system to stop snooping ARP/ND frames. All the static entries are kept in the table as inactive, regardless of their previous Status.

Default 

shutdown

disable-send-bvpls-evpn-flush

Syntax 
disable-send-bvpls-evpn-flush
no disable-send-bvpls-evpn-flush
Context 
config>service>vpls>sap
config>service>vpls>spoke-sdp
Description 

This command disables the ISID-based CMAC-flush indication when the corresponding SAP or spoke-SDP enters the operationally down state.

If the send-bvpls-evpn-flush is properly enabled, the no version of the command enables BMAC/ISID route updates to be sent when the SAP or spoke-SDP is operationally down.

Default 

no disable-send-bvpls-evpn-flush

static-mac

Syntax 
static-mac
Context 
config>service>vpls
Description 

A set of conditional static MAC addresses can be created within a VPLS supporting bgp-evpn. Conditional Static Macs are also supported in B-VPLS with SPBs. Unless they are configured as black-hole, conditional Static Macs are dependent on the SAP/SDP state.

This command allows the assignment of a set of conditional Static MAC addresses to a SAP/ spoke-SDP or black-hole. In the FDB, the static MAC is then associated with the active SAP or spoke-SDP.

When configured in conjunction with SPBM services, Static MACs are used for PBB Epipe and I-VPLS services that may terminate external to SPBM. If this is configured under a Control B-VPLS the interface referenced will not use IS-IS for this neighbor. This may also be configured under a User B-VPLS where the corresponding interface is not supported under the Control B-VPLS.

Static MACs configured in a bgp-evpn service are advertised as protected (EVPN will signal the MAC as protected).

vxlan

Syntax 
vxlan vni vni-id [create] [instance instance-id]
no vxlan [vni vni-id] [instance instance-id]
Context 
config>service>vpls
Description 

This command enables the use of VXLAN in the VPLS service.

The no version of this command will remove the VXLAN instance from the service.

Parameters 
vni-id—
Specifies the VXLAN network identifier configured in the VPLS service. When EVPN is used in the control plane, the configured VNI will be encoded in the MPLS field of the NLRI. The VPLS service will be operationally up when the vxlan vni vni-id is successfully created.
Values—
1 to 16777215

 

Default—
1
instance-id—
Specifies the VXLAN instance identifier.
Values—
1, 2

 

create—
Mandatory keyword that creates a VXLAN instance.

mac

Syntax 
mac ieee-address [create] sap sap-id monitor fwd-status
mac ieee-address [create] spoke-sdp sdp-id:vc-id] monitor fwd-status
mac ieee-address [create] black-hole
no mac ieee-address
Context 
config>service>vpls>static-mac
Description 

This command assigns a conditional static MAC address entry to an SPBM B-VPLS SAP/spoke-SDP or black-hole, allowing external MACs for single and multi-homed operation.

This command also assigns a conditional static MAC address entry to an EVPN VPLS SAP/spoke-SDP or a black-hole on the 7450 ESS or 7750 SR.

When configured in conjunction with SPBM services, Static MACs are used for PBB Epipe and I-VPLS services that may terminate external to SPBM. If this is configured under a Control B-VPLS the interface referenced will not use IS-IS for this neighbor. This may also be configured under a User B-VPLS where the corresponding interface is not supported under the Control B-VPLS.

Parameters 
ieee-address —
Specifies the static MAC address to SAP/SDP-binding or black-hole.
Values—
6-byte mac-address (xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx). It cannot be all zeros.

 

sap-id—
Specifies the SAP ID.
sdp-id—
Specifies the SDP ID
vc-id—
Specifies the virtual circuit ID.
create—
This keyword is mandatory while creating a static MAC.
black-hole—
This keyword creates a static FDB entry for the MAC address to black-hole traffic.
fwd-status —
Specifies that this static MAC will be installed in the FDB based on the forwarding status of the SAP or spoke-SDP.

vxlan

Syntax 
vxlan
Context 
config>service>vprn
Description 

This command enables the context to configure VXLAN parameters in the VPRN.

tunnel-termination

Syntax 
tunnel-termination {ip-address | ipv6-address} fpe fpe-id [create]
no tunnel-termination {ip-address | ipv6-address}
Context 
config>service>vprn>vxlan
Description 

This command instructs the system to redirect traffic to the corresponding PXC interface associated with the configured FPE when the destination IP address matches the configured tunnel termination IP address. Because the IP address is registered, the system can respond to ICMP packets directed to it.

The no version of this command removes the non-system IP address as the tunnel termination IP address.

Parameters 
ip-address | ipv6-address—
Specifies the non-system IPv4 or IPv6 address that terminates the VXLAN.
Values—
ip-address: a.b.c.d
ipv6-address: x:x:x:x:x:x:x:x (eight 16-bit pieces)
                       x:x:x:x:x:x:d.d.d.d
             where:
                        x: [0 to FFFF]H
                        d: [0 to 255]D

 

fpe-id —
Specifies the FPE identifier associated with the PXC port or LAG that processes and terminates the VXLAN.
Values—
1 to 64

 

create—
Mandatory keyword to create the FPE.

evpn-tunnel

Syntax 
evpn-tunnel [ipv6-gateway-address {ip | mac}]
no evpn-tunnel
Context 
config>service>vprn>if>vpls
Description 

This command sets the evpn-tunnel mode for the attached R-VPLS. When enabled for an IPv4 interface, no IPv4 address is required under the same interface. When enabled on an IPv6 interface, the ipv6-gateway-address parameter can be configured as ip or mac.

When configured as evpn-tunnel ipv6-gateway-address ip or simply evpn-tunnel, then:

  1. on transmission, the router populates the GW IP field of the route type 5 with a Link-Local-Address (LLA) if an explicit Global IPv6 address is not configured. Otherwise, the configured IPv6 address is used.
  2. on reception of routes type 5 for IPv6 prefixes, only routes with non-zero GW IP are processed; the rest of the routes will be treated-as-withdraw.

When configured as evpn-tunnel ipv6-gateway-address mac, then:

  1. on transmission, the router sends routes type 5 with zero GW IP field, and a MAC extended community of the router, containing the VPRN interface MAC.
  2. on reception of IPv6 prefix routes, only routes with zero GW IP and non-zero Router's MAC are processed; the rest of the routes will be treated-as-withdraw.

The configuration of evpn-tunnel without options is equivalent to the ipv6-gateway-address ip option.

The no version of this command disables the evpn-tunnel mode.

Default 

no evpn-tunnel

Parameters 
ipv6-gateway-address —
Indicates whether the IPv6 Prefix route uses a GW IP or a GW MAC as gateway.
Values—
{ip | mac}

 

vsd-domain

Syntax 
vsd-domain name
no vsd-domain
Context 
config>service>vpls
config>service>vprn
Description 

This command associates a previously configured vsd-domain to an existing VPRN or VPLS service. The vsd-domain is a tag used between the VSD and the 7750 SR, 7450 ESS, or 7950 XRS to correlate configuration parameters to a service.

Parameters 
name —
Specifies the vsd-domain name.

vsd

Syntax 
vsd
Context 
config>service
Description 

This command provides the context for the vsd configuration.

domain

Syntax 
domain name [type {l2-domain | vrf-gre | vrf-vxlan | l2-domain-irb}] [create]
no domain name
Context 
config>service>vsd
Description 

This command configures a vsd-domain that can be associated to a VPLS or VPRN service.

Parameters 
name—
Specifies the name of the vsd-domain. 32 characters maximum.
l2-domain—
Assigns the l2-domain type to the domain. l2-domain-type domains must be associated to a VPLS service.
vrf-gre—
Assigns the vrf-gre type to the domain. vrf-gre-type domains must be associated to a VPRN service.
vrf-vxlan—
Assigns the vrf-vxlan type to the domain. vrf-vxlan-type domains must be associated to a VPLS service.
l2-domain-irb—
Assigns the l2-domain-irb type to the domain. l2-domain-irb-type domains must be associated to a VPLS service.
create—
This keyword is mandatory when creating the vsd-domain.

description

Syntax 
description description-string
no description
Context 
config>service>vsd>domain
Description 

This command provides a description for a vsd-domain. This description must be added before the domain is activated using the no shutdown command.

Parameters 
description-string —
Specifies the text for the description.

service-range

Syntax 
service-range svc-id to svc-id
no service-range
Context 
config>service>vsd
Description 

This command configures the range of service identifiers that the system allows for dynamic services configured by python, when the Nuage VSD sends the service configuration parameters for the VSD fully-dynamic integration model

Parameters 
svc-id
Specifies the start and end service identifier values.
Values—
1 to 2147483647

 

shutdown

Syntax 
[no] shutdown
Context 
config>service>vsd>domain
Description 

This command enables or disables a domain. A description must be provided before no shutdown is executed.

system-id

Syntax 
system-id name
no system-id
Context 
config>system>vsd
Description 

This command configures the DC GW system-id that is used for the configuration from VSD. VSD will identify the DC GW based on this identifier, hence it must be unique per VSD.

Parameters 
name —
Specifies the name of the DC GW.

xmpp

Syntax 
xmpp
Context 
config>system
Description 

This command provides the context for the xmpp configuration.

server

Syntax 
server xmpp-server-name [domain-name fqdn] [username user-name] [password password] [create] [service-name service-name]
server xmpp-server-name [domain-name fqdn] [username user-name] [password password] [create] [router router-instance]
no server xmpp-server-name
Context 
config>system>xmpp
Description 

This command configures the XMPP server as well as the Jabber ID that the 7750 SR, 7450 ESS, or 7950 XRS will use for the XMPP communication with the server. The system uses DNS to resolve the configured domain-name.

no server name will remove all the dynamic configurations in all the services.

Parameters 
xmpp-server-name —
Specifies the name of the server in lower-case letters.
fqdn —
Specifies the Fully Qualified Domain Name of the server.
user-name —
Specifies the user-name part of the Jabber ID.
password —
Specifies the password part of the Jabber ID’s user.
create —
Keyword used to create the server instance.
router-instance
Specifies the router name or service ID used to identify the router instance.
Values—

router-instance: router-name or vprn-svc-id

router-name

“Base”, “management”

vprn-svc-id

1 to 2147483647

 

Default—
Base
service-name
Specifies the service name, up to 64 characters.

shutdown

Syntax 
[no] shutdown
Context 
config>system>xmpp>server
Description 

This command enables or disables the communication with a specified XMPP server. When the xmpp server is properly configured, no shutdown instructs the system to establish a TCP session with the XMPP server through the management interface first. If it fails to establish communication, the 7750 SR, 7450 ESS, or 7950 XRS uses an in-band communication and its system IP as source IP address. Shutdown does not remove the dynamic configurations.

security

Syntax 
security
Context 
config>system
Description 

This command enables the context for the configuration of the security parameters in the system.

cli-script

Syntax 
cli-script
Context 
config>system>security
Description 

This command enables the context for the configuration of the security parameters in the system.

authorization

Syntax 
authorization
Context 
config>system>security>cli-script
Description 

This command enables the context for the configuration of the authorization parameters for the cli-scripts in the system.

vsd

Syntax 
vsd
Context 
config>system>security>cli-script>authorization
Description 

This command enables the context for the configuration of the authorization parameters related to VSD in the system.

cli-user

Syntax 
cli-user user-name
no cli-user
Context 
config>system>security>cli-script>authorization>vsd
Description 

This command configures the cli-user for the configuration coming from VSD (fully dynamic VSD integration model). The user-profile determines what CLI set of commands can be executed by the VSD. This set of commands is a sub-set of the white-list of commands allowed by the system for the or VSD. You can use the tools dump service vsd-services command-list to check the white-list of commands.

