23. s Commands

23.1. s-pmsi

s-pmsi

Syntax 
s-pmsi [{vpnSrcAddr [vpnGrpAddr]} [mdSrcAddr]]
no s-pmsi
Context 
[Tree] (debug>router>pim s-pmsi)
Full Contexts 
debug router pim s-pmsi
Description 

This command enables debugging for PIM selective provider multicast service interface.

The no form of this command disables the debugging.

Parameters 
vpnSrcAddr—
Specifies the VPN source address.
vpnGrpAddr—
Specifies the VPN group address.
mdSrcAddr—
Specifies the source address of the multicast domain.

23.2. s-tag

s-tag

Syntax 
s-tag qtag1 c-tag-range qtag2 [to qtag2]
no s-tag qtag1 c-tag-range qtag2
Context 
[Tree] (config>service>system>bgp-evpn>eth-seg>qinq s-tag)
Full Contexts 
configure service system bgp-evpn ethernet-segment qinq s-tag
Description 

This command determines the inner VIDs (for a specified outer VID) associated with the virtual Ethernet Segment on a specific qinq port or LAG based on the following:

  1. Values *, null, 0 to 4094 are allowed.
  2. Any SAP for which the outer and inner service-delimiting qtags match the range is associated with the virtual ES, and only those, for example, SAP 1/1/1:10.* will not match port 1/1/1, s-tag 10 c-tag-range 10 to 100.
  3. A maximum of 8 ranges (including the s-tag ranges) are allowed in the qinq context.
  4. A c-tag range can be comprised of a single qtag.
  5. Shutting down the ES is not required prior to making changes.
  6. A qtag included in the s-tag-range command cannot be included in the s-tag qtag of this command.
Note:

Not all qtag1 and qtag2 combinations are valid for values 0, *, and null. The following combinations are allowed:

  1. s-tag 0 c-tag-range *
  2. s-tag * c-tag-range *
  3. s-tag * c-tag-range null
  4. s-tag null c-tag-range null
  5. s-tag X c-tag-range 0 (where: X=1 to 4094)
  6. s-tag X c-tag-range * (where: X=1 to 4094)

The no form of the command removes the configured range. Only the first qtag1 value is required to remove the range.

Parameters 
qtag1—
Specifies the outer VID for the c-tag range.
Values—
*, null, 0 to 4094

 

qtag2—
Specifies the inner VID for the c-tag range. When configuring a range of qtags (and not a single value), the second qtag1 value must be greater than the value of the first qtag1.
Values—
*, null, 0 to 4094

 

23.3. s-tag-range

s-tag-range

Syntax 
s-tag-range qtag1 [to qtag1]
no s-tag-range qtag1
Context 
[Tree] (config>service>system>bgp-evpn>eth-seg>qinq s-tag-range)
Full Contexts 
configure service system bgp-evpn ethernet-segment qinq s-tag-range
Description 

This command determines the VIDs associated with the virtual Ethernet Segment on a specific qinq port or LAG based on the following considerations:

  1. Values *, 0 to 4094 are allowed.
  2. Any SAP for which the service-delimiting qtag matches the range is associated with the virtual ES, and only those, for example, SAP 1/1/1:0.* will not match port 1/1/1, s-tag-range 100.
  3. Maximum 8 ranges are allowed in the qinq context.
  4. A range can be comprised of a single qtag.
  5. Shutting down the ES is not required prior to making changes in the q-tag-range.

The no form of the command removes the configured range. Only the first qtag1 value is required to remove the range.

Parameters 
qtag1—
Specifies the outer VID. When configuring a range of qtags (and not a single value), the second qtag1 value must be greater than the first qtag1.
Values—
*, 0 to 4094

 

23.4. s11

s11

Syntax 
s11
Context 
[Tree] (config>router>gtp s11)
[Tree] (config>service>vprn>gtp s11)
Full Contexts 
configure router gtp s11
configure service vprn gtp s11
Description 

This command enables GTP configuration related to S11 termination in this VRF.

23.5. s2l-path

s2l-path

Syntax 
[no] s2l-path path-name to ip-address
Context 
[Tree] (config>router>mpls>lsp>primary-p2mp-instance s2l-path)
Full Contexts 
configure router mpls lsp primary-p2mp-instance s2l-path
Description 

This command creates a root-to-leaf (S2L) sub-LSP path for the primary instance of a P2MP LSP. The primary instance of a P2MP LSP is modeled as a set of root-to-leaf (S2L) sub-LSPs. The root, for example, head-end node, triggers signaling using one path message per S2L path. The leaf sub-LSP paths are merged at branching points.

Each S2L sub-LSP is signaled in a separate path message. Each leaf node will respond with its own RESV message. A branch LSR node will forward the path message of each S2L sub-LSP to the downstream LSR without replicating it. It will also forward the RESV message of each S2L sub-LSP to the upstream LSR without merging it with the RESV messages of other S2L sub-LSPs of the same P2MP LSP. The same is done for subsequent refreshes of the path and RESV states.

The S2L paths can be empty paths or can specify a list of explicit hops. The path name must exist and must have been defined using the config>router>mpls>path command. The same path name can be re-used by more than one S2L of the primary P2MP instance. However, the to keyword must have a unique argument per S2L as it corresponds to the address of the egress LER node.

This command is not supported on the 7450 ESS.

Parameters 
path-name —
Specifies the name of the path which consists of up to 32 alphanumeric characters.
to ip-address
Specifies the IP address of the egress router.

23.6. sa-db

sa-db

Syntax 
sa-db [group grpAddr] [source srcAddr] [rp rpAddr]
no sadb
Context 
[Tree] (debug>router>msdp sa-db)
Full Contexts 
debug router msdp sa-db
Description 

This command enables debugging for Multicast Source Discovery Protocol (MSDP) source-active requests.

The no form of the command disables the MSDP source-active database debugging.

Parameters 
grpAddr—
Debugs the IP address of the group.
srcAddr—
Debugs the source IP address.
rpAddr—
Debugs the specified rendezvous point RP address.

23.7. sa-mac

sa-mac

Syntax 
sa-mac ieee-address da-mac ieee-address
no sa-mac
Context 
[Tree] (config>mirror>mirror-dest>sap>egress>ip-mirror sa-mac)
Full Contexts 
configure mirror mirror-dest sap egress ip-mirror sa-mac
Description 

This command configures the source and destination MAC addresses for IP mirroring.

The no form of this command reverts to the default.

Parameters 
sa-mac ieee-address
Specifies the source MAC address. Multicast, Broadcast and zeros are not allowed.
da-mac ieee-address
Specifies the destination MAC address. Zeros are not allowed.

23.8. sa-timeout

sa-timeout

Syntax 
sa-timeout seconds
no sa-timeout
Context 
[Tree] (config>service>vprn>msdp sa-timeout)
Full Contexts 
configure service vprn msdp sa-timeout
Description 

This command configures the value for the SA entries in the cache. If these entries are not refreshed within the timeout value, they are removed from the cache. Normally, the entries are refreshed at least once a minute. But under high load with many of MSDP peers, the refresh cycle could be incomplete. A higher timeout value (more then 90) could be useful to prevent instabilities in the MSDP cache.

Default 

90

Parameters 
seconds—
Specifies the time, in seconds, to wait for a response from the peer before declaring the peer unavailable.
Values—
90 to 600

 

sa-timeout

Syntax 
sa-timeout seconds
no sa-timeout
Context 
[Tree] (config>router>msdp sa-timeout)
Full Contexts 
configure router msdp sa-timeout
Description 

This command configures the value for the SA entries in the cache. If these entries are not refreshed within the timeout value, they are removed from the cache. Normally, the entries are refreshed at least once a minute. But under high load with many of MSDP peers, the refresh cycle could be incomplete. A higher timeout value (more than 90) could be useful to prevent instabilities in the MSDP cache.

Default 

sa-timeout 90

Parameters 
seconds—
Specifies the time, in seconds, to wait for a response from the peer before declaring the peer unavailable.
Values—
90 to 600

 

23.9. saa

saa

Syntax 
saa
Context 
[Tree] (config saa)
Full Contexts 
configure saa
Description 

This command creates the context to configure the Service Assurance Agent (SAA) tests.

saa

Syntax 
saa test-name [owner test-owner] {start |stop} [no-accounting]
Context 
[Tree] (oam saa)
Full Contexts 
oam saa
Description 

This command starts or stops an SAA test that is not configured as continuous.

Parameters 
test-name—
Specifies the name of the SAA test, up to 32 characters. The test name must already be configured in the config>saa>test context.
test-owner—
Specifies the owner of an SAA operation, up to 32 characters. If a test-owner value is not specified, the default owner is used.
Default—
“TiMOS CLI”
start —
Starts the test. A test cannot be started if the same test is still running.

A test cannot be started if it is in a shut-down state. An error message and log event is generated to indicate a failed attempt to start an SAA test run. A test cannot be started if it is in a continuous state.

stop—
Stops a test in progress. A test cannot be stopped if it is not in progress. A log message is generated to indicate that an SAA test run has been aborted. A test cannot be stopped if it is in a continuous state.
no-accounting—
Disables the recording results in the accounting policy. When specifying no-accounting the MIB record produced at the end of the test is not added to the accounting file. It uses one of the three MIB rows available for the accounting module for collection.

23.10. saii-type2

saii-type2

Syntax 
saii-type2 global-id:node-id:ac-id
no saii-type2
Context 
[Tree] (config>service>epipe>spoke-sdp>pw-path-id saii-type2)
[Tree] (config>service>cpipe>spoke-sdp>pw-path-id saii-type2)
[Tree] (config>service>apipe>spoke-sdp>pw-path-id saii-type2)
[Tree] (config>service>vpls>spoke-sdp>pw-path-id saii-type2)
Full Contexts 
configure service apipe spoke-sdp pw-path-id saii-type2
configure service cpipe spoke-sdp pw-path-id saii-type2
configure service epipe spoke-sdp pw-path-id saii-type2
configure service vpls spoke-sdp pw-path-id saii-type2
Description 

This command configures the Source Individual Attachment Identifier (SAII) for an MPLS-TP spoke-sdp. If this is configured on a spoke-sdp for which vc-switching is also configured (for example, it is at an S-PE), then the values must match those of the taii-type2 of the mate spoke-sdp.

Parameters 
global-id—
Specifies the global ID at the source PE or T-PE for the MPLS-TP PW for a spoke SDP.
Values—
0 to 4294967295

 

node-id—
Specifies the node ID at the source PE or T-PE for the MPLS-TP PW for a spoke SDP.
Values—
a.b.c.d or 0 to 4294967295

 

ac-id—
Specifies the attachment circuit ID at the source PE or T-PE for the MPLS-TP PW for a spoke SDP. If this node is the source of the PW, then the AC ID must be set to a locally unique value.
Values—
1 to 4294967295

 

saii-type2

Syntax 
saii-type2 global-id:prefix:ac-id
no saii-type2
Context 
[Tree] (config>service>epipe>spoke-sdp-fec saii-type2)
Full Contexts 
configure service epipe spoke-sdp-fec saii-type2
Description 

This command configures the source attachment individual identifier for the spoke-sdp. This is only applicable to FEC129 AII type 2.

Parameters 
global-id —
A Global ID of this router T-PE. This value must correspond to one of the global_id values configured for a local-prefix under config>service>pw-routing>local-prefix context.
Values—
1 to 4294967295

 

prefix —
The prefix on this router T-PE that the spoke-sdp SDP is associated with. This value must correspond to one of the prefixes configured under config>service>pw-routing>local-prefix context.
Values—
an IPv4-formatted address a.b.c.d or 1 to 4294967295

 

ac-id —
An unsigned integer representing a locally unique identifier for the spoke SDP.
Values—
1 to 4294967295

 

saii-type2

Syntax 
saii-type2 global-id:node-id:ac-id
no saii-type2
Context 
[Tree] (config>service>vprn>if>spoke-sdp>pw-path-id saii-type2)
[Tree] (config>service>vprn>red-if>spoke-sdp>pw-path-id saii-type2)
Full Contexts 
configure service vprn interface spoke-sdp pw-path-id saii-type2
configure service vprn redundant-interface spoke-sdp pw-path-id saii-type2
Description 

This command configures the source individual attachment identifier (SAII) for an MPLS-TP spoke SDP. If this is configured on a spoke SDP for which vc-switching is also configured (for example, it is at an S-PE), then the values must match those of the taii-type2 of the mate spoke SDP.

Parameters 
global-id—
Specifies the global ID at the source PE or T-PE for the MPLS-TP PW for a spoke SDP.
Values—
0 to 4294967295

 

node-id—
Specifies the node ID at the source PE or T-PE for the MPLS-TP PW for a spoke SDP.
Values—
a.b.c.d or 1 to 4294967295

 

ac-id—
Specifies the attachment circuit ID at the source PE or T-PE for the MPLS-TP PW for a spoke SDP. If this node is the source of the PW, then the AC ID must be set to a locally unique value.
Values—
1 to 4294967295

 

saii-type2

Syntax 
saii-type2 global-id:node-id:ac-id
no saii-type2
Context 
[Tree] (config>mirror>mirror-dest>remote-src>spoke-sdp>pw-path-id saii-type2)
[Tree] (config>mirror>mirror-dest>spoke-sdp>pw-path-id saii-type2)
Full Contexts 
configure mirror mirror-dest remote-source spoke-sdp pw-path-id saii-type2
configure mirror mirror-dest spoke-sdp pw-path-id saii-type2
Description 

This command configures the source individual attachment identifier (SAII) for an MPLS-TP spoke SDP. If this is configured on a spoke SDP for which vc-switching is also configured (for example, it is at an S-PE), then the values must match those of the taii-type2 of the mate spoke SDP.

Parameters 
global-id—
Specifies the global ID at the source PE or T-PE for the MPLS-TP PW for a spoke SDP.
Values—
0 to 4294967295

 

node-id—
Specifies the node ID at the source PE or T-PE for the MPLS-TP PW for a spoke SDP.
Values—
a.b.c.d or 1 to 4294967295

 

ac-id—
Specifies the attachment circuit ID at the source PE or T-PE for the MPLS-TP PW for a spoke SDP. If this node is the source of the PW, then the AC ID must be set to a locally unique value.
Values—
1 to 4294967295

 

23.11. same-recipnonce-for-pollreq

same-recipnonce-for-pollreq

Syntax 
[no] same-recipnonce-for-pollreq
Context 
[Tree] (config>system>security>pki>ca-profile>cmpv2 same-recipnonce-for-pollreq)
Full Contexts 
configure system security pki ca-profile cmpv2 same-recipnonce-for-pollreq
Description 

This command enables the system to use same recipNonce as the last CMPv2 response for poll request.

Default 

no same-recipnonce-for-pollreq

same-recipnonce-for-pollreq

Syntax 
[no] same-recipnonce-for-pollreq
Context 
[Tree] (config>system>security>pki>ca-profile>cmp2 same-recipnonce-for-pollreq)
Full Contexts 
configure system security pki ca-profile cmp2 same-recipnonce-for-pollreq
Description 

This command enables the system to use same recipNonce as the last CMPv2 response for poll request.

The no form of this command disables system to use same recipNonce as the last CMPv2 response for poll request.

Default 

no same-recipnonce-for-pollreq

23.12. sample-interval

sample-interval

Syntax 
sample-interval interval
Context 
[Tree] (config>router>rsvp>dbw-accounting sample-interval)
Full Contexts 
configure router rsvp dbw-accounting sample-interval
Description 

This command sets the dark bandwidth sample interval to the specified value. Changing this parameter in the course of dark bandwidth accounting restarts the accounting cycle. The user is encouraged to specify values as multiples of 10. Selecting other values may lead to inconsistent estimation of Dark Bandwidth.

Default 

sample-interval 30

Parameters 
interval—
Specifies the sample interval, expressed in seconds.
Values—
10 to 600

 

sample-interval

Syntax 
sample-interval sample-period
no sample-interval
Context 
[Tree] (config>qos>adv-config-policy>child-control>offered-measurement sample-interval)
Full Contexts 
configure qos adv-config-policy child-control offered-measurement sample-interval
Description 

This command is used to define the number of intervening sample periods before a new offered rate is measured and is only applicable when the policy is applied to a policer. By decreasing the sampling interval, the system will measure a child’s new offered rate more frequently. Inversely, increasing the sampling interval causes the child’s offered rate to be measured less frequently.

The overall number of offered rate measurements the system attempts within a given timeframe is not affected by the sample-interval command. If the system is asked to perform offered rate measurements more often on some policers, it will take longer to get to all children.

When this command is not specified or removed, the system evaluates the offered rate of each child after 1 sampling period.

The no form of this command is used to restore the sampling interval default of 1 sample period.

Parameters 
sample-period—
The sample-periods parameter is specified as a whole number between 1 and 8. The value ‘1’ represents the fastest sampling rate available and the value ‘8’ represents the slowest sampling period available.
Default—
1
Values—
1 to 8

 

sample-interval

Syntax 
sample-interval interval
Context 
[Tree] (config>system>telemetry>persistent-subscriptions>subscription sample-interval)
Full Contexts 
configure system telemetry persistent-subscriptions subscription sample-interval
Description 

This command configures the sample interval for persistent subscription.

This sampling interval only applies when the mode command is set to either target-defined or sample.

Default 

sample-interval 10000

Parameters 
interval—
Specifies the sample interval, in milliseconds.
Values—
1000 to 4294967295

 

23.13. sample-multiplier

sample-multiplier

Syntax 
sample-multiplier multiplier
Context 
[Tree] (config>router>rsvp>dbw-accounting sample-multiplier)
Full Contexts 
configure router rsvp dbw-accounting sample-multiplier
Description 

This command sets the dark bandwidth sample interval multiplier to the specified value. Changing this parameter in the course of dark bandwidth accounting restarts the accounting cycle.

Default 

sample-multiplier 3

Parameters 
multiplier—
Specifies the sample interval multiplier, expressed as an integer.
Values—
1 to 10

 

23.14. sample-profile

sample-profile

Syntax 
sample-profile profile-id [create]
no sample-profile profile-id
Context 
[Tree] (config>cflowd sample-profile)
Full Contexts 
configure cflowd sample-profile
Description 

This command enables the context to create and define sampling parameters.

The no form of this command removes the associated sample-profile. sample-profile 1 cannot be deleted.

Parameters 
profile-id—
Specifies the rate profile.
Values—
1 to 5

 

create—
Mandatory keyword when creating a sample profile. The create keyword requirement can be enabled or disabled in the environment>create context.

sample-profile

Syntax 
sample-profile sample-profile-id
no sample-profile
Context 
[Tree] (config>filter>ip-filter>entry sample-profile)
[Tree] (config>filter>ipv6-filter>entry sample-profile)
Full Contexts 
configure filter ip-filter entry sample-profile
configure filter ipv6-filter entry sample-profile
Description 

This command allows traffic matching of an IPv4 or IPv6 filter to be sampled for cflowd processing using a specific sample profile.

This command is only compatible if the associated interface is configured for interface-based sampling and is only supported for ingress sampling.

An IP filter can only specify a single alternate sample profile for cflowd sampling, but that sample profile can be used in multiple entries.

The no form of this command removes the specified sampling profile from the configuration. Cflowd continues to process traffic based on the default or configured interface cflowd sampling profile.

Default 

no sample-profile

Parameters 
sample-profile-id—
Specifies the cflowd sample profile to be used for packets matching this filter entry.
Values—
1 to 5

 

23.15. sample-rate

sample-rate

Syntax 
sample-rate [rate]
Context 
[Tree] (config>cflowd>sample-profile sample-rate)
Full Contexts 
configure cflowd sample-profile sample-rate
Description 

This command defines the cflowd sampling rate associated with the sample profile ID.

This rate indicates that 1 in N packets are sampled at the associated interface for cflowd analysis. Only one rate profile below 1:256 can be associated with a given IOM, IMM, or XMA.

Default 

sample-rate 1000

Parameters 
rate—
Specifies the rate at which traffic is sampled and forwarded for cflowd analysis.
Values—
1 to 10000

 

23.16. sample-window

sample-window

Syntax 
sample-window seconds
no sample-window
Context 
[Tree] (config>oam-pm>streaming>delay-template sample-window)
Full Contexts 
configure oam-pm streaming delay-template sample-window
Description 

This command specifies the sample window duration in seconds for the template. This configuration option represents time over which the average will be calculated and subsequently streamed.

The no form of this command reverts to the default.

Default 

sample-window 60

Parameters 
seconds—
Specifies the sample window duration.
Values—
10 to 60

 

23.17. sampling

sampling

Syntax 
sampling {unicast |multicast} type {acl |interface} [direction {ingress-only |egress-only |both}] [sample-profile [profile-id]]
no sampling {unicast |multicast}
Context 
[Tree] (config>service>ies>if>cflowd-parameters sampling)
[Tree] (config>service>ies>sub-if>grp-if>cflowd-parameters sampling)
[Tree] (config>service>vprn>if>cflowd-parameters sampling)
[Tree] (config>service>vprn>nw-if>cflowd-parameters sampling)
[Tree] (config>service>vprn>sub-if>grp-if>cflowd-parameters sampling)
Full Contexts 
configure service ies interface cflowd-parameters sampling
configure service ies subscriber-interface group-interface cflowd-parameters sampling
configure service vprn interface cflowd-parameters sampling
configure service vprn network-interface cflowd-parameters sampling
configure service vprn subscriber-interface group-interface cflowd-parameters sampling
Description 

This command enables and configures the cflowd sampling behavior to collect traffic flow samples through a router for analysis.

This command can be used to configure the sampling parameters for unicast and multicast traffic separately. If sampling is not configured for either unicast or multicast traffic, then that type of traffic will not be sampled.

If cflowd is enabled without either egress-only or both keywords specified or with the ingress-only keyword specified, then only ingress sampling is enabled on the associated IP interface.

The no form of this command disables the associated type of traffic sampling.

Parameters 
unicast |multicast—
Specifies unicast or multicast sampling.
type—
Specifies the cflowd sampling type on the given virtual router interface.
Values—
acl — Specifies ACL cflowd analysis be applied to the given virtual router interface.
interface — Specifies interface cflowd analysis be applied to the given virtual router interface

 

direction —
Specifies the direction of the cflowd analysis that is applied to the given virtual router interface.
Values—
ingress-only — Specifies an ingress only direction of the cflowd analysis be applied to the given virtual router interface.
egress-only — Specifies an egress only direction of the cflowd analysis be applied to the given virtual router interface.
both — Specifies both ingress and egress direction of the cflowd analysis be applied to the given virtual router interface.

 

profile-id—
Defines the sampling rate profile to be associated with this interface.
Values—
1 to 5

 

sampling

Syntax 
sampling {unicast |multicast} type {acl |interface} [direction {ingress-only |egress-only |both}] [sample-profile profile]
no sampling {unicast |multicast}
Context 
[Tree] (config>router>if>cflowd-parameters sampling)
Full Contexts 
configure router interface cflowd-parameters sampling
Description 

This command enables and configures the cflowd sampling behavior to collect traffic flow samples through a router for analysis.

This command can be used to configure the sampling parameters for unicast and multicast traffic separately. If sampling is not configured for either unicast or multicast traffic, then that type of traffic will not be sampled.

If cflowd is enabled without either egress-only or both specified or with the ingress-only keyword specified, then only ingress sampling will be enabled on the associated IP interface.

The no form of this command disables the associated type of traffic sampling on the associated interface.

Default 

no sampling

Parameters 
unicast—
Specifies that the sampling command will control the sampling of unicast traffic on the associated interface/SAP.
multicast—
Specifies that the sampling command will control the sampling of multicast traffic on the associated interface/SAP.
type—
Specifies whether the traffic sampling is based on an acl match, or all traffic entering or exiting the associated interface.
Values—
acl — Specifies that the sampled traffic is controlled via an IP traffic filter entry with the action “filter-sample” configured.
interface — Specifies that all traffic entering or exiting the interface is subject to sampling.

 

direction—
Specifies the direction to collect traffic flow samples.
Values—
ingress-only — Enables ingress sampling only on the associated interface.
egress-only — Enables egress sampling only on the associated interface.
both — Enables both ingress and egress cflowd sampling.

 

profile—
Specifies the sampling profile to be associated with this interface.
Values—
1 to 5

 

23.18. sampling-rate

sampling-rate

Syntax 
sampling-rate sampling-rate
no sampling-rate
Context 
[Tree] (config>mirror>mirror-dest sampling-rate)
Full Contexts 
configure mirror mirror-dest sampling-rate
Description 

This command configures the packet sampling rate for mirrored traffic and is supported with config and debug mirror sources. The sampling rate is common to all endpoints on a specified line card FP per mirror destination service.

The no form of this command disables the packet sampling rate for mirrored traffic.

Default 

no sampling-rate

Parameters 
sampling-rate—
Specifies the sampling rate.
Values—
256 to 100000

 

23.19. sap

sap

Syntax 
sap sap-id [split-horizon-group group-name] [capture-sap] [create]
no sap sap-id
Context 
[Tree] (config>service>vpls sap)
Full Contexts 
configure service vpls sap
Description 

This command creates a Service Access Point (SAP) within a service. A SAP is a combination of port and encapsulation parameters which identifies the service access point on the interface and within the 7450 ESS, 7750 SR, and 7950 XRS. Each SAP must be unique.

All SAPs must be explicitly created. If no SAPs are created within a service or on an IP interface, a SAP will not exist on that object.

Enter an existing SAP without the create keyword to edit SAP parameters. The SAP is owned by the service in which it was created.

A SAP can only be associated with a single service. A SAP can only be defined on a port that has been configured as an access port using the config interface port-type port-id mode access command.

If a port is shut down, all SAPs on that port become operationally down. When a service is shut down, SAPs for the service are not displayed as operationally down although all traffic traversing the service is discarded. The operational state of a SAP is relative to the operational state of the port on which the SAP is defined.

The no form of this command deletes the SAP with the specified port. When a SAP is deleted, all configuration parameters for the SAP will also be deleted. For Internet Enhanced Service (IES), the IP interface must be shut down before the SAP on that interface may be removed.

Default 

No SAPs are defined.

Special Cases 
VPLS service SAP limits—
A VPLS SAP can be defined with Ethernet ports, SONET/SDH or TDM channels. The limits of the number of SAPs and SDPs supported in a VPLS service depends on the hardware used. Each SDP must have a unique destination or an error is generated. Split horizon groups can only be created in the scope of a VPLS service.

A default SAP has the following format: port-id:*. This type of SAP is supported only on Ethernet MDAs and its creation is allowed only in the scope of Layer 2 services (Epipe and VPLS). This type of SAP is mutually exclusive with a SAP defined by explicit null encapsulation (for example, 1/1/1:0).

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition
create—
Keyword used to create a SAP instance. The create keyword requirement can be enabled/disabled in the environment>create context.
eth-ring—
When used with Ethernet Rings control the split horizon group accepts the major ring instance "value". This parameter applies to the 7450 ESS or 7750 SR only. The split horizon group prevents loops in the cases where a Ethernet Virtual Ring is miss configured on the main ring. Each path a and path b major ring are configured in the group and associated with the sub-ring control instance in the VPLS service.
ring-index
Specifies the ring index of the Ethernet ring
root-leaf-tag—
Specifies a SAP as a root leaf tag SAP. Only SAPs of the form dot1q (for example, 1/1/1:X) or qinq (for example, 1/1/1:X.Y, 1/1/1:X.*) are supported. The default E-Tree SAP type is a root-ac, if root-leaf-tag (or leaf-ac) is not specified at SAP creation. This option is only available when the VPLS is designated as an E-Tree VPLS; it is not available on BGP EVPN-enabled E-Tree VPLS services.
leaf-tag-vid
Specified after root-leaf-tag to replace the outer SAP-ID for leaf traffic. The leaf tag VID is only significant between peering VPLS but the values must be consistent on each end. This option is not available on BGP EVPN-enabled E-Tree VPLS services.
leaf-ac—
Specifies a SAP as a leaf access (AC) SAP. The default E-Tree SAP type is root-ac if leaf-ac (or root-leaf-tag) is not specified at SAP creation. This option is available when the VPLS is designated as an E-Tree VPLS. BGP EVPN-enabled E-Tree VPLS services also support the leaf-ac option.
split-horizon-group group-name
Specifies the name of the split horizon group to which the SAP belongs. This parameter applies to the 7450 ESS or 7750 SR only.
capture-sap—
Specifies a capturing SAP in which triggering packets are sent to the CPM. Non-triggering packets captured by the capture SAP is dropped. This parameter applies to the 7450 ESS or 7750 SR only.

sap

Syntax 
sap sap-id [create] [capture-sap]
Context 
[Tree] (config>service>vpls sap)
Full Contexts 
configure service vpls sap
Description 

This command declares a given SAP as a primary (or secondary) VPLS port.

