This command creates a text description stored in the configuration file for a configuration context. This associates a text string with a configuration context to help identify the context in the configuration file.
The no form of this command removes the description string from the context.
This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command.
The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they can be deleted.
Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system-generated configuration files.
The no form of this command puts an entity into the administratively enabled state.
This command enables the context to configure ISA service chaining parameters.
The no form of the command disables ISA service chaining parameters.
This command allows service chaining to be enabled for subscribers whose NAT flows are established on the set of ISAs in the specified NAT group.
The no form of this command removes the NAT group from the configuration.
This command specifies the address range to be used as the local VXLAN VTEP on the ISA for service chaining. The system allocates one address for each ISA in the NAT group out of the specified range. The allocated address appears as /32 or /128 routes in the global routing table with the route type nat.
The no form of this command removes the IP or IPv6 addresses from the configuration.
ipv6-address: | x:x:x:x:x:x:x:x (eight 16-bit pieces) |
x:x:x:x:x:x:d.d.d.d | |
x - [0..FFFF]H | |
d - [0..255]D |
This command enables the context to configure ISA-based service chaining for subscribers with L2-Aware NAT.
This command configures the import mode for the service chaining EVPN service. The import-mode controls the EPVN route types that are imported by the EVPN system.
The no form of this command removes the configuration parameters.
This command enables the context to configure EVPN BGP-specific information.
The no form of this command reverts to the default.
This command configures the Route Distinguisher (RD) field that is signaled in NLRI in EVPN routes.
The no form of this command reverts to the default.
This command configures route target attributes to be signaled in EVPN routes used for service chaining.
The no form of this command removes the parameters from the configuration.
This command enables the context to configure information related to the export of EVPN BGP routes related to service chaining.
The no form of this command disables exporting EVPN BGP routes related to service chaining
This command specifies the address range to be used for the gateway IP address field in EVPN type-5 routes that are advertised for configured NAT pools, to the peer for service-chaining. The system allocates one address for each ISA in the NAT group out of the specified range.
The no form of this command removes the values from the configuration..
This command enables the context to configure EVPN routes to be advertised to a BGP EVPN peer participating in service chaining.
This command configures NAT pools that are advertised in EVPN type 5 routes to the peer participating in service chaining.
The no form of this command removes the parameters from the configuration.
This command configures a VxLAN VNI that is sent in EVPN routes advertised to the service chaining.
The no form of this command removes the VNI from the configuration.
This command configures the unique MAC prefix per ISA and per outside service for all NAT group configured for service-chaining.
The no form of this command removes the MAC prefix from the configuration.
This command configures a Value Added Service filter.
The no form of this command removes the VAS filter name from the configuration.
This command configures a value added service (VAS) filter that can be associated to an L2-aware NAT host, and is matched on the NAT ISA to select flows for a host that needs to be steered to remote value-added services.
This command configures an entry in the VAS filter.
The no form of this command removes the entry ID from the configuration.
This command enables the context to configure an action to be performed for traffic that matches a configured match criteria in the filter entry. The action can be configured as being applicable to upstream traffic, downstream traffic, or both.
The no form of this command removes the direction from the configuration.
This command configures the fail action when a packet matches with a VAS filter entry in a specific direction, but no mapping exists for the specified SF-IP or ESI in the specified EVPN service.
The no form of this command removes the fail action from the configuration.
This command configures the forward action.
The no form of this command removes the parameters from the configuration..
This command enables the context to configure NSH parameters in the steered traffic.
The no form of this command removes insert NSA parameters from the configuration.
This command enables the context to configure opaque metadata to be inserted in NSH in the steered traffic if the forward action indicates NSH insertion.
This command specifies that the metadata to be inserted in NSH (with MD-Type set to 1) must contain a subscriber identifier that is derived from the subscriber string that comes from the AAA server (in Alc-Subsc-Id-Str VSA). The subscriber string is truncated after the first 16 bytes, and therefore, the first 16 bytes should be unique. The insert-subscriber-id and insert-subscriber-id commands are mutually exclusive.
The no form of this command reverts to the default.
This command specifies 16-byte opaque data HEX string to be inserted in NSH meta-data (with MD-Type set to 1). The opaque data can also be provided (overridden) by AAA server. AAA server has precedence over static configuration. The opaque-data and insert-subscriber-id commands are mutually exclusive
The no form of this command removes the HEX string from the configuration.
This command configures the service path identifier and service index to be inserted in NSH in the steered traffic if the forward action indicates NSH insertion.
The no form of this command removes the parameters from the configuration.
This command enables the context to configure the match criterion for a VAS filter entry.
This command configures the foreign IP address or subnet in the match criterium for this entry. The foreign IP or subnet implies a matching destination IP for upstream traffic and a source IP for downstream traffic.
The no form of this command removes the IP address or subnet from the match criterium in the entry
This command configures the foreign TCP/UDP port to match in this entry of the VAS filter.
The no form of this command
This command configures the protocol ID to be matched in this entry of the VAS filter.
The no form of this command removes the protocol ID from the match criterium in the entry.
This command shows reachability details for the SF in the specified EVPN instance. This information is gathered from the EVPN routes learned from the peer.
The following is an example of service chaining mapping information.
Label | Description |
IP-mappings | The IP address |
MAC | The MAC address of the IP mappings |
Vni | The VxLAN network identifier |
Vtep | The VxLAN tunnel endpoint |
ESI-mappings | The Ethernet Segment Identifier MAC address |
No. of mappings | The total number of mappings for the EVPN ID. |
This command displays VAS filter information.
The following is an example of VAS filter information.
Label | Description |
Description | The text string describing the VAS filter |
Entry | The ID of the entry in the VAS filter |
Admin State | The administrative state of the entry in the VAS filter |
Match | Protocol — The IP protocol to match in this entry of the VAS filter Foreign IP — The foreign IP address to match in this entry of the VAS filter Foreign Port — The foreign port to match in this entry of the VAS filter |
Action | upstream — Indicates the upstream direction for the action in the VAS filter entry downstream — Indicates the downstream direction for the action in the VAS filter entry |
Fail Action | Forwarding IP — The forwarding Service Function IP address for the action in a VAS filter entry Service — The forwarding service for the action in a VAS filter entry ESA — The ESI for the action in a VAS filter entry |
Network Service Header | Service Path — The path ID used to construct an NSH (Network Service Header) for the action in a VAS filter entry |
Service Index — The service ID used to construct an NSH for the action in a VAS filter entry | |
Insert Sub-ID disabled — The subscriber ID is not inserted with meta data to construct an NSH for the action in a VAS filter entry enabled — The subscriber ID is inserted with meta data to construct an NSH for the action in a VAS filter entry | |
Meta Data — The opaque metadata used to construct an NSH (Network Service Header) for the action in a VAS filter entry |
This command displays information related to service chaining (for ESM hosts with L2-aware NAT) at the router level.
The following is an example of ISA service chaining information.
Label | Description |
VXLAN Tep range | The VXLAN Tep Information (VTEP) range |
NAT Groups | The NAT ISA group used in a virtual router for Service Chaining. |