Parameters 
user-name —
Specifies the user-name that the VSD will use when adding a configuration to the system.

password

Syntax 
password
Context 
config>system>security>password
Description 

This command enables the context for the configuration of the passwords in the system.

vsd-password

Syntax 
vsd-password password [{hash | hash2}]
no vsd-password
Context 
config>system>security>password
Description 

This command configures the password required to access the enable-vsd-config mode. The enable-vsd-config mode allows editing of services provisioned by the VSD in fully dynamic mode (or by the tools perform service vsd evaluate-script command

Parameters 
password —
Specifies the password required to login as authorized user in the enable-vsd-config mode.
hash—
Specifies that the primary hashing sequence should be used.
hash2—
Specifies that the secondary hashing sequence should be used.

router

Syntax 
router
Context 
config
Description 

This command enables the context for the configuration of the base router in the system.

bgp

Syntax 
bgp
Context 
config>router
Description 

This command enables the context for the configuration of the base router BGP parameters in the system.

group

Syntax 
group name
Context 
config>router>bgp
Description 

This command enables the context for the configuration of a BGP group in the base router.

Parameters 
name—
Specifies the name of the BGP group.

neighbor

Syntax 
neighbor ip-address
Context 
config>router>bgp>group
Description 

This command enables the context for the configuration of a BGP group neighbor in the base router.

Parameters 
ip-address—
Specifies the IP address of the BGP group neighbor.
Values—

ipv4-address:

a.b.c.d

ipv6-address:

x:x:x:x:x:x:x:x[-interface]

x:x:x:x:x:x:d.d.d.d[-interface]

x:  0 to FFFF (hexadecimal)

d:  0 to 255 (decimal)

interface: 32 characters max. Mandatory for link local addresses

 

def-recv-evpn-encap

Syntax 
def-recv-evpn-encap {mpls | vxlan}
Context 
config>router>bgp
config>router>bgp>group
config>router>bgp>group>neighbor
Description 

This command defines how the BGP will treat a received EVPN route without RC5512 BGP encapsulation extended community. If no encapsulation is received, BGP will validate the route as MPLS or VXLAN depending on how this command is configured.

Default 

no def-recv-evpn-encap

Parameters 
mpls —
Specifies that mpls is the default encapsulation value in the case where no RFC5512 extended community is received in the incoming BGP-EVPN route.
vxlan —
Specifies that vxlan is the default encapsulation value.

python

Syntax 
python
Context 
config
Description 

This command enables the context for the configuration of the Python parameters in the system.

python-policy

Syntax 
python-policy name
Context 
config>python
Description 

This command enables the context for the configuration of the Python policy parameters in the system.

Parameters 
name—
Specifies the name of the Python policy.

vsd

Syntax 
vsd script script
no vsd
Context 
config>python
Description 

This command defines the python script for the Python policy sent by the VSD.

Parameters 
script —
Specifies the VSD script that points at the python-script command.

enable-vsd-config

Syntax 
[no] enable-vsd-config
Context 
<root>
Description 

This command allows editing of VSD services just like normal services. As this is an action that should only be executed by authorized personnel, the activation of this command is protected by the use of a password, defined under configure system security password vsd-password.

evpn-type

Syntax 
evpn-type type
no evpn-type
Context 
config>router>policy-options>policy-statement>from
Description 

This command matches BGP routes based on the EVPN route type. The route types supported in SROS, are the following:

  1. Type 1 or Auto-Discovery Ethernet Tag route, including both the AD per-ES and AD per-EVI routes Type 2 or MAC/IP route
  2. Type 2 or MAC/IP route
  3. Type 3 or IMET route, including Multicast Ethernet Tag
  4. Type 4 or ES (Ethernet Segment) route Type 5 of IP-prefix route, including IPv4 and IPv6 prefixes

The no version of this command removes the evpn-type matching.

Parameters 
name—
Specifies the EVPN route type.
Values—
1 to 5

 

5.6.2.2. Show Configuration Commands

provider-tunnel-using

Syntax 
provider-tunnel-using leaf-only [bgp-ad | bgp-vpls | bgp-evpn-mpls]
provider-tunnel-using root-and-leaf [bgp-ad | bgp-vpls | bgp-evpn-mpls]
Context 
show>service
Description 

This command displays the list of provider tunnels existing in the router for all services. The output can be filtered based on the provider tunnel owner.

Parameters 
leaf-only—
Displays the leaf-only provider tunnels for all services.
root-and-leaf—
Displays the root and leaf provider tunnels for all services.
bgp-ad—
Filters the provider tunnels owned by BGP AD services.
bgp-vpls—
Filters the provider tunnels owned by BGP VPLS services.
bgp-evpn-mpls—
Filters the provider tunnels owned by BGP EVPN-MPLS services.
Output 

Sample Output
A:PE-76# show service provider-tunnel-using root-and-leaf               
=====================================================
Provider-Tunnel Using (Root-and-Leaf)
=====================================================
SvcId      SdpId             Owner       Admin Oper
                                         State State
-----------------------------------------------------
300        32767:4294967294  bgpEvpnMpls Up    Up
-----------------------------------------------------
Number of Root-and-Leaf : 1
=====================================================
A:PE-76# show service provider-tunnel-using root-and-leaf bgp-evpn-mpls 
=====================================================
Provider-Tunnel Using (Root-and-Leaf)
=====================================================
SvcId      SdpId             Owner       Admin Oper
                                         State State
-----------------------------------------------------
300        32767:4294967294  bgpEvpnMpls Up    Up
-----------------------------------------------------
Number of Root-and-Leaf : 1
=====================================================

proxy-arp-nd

Syntax 
proxy-arp-nd
Context 
show>service
Description 

This command enables the context to configure the service-level proxy-arp-nd commands.

mac-list

Syntax 
mac-list
mac-list name
mac-list name associations
Context 
config>service>proxy-arp-nd
Description 

This command displays MAC address list information including MAC lists, MAC list details, and associations used in the proxy-arp-nd context.

Parameters 
name—
Name of the MAC address list for which the detailed information is shown; the name can be up to 32 characters.
associations—
Mandatory keyword to display the service ID and dynamic IP to which the MAC list is associated.
Output 

Sample Output
*A:PE-3# show service proxy-arp-nd mac-list 
===============================================================================
MAC List Information
===============================================================================
MAC List Name                      Last Change         Num Macs    Num Assocs
-------------------------------------------------------------------------------
list-1                             12/20/2016 09:21:13  3           1
-------------------------------------------------------------------------------
Number of Entries: 1
===============================================================================
*A:PE-3# show service proxy-arp-nd mac-list "list-1" 
===============================================================================
MAC List MAC Addr Information
===============================================================================
MAC Addr                                Last Change
-------------------------------------------------------------------------------
00:ca:fe:ca:fe:01                       12/20/2016 09:21:13
00:ca:fe:ca:fe:02                       12/20/2016 09:21:13
00:ca:fe:ca:fe:03                       12/20/2016 09:21:13
-------------------------------------------------------------------------------
Number of Entries: 3
===============================================================================
*A:PE-3# show service proxy-arp-nd mac-list "list-1" associations 
===============================================================================
MAC List Associations
===============================================================================
Service Id                    IP Addr
-------------------------------------------------------------------------------
5                             10.0.0.1
-------------------------------------------------------------------------------
Number of Entries: 1
===============================================================================

service-using

Syntax 
service-using [vsd]
service-using [origin vsd]
Context 
show>service
Description 

This command displays the services matching certain usage properties. If no optional parameters are specified, all services defined on the system are displayed.

Parameters 
vsd—
Displays the VSD domain tags used and the associated service identifier.
origin vsd—
Displays the services created by the VSD fully-dynamic integration model. Python will create the service after receiving the relevant parameters from VSD.
Output 

Sample Output
*A:PE1# show service service-using vsd 
===========================================
Services-using VSD Domain
===========================================
Svc Id     Domain
-------------------------------------------
64000      L2-DOMAIN-5
-------------------------------------------
Number of services using VSD Domain: 1
===========================================
 
 
*A:PE1# show service service-using origin vsd 
===============================================================================
Services 
===============================================================================
ServiceId    Type      Adm  Opr  CustomerId Service Name
-------------------------------------------------------------------------------
64000        VPLS      Up   Up   1          evi64000
-------------------------------------------------------------------------------
Matching Services : 1
-------------------------------------------------------------------------------
===============================================================================

system

Syntax 
system
Context 
show>service
Description 

This command enables the context to display the system parameters.

bgp-evpn

Syntax 
bgp-evpn [ethernet-segment]
bgp-evpn ethernet-segment name name [all] [evi evi] [isid isid]
Context 
show>service>system
Description 

This command shows all the information related to the base EVPN instance, including the base RD used for ES routes, the Ethernet-Segments or individual Ethernet-Segment information.