The no form of this command reverts to the default.

Parameters 
capture-sap—
Specifies a capturing SAP in which triggering packets is sent to the CPM. Non-triggering packets captured by the capture SAP is dropped. This parameter applies to the 7450 ESS or 7750 SR only.
create—
Specifies to create a SAP instance. The create keyword requirement can be enabled or disabled in the environment>create context.

sap

Syntax 
sap sap-id [split-horizon-group group-name] [create] [capture-sap] [eth-ring ring-index]
sap sap-id [split-horizon-group group-name] [create] [capture-sap] [eth-ring ring-index] leaf-ac
sap sap-id [split-horizon-group group-name] [create] [capture-sap] [eth-ring ring-index] root-leaf-tag leaf-tag leaf-tag
no sap sap-id
Context 
[Tree] (config>service>vpls sap)
Full Contexts 
configure service vpls sap
Description 

This command creates a Service Access Point (SAP) within a service. A SAP is a combination of port and encapsulation parameters which identifies the service access point on the interface and within the 7450 ESS or 7750 SR. Each SAP must be unique. All SAPs must be explicitly created within a service or on an IP interface.

Enter an existing SAP without the create keyword to edit SAP parameters. The SAP is owned by the service in which it was created.

A SAP can only be associated with a single service. A SAP can only be defined on a port that has been configured as an access port using the config interface port-type port-id mode access command. Channelized TDM ports are always access ports (TDM applies to the 7750 SR only).

If a port is shut down, all SAPs on that port become operationally down. When a service is shut down, SAPs for the service are not displayed as operationally down although all traffic traversing the service is discarded. The operational state of a SAP is relative to the operational state of the port on which the SAP is defined.

The no form of this command deletes the SAP with the specified port. When a SAP is deleted, all configuration parameters for the SAP are also deleted. For Internet Ethernet Service (IES), the IP interface must be shut down before the SAP on that interface may be removed.

Special Cases 
VPLS SAP —
A VPLS SAP can be defined with Ethernet ports, SONET/SDH or TDM channels (TDM is supported on the 7750 SR only).

A default SAP has the following format: port-id:*. This type of SAP is supported only on Ethernet MDAs and its creation is allowed only in the scope of Layer 2 services (Epipe and VPLS). This type of SAP is mutually exclusive with a SAP defined by explicit null encapsulation (for example, 1/1/1:0).

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition.
port-id—
Specifies the physical port ID in the slot/mda/port format.

If the card in the slot has Media Dependent Adapters (MDAs) installed, the port-id must be in the slot_number/MDA_number/port_number [.channel] format. For example 6/2/3 specifies port 3 on MDA 2 in slot 6.

The port-id must reference a valid port type. When the port-id parameter represents SONET/SDH and TDM channels, the port ID must include the channel ID. A period “.” separates the physical port from the channel-id. The port must be configured as an access port.

If the SONET/SDH port is configured as clear-channel then only the port is specified.

group-name
Specifies the name of the split horizon group to which the SAP belongs. This parameter applies to the 7450 ESS or 7750 SR only.
capture-sap—
Specifies a capturing SAP in which triggering packets are sent to the CPM. Non-triggering packets captured by the capture SAP are dropped. This parameter applies to the 7450 ESS or 7750 SR only.
create—
Keyword used to create a SAP instance. The create keyword requirement can be enabled or disabled in the environment>create context.
root-leaf-tag—
Specifies a SAP as a root leaf tag SAP. Only SAPs of the form dot1q (for example, 1/1/1:X) or qinq (for example, 1/1/1:X.Y, 1/1/1:X.*) are supported. The default E-Tree SAP type is a root AC, if root-leaf-tag (or leaf-ac) is not specified at SAP creation. This option is only available when the VPLS is designated as an E-Tree VPLS.
leaf-tag-vid
Specifies to replace the outer SAP-ID for leaf traffic. The leaf tag VID is only significant between peering VPLS but the values must be consistent on each end.
leaf-ac—
Specifies a SAP as a leaf access (AC) SAP. The default E-Tree SAP type is root AC if leaf-ac (or root-leaf-tag) is not specified at SAP creation. This option is only available when the VPLS is designated as an E-Tree VPLS.

sap

Syntax 
[no] sap sap-id
Context 
[Tree] (config>service>vpls sap)
[Tree] (config>service>vpls>pbb>backbone-vpls sap)
Full Contexts 
configure service vpls pbb backbone-vpls sap
configure service vpls sap
Description 

This command configures attributes of a SAP on the B-VPLS service.

sap

Syntax 
sap sap-id [split-horizon-group group name] [create] [capture-sap] [eth-ring ring-index]
sap sap-id [split-horizon-group group name] [create] [capture-sap] [eth-ring ring-index] leaf-ac
sap sap-id [split-horizon-group group name] [create] [capture-sap] [eth-ring ring-index] root-leaf-tag leaf-tag
no sap sap-id
Context 
[Tree] (config>service>vpls sap)
Full Contexts 
configure service vpls sap
Description 

This command creates a Service Access Point (SAP) within a service. A SAP is a combination of port and encapsulation parameters which identifies the service access point on the interface and within the 7450 ESS, 7750 SR, and 7950 XRS. Each SAP must be unique.

All SAPs must be explicitly created. If no SAPs are created within a service or on an IP interface, a SAP will not exist on that object.

Enter an existing SAP without the create keyword to edit SAP parameters. The SAP is owned by the service in which it was created.

A SAP can only be associated with a single service. A SAP can only be defined on a port that has been configured as an access port using the config interface port-type port-id mode access command.

If a port is shutdown, all SAPs on that port become operationally down. When a service is shutdown, SAPs for the service are not displayed as operationally down although all traffic traversing the service will be discarded. The operational state of a SAP is relative to the operational state of the port on which the SAP is defined.

The no form of this command deletes the SAP with the specified port. When a SAP is deleted, all configuration parameters for the SAP will also be deleted. For Internet Enhanced Service (IES), the IP interface must be shutdown before the SAP on that interface may be removed.

Default 

No SAPs are defined.

Special Cases 
VPLS service SAP limits—
A VPLS SAP can be defined with Ethernet ports, SONET/SDH or TDM channels. The limits of the number of SAPs and SDPs supported in a VPLS service depends on the hardware used. Each SDP must have a unique destination or an error will be generated. Split horizon groups can only be created in the scope of a VPLS service.

A default SAP has the following format: port-id:*. This type of SAP is supported only on Ethernet MDAs and its creation is allowed only in the scope of Layer 2 services (Epipe and VPLS). This type of SAP is mutually exclusive with a SAP defined by explicit null encapsulation (for example, 1/1/1:0).

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition
create—
Keyword used to create a SAP instance. The create keyword requirement can be enabled/disabled in the environment>create context.
eth-ring—
When used with Ethernet Rings control the split horizon group accepts the major ring instance “value”. This parameter applies to the 7450 ESS or 7750 SR only. The split horizon group prevents loops in the cases where a Ethernet Virtual Ring is miss configured on the main ring. Each path a and path b major ring are configured in the group and associated with the sub-ring control instance in the VPLS service.
ring-index
Specifies the ring index of the Ethernet ring
root-leaf-tag—
Specifies a SAP as a root leaf tag SAP. Only SAPs of the form dot1q (for example, 1/1/1:X) or qinq (for example, 1/1/1:X.Y, 1/1/1:X.*) are supported. The default E-Tree SAP type is a root-ac, if root-leaf-tag (or leaf-ac) is not specified at SAP creation. This option is only available when the VPLS is designated as an E-Tree VPLS; it is not available on BGP EVPN-enabled E-Tree VPLS services.
leaf-tag-vid
Specified after root-leaf-tag to replace the outer SAP-ID for leaf traffic. The leaf tag VID is only significant between peering VPLS but the values must be consistent on each end. This option is not available on BGP EVPN-enabled E-Tree VPLS services.
leaf-ac—
Specifies a SAP as a leaf access (AC) SAP. The default E-Tree SAP type is root-ac if leaf-ac (or root-leaf-tag) is not specified at SAP creation. This option is available when the VPLS is designated as an E-Tree VPLS. BGP EVPN-enabled E-Tree VPLS services also support the leaf-ac option.
split-horizon-group group-name
Specifies the name of the split horizon group to which the SAP belongs. This parameter applies to the 7450 ESS or 7750 SR only.
capture-sap—
Specifies a capturing SAP in which triggering packets will be sent to the CPM. Non-triggering packets captured by the capture SAP will be dropped. This parameter applies to the 7450 ESS or 7750 SR only.

sap

Syntax 
sap sap-id [create] [no-endpoint]
sap sap-id [create] endpoint endpoint-name
no sap sap-id
Context 
[Tree] (config>service>apipe sap)
[Tree] (config>service>cpipe sap)
[Tree] (config>service>epipe sap)
[Tree] (config>service>fpipe sap)
[Tree] (config>service>ipipe sap)
Full Contexts 
configure service apipe sap
configure service cpipe sap
configure service epipe sap
configure service fpipe sap
configure service ipipe sap
Description 

This command creates a Service Access Point (SAP) within a service. A SAP is a combination of port and encapsulation parameters which identifies the service access point on the interface and within the device. Each SAP must be unique.

All SAPs must be explicitly created. If no SAPs are created within a service or on an IP interface, a SAP will not exist on that object.

Enter an existing SAP without the create keyword to edit SAP parameters. The SAP is owned by the service in which it was created.

A SAP can only be associated with a single service. A SAP can only be defined on a port that has been configured as an access port. Channelized TDM ports are always access ports.

If a port is shutdown, all SAPs on that port become operationally down. When a service is shutdown, SAPs for the service are not displayed as operationally down although all traffic traversing the service will be discarded.

The operational state of a SAP is relative to the operational state of the port on which the SAP is defined.

The following are supported on the 7750 SR only:

  1. ATM VPI/VCI on an ATM port for vc-type atm-vcc and atm-sdu
  2. ATM VPI on an ATM port for vc-type atm-vpc
  3. ATM virtual trunk - a range of VPIs on an ATM port for vc-type atm-cell
  4. ATM port for vc-type atm-cell
  5. ATM connection profile for vc-type atm-cell
  6. Frame Relay DLCI on a port for vc-type atm-sdu
  7. ATM SAP carries the IPv4 packet using RFC 2684, VC-Mux or LLC/SNAP routed PDU encapsulation for an Ipipe service
  8. Frame Relay SAP RFC 2427, routed PDU encapsulation for an Ipipe service
  9. Ethernet SAP RFC 1332, PPP IPCP encapsulation of an IPv4 packet for an Ipipe service
  10. Ethernet SAP HDLC SAP uses the routed IPv4 encapsulation for an Ipipe service
  11. ATM - Frame Relay, PPP/IPCP - PPP/IPCP
  12. Frame Relay-Frame Relay, ATM - ATM
  13. Ethernet-Ethernet
  14. cHDLC-cHDLC
  15. An ATM SAP can be part of an IMA bundle.
  16. A PPP SAP can be part of an MLPPP bundle.
  17. A FR SAP can be part of a MLFR bundle.

Ethernet SAPs support null, dot1q, and qinq is supported for all routers.

The no form of this command deletes the SAP with the specified port. When a SAP is deleted, all configuration parameters for the SAP will also be deleted. For Internet Enhanced Service (IES), the IP interface must be shutdown before the SAP on that interface may be removed.

By default, no SAPs are defined.

Special Cases 
Special Cases—
A SAP can be defined with Ethernet ports, SONET/SDH or TDM channels. At most, only one sdp-id can be bound to an VLL service. Since a VLL is a point-to-point service, it can have, at most, two end points. The two end points can be one SAP and one SDP or two SAPs. Up to 49 SDPs can be associated with a service in a single router. Each SDP must have a unique router destination, or an error will be generated.

A default SAP has the following format: port-id:*. This type of SAP is supported only on Ethernet MDAs and its creation is allowed only in the scope of Layer 2 services (Epipe and VPLS). This type of SAP is mutually exclusive with a SAP defined by explicit null encapsulation (for example, 1/1/1:0).

Two Frame Relay SAPs cannot be configured on an Apipe service on the 7750 SR. The limitation is for an Apipe service in local mode, which has two SAPs associated with the service, as opposed to a configuration with a SAP and a SDP in remote case, the only combination of the type of SAPs allowed is either two ATM SAPs or an ATM SAP and a Frame Relay SAP. The CLI prevents adding two Frame Relay SAPs under an Apipe service.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP.
port-id—
Specifies the physical port ID.

If the card in the slot has Media Dependent Adapters (MDAs) installed, the port-id must be in the slot_number/MDA_number/port_number format. For example 6/2/3 specifies port 3 on MDA 2 in slot 6.

The port-id must reference a valid port type. When the port-id parameter represents SONET/SDH and TDM channels, the port ID must include the channel ID. A period “.” separates the physical port from the channel-id. The port must be configured as an access port.

If the SONET/SDH port is configured as clear-channel then only the port is specified.

port-id

slot/mda/port [.channel]

eth-sat-id

esat-id/slot/port

esat

keyword

id

1 to 20

pxc-id

pxc-id.sub-port

pxc

keyword

id

1 to 64

sub-port

a, b

endpoint—
Adds a SAP endpoint association.
no endpoint—
Removes the association of a SAP or a spoke SDP with an explicit endpoint name.
create—
Keyword used to create a SAP instance. The create keyword requirement can be enabled/disabled in the environment>create context.
Output 

The following is an example of Apipe SAP information.

Sample Output
*A:bksim2801>config>service>apipe>sap$ 
=================================================================
ATM PVCs, Port 1/1/1 
=================================================================
VPI/VCI     Owner     Type     Ing.TD   Egr.TD  Adm  OAM     Opr 
-----------------------------------------------------------------
2/102      SAP       PVC       1        1       up   ETE-AIS dn 
10/100     SAP       PVC       1        1       up   ETE-AIS dn 
=================================================================
*A:bksim2801# 

sap

Syntax 
sap sap-id [create]
no sap sap-id
Context 
[Tree] (config>service>ies sap)
[Tree] (config>service>ies>if sap)
[Tree] (config>service>ies>sub-if sap)
[Tree] (config>service>vprn sap)
[Tree] (config>service>vprn>if sap)
[Tree] (config>service>vprn>sub-if sap)
Full Contexts 
configure service ies interface sap
configure service ies sap
configure service ies subscriber-interface sap
configure service vprn interface sap
configure service vprn sap
configure service vprn subscriber-interface sap
Description 

This command creates a Service Access Point (SAP) within a service. A SAP is a combination of port and encapsulation parameters which identifies the service access point on the interface and within the router. Each SAP must be unique.

All SAPs must be explicitly created. If no SAPs are created within a service or on an IP interface, a SAP will not exist on that object.

Enter an existing SAP without the create keyword to edit SAP parameters. The SAP is owned by the service in which it was created.

A SAP can only be associated with a single service. A SAP can only be defined on a port that has been configured as an access port using the config interface port-type port-id mode access command. For the 7750 SR, channelized TDM ports are always access ports.

If a port is shutdown, all SAPs on that port become operationally down. When a service is shutdown, SAPs for the service are not displayed as operationally down although all traffic traversing the service will be discarded. The operational state of a SAP is relative to the operational state of the port on which the SAP is defined.

Note:

Configure an IES interface as a loopback interface by issuing the loopback command instead of the sap sap-id command. The loopback flag cannot be set on an interface where a SAP is already defined and a SAP cannot be defined on a loopback interface.

The no form of this command deletes the SAP with the specified port. When a SAP is deleted, all configuration parameters for the SAP are also deleted. For Internet Enhanced Service (IES), the IP interface must be shutdown before the SAP on that interface may be removed. The no form of this command causes the ptp-hw-assist to be disabled.

Default 

No SAPs are defined.

Special Cases 
IES—
For the 7750 SR, an IES SAP can be defined with Ethernet ports, SONET/SDH or TDM channels. For the 7450 ESS, IES SAP can be defined with Ethernet or SONET/SDH ports. A SAP is defined within the context of an IP routed interface. Each IP interface is limited to a single SAP definition. For the 7750 SR, group interfaces allow more than one SAP. Attempts to create a second SAP on an IP interface fails and generate an error; the original SAP will not be affected.

Command syntax for the 7750 SR: sap ipsec-id.private | public:tag associates an IPsec group SAP with this interface. This is the public side for an IPsec tunnel. Tunnels referencing this IPsec group in the private side may be created if their local IP is in the subnet of the interface subnet and the routing context specified matches with the one of the interface.

This context provides a SAP to the tunnel. The operator may associate an ingress and egress QoS policies as well as filters and virtual scheduling contexts. Internally this creates an Ethernet SAP that will be used to send and receive encrypted traffic to and from the MDA. Multiple tunnels can be associated with this SAP. The “tag” will be a dot1q value. The operator may see it as an identifier. The range is limited to 1 to 4095.

SAP Tunnels—
sap tunnel-id.private | public:tag — This parameter associates a tunnel group SAP with this interface.

This context will provide a SAP to the tunnel. The operator may associate an ingress and egress QoS policies as well as filters and virtual scheduling contexts. Internally this creates an Ethernet SAP that will be used to send and receive encrypted traffic to and from the MDA. Multiple tunnels can be associated with this SAP. The “tag” will be a dot1q value. The operator may see it as an identifier. The range is limited to 1 to 4094.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition.
port-id—
Specifies the physical port ID in the slot/mda/port format.

If the card in the slot has Media Dependent Adapters (MDAs) installed, the port-id must be in the slot_number/MDA_number/port_number format. For example 61/2/3 specifies port 3 on MDA 2 in slot 61.

Table 129:  Port ID Syntax 

null

port-id | lag-id

dot1q

{port-id | lag-id}:{qtag1 | cp-conn-prof-id

qinq

{port-id | lag-id}:{qtag1 | cp-conn-prof-id}.{qtag2 | cp-conn-prof-id}

      cp: keyword

      conn-prof-id: 1 to 8000

port-id

slot/mda/port [.channel]

eth-sat-id

esat-id/slot/port

esat: keyword

id: 1 to20

pxc-id

psc-id.sub-port

pxc psc-id.sub-port

pxc: keyword

id: 1 to 64

sub-port: a, b

lag-id

lag-id

lag: keyword

id: 1 to 800

qtag1

0 to 4094

qtag2

* | null | 0 to 4094

The port-id must reference a valid port type. When the port-id parameter represents SONET/SDH and TDM channels (7750 SR), the port ID must include the channel ID. A period “.” separates the physical port from the channel-id. The port must be configured as an access port.

If the SONET/SDH port is configured as clear-channel then only the port is specified.

create—
Keyword used to create a SAP instance. The create keyword requirement can be enabled/disabled in the environment>create context.

sap

Syntax 
sap sap-id [create]
no sap sap-id
Context 
[Tree] (config>service>vprn>if sap)
Full Contexts 
configure service vprn interface sap
Description 

This command creates a Service Access Point (SAP) within a service. A SAP is a combination of port and encapsulation parameters which identifies the service access point on the interface and within the router. Each SAP must be unique.

All SAPs must be explicitly created. If no SAPs are created within a service or on an IP interface, a SAP will not exist on that object. Enter an existing SAP without the create keyword to edit SAP parameters. The SAP is owned by the service in which it was created.

A SAP can only be associated with a single service. A SAP can only be defined on a port that has been configured as an access port using the config interface port-type port-id mode access command. Channelized TDM ports are always access ports.

If a port is shut down, all SAPs on that port become operationally down. When a service is shut down, SAPs for the service are not displayed as operationally down although all traffic traversing the service will be discarded. The operational state of a SAP is relative to the operational state of the port on which the SAP is defined.

The no form of this command deletes the SAP with the specified port. When a SAP is deleted, all configuration parameters for the SAP will also be deleted. The no form of this command causes the ptp-h-assist to be disabled.

Default 

No SAPs are defined.

Special Cases 
VPRN—
A VPRN SAP must be defined on an Ethernet interface.

sap ipsec-id.private | public:tag — This parameter associates an IPsec group SAP with this interface. This is the public side for an IPsec tunnel. Tunnels referencing this IPsec group in the private side may be created if their local IP is in the subnet of the interface subnet and the routing context specified matches with the one of the interface.

This context will provide a SAP to the tunnel. The operator may associate an ingress and egress QoS policies as well as filters and virtual scheduling contexts. Internally this creates an Ethernet SAP that will be used to send and receive encrypted traffic to and from the MDA. Multiple tunnels can be associated with this SAP. The “tag” will be a dot1q value. The operator may see it as an identifier. The range is limited to 1 to 4094.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition.
port-id—
Specifies the physical port ID.

If the card in the slot has Media Dependent Adapters (MDAs) installed, the port-id must be in the slot_number/MDA_number/port_number format. For example 6/2/3 specifies port 3 on MDA 2 in slot 6.

The port-id must reference a valid port type. When the port-id parameter represents SONET/SDH and TDM channels the port ID must include the channel ID. A period “.” separates the physical port from the channel-id. The port must be configured as an access port.

If the SONET/SDH port is configured as clear-channel then only the port is specified.

port-id

slot/mda/port [.channel]

eth-sat-id

esat-id/slot/port

esat

keyword

id

1 to 20

pxc-id

pxc-id.sub-port

pxc

keyword

id

1 to 64

sub-port

a, b

create—
Keyword used to create a SAP instance.
split-horizon-group group-name
Specifies the name of the split horizon group to which the SAP belongs.

sap

Syntax 
sap sap-id [create]
no sap sap-id
Context 
[Tree] (config>service>vprn>sub-if>grp-if sap)
Full Contexts 
configure service vprn subscriber-interface group-interface sap
Description 

This command creates a SAP for the interface.

The no form of this command removes the SAP.

Parameters 
sap-id—
Specifies the SAP ID.

sap

Syntax 
[no] sap sap-id
Context 
[Tree] (debug>service>id>ppp sap)
Full Contexts 
debug service id ppp sap
Description 

This command enables PPP debug output for the specified SAP, this command allow multiple instances.

The no form of this command disables debugging.

Parameters 
sap-id—
Specifies the SAP ID.

sap

Syntax 
sap sap-id
no sap
Context 
[Tree] (config>service>vpls>site sap)
Full Contexts 
configure service vpls site sap
Description 

This command configures a SAP for the site.

The no form of this command removes the SAP ID from the configuration.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition.

sap

Syntax 
sap sap-id
no sap
Context 
[Tree] (config>service>vpls>site sap)
Full Contexts 
configure service vpls site sap
Description 

This command configures a SAP for the site.

The no form of this command removes the SAP ID from the configuration.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition

sap

Syntax 
[no] sap sap-id
Context 
[Tree] (debug>service>id>mrp sap)
Full Contexts 
debug service id mrp sap
Description 

This command filters debug events and only shows events for the particular SAP.

The no form of this command removes the debug filter.

Parameters 
sap-id—
The SAP ID.

sap

Syntax 
sap sap-id
no sap
Context 
[Tree] (config>service>epipe>site sap)
Full Contexts 
configure service epipe site sap
Description 

This command configures a SAP for the site.

The no form of this command removes the SAP ID from the configuration.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition.

sap

Syntax 
[no] sap sap-id
Context 
[Tree] (debug>service>id sap)
[Tree] (debug>service>id>dhcp sap)
[Tree] (debug>service>id>stp sap)
Full Contexts 
debug service id dhcp sap
debug service id sap
debug service id stp sap
Description 

This command enables STP debugging for a specific SAP.

The no form of the command disables debugging.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition.

sap

Syntax 
sap [split-horizon-group group-name] [create] [capture-sap]
no sap sap-id
Context 
[Tree] (config>service>vpls>mac-move>primary-ports sap)
[Tree] (config>service>vpls>mac-move>secondary-ports sap)
Full Contexts 
configure service vpls mac-move primary-ports sap
configure service vpls mac-move secondary-ports sap
Description 

This command declares a specified SAP as a primary (or secondary) VPLS port.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition

sap

Syntax 
[no] sap sap-id
Context 
[Tree] (debug>service>id>arp-host sap)
Full Contexts 
debug service id arp-host sap
Description 

This command displays ARP host events for a particular SAP.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition.

sap

Syntax 
[no] sap sap-id
Context 
[Tree] (debug>service>id>igmp-snooping sap)
Full Contexts 
debug service id igmp-snooping sap
Description 

This command shows IGMP packets for a specific SAP.

The no form of this command disables the debugging for the SAP.

sap

Syntax 
[no] sap sap-id
Context 
[Tree] (debug>service>id>mld sap)
Full Contexts 
debug service id mld-snooping sap
Description 

This command shows MLD packets for a specific SAP.

The no form of this command disables the debugging for the SAP.

sap

Syntax 
[no] sap sap-id
Context 
[Tree] (debug>service>id>host-connectivity-verify sap)
Full Contexts 
debug service id host-connectivity-verify sap
Description 

This command displays Subscriber Host Connectivity Verification (SHCV) events for a particular SAP.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition

sap

Syntax 
[no] sap sap-id
Context 
[Tree] (debug>service>id>host-connectivity-verify sap)
Full Contexts 
debug service id host-connectivity-verify sap
Description 

This command displays Subscriber Host Connectivity Verification (SHCV) events for a particular SAP.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition.

sap

Syntax 
sap card/mda/aa-svc:vlan [create]
no sap
Context 
[Tree] (config>service>vprn>aa-if sap)
Full Contexts 
configure service vprn aa-interface sap
Description 

This commands specifies which ISA card and which VLAN is used by a given AA Interface.

Default 

no sap

Parameters 
card/mda/aa-svc:vlan—
Specifies the AA ISA card slot/port and VLAN information.
create—
Keyword used to create the AARP instance.

sap

Syntax 
sap sap-id [create]
no sap sap-id
Context 
[Tree] (config>service>ies>aa-interface sap)
[Tree] (config>service>vprn>aa-interface sap)
Full Contexts 
configure service ies aa-interface sap
configure service vprn aa-interface sap
Description 

This command configures the AA interface SAP.

Parameters 
sap-id—
specifies the physical port identifier portion of the SAP definition.
create—
creates the SAP instance.

sap

Syntax 
sap sap-id [create] [no-endpoint]
sap sap-id [create] endpoint name
no sap
Context 
[Tree] (config>mirror>mirror-dest sap)
Full Contexts 
configure mirror mirror-dest sap
Description 

This command creates a service access point (SAP) within a mirror destination service. The SAP is owned by the mirror destination service ID.

The SAP is defined with port and encapsulation parameters to uniquely identify the (mirror) SAP on the interface and within the box. The specified SAP may be defined on an Ethernet access port with a dot1q, null, or q-in-q encapsulation type.

Only one SAP can be created within a mirror-dest service ID. If the defined SAP has not been created on any service within the system, the SAP is created and the context of the CLI will change to the newly created SAP. In addition, the port cannot be a member of a multi-link bundle, APS group or IMA bundle.

If the defined SAP exists in the context of another service ID, mirror-dest or any other type, an error is generated.

Mirror destination SAPs can be created on Ethernet interfaces that have been defined as an access interface. If the interface is defined as network, the SAP creation returns an error.

When the no form of this command is used on a SAP created by a mirror destination service ID, the SAP with the specified port and encapsulation parameters is deleted.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition.
no-endpoint—
Removes the association of a SAP or a sdp with an explicit endpoint name.
name
Specifies the name of the endpoint associated with the SAP.

sap

Syntax 
sap sap-id {[egress] [ingress]}
no sap sap-id [egress] [ingress]
Context 
[Tree] (config>mirror>mirror-source sap)
Full Contexts 
configure mirror mirror-source sap
Description 

This command enables mirroring of traffic ingressing or egressing a service access port (SAP). A SAP that is defined within a mirror destination cannot be used in a mirror source. The mirror source SAP referenced by the sap-id is owned by the service ID of the service in which it was created. The SAP is only referenced in the mirror source name for mirroring purposes. The mirror source association does not need to be removed before deleting the SAP from its service ID. If the SAP is deleted from its service ID, the mirror association is removed from the mirror source.

More than one SAP can be associated within a single mirror-source. Each SAP has its own ingress and egress parameter keywords to define which packets are mirrored to the mirror destination.

The SAP must be valid and properly configured. If the associated SAP does not exist, an error occurs and the command will not execute.

The same SAP cannot be associated with multiple mirror source definitions for ingress packets.

The same SAP cannot be associated with multiple mirror source definitions for egress packets.

If a particular SAP is not associated with a mirror source name, then that SAP will not have mirroring enabled for that mirror source.

Note that the ingress and egress options cannot be supported at the same time on a CEM encap-type SAP. The options must be configured in either the ingress or egress contexts (applies to the 7750 SR and 7950 XRS).

The no form of this command disables mirroring for the specified SAP. All mirroring for that SAP on ingress and egress is terminated. Mirroring of packets on the SAP can continue if more specific mirror criteria is configured. If the egress or ingress parameter keywords are specified in the no command, only the ingress or egress mirroring condition is removed.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition.
egress—
Specifies that packets egressing the SAP should be mirrored. Egress packets are mirrored to the mirror destination after egress packet modification.
ingress—
Specifies that packets ingressing the SAP should be mirrored. Ingress packets are mirrored to the mirror destination prior to ingress packet modification.

sap

Syntax 
sap sap-id {[ingress] [egress]}
no sap sap-id [ingress] [egress]
Context 
[Tree] (config>li>li-source sap)
Full Contexts 
configure li li-source sap
Description 

This command creates a service access point (SAP) within an LI configuration. The specified SAP must define a FastE, GigE, or XGigE, or XGigE access port with a dot1q, null, or q-in-q encapsulation type.

The intercept-id parameter configures the intercept IDs that is inserted into the packet header for all mirrored packets of the associated li-source entry.

The session-id parameter inserts the specified IDs into the packet header for all mirrored packets of the associated li-source entry.

When the no form of this command is used on a SAP, the SAP with the specified port and encapsulation parameters is deleted.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition.
egress—
Specifies that packets egressing the SAP should be mirrored. Egress packets are mirrored to the mirror destination after egress packet modification.
ingress—
Specifies that packets ingressing the SAP should be mirrored. Ingress packets are mirrored to the mirror destination prior to ingress packet modification.

sap

Syntax 
sap sap-id {[egress] [ingress]}
no sap sap-id [egress] [ingress]
Context 
[Tree] (debug>mirror-source sap)
Full Contexts 
debug mirror-source sap
Description 

This command enables mirroring of traffic ingressing or egressing a service access port (SAP). A SAP that is defined within a mirror destination cannot be used in a mirror source. The mirror source SAP referenced by the sap-id is owned by the service ID of the service in which it was created. The SAP is only referenced in the mirror source name for mirroring purposes. The mirror source association does not need to be removed before deleting the SAP from its service ID. If the SAP is deleted from its service ID, the mirror association is removed from the mirror source.

More than one SAP can be associated within a single mirror-source. Each SAP has its own ingress and egress parameter keywords to define which packets are mirrored to the mirror destination.

The SAP must be valid and properly configured. If the associated SAP does not exist, an error occurs and the command will not execute.

The same SAP cannot be associated with multiple mirror source definitions for ingress packets.

The same SAP cannot be associated with multiple mirror source definitions for egress packets.

If a particular SAP is not associated with a mirror source name, then that SAP will not have mirroring enabled for that mirror source.

Note that the ingress and egress options cannot be supported at the same time on a CEM encap-type SAP. The options must be configured in either the ingress or egress contexts (applies to the 7750 SR and 7950 XRS).

The no form of this command disables mirroring for the specified SAP. All mirroring for that SAP on ingress and egress is terminated. Mirroring of packets on the SAP can continue if more specific mirror criteria is configured. If the egress or ingress parameter keywords are specified in the no command, only the ingress or egress mirroring condition is removed.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition.
egress—
Specifies that packets egressing the SAP should be mirrored. Egress packets are mirrored to the mirror destination after egress packet modification.
ingress—
Specifies that packets ingressing the SAP should be mirrored. Ingress packets are mirrored to the mirror destination prior to ingress packet modification.

sap

Syntax 
[no] sap sap-id
Context 
[Tree] (config sap)
Full Contexts 
configure sap
Description 

This command specifies the physical port identifier portion of the SAP definition.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition.

The sap-id can be configured in one of the following formats:

Table 130:  sap-id Formats

Type

Syntax

Example

port-id

slot/mda/port[.channel]

1/1/5

null

[port-id | bundle-id| bpgrp-id | lag-id | aps-id]

port-id: 1/1/3

bundle-id: bundle-ppp-1/1.1

bpgrp-id: bpgrp-ima-1

lag-id: lag-3

aps-id: aps-1

dot1q

[port-id | bundle-id| bpgrp-id | lag-id | aps-id]:qtag1

port-id:qtag1: 1/1/3:100

bundle-id: bundle-ppp-1/1.1

bpgrp-id: bpgrp-ima-1

lag-id:qtag1:lag-3:102

aps-id:qtag1: aps-1:27

qinq

[port-id | bpgrp-id | lag-id]:qtag1.qtag2

port-id:qtag1.qtag2: 1/1/3:100.10

bpgrp-id: bpgrp-ima-1

lag-id:qtag1.qtag2: lag-10:

atm

[port-id | aps-id | bundle-id | bpgrp-id][:vpi/vci |vpi |vpi1.vpi2]

[port-id | aps-id [:vpi/vci |vpi | vpi1.vpi2 | cp.conn-prof-id]

port-id:  1/1/1

aps-id:   aps-1

vpi/vci:  16/26

vpi:    16

vpi1.vpi2: 16.200

cp.conn-prof-id: 1/2/1:cp.2

frame-relay

[port-id | aps-id]:dlci

port-id: 1/1/1:100

bundle-id: bundle-fr-3/1.1:100

aps-id: aps-1

dlci: 16

cisco-hdlc

slot/mda/port.channel

port-id: 1/1/3.1

The following values apply to the 7750 SR:

Values—

sap-id

null

{port-id | bundle-id | bpgrp-id | lag-id | aps-id}

{port-id | bundle-id | bpgrp-id | lag-id | aps-id | pw-id}:qtag1

{port-id | bundle-id | bpgrp-id | lag-id | pw-id}:qtag1.qtag2

{port-id | aps-id}[:{vpi/vci | vpi | vpi1.vpi2 | cp.conn-prof-id}]

dot1q

qinq

atm

cp

keyword

conn-prof-id

1 to 8000

frame

port-id | aps-id:dlci

cisco-hdlc

slot/mda/port.channel

cem

slot/mda/port.channel

ima-grp

bundle-id[:{vpi/vci | vpi | vpi1.vpi2 | cp.conn-prof-id}]

cp

keyword

conn-prof-id

1 to 8000

port-id

slot/mda/port[.channel]

bundle-id

bundle-type-slot/mda.bundle-num

bundle

keyword

type

ima, fr, ppp

bundle-num

1 to 336

bpgrp-id

bpgrp-type-bpgrp-num

bpgrp

keyword

type

ima, ppp

bpgrp-num

1 to 2000

aps-id

aps-group-id[.channel]

aps

keyword

group-id

1 to 64

ccag-id

ccag-id.path-id[cc-type] cc-id

ccag

keyword

id

1 to 8

path-id

a, b

cc-type

.sap-net, net-sap

cc-id

0 to 4094

eth-tunnel

eth-tunnel-id[:eth-tun-sap-id]

id

1 to 1024

eth-tun-sap-id

0 to 4094

lag-id

lag-id

lag

keyword

id

1 to 800

pw-id

pw-id

pw

keyword

id

1 to 10239

qtag1

*, 0 to 4094

qtag2

*, 0 to 4094

sap-id

pw-id:qtag1[.qtag2]

pw-

keyword

id

identifier for the pw-port [1 to 10239]

qtag1

value of the first 802.1 qtag

qtag2

value of the second 802.1 qtag

vpi

0 to 4095 (NNI)

0 to 255 (UNI)

vci

1, 2, 5 to 65535

dlci

16 to 1022

tunnel-id

tunnel-id.private|public:tag

tunnel

keyword

id

1 to 16

tag

0 to 4094

 

The following values apply to the 7450 ESS:
Values—

sap-id

null

[port-id | bundle-id | bpgrp-id | lag-id | aps-id]

dot1q

[port-id | bundle-id | bpgrp-id | lag-id | aps-id]:qtag1

qinq

[port-id | bundle-id | bpgrp-id | lag-id]:qtag1.qtag2

atm

[port-id | aps-id][:vpi/vci|vpi| vpi1.vpi2]

frame

[port-id | aps-id]:dlci

cisco-hdlc

slot/mda/port.channel

ima-grp

[bundle-id[:vpi/vci|vpi|vpi1.vpi2]

port-id

slot/mda/port[.channel]

bundle-id

bundle-type-slot/mda.bundle-num

bundle

keyword

type

ima, fr, ppp

bundle-num

1 to 336

bpgrp-id

bpgrp-type-bpgrp-num

bpgrp

keyword

type

ima, ppp

bpgrp-num

1 to 2000

aps-id

aps-group-id[.channel]

aps

keyword

group-id

1 to 64

ccag-id

ccag-id.path-id[cc-type]:cc-id

ccag

keyword

id

1 to 8

path-id

a, b

cc-type

.sap-net, .net-sap

cc-id

0 to 4094

eth-tunnel

eth-tunnel-id[:eth-tun-sap-id]

id

1 to 1024

eth-tun-sap-id

0 to 4094

lag-id

lag-id

lag

keyword

id

1 to 800

qtag1

0 to 4094

qtag2

*, 0 to 4094

sap-id

pw-<id>:<qtag1>[.<qtag2>]

pw

keyword

id

identifier for the pw-port [1 to 10239]

qtag1

value of the first 802.1 qtag

qtag2

value of the second 802.1 qtag

vpi

NNI: 0 to 4095

UNI: 0 to 255

vci

1, 2, 5 to 65535

dlci

16 to 1022

 

bundle-id—
Specifies the multilink bundle to be associated with this IP interface. This parameter applies to the 7450 ESS and 7750 SR. The bundle keyword must be entered at the beginning of the parameter.

The command syntax must be configured as follows:

bundle-id: bundle-type-slot-id/mda-slot.bundle-num

bundle-id value range: 1 to 336

For example:

*A:ALA-12>config# port bundle-ppp-5/1.1

*A:ALA-12>config>port# multilink-bundle

bgprp-id—
Specifies the bundle protection group ID to be associated with this IP interface. This parameter applies to the 7450 ESS and 7750 SR. The bpgrp keyword must be entered at the beginning of the parameter.

The command syntax must be configured as follows:

bpgrp-id: bpgrp-type-bpgrp-num

type: ima

bpgrp-num value range: 1 to 2000

For example:

*A:ALA-12>config# port bpgrp-ima-1 *A:ALA-12>config>service>vpls$ sap bpgrp-ima-1 create

qtag1, qtag2—
Specifies the encapsulation value used to identify the SAP on the port or sub-port. This parameter must be specifically defined.
Values—
qtag1: *, null, 0 to 4094 qtag2: *, null, 0 to 4094

 

The values depend on the encapsulation type configured for the interface. Table 131 describes the allowed values for the port and encapsulation types.
Table 131:  Permitted Values for Port Type and Encap Type

Port Type

Encap-Type

Allowed Values

Comments

Ethernet

Null

0

The SAP is identified by the port.

Ethernet

Dot1q

0 to 4094

The SAP is identified by the 802.1Q tag on the port. Note that a 0 qtag1 value also accepts untagged packets on the dot1q port.

Ethernet

QinQ

qtag1: *, null, 0 to 4094

qtag2: *, null, 0 to 4094

The SAP is identified by two 802.1Q tags on the port. Note that the following combinations of qtag1.qtag2 accept untagged packets: "0.*","*.null", "*.*" and "null.null".

SAPs "0.*" and "null.null" are not compatible on the same port, and they have higher priority than the SAPs "*.null" and "*.*".

SONET/SDH

IPCP

-

The SAP is identified by the channel. No BCP is deployed and all traffic is IP.

SONET/SDH TDM

BCP-Null

0

The SAP is identified with a single service on the channel. Tags are assumed to be part of the customer packet and not a service delimiter.

SONET/SDH TDM

BCP-Dot1q

0 to 4094

The SAP is identified by the 802.1Q tag on the channel.

SONET/SDH TDM

Frame Relay

16 to 991

The SAP is identified by the data link connection identifier (DLCI). This port type applies to the 7750 SR only.

SONET/SDH ATM

ATM

vpi (NNI) 0 to 4095

vpi (UNI) 0 to 255

vci 1, 2, 5 to 65535

The SAP is identified by port or by PVPC or PVCC identifier (vpi, vpi/vci, or vpi range). This port type applies to the 7750 SR only.

sap ipsec-id.private|public:tag
This parameter associates an IPsec group SAP with this interface. This parameter applies to the 7750 SR only. This is the public side for an IPsec tunnel. Tunnels referencing this IPsec group in the private side may be created if their local IP is in the subnet of the interface subnet and the routing context specified matches with the one of the interface.

This context will provide a SAP to the tunnel. The operator may associate an ingress and egress QoS policies as well as filters and virtual scheduling contexts. Internally this creates an Ethernet SAP that will be used to send and receive encrypted traffic to and from the MDA. Multiple tunnels can be associated with this SAP. The “tag” will be a dot1q value. The operator may see it as an identifier.

Values—
1 to 4095

 

pw-id—
Specifies the SAP identifier for PW SAPs. This parameter applies to the 7450 ESS and 7750 SR.

sap

Syntax 
sap sap-id [arbiter {root |name}] [ingress |egress] [interval seconds] [repeat repeat] [absolute |rate]
Context 
[Tree] (monitor>qos>arbiter-stats sap)
Full Contexts 
monitor qos arbiter-stats sap
Description 

This command monitors arbiter statistics for a SAP.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition.
name—
Specifies the name of the policer control policy arbiter, up to 32 characters. This parameter is mandatory if the SAP resides on a LAG in adapt-qoslink or port-fair mode.
root—
Specifies the arbiter to which this queue would be feeding.
ingress—
Displays scheduler-name statistics applied on the ingress SAP.
egress—
Displays scheduler-name statistics applied on the egress SAP.
seconds
Configures the interval for each display in seconds.
Values—
11 to 60

 

Default—
11 seconds
repeat—
Configures the number of times the command is repeated.
Values—
1 to 999

 

Default—
10
absolute—
Displays raw statistics, without processing. No calculations are performed on the delta or rate statistics.
rate—
Displays rate-per-second for each statistic instead of the delta.

sap

Syntax 
sap sap-id [scheduler scheduler-name] [ingress |egress] [interval seconds] [repeat repeat] [absolute |rate]
Context 
[Tree] (monitor>qos>scheduler-stats sap)
Full Contexts 
monitor qos scheduler-stats sap
Description 

Use this command to monitor scheduler statistics for a SAP at the configured interval until the configured count is reached.

The first screen displays the current statistics related to the specified SAP. The subsequent statistical information listed for each interval is displayed as a delta to the previous display.

When the keyword rate is specified, the rate-per-second for each statistic is displayed instead of the delta.

Monitor commands are similar to show commands but only statistical information displays. Monitor commands display the selected statistics according to the configured number of times at the interval specified.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition.
scheduler-name
Specifies an existing scheduler-name, up to 32 characters. Scheduler names are configured in the config>qos>scheduler-policy>tier level context. This parameter is mandatory if the SAP resides on a LAG in adapt-qoslink or port-fair mode.
ingress—
Displays scheduler-name statistics applied on the ingress SAP.
egress—
Displays scheduler-name statistics applied on the egress SAP.
seconds
Configures the interval for each display in seconds.
Values—
11 to 60

 

Default—
11 seconds
repeat
Configures how many times the command is repeated.
Values—
1 to 999

 

Default—
10
absolute—
Displays raw statistics, without processing. No calculations are performed on the delta or rate statistics.
rate—
Displays rate-per-second for each statistic instead of the delta.

sap

Syntax 
sap sap-id [interval seconds] [repeat repeat] [absolute |rate]
sap sap-id encap-group group-name [member encap-id] [interval seconds] [repeat repeat] [absolute |rate]
Context 
[Tree] (monitor>service>id sap)
Full Contexts 
monitor service id sap
Description 

This command monitors statistics for a SAP associated with this service.

This command displays statistics for a specific SAP, identified by the port-id and encapsulation value, at the configured interval until the configured count is reached.

The first screen displays the current statistics related to the SAP. The subsequent statistical information listed for each interval is displayed as a delta to the previous display. When the keyword rate is specified, the rate-per-second for each statistic is displayed instead of the delta.

Monitor commands are similar to show commands but only statistical information displays. Monitor commands display the selected statistics according to the configured number of times at the interval specified.

Parameters 
sap-id—
Specifies the physical port identifier portion of the SAP definition.
Values—

:null

port-id | bundle-id | bpgrp-id | lag-id | aps-id

dot1q

port-id | bundle-id | bpgrp-id | lag-id | aps-id | pw-id:[qtag1|cp-conn-prof-id]

qinq

port-id | bundle-id | bpgrp-id | lag-id | pw-id:[qtag1 cp-conn-prof-id].[qtag2 | cp-conn-prof-id]

cp

keyword

conn-prof-id

1 to 8000

atm

port-id | aps-id [:vpi/vci | vpi | vpi1.vpi2 | cp.conn-prof-id]

cp

keyword

conn-prof-id

1 to 8000

frame

port-id | aps-id:dlci

cisco-hdlc

slot/mda/port.channel

cem

slot/mda/port.channel

ima-grp

bundle-id [:vpi/vci | vpi | vpi1.vpi2 | cp.conn-prof-id]

cp

keyword

conn-prof-id

1 to 8000

port-id

slot/mda/port[.channel]

esat-id/slot/port

pxc-id.sub-port

bundle-id

bundle-type-slot/mda.-bundle-num

bundle

keyword

type

ima | fr | ppp

bundle-num

1 to 336

bpgrp-id

bpgrp-type-bpgrp-num

bgrp

keyword

type

ima | ppp

bgrp-num

1 to 2000

aps-id

aps-group-id[.channel]

aps

keyword

group-id

1 to 128

ccag-id

ccag-id.path-id[cc-type]:cc-id

ccag

keyword

id

1 to 8

path-id

a | b

cc-type

.sap-net | .net-sap

cc-id

1 to 4094

eth-tunnel

eth-tunnel-id[:eth-tun-sap-id]

id

1 to 1024

eth-tun-sap-id

0 to 4094

lag-id

lag-id

lag

keyword

id

1 to 800

pw-id

pw-id

pw

keyword

id

1 to 10239

qtag1

* | 0 to 4094

qtag2

* | null | 0 to 4094

vpi

0 to 4095 (NNI)

0 to 255 (UNI)

vci

1 | 2 | 5 to 65535

dlci

16 to 1022

tunnel-id

tunnel-id.private | public:tag

tunnel

keyword

id

1 to 16

tag

0 to 4094

 

port-id—
Specifies the physical port ID in the slot/mda/port, esat-id/slot/port or pxc-id.sub-port format.

If the card in the slot has XMAs/MDAs installed, the port-id must be in the slot_number/MDA_number/port_number format. For example, 6/2/3 specifies port 3 on XMA/MDA 2 in slot 6.

The port-id must reference a valid port type. When the port-id parameter represents SONET/SDH and TDM channels, the port ID must include the channel ID. A period “.” separates the physical port from the channel-id. The port must be configured as an access port. Channels are supported on the 7750 SR.

If the SONET/SDH port is configured as clear-channel then only the port is specified.

bundle-id—
Specifies the multilink bundle to be associated with this IP interface. The bundle keyword must be entered at the beginning of the parameter. This parameter applies to the 7750 SR.

The command syntax must be configured as follows:

bundle-id: bundle-type-slot-id/mda-slot.bundle-num

bundle-id value range: 1 to 128

For example:

*A:ALA-12>config#  port bundle-ppp-5/1.1
*A:ALA-12>config>port# multilink-bundle
bgprp-id—
Specifies the bundle protection group ID to be associated with this IP interface. The bpgrp keyword must be entered at the beginning of the parameter. This parameter applies to the 7750 SR.

The command syntax must be configured as follows:

bpgrp-id:

bpgrp-type-bpgrp-num

type:

ima

bpgrp-num value range:

1 to 1280

Example:

*A:ALA-12>config# port bpgrp-ima-1
*A:ALA-12>config>service>vpls$ sap bpgrp-ima-1
qtag1, qtag2—
Specifies the encapsulation value used to identify the SAP on the port or sub-port. If this parameter is not specifically defined, the default value is 0.
Values—

qtag1:

0 to 4094

qtag2 :

* | 0 to 4094

 

The values depends on the encapsulation type configured for the interface. Table 132 describes the allowed values for the port and encapsulation types.
Table 132:  qtag values by port and encapsulation type

Port Type

Encap-Type

Allowed Values

Comments

Ethernet

Null

0

The SAP is identified by the port.

Ethernet

Dot1q

0 to 4094

The SAP is identified by the 802.1Q tag on the port. Note that a 0 qtag1 value also accepts untagged packets on the dot1q port.

Ethernet

QinQ

qtag1: 0 to 4094

qtag2: 0 to 4094

The SAP is identified by two 802.1Q tags on the port. Note that a 0 qtag1 value also accepts untagged packets on the dot1q port.

SONET/SDH

IPCP

The SAP is identified by the channel. No BCP is deployed and all traffic is IP.

SONET/SDH TDM

BCP-Null

0

The SAP is identified with a single service on the channel. Tags are assumed to be part of the customer packet and not a service delimiter.

SONET/SDH TDM

BCP-Dot1q

0 to 4094

The SAP is identified by the 802.1Q tag on the channel.

SONET/SDH TDM

Frame Relay

16 to 991

The SAP is identified by the data link connection identifier (DLCI).

SONET/SDH ATM

ATM

vpi (NNI) 0 to 4095

vpi (UNI) 0 to 255

vci 1, 2, 5 to 65535

The SAP is identified by port or by PVPC or PVCC identifier (vpi, vpi/vci, or vpi range).

group-name—
Specifies the name of the encap group, up to 32 characters.
encap-id—
Specifies the value of the encapsulation ID to be displayed.
Values—
0 to 16777215

 

seconds
Configures the interval for each display, in seconds.
Values—
11 to 60

 

Default—
11
repeat—
Configures how many times the command is repeated.
Values—
1 to 999

 

Default—
10
absolute—
Displays absolute rate-per-second value for each statistic.
rate—
Displays rate-per-second for each statistic instead of the delta.
Output 

The following output is an example of SAP information.

Sample Output
*A:cses-A13# monitor service id 88  sap 1/1/2:0
===============================================================================
Monitor statistics for Service 88 SAP 1/1/2:0
===============================================================================
-------------------------------------------------------------------------------
At time t = 0 sec (Base Statistics)
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Sap Statistics
-------------------------------------------------------------------------------
Last Cleared Time     : N/A
                        Packets                 Octets
Forwarding Engine Stats
Dropped               : 0                       0
Off. HiPrio           : 0                       0
Off. LowPrio          : 0                       0
Off. Uncolor          : 0                       0
 
Queueing Stats(Ingress QoS Policy 1)
Dro. HiPrio           : 0                       0
Dro. LowPrio          : 0                       0
For. InProf           : 0                       0
For. OutProf          : 0                       0
 
Queueing Stats(Egress QoS Policy 1)
Dro. InProf           : 0                       0
Dro. OutProf          : 0                       0
For. InProf           : 0                       0
For. OutProf          : 0                       0
-------------------------------------------------------------------------------
Sap per Queue Stats
-------------------------------------------------------------------------------
                        Packets                 Octets
 
Ingress Queue 1 (Unicast) (Priority)
Off. HiPrio           : 0                       0
Off. LoPrio           : 0                       0
Dro. HiPrio           : 0                       0
Dro. LoPrio           : 0                       0
For. InProf           : 0                       0
For. OutProf          : 0                       0

sap

Syntax 
sap sap-id [create]
no sap sap-id
Context 
[Tree] (config>system>satellite>local-forward sap)
Full Contexts 
configure system satellite local-forward sap
Description 

This command configures a Service Access Point (SAP) used in satellite local forward instances defined in the system.

The no form of this command removes the satellite access point from the local-forward instance.

Parameters 
eth-sat-id—
Specifies the satellite access point in the local-forward instance in the esat-id/slot/port format.
Values—

esat

keyword

id

1 to 20

 

lag-id—
Specifies the LAG identifier, expressed as an integer,
Values—

lag

keyword

id

1 to 800

 

qtag1—
Specifies the qtag value.
Values—
1 to 4094

 

23.20. sap-egress

sap-egress

Syntax 
sap-egress {policy-id |policy-name} [create] [name name]
no sap-egress {policy-id |policy-name}
Context 
[Tree] (config>qos sap-egress)
Full Contexts 
configure qos sap-egress
Description 

This command is used to create or edit a Service Egress QoS policy. The egress policy defines the SLA for service packets as they egress on the SAP.

Policies are templates that can be applied to multiple services as long as the scope of the policy is template. The queues defined in the policy are not instantiated until a policy is applied to a service.

Sap-egress policies determine queue mappings based on ingress DSCP, IP precedence, dot1p, and IPv4 or IPv6 match criteria. Multiple queues can be created per forwarding class and each queue can have different CIR or PIR parameters.

Egress SAP QoS policies allow the definition of queues and the mapping of forwarding classes to those queues. Each queue needs to have a relative CIR for determining its allocation of QoS resources during periods of congestion. A PIR can also be defined that forces a hard limit on the packets transmitted through the queue. When the forwarding class is mapped to the queue, a DSCP, IP precedence, or dot1p value can optionally be specified.

The sap-egress policy with policy-id 1 is the default sap-egress QoS policy and is applied to service egress SAPs when an explicit policy is not specified or removed. The default sap-egress policy cannot be modified or deleted.

By default, all forwarding classes map to queue 1.

Any changes made to an existing policy, using any of the sub-commands, will be applied immediately to all egress SAPs where this policy is applied. For this reason, when many changes are required on a policy, it is highly recommended that the policy be copied to a work area policy-id. That work-in-progress policy can be modified until complete, then written over the original policy-id. Use the config qos copy command to maintain policies in this manner.

The no form of this command deletes the sap-egress policy. A policy cannot be deleted until it is removed from all service SAPs where it is applied. When a sap-egress policy is removed from a SAP, the SAP will revert to the default sap-egress policy-id 1.

Parameters 
policy-id—
The policy-id uniquely identifies the policy on the router.
Values—
1 to 65535

 

policy-name—
The policy-name uniquely identifies the policy.
Values—
64 characters maximum.

 

create—
Required parameter when creating a SAP QoS egress policy.
name
Configures an optional policy name, up to 64 characters in length, which adds a name identifier to a given policy to then use that policy name in configuration references as well as display and use policy names in show commands throughout the system. This helps the service provider or administrator to identify and manage sap-egress policies within the SR OS platforms.

All sap-egress policies are required to assign a policy ID to initially create a policy. However, either the policy ID or the policy name can be used to identify and reference a given policy once it is initially created.

If a name is not specified at creation time, then SR OS assigns a string version of the policy-id as the name.

Values—
64 characters maximum

 

sap-egress

Syntax 
sap-egress src-pol dst-pol [overwrite]
Context 
[Tree] (config>qos>copy sap-egress)
Full Contexts 
configure qos copy sap-egress
Description 

This command copies existing QoS policy entries for a QoS policy-id to another QoS policy-id.