Parameters 
ethernet-segment—
Displays information for Ethernet segments.
name—
Specifies the name of an Ethernet segment for which to show information. 28 characters maximum.
all—
Displays all available information for the specified Ethernet segment.
evi—
Displays information for the specified EVI.
Values—
1 to 65535

 

isid—
Displays information for the specified ISID.
Values—
1 to 16777215

 

Output 

Sample Output
*A:PE1# show service system bgp-evpn 
===============================================================================
Service BGP EVPN Information
===============================================================================
Evpn Route Dist.   : 192.0.2.69:0                 
===============================================================================
 
*A:PE1# show service system bgp-evpn ethernet-segment 
===============================================================================
Service Ethernet Segment
===============================================================================
Name                             ESI                           Admin     Oper
-------------------------------------------------------------------------------
ESI-71                           01:00:00:00:00:71:00:00:00:01 Enabled   Up
-------------------------------------------------------------------------------
Entries found: 1
===============================================================================
 
*A:PE1# show service system bgp-evpn ethernet-segment name "ESI-71" all 
===============================================================================
Service Ethernet Segment
===============================================================================
Name                    : ESI-71
Admin State             : Enabled            Oper State         : Up
ESI                     : 01:00:00:00:00:71:00:00:00:01
Multi-homing            : allActive          Oper Multi-homing  : allActive
Source BMAC LSB         : 71-71              
ES BMac Tbl Size        : 8                  ES BMac Entries    : 1
Lag Id                  : 1                  
ES Activation Timer     : 0 secs             
Exp/Imp Route-Target    : target:00:00:00:00:71:00
 
Svc Carving             : auto               
ES SHG Label            : 262142             
===============================================================================
 
===============================================================================
EVI Information 
===============================================================================
EVI                 SvcId               Actv Timer Rem      DF
-------------------------------------------------------------------------------
1                   1                   0                   no
-------------------------------------------------------------------------------
Number of entries: 1
===============================================================================
-------------------------------------------------------------------------------
DF Candidate list
-------------------------------------------------------------------------------
EVI                                     DF Address
-------------------------------------------------------------------------------
1                                       192.0.2.69
1                                       192.0.2.72
-------------------------------------------------------------------------------
Number of entries: 2
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
                                      
===============================================================================
ISID Information 
===============================================================================
ISID                SvcId               Actv Timer Rem      DF
-------------------------------------------------------------------------------
20001               20001               0                   no
-------------------------------------------------------------------------------
Number of entries: 1
===============================================================================
-------------------------------------------------------------------------------
DF Candidate list
-------------------------------------------------------------------------------
ISID                                    DF Address
-------------------------------------------------------------------------------
20001                                   192.0.2.69
20001                                   192.0.2.72
-------------------------------------------------------------------------------
Number of entries: 2
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
===============================================================================
BMAC Information 
===============================================================================
SvcId                                   BMacAddress
-------------------------------------------------------------------------------
20000                                   00:00:00:00:71:71
-------------------------------------------------------------------------------
Number of entries: 1
===============================================================================

ethernet-segment

Syntax 
ethernet-segment
ethernet-segment name name [all]
ethernet-segment name name evi [evi]
ethernet-segment name name isid [isid]
ethernet-segment name name virtual-ranges
Context 
show>service>system>bgp-evpn
Description 

This command enables the context to display the Ethernet-Segment parameters.

Parameters 
name—
Specifies the name of an Ethernet segment for which to show information; maximum28 characters are allowed.
all—
Displays all available information for the specified Ethernet segment.
evi—
Displays information for the specified EVI.
Values—
1 to 65535

 

isid—
Displays information for the specified ISID.
Values—
1 to 16777215

 

virtual-ranges—
Displays the vc-id, qtag, s-tag, or c-tag per s-tag virtual ranges configured on the virtual Ethernet segment.
Output 

Sample Output
*A:PE-2# show service system bgp-evpn ethernet-segment name "vES-23"                
===============================================================================
Service Ethernet Segment
===============================================================================
Name                    : vES-23
Eth Seg Type            : Virtual            
Admin State             : Enabled            Oper State         : Up
ESI                     : 01:23:23:23:23:23:23:23:23:23
Multi-homing            : allActive          Oper Multi-homing  : allActive
ES SHG Label            : 262141             
Source BMAC LSB         : 00-23              
ES BMac Tbl Size        : 8                  ES BMac Entries    : 0
Lag Id                  : 1                  
ES Activation Timer     : 3 secs (default)   
Svc Carving             : manual             Oper Svc Carving   : manual
Cfg Range Type          : lowest-pref        
-------------------------------------------------------------------------------
DF Pref Election Information
-------------------------------------------------------------------------------
Preference     Preference     Last Admin Change        Oper Pref      Do No
Mode           Value                                   Value          Preempt
-------------------------------------------------------------------------------
non-revertive  100            12/20/2016 09:21:08      100            Enabled
-------------------------------------------------------------------------------
EVI Ranges: <none>
ISID Ranges: <none>
===============================================================================
*A:PE-2# show service system bgp-evpn ethernet-segment name "vES-23" evi 
===============================================================================
EVI Information 
===============================================================================
EVI                 SvcId               Actv Timer Rem      DF
-------------------------------------------------------------------------------
5                   5                   0                   yes
30                  30                  0                   yes
-------------------------------------------------------------------------------
Number of entries: 2
===============================================================================
*A:PE-2# show service system bgp-evpn ethernet-segment name "vES-23" evi 5 
===============================================================================
EVI DF and Candidate List
===============================================================================
EVI           SvcId         Actv Timer Rem      DF  DF Last Change
-------------------------------------------------------------------------------
5             5             0                   yes 12/20/2016 09:21:24
===============================================================================
===============================================================================
DF Candidates                           Time Added
-------------------------------------------------------------------------------
192.0.2.2                               12/20/2016 09:21:21
192.0.2.3                               12/20/2016 09:21:52
-------------------------------------------------------------------------------
Number of entries: 2
===============================================================================
*A:PE-2# show service system bgp-evpn ethernet-segment name "vES-23" virtual-ranges 
===============================================================================
Q-Tag Ranges
===============================================================================
Q-Tag Start         Q-Tag End           Last Changed
-------------------------------------------------------------------------------
5                   11                  12/20/2016 09:21:08
30                  30                  12/20/2016 09:21:08
-------------------------------------------------------------------------------
Number of Entries: 2
===============================================================================
===============================================================================
VC-Id Ranges
===============================================================================
VC-Id Start         VC-Id End           Last Changed
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
No entries found
===============================================================================
===============================================================================
S-Tag Ranges
===============================================================================
S-Tag Start         S-Tag End           Last Changed
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
No entries found
===============================================================================
===============================================================================
S-Tag C-Tag Ranges
===============================================================================
S-Tag Start         C-Tag Start         C-Tag End       Last Changed
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
No entries found
==============================================================================
===============================================================================
Vxlan Instance Service Ranges
===============================================================================
Svc Range Start          Svc Range End            Last Changed
-------------------------------------------------------------------------------
500                      500                      06/07/2017 15:10:59
-------------------------------------------------------------------------------
Number of Entries: 1
===============================================================================

vsd

Syntax 
vsd
Context 
show>service
Description 

This command enables the context for the vsd parameters.

domain

Syntax 
domain domain-name association
Context 
show>service>vsd
Description 

This command shows all the parameters related to a VSD domain created by the user or by VSD.

Parameters 
domain-name—
Specifies the name of the VSD domain. 64 characters maximum.
association—
Displays associations for the specified VSD domain.
Output 

Sample Output
*A:PE71(1)# show service vsd domain 
===============================================================================
VSD Domain Table
===============================================================================
Name                                    Type           Origin    Admin
-------------------------------------------------------------------------------
L2-DOMAIN-5                             l2Domain       vsd       inService
-------------------------------------------------------------------------------
Number of domain entries: 1
===============================================================================
 
 
*A:PE71(1)# show service vsd domain "L2-DOMAIN-5"  
===============================================================================
VSD Information
===============================================================================
Name               : L2-DOMAIN-5
Description        : L2-DOMAIN-5
Type               : l2Domain                     Admin State   : inService
Last Error To Vsd  : (Not Specified)
Last Error From Vsd: (Not Specified)
 
Statistics
-------------------------------------------------------------------------------
Last Cfg Chg Evt   : 07/15/2015 21:20:23          Cfg Chg Evts  : 1
Last Cfg Update    : 07/15/2015 21:20:23          Cfg Upd Rcvd  : 1
Last Cfg Done      : 07/15/2015 21:20:23          
Cfg Success        : 1                            Cfg Failed    : 0
Last Recd Params   : script = {'domain' : '', 'vn 
                   : i' : '64000', 'rt' : 'target 
                   : :64000:64000', 'rte' : 'targ 
                   : et:64000:64000', 'servicetyp 
                   : e' : 'L2DOMAIN', 'metadata'  
                   : : 'rd=1:1, sap=1/1/10:3000 ' 
                   : }                            
Last Exec Params   : script = {'domain' : '', 'vn 
                   : i' : '64000', 'rt' : 'target 
                   : :64000:64000', 'rte' : 'targ 
                   : et:64000:64000', 'servicetyp 
                   : e' : 'L2DOMAIN', 'metadata'  
                   : : 'rd=1:1, sap=1/1/10:3000 ' 
                   : }                            
===============================================================================
 
 
*A:PE71(1)# show service vsd domain "L2-DOMAIN-5" association 
============================================================
Service VSD Domain
============================================================
Svc Id      Svc Type  Domain Type    Domain Admin   Origin
------------------------------------------------------------
64000       vpls      l2Domain       inService      vsd
------------------------------------------------------------
Number of entries: 1
============================================================

root-objects

Syntax 
root-objects
Context 
show>service>vsd
Description 

This command displays the root objects created by vsd.

Output 

Sample Output
*A:PE1# show service vsd root-objects 
===============================================================================
VSD Dynamic Service Root Objects
===============================================================================
OID Prefix                  : svcRowStatus
OID index                   : .64000
Snippet name                : script
Snippet instance            : L2-DOMAIN-5
Orphan time                 : N/A
-------------------------------------------------------------------------------
No. of Root Objects: 1
===============================================================================
 

script

Syntax 
script
Context 
show>service>vsd
Description 

This command enables the context to show dynamic services script information.

snippets

Syntax 
snippets [detail]
Context 
show>service>vsd>script
Description 

This command displays the dynamic services snippets information. The CLI output generated by a single VSD service Python function call is a snippet instance.

Parameters 
detail—
Displays detailed information.
Output 

Sample Output
*A:PE1# show service vsd script snippets name "script" 
===============================================================================
VSD Dynamic Services Snippets
===============================================================================
Name                       Instance                      Ref-count  Dict-len
-------------------------------------------------------------------------------
script                     L2-DOMAIN-5                   0          126
-------------------------------------------------------------------------------
No. of Snippets: 1
===============================================================================
 
 
*A:PE1# show service vsd script snippets name "script" detail 
===============================================================================
VSD Dynamic Service Snippets
===============================================================================
Snippet            : script:L2-DOMAIN-5
-------------------------------------------------------------------------------
reference-count    : 0
dictionary-length  : 126
 
Root-object
-----------
oid                : 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0
 
Reserved-id
-----------
id                 : service-id:64000
-------------------------------------------------------------------------------
No. of Snippets: 1
===============================================================================

statistics

Syntax 
statistics
Context 
show>service>vsd>script
Description 

This command displays vsd service script statistics. Only non-zero values are shown. The script statistics can be cleared with the "clear service statistics vsd" command.

Output 

Sample Output
*A:PE1# show service vsd script statistics 
===============================================================================
VSD Dynamic Services Script Statistics
===============================================================================
Description                                                         Counter
-------------------------------------------------------------------------------
python scripts with 0 retries due to timeout                        1
setup    - jobs launched                                            1
setup    - jobs handled                                             1
setup    - success                                                  1
-------------------------------------------------------------------------------
No. of VSD Script Statistics: 4
-------------------------------------------------------------------------------
Last Cleared Time: N/A
===============================================================================

summary

Syntax 
summary
Context 
show>service>vsd
Description 

This command displays the global configuration summary for vsd services.