The copy command is a configuration-level maintenance tool used to create new policies using existing policies. It also allows bulk modifications to an existing policy with the use of the overwrite keyword.

Parameters 
overwrite—
Specifies to replace the existing destination policy. Everything in the existing destination policy will be overwritten with the contents of the source policy. If overwrite is not specified, an error will occur if the destination policy ID exists.
Example:
SR>config>qos# copy sap-egress 1 1010
MINOR: CLI Destination "1010" exists use {overwrite}.
SR>config>qos# copy sap-egress 1 1010 overwrite
src-pol dst-pol —
Indicates that the source policy ID and the destination policy ID are SAP egress policy IDs. Specify the source policy ID that the copy command will attempt to copy from and specify the destination policy ID to which the command will copy a duplicate of the policy.
Values—
1 to 65535

 

23.21. sap-host-limit

sap-host-limit

Syntax 
sap-host-limit max-num-hosts-sap
no sap-host-limit
Context 
[Tree] (config>service>ies>sub-if>grp-if>arp-host sap-host-limit)
[Tree] (config>service>vprn>sub-if>grp-if>arp-host sap-host-limit)
Full Contexts 
configure service ies subscriber-interface group-interface arp-host sap-host-limit
configure service vprn subscriber-interface group-interface arp-host sap-host-limit
Description 

This command configures the maximum number of ARP hosts per SAP.

The no form of this command reverts to the default.

Default 

sap-host-limit 1

Parameters 
max-num-hosts-sap—
Specifies the maximum number of ARP hosts per SAP allowed on this interface.
Note:

The operational maximum value may be smaller due to equipped hardware dependencies.

Values—
1 to 131071

 

sap-host-limit

Syntax 
sap-host-limit max-num-hosts-sap
no sap-host-limit
Context 
[Tree] (config>service>ies>sub-if>grp-if sap-host-limit)
Full Contexts 
configure service ies subscriber-interface group-interface sap-host-limit
Description 

This command configures the maximum number of ARP hosts per SAP.

Parameters 
max-num-hosts-sap—
Specifies the maximum number of ARP hosts per SAP allowed on this IES interface.
Values—
1 to 32767

 

23.22. sap-id

sap-id

Syntax 
sap-id sap-id
no sap-id
Context 
[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host>host-ident sap-id)
Full Contexts 
configure subscriber-mgmt local-user-db ipoe host host-identification sap-id
Description 

This command specifies the SAP ID from the Nokia vendor-specific sub-option in Option 82 to match.

The no form of this command returns to the default.

Parameters 
sap-id—
Specifies a SAP ID, up to 255 characters.

sap-id

Syntax 
[no] sap-id
Context 
[Tree] (config>service>vpls>sap>dhcp>option>vendor sap-id)
[Tree] (config>service>vprn>if>dhcp>option>vendor sap-id)
[Tree] (config>service>vprn>sub-if>grp-if>dhcp>option>vendor sap-id)
[Tree] (config>service>ies>sub-if>grp-if>dhcp>option>vendor sap-id)
[Tree] (config>subscr-mgmt>msap-policy>vpls-only>dhcp>option>vendor sap-id)
Full Contexts 
configure service ies subscriber-interface group-interface dhcp option vendor-specific-option sap-id
configure service vpls sap dhcp option vendor-specific-option sap-id
configure service vprn interface dhcp option vendor-specific-option sap-id
configure service vprn subscriber-interface group-interface dhcp option vendor-specific-option sap-id
configure subscriber-mgmt msap-policy vpls-only-sap-parameters dhcp option vendor-specific-option sap-id
Description 

This command enables the sending of the SAP ID in the Nokia vendor-specific sub-option of the DHCP relay packet.

The no form of this command disables the sending of the SAP ID in the Nokia vendor-specific sub-option of the DHCP relay packet.

sap-id

Syntax 
sap-id sap-string
no sap-id
Context 
[Tree] (config>service>dynsvc>ladb>user>idx sap-id)
Full Contexts 
configure service dynamic-services local-auth-db user-name index sap-id
Description 

This command specifies the dynamic data service SAP that is created. A dynamic service SAP ID uniquely identifies a dynamic data service instance. For a local authenticated dynamic service data trigger, one of the dynamic service SAP IDs must be the data trigger SAP.

The no form of this command removes the sap-id from the configuration.

Parameters 
sap-string—
Specifies a string representing the dynamic service SAP ID (only SAPs on Ethernet ports and LAGs are valid), up to 64 characters.

23.23. sap-ingress

sap-ingress

Syntax 
sap-ingress {policy-id |policy-name} [create] [name name]
no sap-ingress {policy-id |policy-name}
Context 
[Tree] (config>qos sap-ingress)
Full Contexts 
configure qos sap-ingress
Description 

This command is used to create or edit the ingress policy. The ingress policy defines the SLA enforcement that service packets receive as they ingress a SAP. SLA enforcement is accomplished through the definition of queues that have Forwarding Class (FC), Fair Information Rate (FIR), Committed Information Rate (CIR), Peak Information Rate (PIR), Committed Burst Size (CBS), and Maximum Burst Size (MBS) characteristics.

Policies in effect are templates that can be applied to multiple services as long as the scope of the policy is template. Queues defined in the policy are not instantiated until they are assigned to at least one forwarding class and a policy is applied to a service SAP.

It is possible that a SAP ingress policy will include the dscp map command, the dot1p map command, and an IP or MAC match criteria. When multiple matches occur for the traffic, the order of precedence will be used to arrive at the final action. The order of precedence is as follows:

  1. 802.1p bits
  2. DSCP
  3. IP quintuple or MAC headers

The SAP ingress policy with policy-id 1 is a system-defined policy applied to services when no other policy is explicitly specified. The system SAP ingress policy cannot be modified or deleted. The default SAP ingress policy defines one unicast and one multipoint queue associated with all forwarding classes, with an FIR of zero, a CIR of zero, and a PIR of line rate.

Any changes made to the existing policy, using any of the sub-commands, are applied immediately to all services where this policy is applied. For this reason, when many changes are required on a policy, it is recommended that the policy be copied to a work area policy ID. That work-in-progress policy can be modified until complete, then written over the original policy-id. Use the config>qos>copy command to maintain policies in this manner.

The no form of this command deletes the SAP ingress policy. A policy cannot be deleted until it is removed from all services where it is applied.

Parameters 
policy-id —
The policy-id uniquely identifies the policy.
Values—
1 to 65535

 

policy-name—
The policy-name uniquely identifies the policy.
Values—
64 characters maximum

 

create—
Required parameter when creating a SAP QoS ingress policy.
name name
Configures an optional policy name, up to 64 characters in length, which adds a name identifier to a given policy to then use that policy name in configuration references as well as display and use policy names in show commands throughout the system. This helps the service provider/administrator to identify and manage sap-ingress policies within the SR OS platforms.

All sap-ingress policies are required to assign a policy ID to initially create a policy. However, either the policy ID or the policy name can be used to identify and reference a given policy once it is initially created.

If a name is not specified at creation time, then SR OS assigns a string version of the policy-id as the name.

Values—
64 characters maximum

 

sap-ingress

Syntax 
sap-ingress src-pol dst-pol [overwrite]
Context 
[Tree] (config>qos>copy sap-ingress)
Full Contexts 
configure qos copy sap-ingress
Description 

This command copies existing QoS policy entries for a QoS policy-id to another QoS policy-id.

The copy command is a configuration-level maintenance tool used to create new policies using existing policies. It also allows bulk modifications to an existing policy with the use of the overwrite keyword.

Parameters 
overwrite—
Specifies to replace the existing destination policy. Everything in the existing destination policy will be overwritten with the contents of the source policy. If overwrite is not specified, an error will occur if the destination policy ID exists.
Example:
SR>config>qos# copy sap-egress 1 1010
MINOR: CLI Destination "1010" exists use {overwrite}.
SR>config>qos# copy sap-egress 1 1010 overwrite
src-pol dst-pol —
Indicates that the source policy ID and the destination policy ID are SAP ingress policy IDs. Specify the source policy ID that the copy command will attempt to copy from and specify the destination policy ID to which the command will copy a duplicate of the policy.
Values—
1 to 65535

 

23.24. sap-limit

sap-limit

Syntax 
sap-limit [limit]
no sap-limit
Context 
[Tree] (config>service>dynsvc>policy sap-limit)
Full Contexts 
configure service dynamic-services dynamic-services-policy sap-limit
Description 

This command specifies a limit for the number of dynamic data service instances (SAPs) that can be setup simultaneously using a given dynamic services policy.

A value of zero (0) means the policy is drained: existing dynamic data services can be modified and torn down but no new dynamic data services can be setup.

Default 

sap-limit 1

Parameters 
limit
Specifies the number of dynamic data service SAPs that can be setup simultaneously using this dynamic services policy.
Values—
0 to 131072

 

23.25. sap-parameters

sap-parameters

Syntax 
sap-parameters
Context 
[Tree] (config>service>ies>sub-if>grp-if sap-parameters)
[Tree] (config>service>vprn>sub-if>grp-if sap-parameters)
Full Contexts 
configure service ies subscriber-interface group-interface sap-parameters
configure service vprn subscriber-interface group-interface sap-parameters
Description 

This command enables the context to configure parameters that can be applied to automatically-generated internal SAPs.

23.26. sap-session-index

sap-session-index

Syntax 
[no] sap-session-index
Context 
[Tree] (config>subscr-mgmt>auth-policy>include-radius-attribute sap-session-index)
Full Contexts 
configure subscriber-mgmt authentication-policy include-radius-attribute sap-session-index
Description 

This command includes sap-session-index attributes.

The no form of this command excludes sap-session-index attributes.

sap-session-index

Syntax 
[no] sap-session-index
Context 
[Tree] (config>subscr-mgmt>acct-plcy>include-radius-attribute sap-session-index)
[Tree] (config>subscr-mgmt>auth-plcy>include-radius-attribute sap-session-index)
Full Contexts 
configure subscriber-mgmt accounting-policy include-radius-attribute sap-session-index
configure subscriber-mgmt authentication-policy include-radius-attribute sap-session-index
Description 

This command enables the generation of the per-SAP unique session index.

The no form of this command excludes sap-session-index attributes.

23.27. sap-session-limit

sap-session-limit

Syntax 
sap-session-limit sap-session-limit
no sap-session-limit
Context 
[Tree] (config>service>ies>sub-if>grp-if>pppoe sap-session-limit)
[Tree] (config>service>vprn>sub-if>grp-if>pppoe sap-session-limit)
Full Contexts 
configure service ies subscriber-interface group-interface pppoe sap-session-limit
configure service vprn subscriber-interface group-interface pppoe sap-session-limit
Description 

This command specifies the number of PPPoE hosts per SAP allowed for this group-interface.

The no form of this command reverts to the default.

Default 

sap-session-limit 1

Parameters 
sap-session-limit—
Specifies the number of PPPoE hosts per SAP allowed.
Note:

The operational maximum value may be smaller due to equipped hardware dependencies.

Values—
1 to 131071

 

sap-session-limit

Syntax 
sap-session-limit sap-session-limit
no sap-session-limit
Context 
[Tree] (config>service>ies>sub-if>grp-if>ipoe-session sap-session-limit)
[Tree] (config>service>vprn>sub-if>grp-if>ipoe-session sap-session-limit)
Full Contexts 
configure service ies subscriber-interface group-interface ipoe-session sap-session-limit
configure service vprn subscriber-interface group-interface ipoe-session sap-session-limit
Description 

This command specifies the number of IPoE sessions per SAP allowed for this group-interface.

The no form of this command reverts to the default.

Default 

sap-session-limit 1

Parameters 
sap-session-limit —
Specifies the number of allowed IPoE sessions.
Note:

The operational maximum value may be smaller due to equipped hardware dependencies.

Values—
1 to 131071 131071 on wlan-gw group interfaces

 

23.28. sap-template

sap-template

Syntax 
sap-template sap-template
no sap-template
Context 
[Tree] (config>service>vpls>wlan-gw sap-template)
Full Contexts 
configure service vpls wlan-gw sap-template
Description 

This command specifies the VPLS SAP template that is applied on the internal SAPs created for communication between the VPLS and the ISAs.

The no form of this command removes the SAP template.

Parameters 
sap-template —
Specifies the existing SAP template to apply. The template is created in the config>service>template context.

sap-template

Syntax 
sap-template name [create]
no sap-template name
Context 
[Tree] (config>subscr-mgmt sap-template)
Full Contexts 
configure subscriber-mgmt sap-template
Description 

This command configures a template that specifies parameters for automatically generated subscriber SAPs, for example, when creating CUPS sessions. A template with the name "default" is used if no specific name is provided, but this must be manually provisioned.

The no form of this command removes the template.

Parameters 
name—
Specifies the name of the PFCP association, up to 32 characters.
create—
Keyword used to create the SAP template.

23.29. sap-template-binding

sap-template-binding

Syntax 
sap-template-binding name/id
no sap-template-binding
Context 
[Tree] (config>service>vpls>vpls-group sap-template-binding)
Full Contexts 
configure service vpls vpls-group sap-template-binding
Description 

This command configures the binding to a SAP template to be used to instantiate SAPs in the data VPLS using as input variables the VLAN IDs generated by the vid-range command.

The no form of this command removes the binding and deletes the related SAP instances. The command will fail if any of the affected VPLS instances have either a provisioned SAP or an active MVRP declaration/registration or if the related vpls-group is in no shutdown state. Any changes to the sap-template-binding require the vpls-group to be in shutdown state. New control SAP additions to the management VPLS are allowed as long as data VPLS instantiations/removals for vpls-groups are not in progress. Control SAPs can be removed at any time generating the removal of related data SAPs from the data VPLS. The shutdown or no shutdown state for the control SAPs does not have any effect on data SAPs instantiated with this command.

Default 

no sap-template-binding

Parameters 
name—
Specifies the name of the VPLS template
Values—
ASCII character string

 

id—
Specifies the ID of the VPLS template
Values—
1 to 8196

 

23.30. sat-type

sat-type

Syntax 
sat-type sat-type [port-template template-name]
no sat-type
Context 
[Tree] (config>system>satellite>eth-sat sat-type)
[Tree] (config>system>satellite>tdm-sat sat-type)
Full Contexts 
configure system satellite eth-sat sat-type
configure system satellite tdm-sat sat-type
Description 

This command configures the type of satellite variant for the associated satellite chassis.

The no form of the command deletes the sat-type configuration.

Default 

no sat-type

Parameters 
sat-type
Specifies the satellite type. Configuration of the following variants is supported:
es24-1gb-sfp —
Specifies the 24xGE (SFP) + 4x10GE Ethernet satellite.
es48-1gb-sfp —
Specifies the 48xGE (SFP) + 4x10GE Ethernet satellite.
es24-sass-1gb-sfp —
Specifies the SAS-S 24xGE (SFP) + 4x10GE Ethernet satellite.
es48-sass-1gb-sfp —
Specifies the SAS-S 48xGE (SFP) + 4x10GE Ethernet satellite.
es24-1gb-tx —
Specifies the 24xGE (copper) + 4x10GE Ethernet satellite.
es48-1gb-tx —
Specifies the 48xGE (copper) + 4x10GE Ethernet satellite.
es24-1gb-tx—
Specifies the 24-port copper + PoE Ethernet satellite.
es48-1gb-tx—
Specifies the 48-port copper + PoE Ethernet satellite.
es64-10gb-sfpp+4-100gb-cfp4—
Specifies the 64x10GE + 4x100GE Ethernet satellite.
es64-10gb-sfpp+4-100gb-qsfp28—
Specifies the 64x10GE + 4xQSFP28 Ethernet satellite.
es24-sasmxp-1gb-sfp—
Specifies the 7210 SAS-Mxp as an ethernet satellite.
ts4-choc3-sfp—
Specifies the 4-port OC3 TDM satellite.
ts4-chstm1-sfp—
Specifies the 4-port STM1 TDM satellite.
ts1-choc12-sfp—
Specifies the 1-port OC12 TDM satellite.
ts1-chstm4-sfp—
Specifies the 1-port STM4 TDM satellite.
template-name—
Specifies the name for the associated port template.

23.31. satellite

satellite

Syntax 
satellite
Context 
[Tree] (config>system satellite)
Full Contexts 
configure system satellite
Description 

This command enables the satellite configuration context. Within the satellite context, the administrator can specify the configuration details for a satellite chassis that is hosted by the associated local system.

satellite

Syntax 
satellite
Context 
[Tree] (admin satellite)
Full Contexts 
admin satellite
Description 

This command performs satellite operations.

23.32. save

save

Syntax 
save
Context 
[Tree] (config>li save)
Full Contexts 
configure li save
Description 

This command is required to save LI configuration parameters.

save

Syntax 
save [cflash-id]
Context 
[Tree] (bof save)
Full Contexts 
bof save
Description 

This command uses the boot option parameters currently in memory and writes them from the boot option file to the specified compact flash.

The BOF must be located in the root directory of the internal or external compact flash drives local to the system and have the mandatory filename of bof.cfg.

If a location is not specified, the BOF is saved to the default compact flash drive (cf3:) on the active CPM (typically the CPM in slot A, but the CPM in slot B could also be acting as the active CPM). The slot name is not case-sensitive. You can use upper or lowercase “A” or “B”.

Command usage:

  1. bof save — saves the BOF to the default drive (cf3:) on the active CPM (either in slot A or B)
  2. bof save cf3: — saves the BOF to cf3: on the active CPM (either in slot A or B)

To save the BOF to a compact flash drive on the standby CPM (for example, the redundant (standby) CPM is installed in slot B), specify -A or -B option.

Command usage:

  1. bof save cf3-A: — saves the BOF to cf3: on CPM in slot A whether it is active or standby
  2. bof save cf3-B: — saves the BOF to cf3: on CPM in slot B whether it is active or standby

The slot name is not case-sensitive. You can use upper or lowercase “A” or “B”.

The bof save and show bof commands allow you to save to or read from the compact flash of the standby CPM. Use the show card command to determine the active and standby CPM (A or B).

Default 

Saves must be explicitly executed. The BOF is saved to cf3: if a location is not specified.

Parameters 
flash-id—
Specifies the compact flash ID where the bof.cfg is to be saved.
Values—
cf1:, cf1-A:, cf1-B:, cf2:, cf2-A:, cf2-B:, cf3:, cf3-A:, cf3-B:

 

Default—
cf3:

save

Syntax 
save file-url
Context 
[Tree] (candidate save)
Full Contexts 
candidate save
Description 

This command saves the current candidate to a file.

Parameters 
file-url—
Specifies the directory and filename.

save

Syntax 
save [comment comment] [rescue]
Context 
[Tree] (admin>rollback save)
Full Contexts 
admin rollback save
Description 

If the optional rescue keyword is not used, this command saves a rollback checkpoint at the location and with the filename specified by the rollback-location with a suffix of .rb. The previously saved checkpoints will have their suffixes incremented by one (.rb.1 becomes .rb.2, and so on). If there are already as many checkpoint files as the maximum number supported, then the last checkpoint file is deleted.

If the rescue keyword is used, then this command saves the current operational configuration as a rescue configuration at the location and with the filename specified by the rescue location. The filename will have the suffix .rc appended.

Parameters 
comment-string—
Specifies a comment, up to 255 characters, that is associated with the checkpoint.
rescue—
Saves the rescue checkpoint instead of a normal rollback checkpoint.

save

Syntax 
save [file-url] [detail] [index]
Context 
[Tree] (admin save)
Full Contexts 
admin save
Description 

This command saves the running configuration to a configuration file. For example:

A:ALA-1>admin# save ftp://test:test@192.168.x.xx/./100.cfg
Saving configuration .........Completed.

By default, the running configuration is saved to the primary configuration file.

Parameters 
file-url—
Specifies the file URL location to save the configuration file.
Values—

local-url | remote-url

local-url

[cflash-id/][file-path] 200 chars max, including cflash-id

directory length 99 chars max each

remote-url

[{ftp:// | tftp://}login:pswd@remote-locn/][file-path]

243 chars max

directory length 99 chars max each

remote-locn

[hostname | ipv4-address | ipv6-address]

ipv4-address

a.b.c.d

ipv6-address

x:x:x:x:x:x:x:x[-interface]

x:x:x:x:x:x:d.d.d.d[-interface]

x - [0 to FFFF]H

d - [0 to 255]D

interface - 32 chars max, for link local addresses

cflash-id

cf1:, cf1-A:, cf1-B:, cf2:, cf2-A:, cf2-B:, cf3:, cf3-A:, cf3-B:

 

Default—
the primary configuration file location
detail—
Saves both default and non-default configuration parameters.
index—
Forces a save of the persistent index file regardless of the persistent status in the BOF file. The index option can also be used to avoid an additional boot required while changing your system to use the persistence indices.

23.33. save-deterministic-script

save-deterministic-script

Syntax 
save-deterministic-script
Context 
[Tree] (admin>nat save-deterministic-script)
Full Contexts 
admin nat save-deterministic-script
Description 

This command saves the script that calculates Deterministic NAT map entries.

Once the location for the Python deterministic NAT script is configured, the script is generated/updated every time deterministic NAT configuration is modified. However, the script must be manually exported to the remote location. This command triggers the export of the script to a remote location.

23.34. saved-ind-prompt

saved-ind-prompt

Syntax 
[no] saved-ind-prompt
Context 
[Tree] (environment saved-ind-prompt)
Full Contexts 
environment saved-ind-prompt
Description 

This command enables saved indicator in the prompt. When changes are made to the configuration file a “*” appears in the prompt string indicating that the changes have not been saved. When an admin save command is executed the “*” disappears.

*A:ALA-48# admin save
Writing file to ftp://192.0.2.43/./sim48/sim48-config.cfg
Saving configuration .... Completed.
A:ALA-48#

23.35. scaling-profile

scaling-profile

Syntax 
scaling-profile {profile1 |profile2}
Context 
[Tree] (config>isa>nat-group scaling-profile)
Full Contexts 
configure isa nat-group scaling-profile
Description 

This command specifies the scaling profile for the NAT group that contains an ESA-VM or a VSR virtual-ISA.

Default 

scaling-profile profile1

Parameters 
profile1 —
Specifies to activate the lower-scaling profile that requires less memory. Contact your Nokia representative for more information about profile1.
profile2 —
Specifies to activate the higher-scaling profile that requires more memory. Contact your Nokia representative for more information about profile 2.

23.36. sched-run-min-int

sched-run-min-int

Syntax 
sched-run-min-int percent-of-default
no sched-run-min-int
Context 
[Tree] (config>card>virt-sched-adj sched-run-min-int)
Full Contexts 
configure card virtual-scheduler-adjustment sched-run-min-int
Description 

This command overrides the default minimum time that must elapse before a virtual scheduler may redistribute bandwidth based on changes to the offered rates of member policers or queues. A minimum run interval is enforced to allow a minimum amount of “batching” queue changes before reacting to the changed rates. This minimum interval is beneficial since the periodic function of determining policer or queue offered rates is performed sequentially and the interval allows a number policer and queue rates to be determined prior to determining the distribution of bandwidth to the policers and queues.

The default minimum scheduler run interval is 0.5 seconds. The sched-run-min-int command uses a percent value to modify the default interval.

The no form of this command restores the default minimum scheduler run interval for all virtual schedulers on the card.

Default 

no sched-run-min-int

Parameters 
percent-of-default—
Specifies that the percent-of-default parameter is required and is used to modify the default minimum scheduler run interval for all virtual schedulers on the card. Defining 100.00 percent is equivalent to removing the override (restoring the default) for the minimum scheduler run interval.
Values—
0.01% to 1000.00%

 

Default—
100.00%

23.37. schedule

schedule

Syntax 
[no] schedule schedule-name [owner schedule-owner]
Context 
[Tree] (config>system>cron schedule)
Full Contexts 
configure system cron schedule
Description 

This command configures the type of schedule to run, including one-time only (oneshot), periodic or calendar-based runs. All runs are determined by month, day of month or weekday, hour, minute and interval (seconds).

The no form of the command removes the context from the configuration.

Parameters 
schedule-name—
Specifies the name of the schedule. The name can be up to 32 characters.
schedule-owner
Specifies the owner name of the schedule. The name can be up to 32 characters.
Default—
TiMOS CLI

23.38. schedule-type

schedule-type

Syntax 
schedule-type schedule-type
Context 
[Tree] (config>system>security>pki>ca-prof>auto-crl-update schedule-type)
Full Contexts 
configure system security pki ca-profile auto-crl-update schedule-type
Description 

This command specifies the schedule type for auto CRL update. The system supports two types:

  1. periodic: — The system will download a CRL periodically at the interval configured via the periodic-update-interval command. For example, if the periodic-update-interval is 1 day, then the system will download a CRL every 1 day. The minimal periodic-update-interval is 1 hour.
  2. next-update-based — The system will download a CRL at the time = Next_Update_of_existing_CRL minus pre-update-time. For example, if the Next-Update of the existing CRL is 2015-06-30 06:00 and pre-update-time is 1 hour, then the system will start downloading at 2015-06-30, 05:00.
Default 

schedule-type next-update-based

Parameters 
schedule-type—
Specifies the type of time scheduler to update the CRL.
Values—
periodic, next-update-based

 

23.39. schedule-using-class

schedule-using-class

Syntax 
scheduling-using-class class
no scheduling-using-class
Context 
[Tree] (config>qos>hsmda-wrr-policy schedule-using-class)
Full Contexts 
configure qos hsmda-wrr-policy schedule-using-class
Description 

This command specifies the scheduling class for the HSMDA WRR scheduling loop policy. This command specifies which scheduling class the scheduling loop will participate with on the system.

The no form of this command removes the explicit scheduling class value from the HSMDA WRR policy.

Parameters 
class—
Specifies scheduling class for the HSMDA WRR policy.
Values—
1, 2, 3

 

23.40. scheduler

scheduler

Syntax 
scheduler scheduler-name rate pir-rate [cir cir-rate]
no scheduler scheduler-name
Context 
[Tree] (config>subscr-mgmt>sub-prof>egress>sched scheduler)
[Tree] (config>subscr-mgmt>sub-prof>ingress>sched scheduler)
Full Contexts 
configure subscriber-mgmt sub-prof egress sched scheduler
configure subscriber-mgmt sub-prof ingress sched scheduler
Description 

This command provides a way to override parameters of the existing scheduler associated with the egress or ingress scheduler policy. A scheduler defines bandwidth controls that limit each child (other schedulers and queues) associated with the scheduler. Scheduler objects are created within the hierarchical tiers of the policy. It is assumed that each scheduler created will have queues or other schedulers defined as child associations. The scheduler can be a child (take bandwidth from a scheduler in a higher tier).

The no form of this command reverts to the default.

Parameters 
scheduler-policy-name—
Specify an existing scheduler policy name.
pir-rate—
Specify the pir-rate, in kilobits, to override the administrative PIR used by the scheduler. When the rate command is executed, a valid PIR setting must be explicitly defined. Fractional values are not allowed and must be given as a positive integer.
Values—
1 to 3200000000, max

 

cir-rate—
The cir parameter overrides the administrative CIR used by the scheduler. When the rate command is executed, a CIR setting is optional. The sum keyword specifies that the CIR be used as the summed CIR values of the children schedulers or queues. Fractional values are not allowed and must be given as a positive integer.
Values—
0 to 3200000000, sum, max

 

Default—
sum

scheduler

Syntax 
scheduler scheduler-name [create]
no scheduler scheduler-name
Context 
[Tree] (config>service>vpls>sap>egress>sched-override scheduler)
Full Contexts 
configure service vpls sap egress scheduler-override scheduler
Description 

This command overrides specific attributes of the specified scheduler name.

A scheduler defines a bandwidth control that limits each child (other schedulers, policers and queues) associated with the scheduler. Scheduler objects are created within the hierarchical tiers of the policy. It is assumed that each scheduler created has policers, queues or other schedulers defined as child associations. The scheduler can be a child which takes bandwidth from a scheduler in a higher tier. A total of 32 schedulers can be created within a single scheduler policy with no restriction on the distribution between the tiers.