Output 

Sample Output
*A:PE1# show service vsd summary 
===============================================================================
VSD Information
===============================================================================
Service Range
Start              : 64000                        End           : 65000
===============================================================================
===============================================================================
VSD Domain Table
===============================================================================
Name                                    Type           Origin    Admin
-------------------------------------------------------------------------------
L2-DOMAIN-5                             l2Domain       vsd       inService
-------------------------------------------------------------------------------
Number of domain entries: 1
===============================================================================

bgp

Syntax 
bgp bgp-instance
Context 
show>service>id
Description 

This command displays all the information for a specified BGP instance in a service.

Parameters 
bgp-instance—
Specifies the BGP instance.
Output 

Sample Output
*A:PE-1# show service id 7000 bgp 1 
===============================================================================
BGP Information
===============================================================================
Vsi-Import           : None
Vsi-Export           : None
Route Dist           : 1:1
Oper Route Dist      : 1:1
Oper RD Type         : configured           
Rte-Target Import    : None                 Rte-Target Export: None
Oper RT Imp Origin   : derivedEvi           Oper RT Import   : 64500:7000
Oper RT Exp Origin   : derivedEvi           Oper RT Export   : 64500:7000
PW-Template Id       : None                 
-------------------------------------------------------------------------------
===============================================================================
*A:PE-1# show service id 7000 bgp 2 
===============================================================================
BGP Information
===============================================================================
Vsi-Import           : None
Vsi-Export           : None
Route Dist           : 2:2
Oper Route Dist      : 2:2
Oper RD Type         : configured           
Rte-Target Import    : None                 Rte-Target Export: None
Oper RT Imp Origin   : derivedEvi           Oper RT Import   : 64500:7000
Oper RT Exp Origin   : derivedEvi           Oper RT Export   : 64500:7000
-------------------------------------------------------------------------------
===============================================================================

bgp-evpn

Syntax 
bgp-evpn
Context 
show>service>id
Description 

This command displays the bgp-evpn configured parameters for a specified service, including the admin status of VXLAN, the configuration for mac-advertisement and unknown-mac-route, as well as the mac-duplication parameters. The command shows the duplicate MAC addresses that mac-duplication has detected.

This command also shows whether the ip-route-advertisement command (and the incl-host parameter) is enabled. If the service is BGP-EVPN MPLS, the command also shows the parameters corresponding to EVPN-MPLS.

Output 

Sample Output
# bgp-evpn vxlan service
 
*A:DutA# show service id 1 bgp-evpn 
===============================================================================
BGP EVPN Table
===============================================================================
MAC Advertisement  : Enabled            Unknown MAC Route  : Disabled
VXLAN Admin Status : Enabled            Creation Origin    : manual
MAC Dup Detn Moves : 5                  MAC Dup Detn Window: 3
MAC Dup Detn Retry : 9                  Number of Dup MACs : 1
IP Route Advertise*: Enabled            Include hosts      : Disabled 
-------------------------------------------------------------------------------
Detected Duplicate MAC Addresses             Time Detected
-------------------------------------------------------------------------------
00:12:12:12:12:00                            01/17/2014 16:01:02
-------------------------------------------------------------------------------
===============================================================================
===============================================================================
BGP EVPN MPLS Information
===============================================================================
Admin Status       : Disabled           
Force Vlan Fwding  : Disabled           Control Word       : Disabled
Split Horizon Group: (Not Specified)
Ingress Rep BUM Lbl: Disabled           Max Ecmp Routes    : 0
Ingress Ucast Lbl  : N/A                Ingress Mcast Lbl  : N/A
Entropy Label      : Disabled           
===============================================================================
===============================================================================
BGP EVPN MPLS Auto Bind Tunnel Information
===============================================================================
Resolution         : disabled           
Filter Tunnel Types: (Not Specified)
===============================================================================
 
# bgp-evpn mpls service
 
*A:DutA# show service id 1 bgp-evpn   
===============================================================================
BGP EVPN Table
===============================================================================
MAC Advertisement  : Enabled            Unknown MAC Route  : Disabled
CFM MAC Advertise  : Enabled            
VXLAN Admin Status : Disabled           Creation Origin    : manual
MAC Dup Detn Moves : 3                  MAC Dup Detn Window: 3
MAC Dup Detn Retry : 9                  Number of Dup MACs : 0
IP Route Advertise*: Disabled           
 
EVI                : 1                  
 
-------------------------------------------------------------------------------
Detected Duplicate MAC Addresses             Time Detected
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
===============================================================================
* indicates that the corresponding row element may have been truncated.
 
===============================================================================
BGP EVPN MPLS Information
===============================================================================
Admin Status       : Enabled            
Force Vlan Fwding  : Disabled           Control Word       : Disabled
Split Horizon Group: (Not Specified)
Ingress Rep BUM Lbl: Disabled           Max Ecmp Routes    : 4
Ingress Ucast Lbl  : 262142             Ingress Mcast Lbl  : 262142
Entropy Label      : Disabled           
===============================================================================
 
===============================================================================
BGP EVPN MPLS Auto Bind Tunnel Information
===============================================================================
Resolution         : any                
Filter Tunnel Types: (Not Specified)
===============================================================================

isid-route-target

Syntax 
isid-route-target
Context 
show>service>id>bgp-evpn
Description 

This command displays a list of the auto-derived or configured ISID-based route-targets per B-VPLS service. The entries show the ISID ranges and association to either an auto-rt or an actual configured route-target.

The auto-rt display format is: <2-byte-as-number>:<4-byte-value>, where: 4-byte-value = 0x30+ISID.

Output 

Sample Output
*A:PE-2# show service id 10 bgp-evpn isid-route-target 
===============================================================================
EVPN ISID RT Information
===============================================================================
Start     End       RT type    Route Target                Last Chgd
Range     Range                                            
-------------------------------------------------------------------------------
11        11        auto       N/A                         10/03/2016 16:19:46
-------------------------------------------------------------------------------
Number of Entries: 1
===============================================================================

evpn-mpls

Syntax 
evpn-mpls [esi esi] [es-bmac ieee-address]
Context 
show>service>id
Description 

This command displays the existing EVPN-MPLS destinations for a specified service and all related information. The command allows filtering based on esi (for EVPN multi-homing) and es-bmac (for PBB-EVPN multi-homing) to display the EVPN-MPLS destinations associated to an ESI.

Parameters 
esi—
Specifies an ESI by which to filter the displayed information.
ieee-address—
Specifies a 48-bit MAC address by which to filter information. The parameter is entered in the form xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx, where xx represents a hexadecimal number.
Output 

Sample Output
*A:PE1# show service id 1 evpn-mpls 
===============================================================================
BGP EVPN-MPLS Dest
===============================================================================
TEP Address     Egr Label     Num. MACs   Mcast           Last Change
                 Transport                                
-------------------------------------------------------------------------------
192.0.2.69      262140        0           Yes             07/15/2015 19:44:07
                ldp                                        
192.0.2.69      262141        2           No              07/15/2015 19:44:07
                ldp                                        
192.0.2.70      262139        0           Yes             07/15/2015 19:44:07
                ldp                                        
192.0.2.70      262140        1           No              07/15/2015 19:44:07
                ldp                                        
192.0.2.72      262140        0           Yes             07/15/2015 19:44:07
                ldp                                        
192.0.2.72      262141        1           No              07/15/2015 19:44:07
                ldp                                        
192.0.2.73      262139        0           Yes             07/15/2015 19:44:09
                ldp                                        
192.0.2.254     262142        1           Yes             07/15/2015 19:44:31
                bgp                                        
-------------------------------------------------------------------------------
Number of entries : 8
-------------------------------------------------------------------------------
===============================================================================
===============================================================================
BGP EVPN-MPLS Ethernet Segment Dest
===============================================================================
Eth SegId                       Num. Macs               Last Change
-------------------------------------------------------------------------------
01:00:00:00:00:71:00:00:00:01   2                       07/15/2015 20:41:09
01:74:13:00:74:13:00:00:74:13   1                       07/15/2015 20:41:07
-------------------------------------------------------------------------------
Number of entries: 2
-------------------------------------------------------------------------------
===============================================================================
                                      
===============================================================================
BGP EVPN-MPLS ES BMAC Dest
===============================================================================
vBmacAddr                       Num. Macs               Last Change
-------------------------------------------------------------------------------
No Matching Entries
===============================================================================
 
 
*A:PE1# show service id 1 evpn-mpls esi 01:00:00:00:00:71:00:00:00:01 
===============================================================================
BGP EVPN-MPLS Ethernet Segment Dest
===============================================================================
Eth SegId                       Num. Macs               Last Change
-------------------------------------------------------------------------------
01:00:00:00:00:71:00:00:00:01   2                       07/15/2015 20:41:09
===============================================================================
===============================================================================
BGP EVPN-MPLS Dest TEP Info
===============================================================================
TEP Address              Egr Label                Last Change
                         Transport                
-------------------------------------------------------------------------------
192.0.2.69               262141                   07/15/2015 20:41:09
                         ldp                       
192.0.2.72               262141                   07/15/2015 20:41:09
                         ldp                       
-------------------------------------------------------------------------------
Number of entries : 2
-------------------------------------------------------------------------------
===============================================================================
 
 
A:PE3# show service id 20000 evpn-mpls es-bmac 00:00:00:00:71:71 
===============================================================================
BGP EVPN-MPLS ES BMAC Dest
===============================================================================
vBmacAddr                       Num. Macs               Last Change
-------------------------------------------------------------------------------
00:00:00:00:71:71               1                       07/15/2015 19:44:10
===============================================================================
===============================================================================
BGP EVPN-MPLS ES BMAC Dest TEP Info
===============================================================================
TEP Address               Egr Label               Last Change
                          Transport               
-------------------------------------------------------------------------------
192.0.2.69                262138                  07/15/2015 19:44:10
                          ldp                      
-------------------------------------------------------------------------------
Number of entries : 1
-------------------------------------------------------------------------------
===============================================================================

esi

Syntax 
esi esi
Context 
show>service>id>evpn-mpls
Description 

This command shows the remote Ethernet segment identifiers (ESIs) as well as the BGP-EVPN MPLS destinations associated to them.

Parameters 
esi—
Specifies a 10-byte ESI.
Output 

Sample Output
*A:PE71(1)# show service id 1 evpn-mpls esi 01:00:00:00:00:71:00:00:00:01 
===============================================================================
BGP EVPN-MPLS Ethernet Segment Dest
===============================================================================
Eth SegId                       Num. Macs               Last Change
-------------------------------------------------------------------------------
01:00:00:00:00:71:00:00:00:01   1                       07/17/2015 18:31:27
===============================================================================
===============================================================================
BGP EVPN-MPLS Dest TEP Info
===============================================================================
TEP Address              Egr Label                Last Change
                         Transport                
-------------------------------------------------------------------------------
192.0.2.69               262141                   07/17/2015 18:31:26
                         ldp                       
192.0.2.72               262141                   07/17/2015 18:31:26
                         ldp                       
-------------------------------------------------------------------------------
Number of entries : 2
-------------------------------------------------------------------------------
=============================================================================== 
 

es-bmac

Syntax 
es-bmac ieee-address
Context 
show>service>id>evpn-mpls
Description 

This command shows the remote Ethernet segment BMACs as well as the BGP-EVPN MPLS destinations associated to them.

Parameters 
ieee-address—
Specifies a 48-bit MAC address in the form xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx, where xx represents a hexadecimal number.
Output 

Sample Output
*A:PE70(4)# show service id 20000 evpn-mpls es-bmac 00:00:00:00:71:71 
===============================================================================
BGP EVPN-MPLS ES BMAC Dest
===============================================================================
vBmacAddr                       Num. Macs               Last Change
-------------------------------------------------------------------------------
00:00:00:00:71:71               1                       07/15/2015 19:50:22
===============================================================================
===============================================================================
BGP EVPN-MPLS ES BMAC Dest TEP Info
===============================================================================
TEP Address               Egr Label               Last Change
                          Transport               
-------------------------------------------------------------------------------
192.0.2.69                262138                  07/15/2015 19:50:22
                          ldp                      
192.0.2.72                262136                  07/15/2015 19:50:22
                          ldp                      
-------------------------------------------------------------------------------
Number of entries : 2
-------------------------------------------------------------------------------
=============================================================================== 

es-pbr

Syntax 
es-pbr
Context 
show>service>id
Description 

When a filter with an action forward esi is successfully added to a VPLS service and the PE receives an EVPN Auto-Discovery route for the configured ESI, this command displays the PBR VXLAN bindings auto-created, including the ESI, the VXLAN VTEP:VNI and the status of the binding.

Output 

Sample Output
A:PE1# show service id 301 es-pbr 
===============================================================================
L2 ES PBR
===============================================================================
ESI                           Users      Status
                                         VTEP:VNI
-------------------------------------------------------------------------------
ff:00:00:00:00:00:00:00:00:01 1          Active
                                         192.0.2.72:7272
-------------------------------------------------------------------------------
Number of entries : 1
-------------------------------------------------------------------------------
===============================================================================

proxy-arp

Syntax 
proxy-arp [ip-address] [detail]
proxy-arp [ip-address] dynamic
Context 
show>service>id
Description 

This command displays, in a table, the existing proxy-ARP entries for a particular service. The table is populated by EVPN MAC routes that contain a MAC and an IP address, as well as static entries or dynamic entries from snooped ARP messages on access SAP or SDP-bindings.

A 7750 SR, 7450 ESS, or 7950 XRS that receives an ARP request from a SAP or SDP-binding performs a lookup in the proxy-ARP table for the service. If a match is found, the router replies to the ARP and does not allow ARP flooding in the VPLS service. If a match is not found, the ARP is flooded within the service if the configuration allows it.

The command allows for specific IP addresses to be displayed. Dynamic IP entries associated to a MAC list are displayed with the corresponding MAC list and resolve timers information.

Parameters 
ip-address—
Specifies an IP address.
Values—
a.b.c.d

 

detail—
Displays detailed information.
dynamic—
Displays detailed information about dynamic entries.
Output 

Sample Output
*A:PE-3# show service id 5 proxy-arp 
-------------------------------------------------------------------------------
Proxy Arp
-------------------------------------------------------------------------------
Admin State       : enabled             
Dyn Populate      : enabled             
Age Time          : disabled            Send Refresh      : 120 secs
Table Size        : 250                 Total             : 1
Static Count      : 0                   EVPN Count        : 0
Dynamic Count     : 1                   Duplicate Count   : 0
Dup Detect
-------------------------------------------------------------------------------
Detect Window     : 3 mins              Num Moves         : 5
Hold down         : 9 mins              
Anti Spoof MAC    : None
EVPN
-------------------------------------------------------------------------------
Garp Flood        : enabled             Req Flood         : enabled
Static Black Hole : disabled            
EVPN Route Tag    : 10            
-------------------------------------------------------------------------------
*A:PE-3# show service id 5 proxy-arp detail 
-------------------------------------------------------------------------------
Proxy Arp
-------------------------------------------------------------------------------
Admin State       : enabled             
Dyn Populate      : enabled             
Age Time          : disabled            Send Refresh      : 120 secs
Table Size        : 250                 Total             : 1
Static Count      : 0                   EVPN Count        : 0
Dynamic Count     : 1                   Duplicate Count   : 0
Dup Detect
-------------------------------------------------------------------------------
Detect Window     : 3 mins              Num Moves         : 5
Hold down         : 9 mins              
Anti Spoof MAC    : None
EVPN
-------------------------------------------------------------------------------
Garp Flood        : enabled             Req Flood         : enabled
Static Black Hole : disabled            
EVPN Route Tag    : 10            
-------------------------------------------------------------------------------
===============================================================================
VPLS Proxy Arp Entries
===============================================================================
IP Address          Mac Address         Type      Status    Last Update
-------------------------------------------------------------------------------
10.0.0.1            00:ca:fe:ca:fe:01   dyn       active    12/20/2016 12:38:28
-------------------------------------------------------------------------------
Number of entries : 1
===============================================================================
*A:PE-3# show service id 5 proxy-arp dynamic 
===============================================================================
Proxy ARP Dyn Cfg Summary
===============================================================================
IP Addr                                 Mac List
-------------------------------------------------------------------------------
10.0.0.1                                list-1
-------------------------------------------------------------------------------
Number of Entries: 1
===============================================================================
*A:PE-3# show service id 5 proxy-arp dynamic 10.0.0.1 
===============================================================================
Proxy ARP Dyn Cfg Detail
===============================================================================
IP Addr        Mac List                           Resolve Time   Remaining
                                                  (mins)          Resolve Time
                                                                 (secs)
-------------------------------------------------------------------------------
10.0.0.1       list-1                             1              0
-------------------------------------------------------------------------------
Number of Entries: 1
===============================================================================

proxy-nd

Syntax 
proxy-nd [ipv6-address] [detail]
proxy-nd [ipv6-address] dynamic
Context 
show>service>id
Description 

This command displays, in a table, the existing proxy-ND entries for a particular service. The table is populated by the EVPN MAC routes containing a MAC and an IPv6 address, as well as static entries or dynamic entries from snooped NA messages on access SAP or SDP-bindings.

A 7750 SR, 7450 ESS, or 7950 XRS that receives a Neighbor Solicitation (NS) from a SAP or SDP-binding performs a lookup in the proxy-ND table for the service. If a match is found, the router replies to the NS and does not allow NS flooding in the VPLS service. If a match is not found, the NS is flooded in the service if the configuration allows it.

The command allows for specific IPv6 addresses to be shown. Dynamic IPv6 entries associated to a MAC list are shown with the corresponding MAC list and resolve timers information.

Parameters 
ipv6-address—
Specifies an IPv6 address.
Values—
ipv6-address:
                  x:x:x:x:x:x:x:x (eight 16-bit pieces)
                  x:x:x:x:x:x:d.d.d.d
                  where:
                            x - [0 to FFFF]H
                            d - [0 to 255]D

 

detail—
Displays detailed information.
dynamic—
Displays detailed information about dynamic entries.
Output 

Sample Output
*A:PE-2#  show service id 5 proxy-nd        
-------------------------------------------------------------------------------
Proxy ND
-------------------------------------------------------------------------------
Admin State       : enabled             
Dyn Populate      : enabled             
Age Time          : disabled            Send Refresh      : 120 secs
Table Size        : 250                 Total             : 1
Static Count      : 0                   EVPN Count        : 0
Dynamic Count     : 1                   Duplicate Count   : 0
Dup Detect
-------------------------------------------------------------------------------
Detect Window     : 3 mins              Num Moves         : 5
Hold down         : 9 mins              
Anti Spoof MAC    : None
EVPN
-------------------------------------------------------------------------------
Unknown NS Flood  : enabled             ND Advertise      : Router
Rtr Unsol NA Flood: enabled             Host Unsol NA Fld : enabled
EVPN Route Tag    : 10            
-------------------------------------------------------------------------------
*A:PE-2#  show service id 5 proxy-nd detail 
-------------------------------------------------------------------------------
Proxy ND
-------------------------------------------------------------------------------
Admin State       : enabled             
Dyn Populate      : enabled             
Age Time          : disabled            Send Refresh      : 120 secs
Table Size        : 250                 Total             : 1
Static Count      : 0                   EVPN Count        : 0
Dynamic Count     : 1                   Duplicate Count   : 0
Dup Detect
-------------------------------------------------------------------------------
Detect Window     : 3 mins              Num Moves         : 5
Hold down         : 9 mins              
Anti Spoof MAC    : None
EVPN
-------------------------------------------------------------------------------
Unknown NS Flood  : enabled             ND Advertise      : Router
Rtr Unsol NA Flood: enabled             Host Unsol NA Fld : enabled
EVPN Route Tag    : 10            
-------------------------------------------------------------------------------
===============================================================================
VPLS Proxy ND Entries
===============================================================================
IP Address               Mac Address       Type Status Rtr/ Last Update
                                                       Host 
-------------------------------------------------------------------------------
2001:db8:1000::1         00:ca:fe:ca:fe:01 dyn  active Rtr  12/20/2016 14:04:10
-------------------------------------------------------------------------------
Number of entries : 1
===============================================================================
*A:PE-2#  show service id 5 proxy-nd dynamic 
===============================================================================
Proxy ND Dyn Cfg Summary
===============================================================================
IP Addr                                 Mac List
-------------------------------------------------------------------------------
2001:db8:1000::1                        list-1
-------------------------------------------------------------------------------
Number of Entries: 1
===============================================================================
*A:PE-2#  show service id 5 proxy-nd dynamic 2001:db8:1000::1
===============================================================================
Proxy ND Dyn Cfg Detail
===============================================================================
IP Addr                                 Mac List
 Resolve Time(mins)                      Remaining Resolve Time(secs)
-------------------------------------------------------------------------------
2001:db8:1000::1                        list-1
1                                       0
-------------------------------------------------------------------------------
Number of Entries: 1
===============================================================================

vxlan

Syntax 
vxlan [instance instance]
vxlan [instance instance] assisted-replication replicator
vxlan [instance instance] destinations
vxlan esi esi
vxlan detail
vxlan instance instance oper-flags
Context 
show>service>id
Description 

This command displays the VXLAN instance parameters. With destinations added, the command shows the VXLAN bindings auto-created or configured in a specified service. The service command can be filtered by VXLAN instance, if the service has more than one instance. A VXLAN binding is composed of the remote (VTEP) and the corresponding egress (VNI) to identify the service at the egress node. The command shows the number of MACs associated to each binding as well as the operational status and if the binding is part of the multicast list. The binding will be operationally down when the VTEP address is not found in the base routing table (the VTEP address cannot be reached). A binding will be part of a multicast list if a valid BGP EVPN inclusive multicast route exists for it.

A VXLAN binding can be associated with the following types of multicast values.