Each scheduler must have a unique name within the context of the scheduler policy; however the same name can be reused in multiple scheduler policies. If scheduler-name already exists within the policy tier level (regardless of the inclusion of the keyword create), the context changes to that scheduler name for the purpose of editing the scheduler parameters. Modifications made to an existing scheduler are executed on all instantiated schedulers created through association with the policy of the edited scheduler. This can cause policers, queues or schedulers to become orphaned (invalid parent association) and adversely affect the ability of the system to enforce service level agreements (SLAs).

If the scheduler-name exists within the policy on a different tier (regardless of the inclusion of the keyword create), an error occurs and the current CLI context does not change.

If the scheduler-name does not exist in this or another tier within the scheduler policy, it is assumed that an attempt is being made to create a scheduler of that name. The success of the command execution is dependent on the following:

  1. The maximum number of schedulers has not been configured.
  2. The provided scheduler-name is valid.
  3. The create keyword is entered with the command if the system is configured to require it (enabled in the environment create command).

When the maximum number of schedulers has been exceeded on the policy, a configuration error occurs and the command does not execute, nor does the CLI context change.

If the provided scheduler-name is invalid according to the criteria below, a name syntax error occurs, the command does not execute, and the CLI context does not change.

The no form of this command removes the scheduler name from the configuration.

Parameters 
scheduler-name—
Specifies name of the scheduler
Values—
Valid names consist of any string up to 32 characters long composed of printable, 7-bit ASCII characters excluding double quotes. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

 

create—
This optional keyword explicitly specifies that it is acceptable to create a scheduler with the given scheduler-name. If the create keyword is omitted, scheduler-name is not created when the system environment variable create is set to true. This safeguard is meant to avoid accidental creation of system objects (such as schedulers) while attempting to edit an object with a mistyped name or ID. The keyword has no effect when the object already exists.

scheduler

Syntax 
scheduler scheduler-name [create]
no scheduler scheduler-name
Context 
[Tree] (config>port>ethernet>access>egr>qgrp>sched-override scheduler)
[Tree] (config>port>ethernet>access>ing>qgrp>sched-override scheduler)
Full Contexts 
configure port ethernet access egress queue-group scheduler-override scheduler
configure port ethernet access ingress queue-group scheduler-override scheduler
Description 

This command can be used to override specific attributes of the specified scheduler name. A scheduler defines bandwidth controls that limit each child (other schedulers and queues) associated with the scheduler. Scheduler objects are created within the hierarchical tiers of the policy. It is assumed that each scheduler created will have queues or other schedulers defined as child associations. The scheduler can be a child which takes bandwidth from a scheduler in a higher tier. A total of 32 schedulers can be created within a single scheduler policy with no restriction on the distribution between the tiers. The scheduler-name must exist in the applied scheduler policy.

The no form of this command removes the scheduler overrides for the specified scheduler and returns the scheduler’s parent weight and CIR weight, and its PIR and CIR to the values configured in the applied scheduler policy.

Parameters 
scheduler-name—
Specifies the name of the scheduler.
Values—
Valid names consist of any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

 

create —
Creates a new scheduler for this port.

scheduler

Syntax 
scheduler scheduler-name [create]
no scheduler scheduler-name
Context 
[Tree] (config>service>apipe>sap>egress>sched-override scheduler)
[Tree] (config>service>apipe>sap>ingress>sched-override scheduler)
[Tree] (config>service>cpipe>sap>egress>sched-override scheduler)
[Tree] (config>service>cpipe>sap>ingress>sched-override scheduler)
[Tree] (config>service>epipe>sap>egress>sched-override scheduler)
[Tree] (config>service>epipe>sap>ingress>sched-override scheduler)
[Tree] (config>service>fpipe>sap>egress>sched-override scheduler)
[Tree] (config>service>fpipe>sap>ingress>sched-override scheduler)
[Tree] (config>service>ipipe>sap>egress>sched-override scheduler)
[Tree] (config>service>ipipe>sap>ingress>sched-override scheduler)
Full Contexts 
configure service apipe sap egress scheduler-override scheduler
configure service apipe sap ingress scheduler-override scheduler
configure service cpipe sap egress scheduler-override scheduler
configure service cpipe sap ingress scheduler-override scheduler
configure service epipe sap egress scheduler-override scheduler
configure service epipe sap ingress scheduler-override scheduler
configure service fpipe sap egress scheduler-override scheduler
configure service fpipe sap ingress scheduler-override scheduler
configure service ipipe sap egress scheduler-override scheduler
configure service ipipe sap ingress scheduler-override scheduler
Description 

This command can be used to override specific attributes of the specified scheduler name. A scheduler defines bandwidth controls that limit each child (other schedulers, policers, and queues) associated with the scheduler. Scheduler objects are created within the hierarchical tiers of the policy. It is assumed that each scheduler created will have policers, queues or other schedulers defined as child associations. The scheduler can be a child which takes bandwidth from a scheduler in a higher tier. A total of 32 schedulers can be created within a single scheduler policy with no restriction on the distribution between the tiers.

Each scheduler must have a unique name within the context of the scheduler policy; however the same name can be reused in multiple scheduler policies. If scheduler-name already exists within the policy tier level (regardless of the inclusion of the keyword create), the context changes to that scheduler name for the purpose of editing the scheduler parameters. Modifications made to an existing scheduler are executed on all instantiated schedulers created through association with the policy of the edited scheduler. This can cause policers, queues, or schedulers to become orphaned (invalid parent association) and adversely affect the ability of the system to enforce service level agreements (SLAs).

If the scheduler-name exists within the policy on a different tier (regardless of the inclusion of the keyword create), an error occurs and the current CLI context will not change.

If the scheduler-name does not exist in this or another tier within the scheduler policy, it is assumed that an attempt is being made to create a scheduler of that name. The success of the command execution is dependent on the following:

  1. The maximum number of schedulers has not been configured.
  2. The provided scheduler-name is valid.
  3. The create keyword is entered with the command if the system is configured to require it (enabled in the environment create command).

When the maximum number of schedulers has been exceeded on the policy, a configuration error occurs and the command will not execute, nor will the CLI context change.

If the provided scheduler-name is invalid according to the following criteria, a name syntax error will occur, the command will not execute, and the CLI context will not change.

Parameters 
scheduler-name—
The name of the scheduler.
Values—
Valid names consist of any string up to 32 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

 

Default—
None. Each scheduler must be explicitly created.
create—
This optional keyword explicitly specifies that it is acceptable to create a scheduler with the given scheduler-name. If the create keyword is omitted, scheduler-name is not created when the system environment variable create is set to true. This safeguard is meant to avoid accidental creation of system objects (such as schedulers) while attempting to edit an object with a mistyped name or ID. The keyword has no effect when the object already exists.

scheduler

Syntax 
scheduler scheduler-name [create]
no scheduler scheduler-name
Context 
[Tree] (config>service>vprn>if>sap>egress>sched-override scheduler)
[Tree] (config>service>vprn>if>sap>ingress>sched-override scheduler)
Full Contexts 
configure service vprn interface sap egress scheduler-override scheduler
configure service vprn interface sap ingress scheduler-override scheduler
Description 

This command can be used to override specific attributes of the specified scheduler name.

A scheduler defines a bandwidth controls that limit each child (other schedulers, policers, and queues) associated with the scheduler. Scheduler objects are created within the hierarchical tiers of the policy. It is assumed that each scheduler created will have policers, queues, or other schedulers defined as child associations. The scheduler can be a child which takes bandwidth from a scheduler in a higher tier. A total of 32 schedulers can be created within a single scheduler policy with no restriction on the distribution between the tiers.

Each scheduler must have a unique name within the context of the scheduler policy; however the same name can be reused in multiple scheduler policies. If scheduler-name already exists within the policy tier level (regardless of the inclusion of the keyword create), the context changes to that scheduler name for the purpose of editing the scheduler parameters. Modifications made to an existing scheduler are executed on all instantiated schedulers created through association with the policy of the edited scheduler. This can cause queues or schedulers to become orphaned (invalid parent association) and adversely affect the ability of the system to enforce service level agreements (SLAs).

If the scheduler-name exists within the policy on a different tier (regardless of the inclusion of the keyword create), an error occurs and the current CLI context will not change.

If the scheduler-name does not exist in this or another tier within the scheduler policy, it is assumed that an attempt is being made to create a scheduler of that name. The success of the command execution is dependent on the following:

  1. The maximum number of schedulers has not been configured.
  2. The provided scheduler-name is valid.
  3. The create keyword is entered with the command if the system is configured to require it (enabled in the environment create command).

When the maximum number of schedulers has been exceeded on the policy, a configuration error occurs and the command will not execute, nor will the CLI context change.

If the provided scheduler-name is invalid according to the criteria below, a name syntax error will occur, the command will not execute, and the CLI context will not change.

Parameters 
scheduler-name—
Specifies the name of the scheduler.
Values—
Valid names consist of any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed between double quotes.

 

create—
Specifies that it is acceptable to create a scheduler with the given scheduler-name. If the create keyword is omitted, scheduler-name is not created when the system environment variable create is set to true. This safeguard is meant to avoid accidental creation of system objects (such as schedulers) while attempting to edit an object with a mistyped name or ID. The keyword has no effect when the object already exists.

scheduler

Syntax 
scheduler scheduler-name [create]
no scheduler scheduler-name
Context 
[Tree] (config>service>ies>if>sap>egress>sched-override scheduler)
[Tree] (config>service>ies>if>sap>ingress>sched-override scheduler)
Full Contexts 
configure service ies interface sap egress scheduler-override scheduler
configure service ies interface sap ingress scheduler-override scheduler
Description 

This command can be used to override specific attributes of the specified scheduler name.

A scheduler defines a bandwidth controls that limit each child (other schedulers, policers, and queues) associated with the scheduler. Scheduler objects are created within the hierarchical tiers of the policy. It is assumed that each scheduler created will have policers, queues, or other schedulers defined as child associations. The scheduler can be a child which takes bandwidth from a scheduler in a higher tier. A total of 32 schedulers can be created within a single scheduler policy with no restriction on the distribution between the tiers.

Each scheduler must have a unique name within the context of the scheduler policy; however the same name can be reused in multiple scheduler policies. If scheduler-name already exists within the policy tier level (regardless of the inclusion of the keyword create), the context changes to that scheduler name for the purpose of editing the scheduler parameters. Modifications made to an existing scheduler are executed on all instantiated schedulers created through association with the policy of the edited scheduler. This can cause queues or schedulers to become orphaned (invalid parent association) and adversely affect the ability of the system to enforce service level agreements (SLAs).

If the scheduler-name exists within the policy on a different tier (regardless of the inclusion of the keyword create), an error occurs and the current CLI context will not change.

If the scheduler-name does not exist in this or another tier within the scheduler policy, it is assumed that an attempt is being made to create a scheduler of that name. The success of the command execution is dependent on the following:

  1. The maximum number of schedulers has not been configured.
  2. The provided scheduler-name is valid.
  3. The create keyword is entered with the command if the system is configured to require it (enabled in the environment create command).

When the maximum number of schedulers has been exceeded on the policy, a configuration error occurs and the command will not execute, nor will the CLI context change.

If the provided scheduler-name is invalid according to the criteria below, a name syntax error will occur, the command will not execute, and the CLI context will not change.

Parameters 
scheduler-name—
The name of the scheduler.
Values—
Valid names consist of any string up to 32 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

 

Default—
None. Each scheduler must be explicitly created.
create—
This optional keyword explicitly specifies that it is acceptable to create a scheduler with the given scheduler-name. If the create keyword is omitted, scheduler-name is not created when the system environment variable create is set to true. This safeguard is meant to avoid accidental creation of system objects (such as schedulers) while attempting to edit an object with a mistyped name or ID. The keyword has no effect when the object already exists.

scheduler

Syntax 
scheduler scheduler-name [create]
no scheduler scheduler-name
Context 
[Tree] (config>qos>scheduler-policy>tier scheduler)
Full Contexts 
configure qos scheduler-policy tier scheduler
Description 

This command creates a new scheduler or edits an existing scheduler within the scheduler policy tier. A scheduler defines bandwidth controls that limit each child (other schedulers and queues) associated with the scheduler. Scheduler objects are created within the hierarchical tiers of the policy. It is assumed that each scheduler created will have queues or other schedulers defined as child associations. The scheduler can be a child which takes bandwidth from a scheduler in a higher tier. A total of 32 schedulers can be created within a single scheduler policy with no restriction on the distribution between the tiers.

Each scheduler must have a unique name within the context of the scheduler policy; however, the same name can be reused in multiple scheduler policies. If scheduler-name already exists within the policy tier level (regardless of the inclusion of the keyword create), the context changes to that scheduler name for the purpose of editing the scheduler parameters. Modifications made to an existing scheduler are executed on all instantiated schedulers created through association with the policy of the edited scheduler. This can cause queues or schedulers to become orphaned (invalid parent association) and adversely affect the ability of the system to enforce SLAs.

If the scheduler-name exists within the policy on a different tier (regardless of the inclusion of the keyword create), an error occurs and the current CLI context will not change.

If the scheduler-name does not exist in this or another tier within the scheduler policy, it is assumed that an attempt is being made to create a scheduler of that name. The success of the command execution is dependent on the following:

  1. The maximum number of schedulers has not been configured.
  2. The provided scheduler-name is valid.
  3. The create keyword is entered with the command if the system is configured to require it (enabled in the environment create command).

When the maximum number of schedulers has been exceeded on the policy, a configuration error occurs, the command will not execute, nor will the CLI context change.

If the provided scheduler-name is invalid according to the criteria below, a name syntax error will occur, the command will not execute, and the CLI context will not change.

Parameters 
scheduler-name—
Specifies the scheduler name.
Values—
Valid names consist of any string up to 32 characters, composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes.

 

create—
This optional keyword explicitly specifies that it is acceptable to create a scheduler with the given scheduler-name. If the create keyword is omitted, scheduler-name is not created when the system environment variable create is set to true. This safeguard is meant to avoid accidental creation of system objects (such as schedulers) while attempting to edit an object with a mistyped name or ID. The keyword has no effect when the object already exists.

scheduler

Syntax 
scheduler scheduler-name [create]
no scheduler scheduler-name
Context 
[Tree] (config>service>cust>multi-service-site>ingress>sched-override scheduler)
[Tree] (config>service>cust>multi-service-site>egress>sched-override scheduler)
Full Contexts 
configure service customer multi-service-site egress scheduler-override scheduler
configure service customer multi-service-site ingress scheduler-override scheduler
Description 

This command override specifics attributes of the specified scheduler name.

A scheduler defines bandwidth controls that limit each child (other schedulers, policers and queues) associated with the scheduler. Scheduler objects are created within the hierarchical tiers of the policy. It is assumed that each scheduler created will have policers, queues or other schedulers defined as child associations. The scheduler can be a child which takes bandwidth from a scheduler in a higher tier. A total of 32 schedulers can be created within a single scheduler policy with no restriction on the distribution between the tiers.

Each scheduler must have a unique name within the context of the scheduler policy; however the same name can be reused in multiple scheduler policies. If scheduler-name already exists within the policy tier level (regardless of the inclusion of the keyword create), the context changes to that scheduler name for the purpose of editing the scheduler parameters. Modifications made to an existing scheduler are executed on all instantiated schedulers created through association with the policy of the edited scheduler. This can cause policer, queues or schedulers to become orphaned (invalid parent association) and adversely affect the ability of the system to enforce service level agreements (SLAs).

If the scheduler-name exists within the policy on a different tier (regardless of the inclusion of the keyword create), an error occurs and the current CLI context will not change.

If the scheduler-name does not exist in this or another tier within the scheduler policy, it is assumed that an attempt is being made to create a scheduler of that name. The success of the command execution is dependent on the following:

  1. The maximum number of schedulers has not been configured.
  2. The provided scheduler-name is valid.
  3. The create keyword is entered with the command if the system is configured to require it (enabled in the environment create command).

When the maximum number of schedulers has been exceeded on the policy, a configuration error occurs and the command will not execute, nor will the CLI context change.

If the provided scheduler-name is invalid according to the criteria below, a name syntax error will occur, the command will not execute, and the CLI context will not change.

The no form of the command disables the scheduler override.

Parameters 
scheduler-name—
Specifies the name of the scheduler.
Values—
Valid names consist of any string up to 32 characters in length, composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

 

create
This optional keyword explicitly specifies that it is acceptable to create a scheduler with the given scheduler-name. If the create keyword is omitted, scheduler-name is not created when the system environment variable create is set to true. This safeguard is meant to avoid accidental creation of system objects (such as schedulers) while attempting to edit an object with a mistyped name or ID. The keyword has no effect when the object already exists.

23.41. scheduler-override

scheduler-override

Syntax 
[no] scheduler-override
Context 
[Tree] (config>service>vpls>sap>egress scheduler-override)
[Tree] (config>service>vpls>sap>ingress scheduler-override)
Full Contexts 
configure service vpls sap egress scheduler-override
configure service vpls sap ingress scheduler-override
Description 

This command enables the context to configure the set of attributes whose values have been overridden via management on this virtual scheduler. Clearing a given flag returns the corresponding overridden attribute to the value defined on the SAP's ingress scheduler policy.

The no form of this command removes scheduler parameters from the configuration.

scheduler-override

Syntax 
[no] scheduler-override
Context 
[Tree] (config>port>ethernet>access>egr>qgrp scheduler-override)
[Tree] (config>port>ethernet>access>ing>qgrp scheduler-override)
Full Contexts 
configure port ethernet access egress queue-group scheduler-override
configure port ethernet access ingress queue-group scheduler-override
Description 

This command specifies the set of attributes whose values have been overridden by management on this virtual scheduler. Clearing a given flag will return the corresponding overridden attribute to the value defined on the ingress or egress queue group template.

The no form of this command removes all of the scheduler overrides and returns the scheduler’s parent weight and CIR weight, and its PIR and CIR to the values configured in the applied scheduler policy.

scheduler-override

Syntax 
[no] scheduler-override
Context 
[Tree] (config>service>apipe>sap>egress scheduler-override)
[Tree] (config>service>apipe>sap>ingress scheduler-override)
[Tree] (config>service>cpipe>sap>egress scheduler-override)
[Tree] (config>service>cpipe>sap>ingress scheduler-override)
[Tree] (config>service>epipe>sap>egress scheduler-override)
[Tree] (config>service>epipe>sap>ingress scheduler-override)
[Tree] (config>service>fpipe>sap>egress scheduler-override)
[Tree] (config>service>fpipe>sap>ingress scheduler-override)
[Tree] (config>service>ipipe>sap>egress scheduler-override)
[Tree] (config>service>ipipe>sap>ingress scheduler-override)
Full Contexts 
configure service apipe sap egress scheduler-override
configure service apipe sap ingress scheduler-override
configure service cpipe sap egress scheduler-override
configure service cpipe sap ingress scheduler-override
configure service epipe sap egress scheduler-override
configure service epipe sap ingress scheduler-override
configure service fpipe sap egress scheduler-override
configure service fpipe sap ingress scheduler-override
configure service ipipe sap egress scheduler-override
configure service ipipe sap ingress scheduler-override
Description 

This command specifies the set of attributes whose values have been overridden by management on this virtual scheduler. Clearing a given flag will return the corresponding overridden attribute to the value defined on the SAP's ingress scheduler policy.

scheduler-override

Syntax 
[no] scheduler-override
Context 
[Tree] (config>service>ies>if>sap>egress scheduler-override)
[Tree] (config>service>ies>if>sap>ingress scheduler-override)
Full Contexts 
configure service ies interface sap egress scheduler-override
configure service ies interface sap ingress scheduler-override
Description 

This command specifies the set of attributes whose values have been overridden via management on this virtual scheduler. Clearing a given flag will return the corresponding overridden attribute to the value defined on the SAP's ingress scheduler policy.

scheduler-override

Syntax 
[no] scheduler-override
Context 
[Tree] (config>service>vprn>if>sap>egress scheduler-override)
[Tree] (config>service>vprn>if>sap>ingress scheduler-override)
Full Contexts 
configure service vprn interface sap egress scheduler-override
configure service vprn interface sap ingress scheduler-override
Description 

This command specifies the set of attributes whose values have been overridden via management on this virtual scheduler. Clearing a given flag will return the corresponding overridden attribute to the value defined on the SAP's ingress scheduler policy.

scheduler-override

Syntax 
[no] scheduler-override
Context 
[Tree] (config>service>cust>multi-service-site>ingress scheduler-override)
[Tree] (config>service>cust>multi-service-site>egress scheduler-override)
Full Contexts 
configure service customer multi-service-site egress scheduler-override
configure service customer multi-service-site ingress scheduler-override
Description 

This command specifies the set of attributes whose values have been overridden by management on this virtual scheduler. Clearing a given flag will return the corresponding overridden attribute to the value defined on the SAP's ingress and egress scheduler policy.

The no form of the command disables the override.

23.42. scheduler-parent

scheduler-parent

Syntax 
scheduler-parent scheduler-name [weight weight] [level level] [cir-weight cir-weight] [cir-level cir-level]
no scheduler-parent
Context 
[Tree] (config>qos>sap-egress>policer scheduler-parent)
Full Contexts 
configure qos sap-egress policer scheduler-parent
Description 

This command defines an optional parent scheduler that governs the available bandwidth given to a policer in addition to the policer's PIR setting. When multiple schedulers, queues, and/or policers share a child status with the parent scheduler, the weight or level parameters define how this policer contends with the other children for the parent's bandwidth. This command and the configuration of a SAP egress policer port-parent or parent arbiter are mutually exclusive.

Checks are not performed to see if a scheduler-name exists when the parent command is defined on the policer. Scheduler names are configured in the config>qos>scheduler-policy>tier context. Multiple schedulers can exist in different scheduler policies with the same scheduler-name; in this command, the associated scheduler-name pertains to a scheduler that should exist on the egress SAP as the policy is applied and the policer created. When the policer is created on the egress SAP, the existence of the scheduler-name is dependent on a scheduler policy containing the scheduler-name being directly applied or indirectly applied (through a multiservice customer site) to the egress SAP. If the scheduler-name does not exist, the policer is placed in the orphaned operational state. The policer will accept packets but will not be bandwidth-limited by a virtual scheduler or the scheduler hierarchy applied to the SAP. The SAP to which the policer belongs displays an orphan policer status with the SapEgressPolicerMismatch flag in the show service sap-using output. The orphaned state of the policer is automatically cleared when the scheduler-name becomes available on the egress SAP.

The parent scheduler can be made unavailable by the removal of a scheduler policy or scheduler. When an existing parent scheduler is removed or inoperative, the policer enters the orphaned state and automatically returns to normal operation when the parent scheduler is available again.

The no form of this command removes a child association with a parent scheduler. If a parent association does not currently exist, the command has no effect and no error message is returned. When a parent association has been removed, the former child policer attempts to operate based on its configured rate parameter.

Removing the parent association on the policer within the policy takes effect immediately on all policers using the SAP egress QoS policy.

Default 

no scheduler-parent

Parameters 
scheduler-name—
Scheduler names are configured in the config>qos>scheduler-policy>tier context. There are no checks performed at the time of definition to ensure that the scheduler-name exists within an existing scheduler policy. For the policer to use the defined scheduler-name, the scheduler must exist on each egress SAP that the policer is created on. If a scheduler-name does not exist on the egress SAP, the policer operates in an orphaned state.
Values—
Any string up to 32 characters, composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes.

 

Default—
None. Each parental association must be explicitly defined.
weight weight
Defines the relative weight of this policer in comparison with other child policers, queues, and schedulers when competing for bandwidth on the parent scheduler-name at the above-CIR priority level defined by the level parameter.

All weight values from all weighted active policers, queues, and schedulers with a common port parent are added together. Then, each individual active weight is divided by the total to determine the percentage of remaining bandwidth provided to the policer, queue, or scheduler after the higher priority level children have been serviced. A weight is considered to be active when the applicable policer, queue, or scheduler has not reached its maximum rate and still has packets to transmit. All child policers, queues, and schedulers with a weight of 0 are considered to have the lowest priority at the configured level and are not serviced until all non-zero weighted policers, queues, and schedulers at that level are operating at the maximum bandwidth or are idle.

Values—
0 to 100

 

Default—
1
level level
Defines the level of hierarchy when compared with other policers, queues, and schedulers when competing for bandwidth on the parent scheduler-name.

Children of the parent scheduler with a lower priority will not receive bandwidth until all children with a higher priority have either reached their maximum bandwidth or are idle. Children with the same level are serviced in relation to their relative weights.

Values—
1 to 8 (8 is the highest priority)

 

Default—
1
cir-weight cir-weight
Defines the relative weight of this policer in comparison with other child policers, queues, or schedulers competing for bandwidth on the parent scheduler-name at the within-CIR priority level defined by the cir-level parameter.

All cir-weight values from all weighted active policers, queues, and schedulers with a common parent are added together. Then, each individual active weight is divided by the total to determine the percentage of remaining bandwidth provided to the policer, queue, or scheduler after the higher priority level children have been serviced. A weight is considered to be active when the applicable policer, queue, or scheduler has not reached its maximum rate and still has packets to transmit.

The weight is specified as an integer value from 0 to 100 with 100 being the highest weight. When the cir-weight parameter is set to a value of 0, the policer receives bandwidth only after the other children with a non-zero weight at this level.

Values—
0 to 100

 

Default—
1
cir-level cir-level
Defines the level of hierarchy when compared with other policers, queues, and schedulers that the policer will use to receive bandwidth for its within-CIR offered load. If the cir-level parameter is set to a value of 0 (the default value), the policer does not receive bandwidth during the schedulers within-CIR pass and the cir-weight parameter is ignored. If the cir-level parameter is 1 or greater, the cir-weight parameter is used.
Values—
0 to 8 (8 is the highest priority)

 

Default—
0

23.43. scheduler-policy

scheduler-policy

Syntax 
scheduler-policy scheduler-name rate pir-rate [cir cir-rate]
no scheduler-policy
Context 
[Tree] (config>subscr-mgmt>sla-prof>egress scheduler-policy)
Full Contexts 
configure subscriber-mgmt sla-profile egress scheduler-policy
Description 

This command specifies a scheduler policy to associate to the sla profile. Scheduler policies are configured in the configure>qos>scheduler>policy context. Each scheduler policy is divided up into groups of schedulers based on the tier each scheduler is created under. A tier is used to give structure to the schedulers within a policy and define rules for parent scheduler associations. The policy defines the hierarchy and operating parameters for virtual schedulers.

The no form of this command removes the scheduler-policy-name from the configuration.

Parameters 
scheduler-policy-name —
Specifies an existing scheduler policy name up to 32 characters.

scheduler-policy

Syntax 
scheduler-policy scheduler-name rate pir-rate [cir cir-rate]
no scheduler-policy scheduler-name
Context 
[Tree] (config>subscr-mgmt>sla-prof>egress scheduler-policy)
Full Contexts 
configure subscriber-mgmt sla-profile egress scheduler-policy
Description 

This command provides a way to override parameters of the existing scheduler associated with the egress scheduler policy. A scheduler defines bandwidth controls that limit each child (other schedulers and queues) associated with the scheduler. Scheduler objects are created within the hierarchical tiers of the policy. It is assumed that each scheduler created will have queues or other schedulers defined as child associations. The scheduler can be a child (take bandwidth from a scheduler in a higher tier).

The no form of this command reverts to the default.