  1. BM — Refers to the capability of the binding to send broadcast or multicast to the remote VTEP. This binding type is setup to AR replicator nodes from a leaf node.
  2. BUM — Refers to the capability of the binding to send broadcast or multicast to the remote VTEP. This binding type is setup to AR replicator nodes from a leaf node.
  3. U — Refers to the capability of the binding to send unknown unicast to the VTEP. This binding type is setup from leaf nodes to other leaf and RNVE nodes.
  4. “-” — Specifies that the binding can only be used for known unicast traffic.
Parameters 
assisted-replication replicator
Displays all the discovered candidate AR replicators for the service and the replicator that has been selected by the leaf to send the BM traffic. The list of replicators is ordered by VTEP address and VNI. This command is only supported on the nodes configured as leaf.

The “In Use” column indicates whether the replicator has been selected for the service. When selecting a replicator for the service, the candidate list is ordered by VTEP IP (lowest IP is ordinal 0) and VNI. A modulo function of the service ID and the number of candidate PEs will give the selected replicator for a specified service.

The “Pending Time” column shows the remaining seconds until the node starts sending the BM traffic to the replicator. This time is configurable by the replicator-activation-time parameter.

For services supporting EVPN multi-homing, the command can also show ES destinations as well as VXLAN bindings. In this case, the output can be filtered by the ESI in order to see the VXLAN destinations that the ES is comprised of.

instance —
Specifies the VXLAN instance.
Values—
1, 2

 

Output 

Sample Output
A:PE-1# show service id 900 vxlan
===============================================================================
VPLS VXLAN
===============================================================================
Vxlan Src Vtep IP: N/A
===============================================================================
Vxlan Instance
===============================================================================
VXLAN Instance                VNI         AR          Oper-flags   VTEP
                                                                   security
-------------------------------------------------------------------------------
1                             900         none        none         disabled
2                             901         none        none         disabled
-------------------------------------------------------------------------------
Number of Entries : 2
 
A:PE-1# show service id 900 vxlan instance 1
===============================================================================
VPLS VXLAN, Vxlan Instance: 1, VNI: 900
===============================================================================
Creation Origin: manual
Assisted-Replication: none
RestProtSrcMacAct: none
===============================================================================
VPLS VXLAN service Network Specifics
===============================================================================
-------------------------------------------------------------------------------
Ing Net QoS Policy: none 
Ingress FP QGrp   : (none)                  Ing FP QGrp Inst        : (none)
VTEP security     : disabled                MAC Learning            : enabled
MAC Aging         : enabled                 Discard Unknown Source  : disabled
MAC address limit : 0 
                      ====================================================================================
========================================================================
 
 
A:PE6# show service id 7000 vxlan assisted-replication replicator 
===============================================================================
Vxlan AR Replicator Candidates
===============================================================================
VTEP Address           Egress VNI     In Use  In Candidate List Pending Time
-------------------------------------------------------------------------------
10.4.4.4                7000           yes     yes               0
10.5.5.5                7000           no      yes               0
-------------------------------------------------------------------------------
Number of entries : 2
-------------------------------------------------------------------------------
===============================================================================
A:PE-2# show service id 500 vxlan instance 1 oper-flags  
 
=============================================================================== 
VPLS VXLAN oper flags 
=============================================================================== 
MhStandby                              : false 
===============================================================================
A:PE-1# show service id 600 vxlan esi 00:23:23:23:23:23:23:00:00:02
 
===============================================================================
BGP EVPN-VXLAN Ethernet Segment Dest
===============================================================================
Eth SegId                               Last Change
00:23:23:23:23:23:23:00:00:02           04/10/2018 18:28:04
===============================================================================
 
===============================================================================
BGP EVPN-VXLAN Dest TEP Info
===============================================================================
TEP Address              Egr VNI                  Last Change
-------------------------------------------------------------------------------
192.0.2.2                600                      04/10/2018 18:25:43
192.0.2.3                600                      04/10/2018 18:28:04
-------------------------------------------------------------------------------
Number of entries : 2
-------------------------------------------------------------------------------
===============================================================================
 
A:PE-1# show service id 900 vxlan destinations
===============================================================================
Egress VTEP, VNI
===============================================================================
Instance    VTEP Address                            Egress VNI  Evpn/   Static
Mcast       Oper State                              L2 PBR     Static  Num.
MACs
-------------------------------------------------------------------------------
1           192.0.2.2                               900         static  0
 BUM         Up                                      No
 
2           192.0.2.2                               901         static  0
 BUM         Up                                      No
-------------------------------------------------------------------------------
Number of Egress VTEP, VNI : 2
-------------------------------------------------------------------------------
===============================================================================

evpn-mpls

Syntax 
evpn-mpls [tep-ip-address]
Context 
show>service
Description 

This command shows the remote EVPN-MPLS tunnel endpoints in the system.

Parameters 
tep-ip-address—
Specifies the IP address of a tunnel endpoint.
Values—
a.b.c.d

 

Output 

Sample Output
*A:PE70(4)# show service evpn-mpls 
===============================================================================
EVPN MPLS Tunnel Endpoints
===============================================================================
EvpnMplsTEP Address EVPN-MPLS Dest      ES Dest             ES BMac Dest
-------------------------------------------------------------------------------
192.0.2.69          3                   1                   1
192.0.2.71          2                   0                   0
192.0.2.72          3                   1                   1
192.0.2.73          2                   1                   0
192.0.2.254         1                   0                   0
-------------------------------------------------------------------------------
Number of EvpnMpls Tunnel Endpoints: 5
-------------------------------------------------------------------------------
===============================================================================
*A:PE70(4)# show service evpn-mpls 
<TEP ip-address>
 192.0.2.69   192.0.2.71   192.0.2.72   192.0.2.73   192.0.2.254
 
 
*A:PE70(4)# show service evpn-mpls 192.0.2.69 
===============================================================================
BGP EVPN-MPLS Dest
===============================================================================
Service Id                              Egr Label
-------------------------------------------------------------------------------
1                                       262140
1                                       262141
20000                                   262138
-------------------------------------------------------------------------------
===============================================================================
 
===============================================================================
BGP EVPN-MPLS Ethernet Segment Dest
===============================================================================
Service Id          Eth Seg Id                              Egr Label
-------------------------------------------------------------------------------
1                   01:00:00:00:00:71:00:00:00:01           262141
-------------------------------------------------------------------------------
===============================================================================
===============================================================================
BGP EVPN-MPLS ES BMac Dest
===============================================================================
Service Id               ES BMac                  Egr Label
-------------------------------------------------------------------------------
20000                    00:00:00:00:71:71        262138
-------------------------------------------------------------------------------
===============================================================================
 

vxlan

Syntax 
vxlan [ip-address]
Context 
show>service
Description 

This command displays the VXLAN bindings auto-created in a specified service. A VXLAN binding is composed of the remote VTEP (VXLAN Termination Endpoint) and the corresponding egress VNI (VXLAN Network Identifier) to identify the service at the egress node. The command shows the number of MACs associated to each binding as well as the operational status and if the binding is part of the multicast list. The binding will be operationally down when the VTEP address is not found in the base routing table (the VTEP address cannot be reached). A binding will be part of the multicast list if a valid BGP EVPN inclusive multicast route exists for it.

A VXLAN binding can be associated with the following types of Mcast values.

  1. BM — Refers to the capability of the binding to send Broadcast or Multicast to the remote VTEP. This binding type is setup to AR Replicator nodes from a Leaf node.
  2. BUM — Refers to the capability of the binding to send Broadcast or Multicast to the remote VTEP. This binding type is setup to AR Replicator nodes from a Leaf node.
  3. U — Refers to the capability of the binding to send Unknown Unicast to the VTEP. This binding type is setup from Leaf nodes to other Leaf and RNVE nodes.
  4. “-” — Specifies that the binding can only be used for known unicast traffic.
Parameters 
ip-address—
Specifies the remote VTEP address for the VXLAN binding.
Values—
ipv4-address: a.b.c.d
ipv6-address: x:x:x:x:x:x:x:x (eight 16-bit pieces)
                       x:x:x:x:x:x:d.d.d.d
             where:
                        x: [0 to FFFF]H
                        d: [0 to 255]D

 

Output 

Sample Output
===============================================================================
A:PE6# show service vxlan         
===============================================================================
VXLAN Tunnel Endpoints (VTEPs)
===============================================================================
VTEP Address                                 Number of Egress VNIs    Oper
                                                                      State
-------------------------------------------------------------------------------
10.2.2.2                                      1                        Up
10.4.4.4                                      2                        Up
10.5.5.5                                      1                        Up
192.0.2.2                                    1                        Up
192.0.2.3                                    1                        Up
192.0.2.4                                    2                        Up
192.0.2.5                                    2                        Up
-------------------------------------------------------------------------------
Number of VTEPs: 7
-------------------------------------------------------------------------------
===============================================================================
A:PE6# show service vxlan 2.2.2.2 
===============================================================================
VXLAN Tunnel Endpoint: 2.2.2.2
===============================================================================
Egress VNI                    Service Id               Oper State
-------------------------------------------------------------------------------
4000                          4000                     Up
-------------------------------------------------------------------------------
===============================================================================

vxlan-instance-using

Syntax 
vxlan-instance-using ethernet-segment [name]
Context 
show>service
Description 

This command displays the services and VXLAN instances associated with a specified virtual ES, as well as its operational status.

Parameters 
name—
Specifies the virtual ES name, up to 28 characters.
Output 

Sample Output
A:PE-2# show service vxlan-instance-using ethernet-segment "vES23" 
===============================================================================
VXLAN Ethernet-Segment Information
===============================================================================
SvcId                            VXLAN Instance                  Status
-------------------------------------------------------------------------------
500                              1                               DF
===============================================================================
A:PE-2# show service vxlan-instance-using ethernet-segment         
===============================================================================
VXLAN Ethernet-Segment Information
===============================================================================
SvcId       VXLAN Instance      ES Name                          Status
-------------------------------------------------------------------------------
500         1                   vES23                            DF
===============================================================================

server

Syntax 
server [name]
Context 
show>system>xmpp
Description 

This command shows the connectivity to the XMPP server, including the configured parameters and statistics. When the user provides the name of the server, a detailed view is shown.

Parameters 
name—
Specifies the name of the XMPP server. 32 characters maximum.
Output 

Sample Output
:sr12U-46-PE2# show system xmpp server           
==========================================================================
XMPP Server Table
==========================================================================
Name                            User Name          State
 XMPP FQDN                       Last State chgd    Admin State
--------------------------------------------------------------------------
vsd1-hy                         cspTest             Functional
 vsd1-hy.alu-srpm.us             0d 22:42:15        inService
--------------------------------------------------------------------------
No. of XMPP server's: 1
==========================================================================
B:Dut# show system xmpp server "vsd1-hy" 
==========================================================================
XMPP Server Table
==========================================================================
XMPP FQDN          : vsd1-hy.alu-srpm.us
XMPP Admin User    : cspTest             
XMPP Oper User     : cspTest             
State Lst Chg Since: 0d 22:40:16        State              : Functional
Admin State        : Up                 Connection Mode    : outOfBand
Auth Type          : md5
IQ Tx.             : 306                IQ Rx.             : 306
IQ Error           : 72                 IQ Timed Out       : 0
IQ Min. Rtt        : 100 ms             IQ Max. Rtt        : 450 ms
IQ Ack Rcvd.       : 234                
Push Updates Rcvd  : 41                 VSD list Upd Rcvd  : 91
Msg Tx.            : 279                Msg Rx.            : 207
Msg Ack. Rx.       : 135                Msg Error          : 72
Msg Min. Rtt       : 0 ms               Msg Max. Rtt       : 450 ms
Sub Tx.            : 1                  UnSub Tx.          : 0
Msg Timed Out      : 0                  
 
==========================================================================

vsd

Syntax 
vsd [entry]
Context 
show>system
show>system>xmpp
Description 

This command shows the connectivity to the VSD server, including the configured parameters and statistics. When the user provides the entry number of the VSD server, a detailed view for that specific server is shown, including statistics.