Parameters 
scheduler-name
Specify an existing scheduler policy name up to 32 characters.
pir-rate —
Specifies the PIR rate in kb/s. This parameter overrides the administrative PIR used by the scheduler. When the rate command is executed, a valid PIR setting must be explicitly defined. Fractional values are not allowed and must be given as a positive integer.
Values—
1 to 3200000000, max

 

cir-rate —
Specifies the CIR rate in kb/s. This parameter overrides the administrative CIR used by the scheduler. When the rate command is executed, a CIR setting is optional. The sum keyword specifies that the CIR be used as the summed CIR values of the children schedulers or queues. Fractional values are not allowed and must be given as a positive integer.
Values—
0 to 3200000000, sum, max

 

Default—
sum

scheduler-policy

Syntax 
scheduler-policy scheduler-policy-name
no scheduler-policy
Context 
[Tree] (config>subscr-mgmt>sub-profile>egress scheduler-policy)
[Tree] (config>subscr-mgmt>sub-profile>ingress scheduler-policy)
Full Contexts 
configure subscriber-mgmt sub-profile egress scheduler-policy
configure subscriber-mgmt sub-profile ingress scheduler-policy
Description 

This command specifies a scheduler policy to associate to the subscriber profile. Scheduler policies are configured in the configure>qos>scheduler>policy context. Each scheduler policy is divided up into groups of schedulers based on the tier each scheduler is created under. A tier is used to give structure to the schedulers within a policy and define rules for parent scheduler associations. The policy defines the hierarchy and operating parameters for virtual schedulers.

The no form of this command reverts to the default.

Parameters 
scheduler-policy-name—
Specify an existing scheduler policy name up to 32 characters.

scheduler-policy

Syntax 
scheduler-policy scheduler-policy-name
no scheduler-policy
Context 
[Tree] (config>service>ies>sub-if>grp-if>sap>egress scheduler-policy)
[Tree] (config>service>ies>sub-if>grp-if>sap>ingress scheduler-policy)
[Tree] (config>service>vprn>sub-if>grp-if>sap>egress scheduler-policy)
[Tree] (config>service>vprn>sub-if>grp-if>sap>ingress scheduler-policy)
[Tree] (config>service>ies>sap>egress scheduler-policy)
[Tree] (config>service>ies>sap>ingress scheduler-policy)
Full Contexts 
configure service ies sap egress scheduler-policy
configure service ies sap ingress scheduler-policy
configure service ies subscriber-interface group-interface sap egress scheduler-policy
configure service ies subscriber-interface group-interface sap ingress scheduler-policy
configure service vprn subscriber-interface group-interface sap egress scheduler-policy
configure service vprn subscriber-interface group-interface sap ingress scheduler-policy
Description 

This command applies an existing scheduler policy to an ingress or egress scheduler used by ingress SAP queues or egress SAP policers and queues associated with this multi-service customer site. The schedulers defined in the scheduler policy can only be created once the customer site has been appropriately assigned to a chassis port, channel or slot. Scheduler policies are defined in the config>qos>scheduler-policy scheduler-policy-name context.

The no form of this command removes the configured ingress or egress scheduler policy from the multi-service customer site. When the policy is removed, the schedulers created due to the policy are removed also making them unavailable for the SAP policers or queues associated with the customer site. Policers and queues that lose their parent scheduler association are deemed to be orphaned and are no longer subject to a virtual scheduler. The SAPs that have policers or queues reliant on the removed schedulers enter into an operational state depicting the orphaned status of one or more policers or queues. When the no form of this command executed, the customer site ingress or egress node will not contain an applied scheduler policy.

Parameters 
scheduler-policy-name:—
Specifies the scheduler policy name to apply to an existing scheduler policy that was created in the config>qos>scheduler-policy scheduler-policy-name context to create the hierarchy of ingress or egress virtual schedulers. The scheduler names defined within the policy are created and made available to any ingress queues or egress policers and queues created on associated SAPs.
Values—
Any existing valid scheduler policy name.

 

scheduler-policy

Syntax 
scheduler-policy scheduler-policy-name
no scheduler-policy
Context 
[Tree] (config>port>ethernet>access>egress>vport scheduler-policy)
[Tree] (config>port>sonet-sdh>path>access>egress>vport scheduler-policy)
Full Contexts 
configure port ethernet access egress vport scheduler-policy
configure port sonet-sdh path access egress vport scheduler-policy
Description 

This command specifies a scheduler policy to associate to the Vport. Scheduler policies are configured in the configure>qos>scheduler>policy context. Each scheduler policy is divided up into groups of schedulers based on the tier each scheduler is created under. A tier is used to give structure to the schedulers within a policy and define rules for parent scheduler associations. The policy defines the hierarchy and operating parameters for virtual schedulers.

The no form of this command removes the configured egress scheduler policy from the Vport.

The agg-rate rate, port-scheduler-policy and scheduler-policy commands are mutually exclusive. Changing between the use of a scheduler policy and the use of an agg-rate/port-scheduler-policy involves removing the existing command and applying the new command.

The configuration of a scheduler policy under a Vport is mutually exclusive with the configuration of the egress-rate-modify parameter.

The no form of this command reverts to the default.

Parameters 
scheduler-policy-name—
Specifies the scheduler-policy-name parameter applies an existing scheduler policy that was created in the config>qos>scheduler-policy scheduler-policy-name context to create the hierarchy of egress virtual schedulers.

scheduler-policy

Syntax 
scheduler-policy scheduler-policy-name
no scheduler-policy
Context 
[Tree] (config>service>vpls>sap>ingress scheduler-policy)
[Tree] (config>service>vpls>sap>egress scheduler-policy)
[Tree] (config>service>ies>if>sap>egress scheduler-policy)
[Tree] (config>service>ies>if>sap>ingress scheduler-policy)
[Tree] (config>service>vprn>if>sap>egress scheduler-policy)
[Tree] (config>service>vprn>if>sap>ingress scheduler-policy)
Full Contexts 
configure service ies interface sap egress scheduler-policy
configure service ies interface sap ingress scheduler-policy
configure service vpls sap egress scheduler-policy
configure service vpls sap ingress scheduler-policy
configure service vprn interface sap egress scheduler-policy
configure service vprn interface sap ingress scheduler-policy
Description 

This command applies an existing scheduler policy to an ingress or egress scheduler used by SAP queues associated with this multi-service customer site. The schedulers defined in the scheduler policy can only be created once the customer site has been appropriately assigned to a chassis port, channel or slot. Scheduler policies are defined in the config>qos>scheduler-policy scheduler-policy-name context.

The no form of this command removes the configured ingress or egress scheduler policy from the multi-service customer site. When the policy is removed, the schedulers created due to the policy are removed also making them unavailable for the ingress SAP queues and egress SAP policers and queues associated with the customer site. Policers and queues that lose their parent scheduler association are deemed to be orphaned and are no longer subject to a virtual scheduler. The SAPs that have policers or queues reliant on the removed schedulers enter into an operational state depicting the orphaned status of one or more policers or queues. When the no scheduler-policy command is executed, the customer site’s ingress or egress node will not contain an applied scheduler policy.

Parameters 
scheduler-policy-name—
Specifies that the scheduler-policy-name is applied to an existing scheduler policy that was created in the config>qos>scheduler-policy scheduler-policy-name context to create the hierarchy of ingress or egress virtual schedulers. The scheduler names defined within the policy are created and made available to any ingress or egress queues created on associated SAPs.
Values—
Any existing valid scheduler policy name.

 

scheduler-policy

Syntax 
scheduler-policy scheduler-policy-name
no scheduler-policy
Context 
[Tree] (config>service>ies>sub-if>grp-if>wlan-gw>egress scheduler-policy)
Full Contexts 
configure service ies subscriber-interface group-interface wlan-gw egress scheduler-policy
Description 

This command configures the identifier of the egress scheduler policy associated with each wlan-gw tunnel of this interface.

The no form of this command removes the scheduler policy name from the configuration.

Parameters 
scheduler-policy-name—
Specifies the identifier of the egress scheduler policy associated with each wlan-gw tunnel of this interface.

scheduler-policy

Syntax 
scheduler-policy scheduler-policy-name
no scheduler-policy
Context 
[Tree] (config>port>ethernet>egress>queue-group scheduler-policy)
[Tree] (config>port>ethernet>ingress>queue-group scheduler-policy)
[Tree] (config>port>ethernet>network>egress>queue-group scheduler-policy)
Full Contexts 
configure port ethernet egress queue-group scheduler-policy
configure port ethernet ingress queue-group scheduler-policy
configure port ethernet network egress queue-group scheduler-policy
Description 

This command configures a scheduler policy for the egress queue group.

Parameters 
scheduler-policy-name—
Specifies the scheduler policy name, up to 32 characters.

scheduler-policy

Syntax 
scheduler-policy scheduler-policy-name
no scheduler-policy
Context 
[Tree] (config>service>apipe>sap>ingress scheduler-policy)
[Tree] (config>service>apipe>sap>egress scheduler-policy)
[Tree] (config>service>cpipe>sap>ingress scheduler-policy)
[Tree] (config>service>cpipe>sap>egress scheduler-policy)
[Tree] (config>service>epipe>sap>ingress scheduler-policy)
[Tree] (config>service>epipe>sap>egress scheduler-policy)
[Tree] (config>service>fpipe>sap>ingress scheduler-policy)
[Tree] (config>service>fpipe>sap>egress scheduler-policy)
[Tree] (config>service>ipipe>sap>ingress scheduler-policy)
[Tree] (config>service>ipipe>sap>egress scheduler-policy)
Full Contexts 
configure service apipe sap egress scheduler-policy
configure service apipe sap ingress scheduler-policy
configure service cpipe sap egress scheduler-policy
configure service cpipe sap ingress scheduler-policy
configure service epipe sap egress scheduler-policy
configure service epipe sap ingress scheduler-policy
configure service fpipe sap egress scheduler-policy
configure service fpipe sap ingress scheduler-policy
configure service ipipe sap egress scheduler-policy
configure service ipipe sap ingress scheduler-policy
Description 

This command applies an existing scheduler policy to an ingress or egress scheduler used by SAP queues associated with this multi-service customer site. The schedulers defined in the scheduler policy can only be created when the customer site has been appropriately assigned to a chassis port, channel or slot. Scheduler policies are defined in the config>qos>scheduler-policy scheduler-policy-name context.

The no form of this command removes the configured ingress or egress scheduler policy from the multi-service customer site. When the policy is removed, the schedulers created due to the policy are removed also making them unavailable for the ingress SAP queues associated with the customer site. Policers or queues that lose their parent scheduler association are deemed to be orphaned and are no longer subject to a virtual scheduler. The SAPs that have policers or queues reliant on the removed schedulers enter into an operational state depicting the orphaned status of one or more policers or queues. When the no scheduler-policy command is executed, the customer site ingress or egress node will not contain an applied scheduler policy.

Parameters 
scheduler-policy-name—
The scheduler-policy-name parameter applies an existing scheduler policy that was created in the config>qos>scheduler-policy scheduler-policy-name context to create the hierarchy of ingress or egress virtual schedulers. The scheduler names defined within the policy are created and made available to any ingress or egress queues and to egress policers managed by HQoS created on associated SAPs.

scheduler-policy

Syntax 
scheduler-policy scheduler-policy-name
no scheduler-policy
Context 
[Tree] (config>service>vpls>sap>egress>encap-defined-qos>encap-group scheduler-policy)
Full Contexts 
configure service vpls sap egress encap-defined-qos encap-group scheduler-policy
Description 

This command configures the scheduler policy.

scheduler-policy

Syntax 
scheduler-policy scheduler-policy-name [create]
no scheduler-policy scheduler-policy-name
Context 
[Tree] (config>qos scheduler-policy)
Full Contexts 
configure qos scheduler-policy
Description 

Each scheduler policy is divided up into groups of schedulers based on the tier each scheduler is created under. A tier is used to give structure to the schedulers within a policy and define rules for parent scheduler associations.

The scheduler-policy command creates a scheduler policy or allows editing of an existing policy. The policy defines the hierarchy and operating parameters for virtual schedulers. Creating a policy does not create the schedulers; it only provides a template for the schedulers to be created when the policy is associated with a SAP or multiservice site.

Each scheduler policy must have a unique name within the context of the system. Modifications made to an existing policy are executed on all schedulers that use the policy. This can cause queues or schedulers to become orphaned (invalid parent association) and adversely affect the ability of the system to enforce SLAs.

If a scheduler-policy-name does not exist, it is assumed that an attempt is being made to create a new policy. The success of the command execution is dependent on the following:

  1. The maximum number of scheduler policies has not been configured.
  2. The provided scheduler-policy-name is valid.
  3. The create keyword is entered with the command if the system is configured to require it (enabled in the environment create command).

When the maximum number of scheduler policies has been exceeded, a configuration error occurs, the command will not execute, and the CLI context will not change.

If the provided scheduler-policy-name is invalid according to the criteria below, a name syntax error occurs, the command will not execute, and the CLI context will not change.

Parameters 
scheduler-policy-name—
The name of the scheduler policy.
Values—
Valid names consist of any string up to 32 characters, composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes.

 

scheduler-policy

Syntax 
scheduler-policy scheduler-policy-name
no scheduler-policy
Context 
[Tree] (config>service>cust>multi-service-site>ingress scheduler-policy)
[Tree] (config>service>cust>multi-service-site>egress scheduler-policy)
Full Contexts 
configure service customer multi-service-site egress scheduler-policy
configure service customer multi-service-site ingress scheduler-policy
Description 

This command applies an existing scheduler policy to an ingress or egress scheduler used by SAP queues or, at egress only, policers associated with this multi-service customer site. The schedulers defined in the scheduler policy can only be created once the customer site has been appropriately assigned to a chassis port, channel or slot. Scheduler policies are defined in the config>qos>scheduler-policy scheduler-policy-name context.

The no form of this command removes the configured ingress or egress scheduler policy from the multi-service customer site. When the policy is removed, the schedulers created due to the policy are removed also making them unavailable for the SAP policers and queues associated with the customer site. Policers and queues that lose their parent scheduler association are deemed to be orphaned and are no longer subject to a virtual scheduler.

The SAPs that have ingress queues reliant on the removed schedulers enter into an operational state depicting the orphaned status of one or more policers and queues. When the no scheduler-policy command is executed, the customer site ingress or egress node will not contain an applied scheduler policy.

Parameters 
scheduler-policy-name—
Applies an existing scheduler policy that was created in the config>qos>scheduler-policy scheduler-policy-name context to create the hierarchy of ingress or egress virtual schedulers. The scheduler names defined within the policy are created and made available to any ingress or egress queues and egress policers managed by HQoS created on associated SAPs.
Values—
Any existing valid scheduler policy name up to 32 characters in length.

 

scheduler-policy

Syntax 
scheduler-policy src-name dst-name [overwrite]
Context 
[Tree] (config>qos>copy scheduler-policy)
Full Contexts 
configure qos copy scheduler-policy
Description 

This command copies existing QoS policy entries for a QoS policy to another QoS policy.

The copy command is a configuration-level maintenance tool used to create new policies using existing policies. It also allows bulk modifications to an existing policy with the use of the overwrite keyword.

If overwrite is not specified, an error will occur if the destination policy exists.

Parameters 
src-name dst-name —
Indicates that the source policy and the destination policy are scheduler policy. Specify the source policy that the copy command will attempt to copy from and specify the destination policy to which the command will copy a duplicate of the policy.
overwrite—
Forces the destination policy name to be copied as specified. When forced, everything in the existing destination policy will be completely overwritten with the contents of the source policy.

23.44. scheduler-stats

scheduler-stats

Syntax 
scheduler-stats
Context 
[Tree] (monitor>qos scheduler-stats)
Full Contexts 
monitor qos scheduler-stats
Description 

This command enables the context to configure monitor commands for scheduler statistics.

23.45. scheduling-class

scheduling-class

Syntax 
scheduling-class class rate rate
scheduling-class class weight weight-in-group
no scheduling-class class
Context 
[Tree] (config>port>ethernet>hsmda-scheduler-overrides scheduling-class)
Full Contexts 
configure port ethernet hsmda-scheduler-overrides scheduling-class
Description 

This command overrides the maximum rate allowed for a scheduling class or the weight of the class within a weighted scheduling group. The scheduling-class override cannot be used to change scheduling class weighted group membership; weighted group membership may only be defined within the HSMDA scheduling policy.

Scheduling classes correspond directly to the queue-IDs used by every queue on an HSMDA. All queues with an ID of 1 associated with the scheduler are members of scheduling class 1 on the scheduler. Queues with an ID of 2 are members of scheduling class 2. This is true through scheduling class 8.

When the scheduling class is not a member of a weighted group, the scheduling-class command may be used to modify the maximum rate allowed for the scheduling class. This is done using the rate parameter followed by either the max keyword or an actual rate defined as megabits-per-second. Use the rate max combination to locally remove a rate limit defined for the class on the scheduling policy. When the rate megabits-per-second combination is used, the scheduling class defined as class-id is rate limited to the specified rate. Either the max keyword or a value for megabits-per-second must follow the rate keyword.

The rate keyword is mutually exclusive with the weight keyword. The weight keyword may only be specified when class-id is a member of a weighted scheduling group. When the weight keyword is specified, a weight value specified as weight must follow. The new weight locally overrides the weight defined for the scheduling class in the HSMDA scheduling policy.

When the scheduling-class command is executed, either the rate or weight keyword must follow.

When a scheduling class has a local rate override, the HSMDA policy associated with the override cannot move the scheduling class into a weighted scheduling group. Similarly, when a scheduling class has a local weight override, the HSMDA policy associated with the override cannot define a rate (neither max nor a megabit-per-second value) for the scheduling class. The local overrides of the scheduling class must be removed before these changes may be made.

The no form of this command removes the local overrides for the scheduling class. Once removed, the defined behavior for the scheduling class within the HSMDA scheduling policy will used.

Parameters 
class—
Identifies the scheduling class to be being overridden.
Values—
1 to 8

 

rate—
Overrides the HSMDA scheduler policies maximum rate for the scheduling class and requires either the max keyword or a rate defined in megabits-per-second. In order for the rate keyword to be specified, the scheduling class cannot be a member of a weighted scheduling group as defined on the HSMDA scheduling policy. The rate keyword is mutually exclusive with the weight keyword. Also, either the rate or weight keyword must be specified.

The max keyword removes any existing rate limit imposed by the HSMDA scheduler policy for the scheduling class allowing it to use as much total bandwidth as possible.

Values—
1 to 100000, max (Mb/s)

 

weight-in-group
Overrides the weighted scheduler group weight for the scheduling class as defined in the HSMDA scheduler policy. In order for the weight keyword to be specified, the scheduling class must be a member of a weighted scheduling group as defined on the HSMDA scheduling policy. A value represented by group-weight must follow the weight keyword. The new weight will be used to determine the bandwidth distribution for member scheduling classes within the group of which the scheduling class is a member.
Values—
1 to 100

 

scheduling-class

Syntax 
scheduling-class class rate rate
scheduling-class class weight weight-in-group
no scheduling-class class
Context 
[Tree] (config>port>ethernet>egress>hs-sched-ovr scheduling-class)
Full Contexts 
configure port ethernet egress hs-scheduler-overrides scheduling-class
Description 

This command overrides the scheduling class configuration in the HS scheduler policy applied to the port egress. The scheduling class rate or weight within the WRR group can be overridden.

The no form of this command removes the scheduling class override parameters from the port egress configuration.

Parameters 
class—
Specifies the scheduling class.
Values—
1 to 6

 

rate—
Specifies the explicit maximum frame based bandwidth limit, in megabits per second, for this HS scheduler policy scheduling class. The rate keyword must be followed by either the keyword max or a rate specified in megabits per second.
Values—
1 to 100000, max
The max keyword specifies that a limit is not enforced for the specified class. The max keyword is mutually exclusive to the rate value and when specified, must directly follow the rate keyword. Setting the rate of the class will fail when the class is currently a member of a group.

 

weight-in-group—
Specifies the weight the HS scheduler policy should apply to this scheduling class within the group in which it belongs. The weight-in-group parameter must follow the weight keyword and is used to specify the relative weight of class to the other scheduling classes within the group. Setting the weight will fail if the scheduling class is not currently configured in a group.
Values—
1 to 127

 

scheduling-class

Syntax 
scheduling-class class-id
Context 
[Tree] (config>service>apipe>sap>frame-relay scheduling-class)
[Tree] (config>service>epipe>sap>frame-relay scheduling-class)
[Tree] (config>service>fpipe>sap>frame-relay scheduling-class)
[Tree] (config>service>ipipe>sap>frame-relay scheduling-class)
Full Contexts 
configure service apipe sap frame-relay scheduling-class
configure service epipe sap frame-relay scheduling-class
configure service fpipe sap frame-relay scheduling-class
configure service ipipe sap frame-relay scheduling-class
Description 

This command specifies the scheduling class to use for this SAP.

Parameters 
class-id—
Specifies the scheduling class to use for this SAP.
Values—
0 to 3

 

Default—
0

scheduling-class

Syntax 
scheduling-class class-id
no scheduling-class
Context 
[Tree] (config>service>vpls>sap>frame-relay scheduling-class)
Full Contexts 
configure service vpls sap frame-relay scheduling-class
Description 

This command specifies the scheduling class to use for this SAP. This object is only applicable for a SAP whose bundle type is set to MLFR.

Parameters 
class-id—
Specifies the scheduling class
Values—
0 to 3

 

scheduling-class

Syntax 
scheduling-class class-id
no scheduling-class
Context 
[Tree] (config>service>ies>if>sap>frame-relay scheduling-class)
[Tree] (config>service>vprn>if>sap>frame-relay scheduling-class)
Full Contexts 
configure service ies interface sap frame-relay scheduling-class
configure service vprn interface sap frame-relay scheduling-class
Description 

This command assigns a Frame Relay scheduling class for a Frame Relay SAP. The scheduling class dictates which queue the frame or frame fragments are stored in FRF.12 end-to-end fragmentation, FRF.12 UNI/NNI link fragmentation and MLFR applications.

Default 

scheduling-class 3

Parameters 
class-id—
Specifies the Frame Relay scheduling class number.
Values—
0 to 3

 

scheduling-class

Syntax 
scheduling-class class-id
no scheduling-class
Context 
[Tree] (config>service>vprn>if>sap scheduling-class)
Full Contexts 
configure service vprn interface sap scheduling-class
Description 

This command specifies the scheduling class to use for this SAP.

Parameters 
class-id—
Specifies the scheduling class to use for this SAP.
Values—
0 to 3

 

Default—
0

scheduling-class

Syntax 
scheduling-class class group group-id [weight weight-in-group]
scheduling-class class rate rate [burst-limit size] [bytes |kilobytes]
no scheduling-class class
Context 
[Tree] (config>qos>hsmda-scheduler-policy scheduling-class)
Full Contexts 
configure qos hsmda-scheduler-policy scheduling-class
Description 

This command configures the behavior of a specific scheduling class on all HSMDA schedulers associated with the policy. The scheduling-class command performs one of two operations: configure a maximum rate for the scheduling class or place the scheduling class into one of the two available weighted scheduling groups. The two operations are mutually exclusive.

By default, none of the scheduling classes are members of either weighted scheduling group and each class is set to a rate limit of max (meaning that no rate limit is applied).

Specifying Scheduling Class Rate (or Removing Class from Group)

If the scheduling-class command is executed with the rate keyword specified, either max or a specified megabits-per-second rate must follow. If class-id had previously been mapped into one of the two weighted scheduling groups, the class will be removed. However, if removing the class from the group will cause the group to no longer have contiguous class members, the command will fail with no effect on the specified class. A non-contiguous grouping error will be returned, specifying the weighted group. The lowest or highest members within a weighted group must be removed prior to removing the middle member. For example, if scheduling classes 3, 4, and 5 were members of weighted group 1, class 4 cannot be removed first.

The scheduling-class command using the rate keyword will also fail in the event that an override for the group weight is in place on the scheduling class within a scheduler associated with the policy. The override command is expecting the class to be associated with a weighted scheduling group and the policy rate definition is attempting to remove the class from the group. An override mismatch error will be generated, specifying the scheduling object where the override exists (SAP, subscriber, or ingress HSMDA).

When a rate has been successfully defined for a scheduling class, the specified rate is automatically updated on all HSMDA scheduler instances associated with the scheduling policy. The exception is where the scheduler instance has a local override for the rate on the scheduling class.

Specifying Scheduling Class Weighted Group Membership

If the scheduling-class command is executed with the group keyword specified, group-id must follow. Two weighted scheduling groups are allowed, numbered 1 and 2. Along with the group, the weight keyword is used to specify the weight the scheduling class within the group. If weight is not specified, the default weight of 1 will be used. Similar to the rate action of the command, the group version will fail if the scheduling class ID is not consecutive with the class members that are currently members of the weighted scheduling group. The command will have no effect on the current scheduling class settings and a non-contiguous grouping error will be returned, specifying the weighted scheduling group and the current group members.

The scheduling-class command will also fail using the group keyword when a rate override for the scheduling class exists on an HSMDA scheduler instance associated with the policy. The rate override for the scheduling class indicates the class is directly attached to a strict priority level, conflicting with the policy group keyword trying to place the class in the specified group. The command will fail without effecting the scheduling class definition on the policy and return an override-mismatch error specifying the scheduling object where the override exists.

The configured priority level rate limits may be overridden at the egress port or channel using the egress-scheduler-override level priority-level command. When a scheduler instance has an override defined for a priority level, both the rate and cir values are overridden even when one of them is not explicitly expressed in the override command. For instance, if the cir kilobits-per-second portion of the override is not expressed, the scheduler instance defaults to not having a CIR rate limit for the priority level even when the port scheduler policy has an explicit CIR limit defined.

Other Override Constraints

The scheduling overrides cannot change or remove a scheduling class from a policy-defined weighted group membership.

The no form of this command returns the scheduling class represented by class-id to the default behavior. The default behavior for a scheduling class is to not be a member of either weighted scheduling class groups and have a rate set to max. The no form of this command will fail if the scheduling class is currently a member of one of the weighted scheduling class groups and a weight override is in effect on a scheduling object for the class. An override mismatch error will be returned, specifying the scheduling object where the override exists.

Parameters 
class—
specifies the weight the HSMDA port scheduler policy should apply to this policy level within the group it belongs to.
Values—
1 to 8

 

group-id—
If the scheduling-class command is executed with the group keyword specified, a group-id must be specified. Two weighted scheduling groups are allowed, numbered 1 and 2. With the group, the weight keyword specifies the weight the scheduling class within the group. If weight is not specified, the default weight is 1. Similar to the rate action of the command, the group version will fail if the scheduling class ID is not consecutive with the class members currently members of the weighted scheduling group. The command will have no effect on the current scheduling class settings and a non-contiguous grouping error will be returned, specifying the weighted scheduling group and the current group members.

The scheduling-class command will also fail using the group keyword when a rate override for the scheduling class exists on an HSMDA scheduler instance associated with the policy. The rate override for the scheduling class indicates the class is directly attached to a strict priority level, conflicting with the policy group keyword trying to place the class in the specified group. The command will fail without effecting the scheduling class definition on the policy and return an override-mismatch error specifying the scheduling object where the override exists.

The configured priority level rate limits can be overridden at the egress port or channel using the egress-scheduler-override level priority-level command. When a scheduler instance has an override defined for a priority level, both the rate and cir values are overridden even when one of them is not explicitly expressed in the override command. For instance, if the CIR kilobits-per-second portion of the override is not expressed, the scheduler instance defaults to not having a CIR rate limit for the priority level even when the port scheduler policy has an explicit CIR limit defined.

Values—
1, 2

 

weight-in-group—
Specifies the relative weight of class-id to the other scheduling classes within the group. If group is specified without the weight keyword, a default weight is 1.
Values—
1 to 100

 

rate—
If the scheduling-class command is executed with the rate keyword specified, either max or a specified megabits-per-second rate must follow. If class-id was previously mapped into one of the two weighted scheduling groups, the class will be removed. However, if removing the class from the group will cause the group to no longer have contiguous class members, the command will fail with no effect on the specified class. A non-contiguous grouping error will be returned, specifying the weighted group. The lowest or highest members within a weighted group must be removed prior to removing the middle member. For example, if scheduling classes 3, 4 and 5 were members of weighted group 1, class 4 cannot be removed first.

The scheduling-class command using the rate keyword will also fail in the event that an override for the group weight is in place on the scheduling class within a scheduler associated with the policy. The override command is expecting the class to be associated with a weighted scheduling group and the policy rate definition is attempting to remove the class from the group. An override mismatch error will be generated, specifying the scheduling object where the override exists (such as a SAP, subscriber, or ingress HSMDA).

When a rate has been successfully defined for a scheduling class, the specified rate is automatically updated on all HSMDA scheduler instances associated with the scheduling policy. The exception is where the scheduler instance has a local override for the rate on the scheduling class.

The max keyword specifies that a limit is not enforced for the specified class-id and that the class-id is not a member of a weighted scheduling class group. The max keyword is mutually exclusive to the kilobits-per-second parameter and when specified, must directly follow the rate keyword. Setting the rate of the class to max will fail when the class currently has a group weight override defined on a scheduling object (SAP, subscriber profile, or ingress HSMDA).

Values—
1 to 40000000, max

 

scheduling-class

Syntax 
scheduling-class class-id group group-id [weight weight-in-group]
scheduling-class class-id rate rate
no scheduling-class class-id
Context 
[Tree] (config>qos>hs-scheduler-policy scheduling-class)
Full Contexts 
configure qos hs-scheduler-policy scheduling-class
Description 

This command configures the behavior of a specific scheduling class on all HSQ schedulers associated with the policy. The scheduler-class command performs one of two operations: it configures a maximum rate for the scheduling class or places the scheduling class into the weighted scheduling group. The two operations are mutually exclusive.

By default, none of the scheduling classes are members of the weighted scheduling group and each class is set to a rate limit of max (no rate limit applied).

Specifying Scheduling Class Rate (or Removing the Scheduling Class from Group) — If the scheduling-class command is executed with the rate keyword specified, either max or a specified rate value must follow. If a class-id was previously mapped into the weighted scheduling group, the class is removed from the group. However, if removing the class from the group causes the group to no longer have contiguous class members, the command fails with no effect on the specified class. A “non-contiguous grouping error” is returned. The lowest or highest members within a weighted group must be removed prior to removing the middle members. For example, if scheduling classes 3, 4, and 5 were members of weighted group 1, class 4 cannot be removed first.

This command using the rate keyword also fails when an override for the group weight is in place on the scheduling class within a scheduler associated with the policy. The override expects the class to be associated with a weighted scheduling group and the policy rate definition is attempting to remove the class from the group. An “override mismatch” error is generated, specifying the scheduling object where the override exists.

After a rate has been successfully defined for a scheduling class, the specified rate is automatically updated on all HSQ scheduler instances associated with the scheduling policy. The exception is where the scheduler instance has a local override for the rate on the scheduling class.

Specifying Scheduling Class Weighted Group Membership — If the scheduling-class command is executed with the group keyword specified, the group ID value of 1 must follow. The corresponding optional weight keyword is used to specify the weight of the scheduling class within the group. If weight is not specified, the default weight of 1 is used. If the specified scheduling class is not contiguous with the other scheduling classes in the group, the command fails with no change to the current state of the scheduling class and a “non-contiguous grouping” error is returned, specifying the weighted scheduling group and the current group members.

The scheduling-class command fails using the group keyword when a rate override for the scheduling class exists on an HSQ scheduler instance associated with the policy. The rate override for the scheduling class indicates the class is directly attached to a strict priority level, conflicting with the policy group keyword trying to place the class in the specified group. The command fails without affecting the scheduling class definition on the policy and returns an error specifying the scheduling object where the override exists.

Other Override Constraints — The scheduling overrides cannot change or remove a scheduling class from a policy-defined weighted group membership.

The no form of the command returns the scheduling class represented by class-id to the default behavior. The default behavior for a scheduling class is to not be a member of the weighted scheduling class group and have a rate set to max. The no scheduling-class command fails if the scheduling class is currently a member of the weighted scheduling class group and a weight override is in effect on a scheduling object for the class, in which case an error is returned.

Parameters 
class-id—
Specifies the scheduling class for HS scheduler policy. The class-id value is a required parameter that specifies which scheduling class the scheduling-class command is acting upon.
Values—
1 to 6

 

group-id—
Specifies the group this HS scheduler policy scheduling class belongs to. The group and the rate keywords are mutually exclusive when executing this command. A group ID value of 1 must follow the group keyword. The group keyword removes the class ID from its inherent strict scheduling level and places it into the specified group ID. The associated weight parameter is optional and is used to specify the weight of a class ID within the weighted scheduling class group. Specifying the group parameter while an override for the scheduling class exists for rate causes the scheduling-class command to fail.
Values—
1

 

weight-in-group—
Specifies the weight the HS scheduler policy should apply to this scheduling class within the group in which it belongs. This keyword is optional and must follow the group parameter when specified. The weight-in-group parameter must follow the weight keyword and is used to specify the relative weight of the class-id to the other scheduling classes within the group. If the group is specified without the weight parameter, a default weight of 1 is used.
Values—
1 to 127

 

rate—
Specifies the explicit maximum frame-based bandwidth limit, in megabits per second, for this HS scheduler policy scheduling class. The rate and group keywords are mutually exclusive. Either the rate or group keyword must be specified when executing this command. When specified, the rate keyword must be followed by either the keyword max or a rate specified in megabits per second. The specified rate can be overridden at the port Ethernet egress using the scheduler override functions. A newly-created HS scheduler policy defaults each scheduling class to have its rate set to max and the weighted scheduling class group has no members.
Values—
1 to 100000, max
The max keyword specifies that a limit is not enforced for the specified class ID and that the class ID is not a member of a weighted scheduling class group. The max keyword and the rate value are mutually exclusive; when max is specified, it must directly follow the rate keyword. Setting the rate of the class fails when the class currently has a group weight override defined on a scheduling object.

 

23.46. schema-path

schema-path

Syntax 
schema-path url-string
no schema-path
Context 
[Tree] (config>system>management-interface schema-path)
Full Contexts 
configure system management-interface schema-path
Description 

This command defines a schema path where the SR OS YANG modules can be manually copied by the user prior to using a <get-schema> request.

By default, no schema path is configured, and the software upgrade process manages the YANG schema files to ensure they are synchronized with the software image on both the primary and standby CPM.

The no form of this command reverts to the default value.

Default 

no schema-path

Parameters 
url-string—
Specifies the schema path URL up to 180 characters. However, Nokia recommends that the string shall not exceed 135 characters to ensure that the <get-schema> request works properly with all schema files.

23.47. scope

scope

Syntax 
scope {exclusive |template}
no scope
Context 
[Tree] (config>service>mrp>mrp-policy scope)
Full Contexts 
configure service mrp mrp-policy scope
Description 

This command configures the filter policy scope as exclusive or template. If the scope of the policy is template and is applied to one or more services, the scope cannot be changed.

The no form of this command sets the scope of the policy to the default of template.

Default 

scope template

Parameters 
exclusive—
When the scope of a policy is defined as exclusive, the policy can only be applied to a single entity (SAP or SDP). Attempting to assign the policy to a second entity will result in an error message. If the policy is removed from the entity, it will become available for assignment to another entity.
template—
When the scope of a policy is defined as template, the policy can be applied to multiple SAPs or network ports.

scope

Syntax 
scope {exclusive |template}
no scope
Context 
[Tree] (config>qos>sap-ingress scope)
Full Contexts 
configure qos sap-ingress scope
Description 

This command configures the Service Ingress QoS policy scope as exclusive or template.

The policy’s scope cannot be changed if the policy is applied to a service.

The no form of this command sets the scope of the policy to the default of template.

Default 

scope template

Parameters 
exclusive—
When the scope of a policy is defined as exclusive, the policy can only be applied to one SAP. If a policy with an exclusive scope is assigned to a second SAP, an error message is generated. If the policy is removed from the exclusive SAP, it will become available for assignment to another exclusive SAP.

The system default policies cannot be put into the exclusive scope. An error will be generated if scope exclusive is executed in any policies with a policy-id equal to 1.

template—
When the scope of a policy is defined as template, the policy can be applied to multiple SAPs on the router.

Default QoS policies are configured with template scopes. An error is generated when the template scope parameter to exclusive scope on default policies is modified.

scope

Syntax 
scope {exclusive |template}
no scope
Context 
[Tree] (config>qos>sap-egress scope)
Full Contexts 
configure qos sap-egress scope
Description 

Enter the scope of this policy. The scope of the policy cannot be changed if the policy is applied to one or more services.

The no form of this command sets the scope of the policy to the default of template.

Default 

scope template

Parameters 
exclusive—
When the scope of a policy is defined as exclusive, the policy can only be applied to a single SAP. Attempting to assign the policy to a second SAP will result in an error message. If the policy is removed from the exclusive SAP, it will become available for assignment to another exclusive SAP.

The system default policies cannot be put into the exclusive scope. An error will be generated if scope exclusive is executed in any policies with a policy-id equal to 1.

template—
When the scope of a policy is defined as template, the policy can be applied to multiple SAPs on the router.

scope

Syntax 
scope {exclusive |template}
no scope
Context 
[Tree] (config>qos>network scope)
Full Contexts 
configure qos network scope
Description 

This command configures the network policy scope as exclusive or template. The policy’s scope cannot be changed if the policy is applied to an interface.

The no form of this command sets the scope of the policy to the default of template.

Default 

scope template

Parameters 
exclusive—
When the scope of a policy is defined as exclusive, the policy can only be applied to one interface. If a policy with an exclusive scope is assigned to a second interface, an error message is generated. If the policy is removed from the exclusive interface, it will become available for assignment to another exclusive interface.

The system default policies cannot be put into the exclusive scope. An error will be generated if the scope exclusive command is executed in any policies with a policy-id equal to 1.

template—
When the scope of a policy is defined as template, the policy can be applied to multiple interfaces on the router.

Default QoS policies are configured with template scopes. An error is generated if the template scope parameter is modified to exclusive scope on default policies.

scope

Syntax 
scope {exclusive |template |embedded |system}
scope {exclusive |template}
no scope
Context 
[Tree] (config>filter>ip-exception scope)
[Tree] (config>filter>ip-filter scope)
[Tree] (config>filter>ipv6-filter scope)
[Tree] (config>filter>mac-filter scope)
Full Contexts 
configure filter ip-exception scope
configure filter ip-filter scope
configure filter ipv6-filter scope
configure filter mac-filter scope
Description 

This command configures the filter policy scope as exclusive, template, embedded or system.

The scope of the policy cannot be changed when:

  1. the scope is template and the policy is applied to one or more services or network interfaces
  2. the scope is embedded and the policy is embedded by another policy

Changing the scope to/from system is only allowed when a policy is not active and the policy has no entries configured.

The no form of the command sets the scope of the policy to the default of template.

Default 

scope template

Parameters 
exclusive—
Specifies that the policy can only be applied to a single entity. Attempting to assign the policy to a second entity will result in an error message.
template—
Specifies that the policy can be applied to multiple entities.
embedded—
Specifies that the policy cannot be applied directly. The policy defines embedded filter rules, which are embedded by other exclusive/template/system filter policies. The embedded scope is supported for IPv4 and IPv6 filter policies only.
system—
Specifies that the policy defines system-wide filter rules. To apply system policy rules, activate system filter and chain exclusive/template ACL filter policy to the system filter. The system scope is supported for IPv4 and IPv6 filter policies only.

23.48. scp

scp

Syntax 
scp local-file-url destination-file-url [router router-instance] [force]
scp local-file-url destination-file-url [force] service service-name
Context 
[Tree] (file scp)
Full Contexts 
file scp
Description 

This command copies a local file to a remote host file system. It uses ssh for data transfer, and uses the same authentication and provides the same security as ssh. The following prompt appears:

“Are you sure (y/n)?” The destination must specify a user and a host.

Parameters 
local-file-url—
Specifies the local source file or directory.
Values—

[cflash-id/] file-path

up to 200 characters

cflash-id

cf1:, cf1-A:, cf1-B:, cf2:, cf2-A:, cf2-B:, cf3:, cf3-A:, cf3-B:

 

destination-file-url—
Specifies the destination file.
Values—

destination-file-*: user@hostname:file-path - up to 255 characters

user

up to 32 characters

hostname

[dns-name | ipv4-address | “[“ipv6-address”]”]

ipv4-address

a.b.c.d

ipv6-address

x:x:x:x:x:x:x:x[-interface]

x:x:x:x:x:x:d.d.d.d[-interface]

x - [0 to FFFF]H

d - [0 to 255]D

interface - up to 32 characters, mandatory for link local addresses

dns-name

up to 128 characters

file-path

up to 200 characters, directory length up to 99 characters

 

user—
Specifies the SSH user.
hostname—
Specifies the remote host IP address of DNS name.
file-path—
Specifies the destination path.
router-instance—
Specifies the router name or service ID used to specify the router instance.
Values—

router-name

“Base”, “management”, “vpls-management”

vprn-service-id

1 to 2147483647

 

Default—
Base
force—
Forces an immediate copy of the specified file. The command file scp local-file-url destination-file-url [router router-instance] force executes the command without displaying a user prompt message.
service-name
Specifies the service name used to identify the router instance. The service name can be a maximum of 64 characters long.

23.49. scramble

scramble

Syntax 
[no] scramble
Context 
[Tree] (config>port>tdm>ds1>channel-group scramble)
[Tree] (config>port>tdm>ds3 scramble)
[Tree] (config>port>tdm>e1>channel-group scramble)
[Tree] (config>port>tdm>e3 scramble)
Full Contexts 
configure port tdm ds1 channel-group scramble
configure port tdm ds3 scramble
configure port tdm e1 channel-group scramble
configure port tdm e3 scramble
Description 

This command enables payload scrambling on channel groups.

Scrambling randomizes the pattern of 1s and 0s carried in a SONET frame. Rearranging or scrambling the pattern prevents continuous strings of all 1s or all 0s and meets the needs of physical layer protocols that rely on sufficient transitions between 1s and 0s to maintain clocking.

For ATM, this command enables or disables ATM cell-level payload scrambling/descrambling using x43+1 polynomial as defined in ITU-T I.432.1. Scrambling is enabled by default for the ATM path/channel. Note that this scrambling is done in addition to SONET/SDH frame scrambling/descrambling, which is always enabled in the framer.

The no form of this command disables scrambling.

Default 

no scramble

scramble

Syntax 
[no] scramble
Context 
[Tree] (config>port>sonet-sdh>path scramble)
Full Contexts 
configure port sonet-sdh path scramble
Description 

This command enables SONET/SDH payload scrambling. Scrambling randomizes the pattern of 1s and 0s carried in a SONET frame. Rearranging or scrambling the pattern prevents continuous strings of all 1s or all 0s and meets the needs of physical layer protocols that rely on sufficient transitions between 1s and 0s to maintain clocking.

For ATM, this command enables or disables ATM cell-level payload scrambling/descrambling using x43+1 polynomial as defined in ITU-T I.432.1. Scrambling is enabled by default for the ATM path/channel. Note that this scrambling is done in addition to SONET/SDH frame scrambling/descrambling, which is always enabled in the framer.

The no form of this command disables scrambling.

Default 

no scramble

23.50. script

script

Syntax 
script script
Context 
[Tree] (debug>dynsvc>scripts script)
Full Contexts 
debug dynamic-services scripts script
Description 

This command enables the context to configure dynamic services script debugging for a specific script.

Parameters 
script—
Specifies the script name.

script

Syntax 
script script-name [owner script-owner]
no script
Context 
[Tree] (config>system>script-control>script-policy script)
[Tree] (config>system>script-control script)
Full Contexts 
configure system script-control script
configure system script-control script-policy script
Description 

This command is used to configure a script to be run.

The no form of the command removes the script.

Default 

no script

Parameters 
script-name—
Specifies the name of the script. Can be up to 32 characters.
script-owner
Specifies the name of the script owner. Can be up to 32 characters.

The owner is an arbitrary name and not necessarily a user name. Commands in the scripts are not authorized against the owner. The configure system security cli-script authorization x cli-user command determines the user context against which commands in the scripts are authorized.

Default—
“TiMOS CLI”

23.51. script-all-info

script-all-info

Syntax 
script-all-info
Context 
[Tree] (debug>python>py-script script-all-info)
Full Contexts 
debug python python-script script-all-info
Description 

This command enables the script-compile-error, script-export-variables, script-output, script-output-on-error, and script-runtime-error functionalities.

script-all-info

Syntax 
script-all-info
Context 
[Tree] (debug>subscr-mgmt>sub-ident-plcy script-all-info)
Full Contexts 
debug subscriber-mgmt sub-ident-policy script-all-info
Description 

This command enables the script-compile-error, script-export-variables, script-output, script-output-on-error, and script-runtime-error functionalities.

23.52. script-compile-error

script-compile-error

Syntax 
[no] script-compile-error
Context 
[Tree] (debug>python>py-script script-compile-error)
Full Contexts 
debug python python-script script-compile-error
Description 

This command sends the traceback of the compile error to the logger. The traceback contains detailed information about where and why the compilation fails. The compilation takes place when the CLI user changes the admin state of the Python script from shutdown to no shutdown.

script-compile-error

Syntax 
[no] script-compile-error
Context 
[Tree] (debug>subscr-mgmt>sub-ident-plcy script-compile-error)
Full Contexts 
debug subscriber-mgmt sub-ident-policy script-compile-error
Description 

This command send the traceback of the compile error to the logger. The traceback contains detailed information about where and why the compilation fails. The compilation takes place when the CLI user changes the admin state of the Python URL from shutdown to no-shutdown.

The no form of this command disables debugging.

23.53. script-control

script-control

Syntax 
script-control
Context 
[Tree] (config>system script-control)
Full Contexts 
configure system script-control
Description 

This command enables the context to configure command script parameters.

23.54. script-export-variables

script-export-variables

Syntax 
[no] script-export-variables
Context 
[Tree] (debug>python>py-script script-export-variables)
Full Contexts 
debug python python-script script-export-variables
Description 

This command sends the output variables of the Python script to the logger when the script ran successfully.

script-export-variables

Syntax 
[no] script-export-variables
Context 
[Tree] (debug>subscr-mgmt>sub-ident-plcy script-export-variables)
Full Contexts 
debug subscriber-mgmt sub-ident-policy script-export-variables
Description 

This command sends the result (the three output variables) of the Python script to the logger when the script ran successfully.

The no form of this command disables debugging.

23.55. script-output

script-output

Syntax 
[no] script-output
Context 
[Tree] (debug>python>py-script script-output)
Full Contexts 
debug python python-script script-output
Description 

This command sends the output (such as from print statements) of the Python script to the logger.

script-output

Syntax 
[no] script-output
Context 
[Tree] (debug>subscr-mgmt>sub-ident-plcy script-output)
Full Contexts 
debug subscriber-mgmt sub-ident-policy script-output
Description 

This command sends the output (such as from 'print' statements) of the Python script to the logger.

The no form of this command disables debugging.

23.56. script-output-on-error

script-output-on-error

Syntax 
[no] script-output-on-error
Context 
[Tree] (debug>python>py-script script-output-on-error)
Full Contexts 
debug python python-script script-output-on-error
Description 

This command sends the output (such as traceback data) of the Python script to the logger, only when the script fails.

script-output-on-error

Syntax 
[no] script-output-on-error
Context 
[Tree] (debug>subscr-mgmt>sub-ident-plcy script-output-on-error)
Full Contexts 
debug subscriber-mgmt sub-ident-policy script-output-on-error
Description 

This command sends the output (such as from print statements) of the Python script to the logger, but only when the script fails.

The no form of this command disables debugging.

23.57. script-parameters-1

script-parameters-1

Syntax 
script-parameters-1 param-string1
no script-parameters-1
Context 
[Tree] (config>service>dynsvc>ladb>user>idx script-parameters-1)
Full Contexts 
configure service dynamic-services local-auth-db user-name index script-parameters-1
Description 

This command specifies the first part of parameters as input to the dynamic data service Python script. The concatenation of all four script-parameters strings are passed to the Python script and must be formatted as function-key <dictionary>. The function-key specifies which Python functions is called, and <dictionary> contains the actual parameters in a Python dictionary structure format. The no form of this command removes script-parameters-1 from the configuration.

Parameters 
param-string1—
Specifies a string representing parameters that are used as input for the dynamic service Python script, up to 250 characters.

23.58. script-parameters-2

script-parameters-2

Syntax 
script-parameters-2 param-string2
no script-parameters-2
Context 
[Tree] (config>service>dynsvc>ladb>user>idx script-parameters-2)
Full Contexts 
configure service dynamic-services local-auth-db user-name index script-parameters-2
Description 

This command specifies the second part of parameters as input to the dynamic data service Python script. The concatenation of all four script-parameters strings are passed to the Python script and must be formatted as function-key <dictionary>. The function-key specifies which Python functions is called, and <dictionary> contains the actual parameters in a Python dictionary structure format. The no form of this command removes the script-parameters-2 from the configuration.

Parameters 
param-string2—
Specifies a string representing parameters that are used as input for the dynamic service Python script, up to 250 characters.

23.59. script-parameters-3

script-parameters-3

Syntax 
script-parameters-3 param-string3
no script-parameters-3
Context 
[Tree] (config>service>dynsvc>ladb>user>idx script-parameters-3)
Full Contexts 
configure service dynamic-services local-auth-db user-name index script-parameters-3
Description 

This command specifies the third part of parameters as input to the dynamic data service Python script. The concatenation of all four script-parameters strings are passed to the Python script and must be formatted as function-key <dictionary>. The function-key specifies which Python functions is called, and <dictionary> contains the actual parameters in a Python dictionary structure format. The no form of this command removes the script-parameters-3 from the configuration.

Parameters 
param-string3—
Specifies string representing parameters that are used as input for the dynamic service Python script, up to 250 characters.

23.60. script-parameters-4

script-parameters-4

Syntax 
script-parameters-4 param-string4
no script-parameters-4
Context 
[Tree] (config>service>dynsvc>ladb>user>idx script-parameters-4)
Full Contexts 
configure service dynamic-services local-auth-db user-name index script-parameters-4
Description 

This command specifies the fourth part of parameters as input to the dynamic data service Python script. The concatenation of all four script-parameters strings are passed to the Python script and must be formatted as function-key <dictionary>. The function-key specifies which Python functions is called, and <dictionary> contains the actual parameters in a Python dictionary structure format. The no form of this command removes the script-parameters-4 from the configuration.

Parameters 
param-string4—
Specifies a string representing parameters that are used as input for the dynamic service Python script, up to 250 characters.

23.61. script-policy

script-policy

Syntax 
script-policy name
no script-policy
Context 
[Tree] (config>service>dynsvc>policy script-policy)
Full Contexts 
configure service dynamic-services dynamic-services-policy script-policy
Description 

This command specifies the radius script policy to be used to setup the dynamic data services. The script-policy configuration cannot be changed when there are active dynamic data services referencing the policy.

The no form of this command removes the script-policy from the configuration. This is only allowed when there are no active dynamic data services referencing this policy.

Parameters 
name—
Specifies the RADIUS script policy name.

script-policy

Syntax 
script-policy policy-name [owner policy-owner]
no script-policy
Context 
[Tree] (config>system>cron>schedule script-policy)
Full Contexts 
configure system cron schedule script-policy
Description 

This command is used to configure the CLI script policy.

Parameters 
policy-name—
Specifies the name of the policy. Can be up to 32 characters.
policy-owner
Specifies the name of the policy owner. Can be up to 32 characters.

The owner is an arbitrary name and not necessarily a user name. Commands in the scripts are not authorized against the owner. The configure system security cli-script authorization x cli-user command determines the user context against which commands in the scripts are authorized.

Default—
“TiMOS CLI”

script-policy

Syntax 
[no] script-policy policy-name [owner policy-owner]
Context 
[Tree] (config>system>script-control script-policy)
Full Contexts 
configure system script-control script-policy
Description 

This command is used to configure the CLI script policy.

Parameters 
policy-name—
Specifies the name of the policy, up to 32 characters.
policy-owner
Specifies the name of the policy owner, up to 32 characters.

The owner is an arbitrary name and not necessarily a user name. Commands in the scripts are not authorized against the owner. The configure system security cli-script authorization x cli-user command determines the user context against which commands in the scripts are authorized.

Default—
“TiMOS CLI”

script-policy

Syntax 
script-policy policy-name [owner policy-owner]
no script-policy
Context 
[Tree] (config>log>event-handling>handler>action-list>entry script-policy)
Full Contexts 
configure log event-handling handler action-list entry script-policy
Description 

This command configures the script policy parameters to use for this EHS handler action-list entry. The associated script is launched when the handler is triggered.

Default 

no script-policy

Parameters 
policy-name—
Specifies the script policy name. Can be up to 32 characters maximum.
owner policy-owner—
Specifies the script policy owner. Can be up to 32 characters maximum.
Default—
“TiMOS CLI”

23.62. script-runtime-error

script-runtime-error

Syntax 
[no] script-runtime-error
Context 
[Tree] (debug>python>py-script script-runtime-error)
Full Contexts 
debug python python-script script-runtime-error
Description 

This command generates log information when detecting a script runtime error.

script-runtime-error

Syntax 
[no] script-runtime-error
Context 
[Tree] (debug>subscr-mgmt>sub-ident-plcy script-runtime-error)
Full Contexts 
debug subscriber-mgmt sub-ident-policy script-runtime-error
Description 

This command sends the traceback of the Python script failure to the logger.

The no form of this command disables debugging.

23.63. script-url

script-url

Syntax 
script-url primary-script-url
no script-url
Context 
[Tree] (config>aaa>radius-scr-plcy>primary script-url)
Full Contexts 
configure aaa radius-script-policy primary script-url
Description 

This command configures the URL of the primary script.

The no form of this command removes the URL from the configuration.

Parameters 
primary-script-url—
Specifies the URL of the secondary script to change RADIUS attributes of the RADIUS message.

script-url

Syntax 
script-url secondary-script-url
no script-url
Context 
[Tree] (config>aaa>radius-scr-plcy>secondary script-url)
Full Contexts 
configure aaa radius-script-policy secondary script-url
Description 

Specifies the URL of the secondary script to change RADIUS attributes of the RADIUS message.

The no form of this command removes the URL from the configuration.

Parameters 
secondary-script-url—
Specifies the URL of the secondary script to change RADIUS attributes of the RADIUS message.

script-url

Syntax 
script-url dhcp-script-url
no script-url
Context 
[Tree] (config>subscr-mgmt>sub-ident-pol>primary script-url)
[Tree] (config>subscr-mgmt>sub-ident-pol>secondary script-url)
[Tree] (config>subscr-mgmt>sub-ident-pol>tertiary script-url)
Full Contexts 
configure subscriber-mgmt sub-ident-policy primary script-url
configure subscriber-mgmt sub-ident-policy secondary script-url
configure subscriber-mgmt sub-ident-policy tertiary script-url
Description 

This command specifies the URL of the identification scripts.

The no form of this command reverts to the default.

Parameters 
dhcp-primary-script-url—
Specifies the URL of the primary identification script up to 180 characters.
dhcp-secondary-script-url—
Specifies the URL of the secondary identification script up to 180 characters.
dhcp-tertiary-script-url—
Specifies the URL of the tertiary identification script up to 180 characters.

script-url

Syntax 
script-url script-url-name
no script-url
Context 
[Tree] (config>app-assure>group>http-notif script-url)
Full Contexts 
configure application-assurance group http-notification script-url
Description 

This command configures the URL of the script used by the http notification policy.

The no form of this command removes the script URL from the http-notification policy.

Default 

no script-url

Parameters 
script-url-name—
Specifies the string representing the URL of the script used in the http notification policy, up to 255 characters.
create—
Keyword to create the script URL.

23.64. scripts

scripts

Syntax 
scripts
Context 
[Tree] (debug>dynsvc scripts)
Full Contexts 
debug dynamic-services scripts
Description 

This command enables the context to configure dynamic services script debugging.

scripts

Syntax 
scripts
scripts event [cli] [errors] [executed-cmd] [state-change] [warnings]
scripts instance instance event [cli] [errors] [executed-cmd] [state-change] [warnings]
Context 
[Tree] (debug>vsd scripts)
Full Contexts 
debug vsd scripts
Description 

This command enables the debug of the VSD fully dynamic integration scripts.