Parameters 
entry—
Specifies the entry number of the VSD server.
Values—
0 to 4294967295

 

Output 

Sample Output
:Dut# show system vsd 
==========================================================================
VSD Information
==========================================================================
System Id               : SR12U-46-PE
GW Last Audit Tx Time   : 03/07/2000 04:07:06
 
Gateway Publish-Subscribe Information
--------------------------------------------------------------------------
Subscribed              : True
Subscriber Name         : nuage_gateway_id_SR12U-46-PE
Last Subscription Time  : 03/06/2000 05:27:06
==========================================================================
 
 
*B:Dut# show system xmpp vsd   
==========================================================================
Virtual Services Directory Table
==========================================================================
Id User Name                    Uptime             Status
--------------------------------------------------------------------------
1  cna@vsd1-hy.alu-srpm.us/nua* 0d 22:45:39        Available
--------------------------------------------------------------------------
No. of VSD's: 1
==========================================================================
 
 
*B:Dut# show system xmpp vsd 1 
==========================================================================
VSD Server Table
==========================================================================
VSD User Name      : cna@vsd1-hy.alu-srpm.us/nuage
Uptime             : 0d 22:45:41        Status             : Available
Msg Tx.            : 282                Msg Rx.            : 209
Msg Ack. Rx.       : 136                Msg Error          : 73
Msg TimedOut       : 0                  Msg MinRtt         : 70 ms
Msg MaxRtt         : 450 ms             
 
==========================================================================

domain

Syntax 
domain [domain-name] [association]
Context 
show>system>vsd
Description 

This command shows the different VSD domains configured in the system. If association is added, the VSD domain to service association is shown. If a specific domain-name is used, configuration event statistics are shown.

Parameters 
domain-name—
Specifies a VSD domain for which to display information.
association—
Displays all VSD domain-to-service associations.
Output 

Sample Output
B:Dut# show service vsd domain 
===============================================================================
VSD Domain Table
===============================================================================
Name                                    Type           Origin    Admin
-------------------------------------------------------------------------------
nuage_401                               l2DomainIrb    manual    inService
nuage_402                               l2Domain       manual    inService
nuage_501                               l2Domain       manual    inService
nuage_502                               l2Domain       manual    inService
-------------------------------------------------------------------------------
Number of entries: 4
===============================================================================
*B:Dut# show service vsd domain "nuage_501" 
===============================================================================
VSD Information
===============================================================================
Name               : nuage_501
Description        : nuage_501_l2_domain
Type               : l2Domain                     Admin State   : inService
Last Error To Vsd  : (Not Specified)
Last Error From Vsd: (Not Specified)
 
Statistics
-------------------------------------------------------------------------------
Last Cfg Chg Evt   : 01/01/2000 00:00:11          Cfg Chg Evts  : 0
Last Cfg Update    : 01/01/2000 00:00:11          Cfg Upd Rcvd  : 0
Last Cfg Done      : 01/01/2000 00:00:11          
Cfg Success        : 0                            Cfg Failed    : 0
===============================================================================
*B:Dut# show service vsd domain "nuage_501" association 
============================================================
Service VSD Domain
============================================================
Svc Id      Svc Type  Domain Type    Domain Admin   Origin
------------------------------------------------------------
501         vpls      l2Domain       inService      manual
------------------------------------------------------------
Number of entries: 1
============================================================
*B:sr12U-46-PE2# show service vsd domain association             
===========================================
Services-using VSD Domain
===========================================
Svc Id     Domain
-------------------------------------------
501        nuage_501
502        nuage_502
-------------------------------------------
Number of services using VSD Domain: 2
===========================================

vxlan

Syntax 
vxlan
Context 
show>service>system
Description 

This command shows the global VXLAN configuration in the system. In particular, the command displays the configured assisted-replication IP address and the VXLAN tunnel-termination addresses, if the system terminates VXLAN tunnels in addresses that are not the same as the system IP address.

Output 

Sample Output
A:PE1# show service system vxlan 
===============================================================================
System VXLAN Information
===============================================================================
Asstd Repl Ip Address.                 : 
===============================================================================
===============================================================================
Vxlan Tunnel Termination
===============================================================================
Tunnel Term IP                               FPE ID    Last Change
-------------------------------------------------------------------------------
10.11.11.1                                   1         06/22/2016 14:18:55
-------------------------------------------------------------------------------
Number of Entries: 1
-------------------------------------------------------------------------------
===============================================================================

redundancy

Syntax 
redundancy
Context 
show
Description 

This command enables the context for the display of global redundancy parameters.

bgp-evpn-multi-homing

Syntax 
bgp-evpn-multi-homing
Context 
show>redundancy
Description 

This command shows the information related to the EVPN global timers.

Output 

Sample Output
*A:PE2# show redundancy bgp-evpn-multi-homing 
===============================================================================
Redundancy BGP EVPN Multi-homing Information
===============================================================================
Boot-Timer              : 10 secs                 
Boot-Timer Remaining    : 0 secs                  
ES Activation Timer     : 3 secs                  
===============================================================================

5.6.2.3. Clear Commands

mac-dup-detect

Syntax 
mac-dup-detect {ieee-address | all}
Context 
clear>service>id>evpn
Description 

This command clears a duplicate MAC and restarts the MAC duplication process. It also clears black-hole MACs.

Parameters 
ieee-address —
Specifies the MAC address.
all
Specifies that the clear command applies to all duplicate MACs.

domain

Syntax 
domain [name]
Context 
clear>service>statistics>vsd
Description 

This command clears the statistics shown in the show service vsd domain name command.

Parameters 
name —
Specifies the VSD domain name.

scripts

Syntax 
scripts
Context 
clear>service>statistics>vsd
Description 

This command clears the statistics shown in the show service vsd script statistics command.

server

Syntax 
server [xmpp-server-name]
Context 
clear>system>statistics>xmpp
Description 

This command clears the statistics shown in the show system xmpp server name command.

Parameters 
xmpp-server-name —
Specifies the XMPP server name.

server

Syntax 
server [xmpp-server-name]
Context 
clear>system>statistics>xmpp
Description 

This command clears the statistics shown in the show system xmpp server name command.

Parameters 
xmpp-server-name —
Specifies the XMPP server name.

fdb

Syntax 
fdb [{all | mac ieee-address | sap sap-id | mesh-sdp sdp-id [:vc-id] | spoke-sdp sdp-id [:vc-id] | vxlan-instance 1...2 [vtep ip-address]}
Context 
clear>service>id
Description 

This command clears the FDB entries for the service.

Parameters 
all—
Clears all FDB entries.
ieee-address —
Clears only FDB entries in the FDB table with the specified 48-bitaddress. The MAC address can be expressed in the form aa:bb:cc:dd:ee:ff or aa-bbcc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers.
sap-id —
Clears the physical port identifier portion of the SAP definition.
mesh-sdp —
Clears only the service FDB entries associated with the specified mesh SDP ID. For a mesh SDP, the VC ID is optional.
spoke-sdp —
Clears only the service FDB entries associated with the specified spoke-SDP ID. For a spoke-SDP, the VC ID must be specified.
sap-id —
Specifies the SDP ID for which the associated FDB entries will be cleared.
vc-id —
Specifies the virtual circuit ID on the SDP ID for which the associated FDBentries will be cleared.
Values—
sdp-id[:vc-id] sdp-id: 1 to 17407
vc-id: 1 to 4294967295
sdp-id:vc-id sdp-id: 1 to 17407
vc-id: 1 to 4294967295

 

vxlan-instance —
Clears only the service FDB entries associated with the specified static VXLAN instance. The instance ID, 1 or 2 must be specified.
vtep ip-address
Specifies, optionally and along with the VXLAN instance, a specific configured static egress VTEP to clear the FDB entries associated only with the VTEP.

5.6.2.4. Debug Commands

xmpp

Syntax 
xmpp [connection] [gateway] [message] [vsd] [iq] [all]
no xmpp
Context 
debug>system
Description 

This command enables the debug for XMPP messages sent or received by the 7750 SR, 7450 ESS, or 7950 XRS.

Parameters 
connection —
Filters only the messages related to the XMPP connection.
gateway —
Filters the messages related to the gateway.
message—
Filters only the messages.
vsd —
Filters the VSD messages.
iq—
Filters the IQ messages between the gateway and the VSD.
all —
Includes all the above.

vsd

Syntax 
vsd
Context 
debug
Description 

This command enables the context for the debug vsd commands.

scripts

Syntax 
scripts
scripts event [cli] [errors] [executed-cmd] [state-change] [warnings]
scripts instance instance event [cli] [errors] [executed-cmd] [state-change] [warnings]
Context 
debug>vsd
Description 

This command enables the debug of the VSD fully dynamic integration scripts.

event

Syntax 
[no] event
Context 
debug>vsd>scripts
Description 

This command enables/disables the generation of all script debugging event output: cli, errors, execute-cmd, warnings, state-change.

instance

Syntax 
[no] instance instance
Context 
debug>vsd>scripts
Description 

This command enables/disables the generation of script debugging for a specific instance

Parameters 
instance—
Specifies the instance name.

cli

Syntax 
[no] cli
Context 
debug>vsd>scripts>event
debug>vsd>scripts>instance
Description 

This command enables/disables the generation of a specific script debugging event output: cli.

errors

Syntax 
[no] errors
Context 
debug>vsd>scripts>event
debug>vsd>scripts>instance
Description 

This command enables/disables the generation of a specific script debugging event output: errors.

executed-cmd

Syntax 
[no] executed-cmd
Context 
debug>vsd>scripts>event
debug>vsd>scripts>instance
Description 

This command enables/disables the generation of a specific script debugging event output: execute-cmd.

state-change

Syntax 
[no] state-change
Context 
debug>vsd>scripts>event
debug>vsd>scripts>instance
Description 

This command enables/disables the generation of a specific script debugging event output: state-change.

warnings

Syntax 
[no] warnings
Context 
debug>vsd>scripts>event
debug>vsd>scripts>instance
Description 

This command enables/disables the generation of a specific script debugging event output: warnings.

5.6.2.5. Tools Commands

service

Syntax 
service
Context 
tools>dump
Description 

Use this command to configure tools to display service dump information.

id

Syntax 
id service-id
Context 
tools>dump
Description 

Use this command to configure parameters to display service ID information.

Parameters 
service-id—
Specifies the service ID.

vxlan

Syntax 
vxlan [clear]
Context 
tools>dump>service>id
Description 

This command displays the number of times a service could not add a VXLAN binding or <VTEP, Egress VNI> due to the following limits:

  1. The per-system VTEP limit has been reached
  2. The per-system <VTEP, Egress VNI> limit has been reached
  3. The per-service <VTEP, Egress VNI> limit has been reached
  4. The per-system Bind limit: Total bind limit or vxlan bind limit has been reached.
Parameters 
clear—
Clears the per-system VTEP, per-system VTEP Egress VNI, per-service VTEP Egress VNI, and per-system Bind statistics.
Output 

Sample Output
*A:PE63# tools dump service id 3 vxlan
VTEP, Egress VNI Failure statistics at 000 00:03:55.710:
statistics last cleared at 000 00:00:00.000:
      Statistic            |    Count
---------------------------+-------------
                      VTEP |          0
             Service Limit |          0
              System Limit |          0
   Egress Mcast List Limit |          0

dup-vtep-egrvni

Syntax 
dup-vtep-egrvni [clear]
Context 
tools>dump>service>vxlan
Description 

This command dumps the <VTEP, VNI> bindings that have been detected as duplicate attempts, i.e. an attempt to add the same binding to more than one service. The commands provides a clear option.

Parameters 
clear—
Clears the VTEP VNI bindings that have been detected as duplicate attempts.
Output 

Sample Output
*A:PE71# tools dump service vxlan dup-vtep-egrvni
Duplicate VTEP, Egress VNI usage attempts at 000 00:03:41.570:
1. 10.1.1.1:100

usage

Syntax 
usage
Context 
tools>dump>service>id>evpn
Description 

This command shows the maximum number of EVPN-tunnel interface IP next hops per R-VPLS as well as the current usage for a specified R-VPLS service.

Output 

Sample Output
*A:PE71# tools dump service id 504 evpn usage 
Evpn Tunnel Interface IP Next Hop: 1/8189

domain-to-vsd-mapping

Syntax 
domain-to-vsd-mapping
Context 
tools>dump>service
Description 

This command enables the context for the domain-to-vsd mappings.

domain

Syntax 
domain name name
Context 
tools>dump>service>domain-to-vsd-mapping
Description 

This command shows mapping of a specified VSD to a vsd-domain.

Parameters 
name—
Specifies a VSD domain name.
Output 

Sample Output
Dut# tools dump service domain-to-vsd-mapping domain name "nuage_501" 
===============================================================================
Domain to VSD Mapping
===============================================================================
Domain name                      VSD
-------------------------------------------------------------------------------
nuage_501                        cna@vsd1-hy.alu-srpm.us/nuage
================================================================= 

xmpp

Syntax 
xmpp
Context 
tools>perform>system
Description 

This command enables the xmpp context.

vsd-refresh

Syntax 
vsd-refresh
Context 
tools>perform>system>xmpp
Description 

This command instructs the system to refresh immediately the list of VSDs and not to wait for the next VSD list audit that the system does periodically.

proxy-arp

Syntax 
proxy-arp
Context 
tools>perform>service>id
Description 

This command enables the proxy-arp context.

dynamic-resolve

Syntax 
dynamic-resolve all [force]
dynamic-resolve ip-address [force]
Context 
tools>perform>service>id>proxy-arp
Description 

This command triggers the resolve procedure for dynamic IP entries. When executed, a resolve message (ARP-request) is issued for the requested IP or, if the all option used, for all the configured dynamic IPs.

The force option triggers the resolve process even for IPs with an existing entry in the proxy-ARP table.

Parameters 
ip-address—
Specifies the IP address.
Values—
a.b.c.d

 

all
Runs the command for all configured dynamic IPs.
force
Issues a resolve message even when configured dynamic IP entries are present.

proxy-nd

Syntax 
proxy-nd
Context 
tools>perform>service>id
Description 

This command enables the proxy-nd context.

dynamic-resolve

Syntax 
dynamic-resolve all [force]
dynamic-resolve ipv6-address [force]
Context 
tools>perform>service>id>proxy-nd
Description 

This command triggers the resolve procedure for dynamic IPv6 entries. When executed, a resolve message (Neighbor Solicitation) is issued for the requested IPv6 or, if the all option used, for all the configured dynamic IPv6s.The force option triggers the resolve process even for IPv6 addresses with an existing entry in the proxy-ARP table.

Parameters 
ipv6-address—
Specifies the IPv4 or IPv6 address.
Values—
ip-address: a.b.c.d
ipv6-address: x:x:x:x:x:x:x:x (eight 16-bit pieces)
                       x:x:x:x:x:x:d.d.d.d
             where:
                        x: [0 to FFFF]H
                        d: [0 to 255]D

 

all
Runs the command for all configured dynamic IPv6 addresses.
force
Issues a resolve message even when configured dynamic IP entries are present.

domain

Syntax 
domain name [name] refresh-config
Context 
tools>perform>service>vsd
Description 

This command instructs the system to refresh the configuration of a specified domain immediately instead of waiting for the next audit interval.

Parameters 
name—
Specifies the name of the VSD domain.

evaluate-script

Syntax 
evaluate-script domain-name [domain-name] type [type] action script-action [vni vni-id] [rt-i ext-community] [rt-e ext-community] [metadata metadata] policy python-policy
Context 
tools>perform>service>vsd
Description 

The command enables the user to test their setup, and modify and tear down Python scripts in a lab environment without the need to be connected to a VSD. The successful execution of the command for action setup will create a VSD domain and the corresponding configuration, just as the system would do when the parameters are received from VSD.

Parameters 
domain-name—
Specifies the VSD domain name. 64 characters maximum.
type—
Specifies the VSD domain type.
Values—
l2-domain, vrf-gre, vrf-vxlan, l2-domain-irb

 

script-action—
Specifies the action taken for Python scripts.
Values—
setup, modify, teardown

 

vni-id—
Specifies the VNI ID.
Values—
1 to 16777215

 

rt-i ext-community
Specifies the internal route-target (RT-i).
Values—
target: {ip-addr:comm-val | 2byte-asnumber:ext-comm-val | 4byte-asnumber:comm-val}
ip-addr: a.b.c.d
comm-val: 0 to 65535
2byte-asnumber: 0 to 65535
ext-comm-val: 0 to 4294967295
4byte-asnumber: 0 to 4294967295

 

rt-e ext-community
Specifies the external route-target (RT-e).
Values—
target: {ip-addr:comm-val | 2byte-asnumber:ext-comm-val | 4byte-asnumber:comm-val}
ip-addr: a.b.c.d
comm-val: 0 to 65535
2byte-asnumber: 0 to 65535
ext-comm-val: 0 to 4294967295
4byte-asnumber: 0 to 4294967295

 

metadata—
Specifies the opaque key=value pairs. 500 characters maximum.
python-policy—
Specifies the name of the Python script used to translate the VSD parameters into a configuration. 32 characters maximum.
Output 

Sample Output
*A:PE1# tools perform service vsd evaluate-script domain-name "L2-DOMAIN-5" type l2-
domain action setup policy "py-l2" vni 64000 rt-i target:64000:64000 rt-
e target:64000:64000 metadata "rd=1:1, sap=1/1/10:3000"
 
Success

fd-domain-sync

Syntax 
fd-domain-sync {full | diff}
Context 
tools>perform>service>vsd
Description 

This command instructs the system to audit the VSD and retrieve either the "DIFF" list or the "FULL" list of domains in the VSD.

Parameters 
full—
Retrieves the full VSD domain list.
diff—
Retrieves the diff VSD domain list.

bgp-evpn

Syntax 
bgp-evpn
Context 
tools>dump>service>system
Description 

This command enables the context for the bgp-evpn base instance.

ethernet-segment

Syntax 
ethernet-segment name evi evi df
ethernet-segment name isid isid df
Context 
tools>dump>service>system>bgp-evpn
Description 

This command shows the computed DF PE for a specified EVI or ISID.

Parameters 
name—
Specifies the name of the Ethernet segment. 32 characters maximum.
evi—
Specifies the EVI.
Values—
1 to 65535

 

isid—
Specifies the ISID.
Values—
1 to 16777215

 

Output 

Sample Output
*A:PE2# tools dump service system bgp-evpn ethernet-segment "ESI-71" evi 1 df 
[07/15/2015 21:52:08] Computed DF: 192.0.2.72 (Remote) (Boot Timer Expired: Yes) 
*A:PE2# tools dump service system bgp-evpn ethernet-segment "ESI-71" isid 20001 df 
[07/15/2015 21:52:21] Computed DF: 192.0.2.72 (Remote) (Boot Timer Expired: Yes)

evpn

Syntax 
evpn
Context 
tools>dump>service
Description 

This command enables the context for the global evpn parameters.

usage

Syntax 
usage
Context 
tools>dump>service>evpn
Description 

This command displays the consumed EVPN resources in the system. The Vxlan Destinations include static VXLAN destinations as well as Ethernet Segment (ES) Vxlan destinations.

Output 

Sample Output
*A:PE-1# tools dump service evpn usage            
 
vxlan-evpn-mpls usage statistics at 04/16/2018 17:56:02:
 
MPLS-TEP                                        :             0
VXLAN-TEP                                       :             3
Total-TEP                                       :      3/ 16383
 
Mpls Dests (TEP, Egress Label + ES + ES-BMAC)   :             0
Mpls Etree Leaf Dests                           :             0
Vxlan Dests (TEP, Egress VNI)                   :             5
Total-Dest                                      :      5/196607
 
Sdp Bind +  Evpn Dests                          :      5/245759
ES L2/L3 PBR                                    :      0/ 32767
Evpn Etree Remote BUM Leaf Labels               :             0
 

vsd-services

Syntax 
vsd-services
Context 
tools>dump>service
Description 

This command enables the context for vsd-services commands.

command-list

Syntax 
command-list
Context 
tools>dump>service>vsd-services
Description 

This command displays the list of CLI nodes allowed in the VSD fully dynamic provisioning model. Python will have access to the shown nodes.

When access is granted to a node, all commands in that node are allowed; however, CLI nodes are only allowed if explicitly listed. Nodes in CLI are shown with a "+" in the CLI.

While you can navigate special "Pass through nodes" via these nodes, the commands in that node are not implicitly allowed. When configured in a service through VSD, these commands will not be shown in the 'info' output of the config command.

Note:

A 'node' implies leaf-nodes and leaf-table nodes in reality. A 'Leaf-table' is a sub-table that looks like a leaf (i.e. it is entered/displayed as a one-liner). An example of leaf-table node is /configure router policy-options prefix-list x prefix 0.0.0.0/0 - since you can have multiple instances of prefixes.