23.65. scte30

scte30

Syntax 
scte30
Context 
[Tree] (config>service>ies>video-interface>adi scte30)
[Tree] (config>service>vprn>video-interface>adi scte30)
Full Contexts 
configure service ies video-interface adi scte30
configure service vprn video-interface adi scte30
Description 

This command enables the context to configure SCTE 30 parameters.

23.66. scte35-action

scte35-action

Syntax 
scte35-action {forward |drop}
Context 
[Tree] (config>service>ies>video-interface>channel scte35-action)
[Tree] (config>service>vprn>video-interface>channel scte35-action)
Full Contexts 
configure service ies video-interface channel scte35-action
configure service vprn video-interface channel scte35-action
Description 

This command specifies whether the Society of Cable Telecommunications Engineers 35 (SCTE 35) cue avails in the stream need to be forwarded or not. When specified to forward, SCTE 35 messages will be forwarded downstream. When specified to drop, SCTE 35 messages will not be forwarded downstream. They will be still be processed for local splicing decisions.

Parameters 
forward—
Forwards SCTE 35 messages downstream.
drop—
Drops SCTE 35 messages.

23.67. sctp-filter

sctp-filter

Syntax 
sctp-filter sctp-filter-name
no sctp-filter
Context 
[Tree] (config>app-assure>group>policy>aqp>entry>action sctp-filter)
Full Contexts 
configure application-assurance group policy app-qos-policy entry action sctp-filter
Description 

This command assigns an existing SCTP filter as an action on flows matching this AQP entry.

The no form of this command removes this SCTP filter from actions on flows matching this AQP entry.

Default 

no sctp-filter

Parameters 
sctp-filter-name—
Specifies the name of the existing SCTP filter for this application assurance profile. The sctp-filter-name is configured in the config>app-assure>group[:partition]>sctp-filter context.

sctp-filter

Syntax 
sctp-filter sctp-filter-name
Context 
[Tree] (config>app-assure>group>statistics>tca sctp-filter)
Full Contexts 
configure application-assurance group statistics threshold-crossing-alert sctp-filter
Description 

This command configures TCA generation for an SCTP filter.

Parameters 
sctp-filter-name—
Specifies the name of the SCTP filter, up to 32 characters

sctp-filter

Syntax 
sctp-filter sctp-filter-name [create]
no sctp-filter sctp-filter-name
Context 
[Tree] (config>app-assure>group sctp-filter)
Full Contexts 
configure application-assurance group sctp-filter
Description 

This command enables the context to configure Stream Control Transmission Protocol (SCTP) parameters.

The no form of this command removes this filter.

Parameters 
sctp-filter-name—
Specifies the SCTP filter name, up to 32 characters.
create—
Keyword used to create the SCTP filter.

23.68. sctp-filter-stats

sctp-filter-stats

Syntax 
[no] sctp-filter-stats
Context 
[Tree] (config>app-assure>group>statistics>aa-admit-deny sctp-filter-stats)
Full Contexts 
configure application-assurance group statistics aa-admit-deny sctp-filter-stats
Description 

This command configures whether to include or exclude SCTP filter admit-deny statistics in accounting records.

Default 

no sctp-filter-stats

23.69. sd

sd

Syntax 
sd
Context 
[Tree] (config>mcast-mgmt>mcast-info-plcy>video-policy>video-if sd)
Full Contexts 
configure mcast-management multicast-info-policy video-policy video-interface sd
Description 

This command enables the context within a video interface policy to configure properties relating to requests received by the video interface for Standard Definition (SD) channel requests.

23.70. sd-offset

sd-offset

Syntax 
sd-offset offset-value
no sd-offset
Context 
[Tree] (config>service>vprn>isis>if>level sd-offset)
Full Contexts 
configure service vprn isis interface level sd-offset
Description 

If the pre-FEC error rate of the associated DWDM port crosses the configured sd-threshold, this offset-value is added to the IS-IS interface metric. This parameter is only effective if the interface is associated with a DWDM port and the sd-threshold value is configured under that port.

The no form of this command reverts the offset value to 0.

Default 

no sd-offset

Parameters 
offset-value—
Specifies the amount the interface metric is increased by if the sd-threshold is crossed.
Values—
0 to 16777215

 

sd-offset

Syntax 
sd-offset sd-offset
no sd-offset
Context 
[Tree] (config>router>isis>if>level sd-offset)
Full Contexts 
configure router isis interface level sd-offset
Description 

If the pre-FEC error rate of the associated DWDM port crosses the configured sd-threshold, this offset-value is added to the IS-IS interface metric. This parameter is only effective if the interface is associated with a DWDM port and the sd-threshold value is configured under that port.

The no form of this command reverts the offset value to 0.

Default 

no sd-offset

Parameters 
sd-offset—
Specifies the amount the interface metric is increased by if the sd-threshold is crossed.
Values—
0 to 16777215

 

23.71. sd-threshold

sd-threshold

Syntax 
sd-threshold threshold [coefficient coefficient]
Context 
[Tree] (config>port>otu sd-threshold)
Full Contexts 
configure port otu sd-threshold
Description 

This command defines the error rate at which to declare the signal degrade (SD) condition.

The parameters define an error rate of (coefficient/10) * 10E-threshold. For example, sd-threshold 5 coefficient 20 defines an error rate of (20/10) * 10E-5, or 2 * 10E-5, or 0.000 02.

The SD threshold must be:

  1. greater than the SF threshold.
  2. 5 or higher before setting sf-sd-method to bip8.

The coefficient parameter is only used when sf-sd-method is set to fec. When sf-sd-method is set to bip8, coefficient is considered to have the value of 10.

Parameters 
threshold—
Specifies the exponent for the SD threshold value.
Values—
5 to 9 when sf-sd-method is bip8
3 to 9 when sf-sd-method is fec

 

Default—
7
coefficient—
Specifies the coefficient for the SD threshold value.
Values—
10 to 99

 

Default—
10

sd-threshold

Syntax 
sd-threshold errored-frames
no sd-threshold
Context 
[Tree] (config>port>ethernet>efm-oam>link-mon>errored-frame sd-threshold)
Full Contexts 
configure port ethernet efm-oam link-monitoring errored-frame sd-threshold
Description 

The option defines the number of errored frames within the configured window which indicates the port has gone beyond an acceptable error rate and should be considered degraded. This is a first level warning that a port may be suspect. This generates an information log event message only and will be recorded in the Port event index but has no port level actions when the error count is equal to or greater than the threshold. This value must be lower than or equal to the sf-threshold value.

The no value of this option disables the sd-threshold.

Default 

no sd-threshold

Parameters 
errored-frames—
Specifies the number of errored frames within the configured window which indicates the port has become degraded.
Values—
1 to 1000000

 

sd-threshold

Syntax 
sd-threshold errored-frames
Context 
[Tree] (config>port>ethernet>efm-oam>link-mon>errored-frame-period sd-threshold)
Full Contexts 
configure port ethernet efm-oam link-monitoring errored-frame-period sd-threshold
Description 

The option defines the number of errored frames within the configured window which indicates the port has gone beyond an acceptable error rate and should be considered degraded. This is a first level warning that a port may be suspect. This generates an information log event message only and will be recorded in the Port event index but has no port level actions when the error count is equal to or greater than the threshold. This value must be lower than or equal to the sf-threshold value.

The no value of this option disables the sd-threshold

Default 

no sd-threshold

Parameters 
errored-frames—
Specifies the number of errored frames within the configured window which indicates the port has become degraded.
Values—
1 to 1000000

 

sd-threshold

Syntax 
sd-threshold errored-frames
no sd-threshold
Context 
[Tree] (config>port>ethernet>efm-oam>link-mon>errored-frame-seconds sd-threshold)
Full Contexts 
configure port ethernet efm-oam link-monitoring errored-frame-seconds sd-threshold
Description 

This command defines the number of errored frame seconds within the configured window which indicates the port has gone beyond an acceptable error rate and should be considered degraded. This is a first level warning that a port may be suspect. This event is raised when the error count is equal to or greater than the configured threshold. This is an information log event message only and will be recorded in the Port event index but has no port level actions. This value must be lower than or equal to the sf-threshold value.

The no version of this command disables the sd-threshold.

Parameters 
errored-frames—
Specifies the number of errored seconds within the configured window which indicates the port has become degraded.
Values—
1 to 900

 

sd-threshold

Syntax 
sd-threshold errored-symbols
no sd-threshold
Context 
[Tree] (config>port>ethernet>efm-oam>link-mon>errored-symbols sd-threshold)
Full Contexts 
configure port ethernet efm-oam link-monitoring errored-symbols sd-threshold
Description 

This command defines the number of errored frames within the configured window which indicates the port has gone beyond an acceptable error rate and should be considered degraded. This is a first level warning that a port may be suspect. An event is raised when the error count is equal to or greater than this value. This is an information log event message only and will be recorded in the Port event index but has no port level actions. This value must be lower than or equal to the sf-threshold value. Specific to symbol errors, this value must be configured with the value that indicates anything less is acceptable and the port can be returned to service. If this value is not configured then manual operation is required to return the port to service.

The no value of this option means there is there is no automatic return to service.

Default 

no sd-threshold

Parameters 
errored-symbols—
Specifies the number of errored symbols which indicates the port has become degraded.
Values—
1 to1000000

 

sd-threshold

Syntax 
sd-threshold threshold [multiplier multiplier]
no sd-threshold
Context 
[Tree] (config>port>ethernet>sym-mon sd-threshold)
Full Contexts 
configure port ethernet symbol-monitor sd-threshold
Description 

This command specifies the error rate at which to declare the Signal Degrade condition on an Ethernet interface. The value represents M*10E-N a ratio of symbol errors over total symbols received over W seconds of the sliding window. The symbol errors on the interface are sampled once per second. A default of 10 seconds is used when there is no additional window-size configured. The multiplier keyword is optional. If the multiplier keyword is omitted or no sd-threshold is specified the multiplier will return to the default value of 1.

Default 

no sd-threshold

Parameters 
threshold—
Specifies the rate of symbol errors.
Values—
1 to 9

 

multiplier
Specifies the multiplier used to scale the symbol error ratio.
Values—
1 to 9

 

sd-threshold

Syntax 
sd-threshold threshold [multiplier multiplier]
no sd-threshold
Context 
[Tree] (config>port>ethernet>crc-monitor sd-threshold)
Full Contexts 
configure port ethernet crc-monitor sd-threshold
Description 

This command specifies the error rate at which to declare the Signal Degrade condition on an Ethernet interface. The value represents M*10E-N a ratio of errored frames over total frames received over W seconds of the sliding window. The CRC errors on the interface are sampled once per second. A default of 10 seconds is used when there is no additional window-size configured. The multiplier keyword is optional. If the multiplier keyword is omitted or no sd-threshold is specified the multiplier will return to the default value of 1.

Default 

no sd-threshold

Parameters 
threshold
Specifies the threshold value.
Values—
1 to 9

 

multiplier
Specifies the multiplier value.
Values—
1 to 9

 

23.72. sd-threshold-clear

sd-threshold-clear

Syntax 
sd-threshold-clear threshold [coefficient coefficient]
Context 
[Tree] (config>port>otu sd-threshold-clear)
Full Contexts 
configure port otu sd-threshold-clear
Description 

This command defines the signal degrade (SD) threshold clear value.

When the bit error rate falls below this value, the SD condition is cleared. The parameters define an error rate of (coefficient/10) * 10E-threshold. For example, sd-threshold-clear 7 coefficient 10 defines an error rate of (10/10) * 10E-7, or 10E-7, or 0.000 000 1.

This SD threshold clear setting is valid only when sf-sd-method is set to fec.

Parameters 
threshold—
Specifies the exponent for the SD threshold clear value.
Values—
3 to 10

 

Default—
8
coefficient—
Specifies the coefficient for the SD threshold clear value.
Values—
10 to 99

 

Default—
10

23.73. sdp

sdp

Syntax 
sdp sdp-id [sync-tag sync-tag] [create]
no sdp sdp-id
Context 
[Tree] (config>redundancy>multi-chassis>peer>sync sdp)
Full Contexts 
configure redundancy multi-chassis peer sync sdp
Description 

This command specifies the manually configured spoke SDPs to be synchronized with the multi-chassis peer and a synchronization tag to be used while synchronizing these spoke SDPs with the multi-chassis peer.

Manually configured spoke SDPs with the specified sdp-id are synchronized according to the synchronization tag. If synchronization is required only for a subset of the spoke SDPs using the configured SDP, the range sub-command should be used. The range command and the sync-tag parameters are mutually exclusive.

The synchronization of PIM snooping is only supported for manually configured spoke SDPs but is not supported for spoke SDPs configured within an endpoint.

The synchronization of PIM snooping is not supported on any of the following when used with the configured sdp-id:

  1. Mesh SDPs
  2. Spoke SDPs in non-VPLS services
  3. BGP-AD/BGP-VPLS (FEC 129) spoke SDPs
  4. Spoke SDPs configured in endpoints
  5. Pseudowire SAPs
  6. ESM-over-MPLS Pseudowires

Non-existent spoke SDPs may be specified. If these spoke SDPs are created at a later time, then all states on the spoke SDPs are synchronized according to the synchronization tag and the synchronization protocols enabled.

A synchronization tag can be changed by entering the same command with a different synchronization tag. Changing the synchronization tag removes all states relating to the previous synchronization tag for the SDP and a new synchronization tag state is created.

Parameters 
sdp-id —
Specifies the SDP of the spoke SDPs to be synchronized with the multi-chassis peer.
Values—
1 to 32767

 

sync-tag—
Specifies a synchronization tag, up to 32 characters, to be used when synchronizing with the multi-chassis peer.
create—
Creates the SDP instance. The create keyword requirement can be enabled or disabled in the environment>create context.

sdp

Syntax 
sdp sdp-id
no sdp
Context 
[Tree] (config>service>system>bgp-evpn>ethernet-segment sdp)
Full Contexts 
configure service system bgp-evpn ethernet-segment sdp
Description 

This command configures an sdp-id associated to the Ethernet-Segment. If the Ethernet-Segment is configured as all-active, then only a lag or PW port can be associated to the Ethernet-Segment. If the Ethernet-Segment is configured as single-active, then lag, port or sdp can be associated to the Ethernet-Segment. In any case, only one of the four objects can be configured in the Ethernet-Segment. A specified SDP can be part of only one Ethernet-Segment. Only user-configured SDPs can be added to an Ethernet-Segment.

Default 

no sdp

Parameters 
sdp-id—
Specifies the IP address.
Values—
1 to 17407

 

sdp

Syntax 
[no] sdp sdp-id:vc-id
Context 
[Tree] (config>service>vpls>pbb>backbone-vpls sdp)
Full Contexts 
configure service vpls pbb backbone-vpls sdp
Description 

This command configures attributes of a SDP binding on the B-VPLS service.

Parameters 
sdp-id—
Specifies the SDP ID.
Values—
1 to 17407

 

vc-id—
Specifies the VC ID.
Values—
1 to 4294967295

 

sdp

Syntax 
[no] sdp sdp-id:vc-id
Context 
[Tree] (debug>service>id>mrp sdp)
Full Contexts 
debug service id mrp sdp
Description 

This command filters debug events and only shows events for the particular SDP.

The no form of this command removes the debug filter.

Parameters 
sdp-id—
Specifies the SDP ID for which to display information
Default—
All SDPs
Values—
1 to 17407

 

vc-id—
Displays information about the virtual circuit identifier.
Values—
1 to 4294967295

 

sdp

Syntax 
[no] sdp sdp-id:vc-id
Context 
[Tree] (debug>service>id sdp)
[Tree] (debug>service>id>dhcp sdp)
[Tree] (debug>service>id>stp sdp)
Full Contexts 
debug service id dhcp sdp
debug service id sdp
debug service id stp sdp
Description 

This command enables STP debugging for a specific SDP.

The no form of the command disables debugging.

Parameters 
sdp-id:vc-id—
Specifies the SDP ID and VC ID.
Values—
sdp-id: 1 to 17407
vc-id: 1 to 4294967295

 

sdp

Syntax 
[no] sdp sdp-id:vc-id
Context 
[Tree] (debug>service>id>igmp-snooping sdp)
Full Contexts 
debug service id igmp-snooping sdp
Description 

This command shows IGMP packets for a specific SDP.

The no form of this command disables the debugging for the SDP.

Parameters 
sdp-id
Displays only IGMP snooping entries associated with the specified mesh SDP or spoke-SDP. For a spoke-SDP, the VC ID must be specified, for a mesh SDP, the VC ID is optional.
Values—
1 to 17407

 

vc-id —
Displays information for the specified virtual circuit ID on the SDP ID
Values—
1 to 4294967295

 

sdp

Syntax 
[no] sdp sdp-id:vc-id
Context 
[Tree] (debug>service>id>mld sdp)
Full Contexts 
debug service id mld-snooping sdp
Description 

This command shows MLD packets for a specific SDP.

The no form of this command disables the debugging for the SDP.

Parameters 
sdp-id
Displays only MLD entries associated with the specified mesh SDP or spoke-SDP
Values—
1 to 17407

 

vc-id —
Displays information for the specified virtual circuit ID on the SDP ID
Values—
1 to 4294967295

 

sdp

Syntax 
sdp sdp-id [delivery-type] [create]
no sdp sdp-id
Context 
[Tree] (config>service sdp)
Full Contexts 
configure service sdp
Description 

This command creates or edits a Service Distribution Point (SDP). SDPs must be explicitly configured.

An SDP is a logical mechanism that ties a far-end router to a particular service without having to specifically define far-end SAPs. Each SDP represents a method to reach another router.

One method is IP Generic Router Encapsulation (GRE), which has no state in the core of the network. GRE does not specify a specific path to the far-end router. A GRE-based SDP uses the underlying IGP routing table to find the best next hop to the far-end router.

The second method is Multi-Protocol Label Switching (MPLS) encapsulation. A router supports both signaled and non-signaled Label Switched Paths (LSPs) through the network. Non-signaled paths are defined at each hop through the network. Signaled paths are communicated by protocol from end-to-end using Resource Reservation Protocol (RSVP). Paths may be manually defined or a constraint-based routing protocol (such as OSPF-TE or CSPF) can be used to determine the best path with specific constraints. An LDP LSP can also be used for an SDP when the encapsulation is MPLS. The use of an LDP LSP type or an RSVP/Static LSP type are mutually exclusive except when the mixed-lsp option is enabled on the SDP.

Segment routing is another MPLS tunnel type and is used to allow service binding to an SR tunnel programmed in TTM by OSPF or IS-IS. The SDP of type sr-isis or sr-ospf can be used with the far-end option. The tunnel-far-end option is not supported. In addition, the mixed-lsp-mode option does not support the sr-isis and sr-ospf tunnel types.

L2TPv3-over-IPv6 transport is also an option for 7750 SR and 7950 XR Ethernet Pipe (Epipe) Services. Like GRE, L2TPv3 is stateless in the core of the network, as well as on the service nodes as the L2TPv3 control plane functionality is disabled for this SDP type. A unique source and destination IPv6 address combined with TX and RX Cookie values are used to ensure that the SDP is bound to the correct service.

SDPs are created and then bound to services. Many services may be bound to a single SDP. The operational and administrative state of the SDP controls the state of the SDP binding to the service.

If the sdp-id does not exist, a new SDP is created. When creating an SDP, either the gre, mpls, or l2tpv3 keyword must be specified. SDPs are created in the admin down state (shutdown) and the no shutdown command must be executed once all relevant parameters are defined and before the SDP can be used.

If sdp-id exists, the current CLI context is changed to that SDP for editing and modification. For editing an existing SDP, neither the gre, mpls, or l2tpv3 keyword is specified. If a keyword is specified for an existing sdp-id, an error is generated and the context of the CLI will not be changed to the specified sdp-id.

The no form of this command deletes the specified SDP. Before an SDP can be deleted, it must be administratively down (shutdown) and not bound to any services. If the specified SDP is bound to a service, the no sdp command will fail generating an error message specifying the first bound service found during the deletion process. If the specified sdp-id does not exist an error will be generated.

Parameters 
sdp-id—
Specifies the SDP identifier.
Values—
1 to 32767

 

gre—
Specifies the SDP will use GRE to reach the far-end router. The GRE encapsulation of the MPLS service packet uses the base 4-byte header as per RFC 2890. The optional fields Checksum (plus Reserved field), Key, and Sequence Number are not inserted. Only one GRE SDP can be created to a given destination address. Multiple GRE SDPs to a single destination address serve no purpose as the path taken to reach the far end is determined by the IGP which will be the same for all SDPs to a given destination and there is no bandwidth reservation in GRE tunnels.
mpls—
Specifies the SDP will use MPLS encapsulation and one or more LSP tunnels to reach the far-end device. Multiple MPLS SDPs may be created to a given destination device. Multiple MPLS SDPs to a single destination device are helpful when they use divergent paths.
l2tpv3—
Specifies the SDP will use L2TPv3-over-IPv6 encapsulation for the 7750 SR or 7950 XRS. One SDP is created per service, regardless of whether the far-end node is common or not. Unique local and far-end addresses are configured for every L2TPv3 SDP type. The local address must exist on the local node.
eth-gre-bridged—
Configures the SDP as an L2oGRE tunnel that is terminated on an FPE-based PW port. Only the end-points of such a tunnel (the far-end IPv4/IPv6 address or local-end IPv4/IPv6 address) are allowed to be configured under this SDP.

sdp

Syntax 
sdp {sdp-id [:vc-id] |far-end ip-address} [interval seconds] [repeat repeat] [absolute |rate]
Context 
[Tree] (monitor>service>id sdp)
Full Contexts 
monitor service id sdp
Description 

This command monitors statistics for an SDP binding associated with this service.

Parameters 
sdp-id—
Specifies the SDP identifier.
Values—
sdp-id: 1 to 17407
vc-id: 1 to 4294967295

 

ip-address
Specifies the system address of the far-end router for the SDP in dotted decimal notation. The string may be up to 32 characters.
seconds
Configures the interval for each display, in seconds.
Values—
11 to 60

 

Default—
11
repeat—
Configures how many times the command is repeated.
Values—
1 to 999

 

Default—
10
absolute—
Displays absolute rate-per-second value for each statistic.
rate—
Displays rate-per-second for each statistic instead of the delta.
Output 

The following output is an example of SDP information.

Sample Output
A:ALA-12# monitor service id 100 sdp 10 repeat 3
===============================================================================
Monitor statistics for Service 100 SDP binding 10
===============================================================================
At time t = 0 sec (Base Statistics)
-------------------------------------------------------------------------------
I. Fwd. Pkts.   : 0                     I. Dro. Pkts.   : 0
E. Fwd. Pkts.   : 0                     E. Fwd. Octets  : 0
-------------------------------------------------------------------------------
At time t = 11 sec (Mode: Delta)
-------------------------------------------------------------------------------
I. Fwd. Pkts.   : 0                     I. Dro. Pkts.   : 0
E. Fwd. Pkts.   : 0                     E. Fwd. Octets  : 0
-------------------------------------------------------------------------------
At time t = 22 sec (Mode: Delta)
-------------------------------------------------------------------------------
I. Fwd. Pkts.   : 0                     I. Dro. Pkts.   : 0
E. Fwd. Pkts.   : 0                     E. Fwd. Octets  : 0
-------------------------------------------------------------------------------
At time t = 33 sec (Mode: Delta)
-------------------------------------------------------------------------------
I. Fwd. Pkts.   : 0                     I. Dro. Pkts.   : 0
E. Fwd. Pkts.   : 0                     E. Fwd. Octets  : 0
===============================================================================
A:ALA-12#

23.74. sdp-exclude

sdp-exclude

Syntax 
[no] sdp-exclude group-name
Context 
[Tree] (config>service>pw-template sdp-exclude)
Full Contexts 
configure service pw-template sdp-exclude
Description 

This command configures SDP admin group constraints for a pseudowire template.

The admin group name must have been configured or the command is failed. The user can execute the command multiple times to include or exclude more than one admin group. The sdp-include and sdp-exclude commands can only be used with the use-provisioned-sdp or prefer-provisioned-sdp options. If the same group name is included and excluded within the same pseudowire template, only the exclude option will be enforced.

Any changes made to the admin group sdp-include and sdp-exclude constraints will only be reflected in existing spoke-sdps after the following command has been executed:

tools>perform>service>eval-pw-template>allow-service-impact

When the service is bound to the pseudowire template, the SDP selection rules will enforce the admin group constraints specified in the sdp-include and sdp-exclude commands.

In the SDP selection process, all provisioned SDPs with the correct far-end IP address, the correct tunnel-far-end IP address, and the correct service label signaling are considered. The SDP with the lowest admin metric is selected. If more than one SDP with the same lowest metric are found then the SDP with the highest sdp-id is selected. The type of SDP, GRE or MPLS (BGP/RSVP/LDP) is not a criterion in this selection.

The selection rule with SDP admin groups is modified such that the following admin-group constraints are applied upfront to prune SDPs that do not comply:

  1. if one or more sdp-include statement is part of the PW template, then an SDP that is a member of one or more of the included groups will be considered. With the sdp-include statement, there is no preference for an SDP that belongs to all included groups versus one that belongs to one or fewer of the included groups. All SDPs satisfying the admin-group constraint will be considered and the selection above based on the lowest metric and highest sdp-id is applied.
  2. if one or more sdp-exclude statement is part of the PW template, then an sdp that is a member of any of the excluded groups will not be considered.

SDP admin group constraints can be configured on all router services that makes use of the pseudowire template (BGP-AD VPLS service, BGP-VPLS service, and FEC129 VLL service). In the latter case, only support at a T-PE node is provided.

The no form of this command removes the SDP admin group constraints from the pseudowire template.

Parameters 
group-name—
Specifies the name of the SDP admin group. A maximum of 32 characters can be entered.

23.75. sdp-group

sdp-group

Syntax 
sdp-group
Context 
[Tree] (config>service sdp-group)
Full Contexts 
configure service sdp-group
Description 

This command configures the SDP membership in admin groups.

The user can enter a maximum of one (1) admin group name at once. The user can execute the command multiple times to add membership to more than one admin group. The admin group name must have been configured or the command is failed. Admin groups are supported on an SDP of type GRE and of type MPLS (BGP/RSVP/LDP). They are also supported on an SDP with the mixed-lsp-mode option enabled.

The no form of this command removes this SDP membership to the specified admin group.

23.76. sdp-id-range

sdp-id-range

Syntax 
sdp-id-range from id to id
no sdp-id-range
Context 
[Tree] (config>fwd-path-ext sdp-id-range)
Full Contexts 
configure fwd-path-ext sdp-id-range
Description 

This command reserves an SDP ID range used by the FPE based PW-Port and VXLAN termination applications.

Each configured FPE based PW-Port is associated with two internal SDPs (one in each direction) whose id(s) are allocated from the configured sdp-id-range.

When the FPE is associated to VXLAN termination, an internal SDP is allocated from the configured sdp-id-range and is used for R-VPLS services that terminate VXLAN IPv6. A spoke-sdp per VXLAN IPv6 R-VPLS service is created on that SDP for egress processing of the packets. Sdp-id-range cannot be modified if any of its IDs are currently in use.

Default 

no sdp-id-range

Parameters 
from id
Specifies the start of the SDP ID range (inclusive).
Values—
1 to 32767

 

to id
Specifies the end of the SDP ID range.
Values—
1 to 32767

 

23.77. sdp-include

sdp-include

Syntax 
[no] sdp-include group-name
Context 
[Tree] (config>service>pw-template sdp-include)
Full Contexts 
configure service pw-template sdp-include
Description 

This command configures SDP admin group constraints for a pseudowire template.

The admin group name must have been configured or the command is failed. The user can execute the command multiple times to include or exclude more than one admin group. The sdp-include and sdp-exclude commands can only be used with the use-provisioned-sdp or prefer-provisioned-sdp options. If the same group name is included and excluded within the same pseudowire template, only the exclude option will be enforced.

Any changes made to the admin group sdp-include and sdp-exclude constraints will only be reflected in existing spoke-sdps after the following command has been executed:

tools>perform>service>eval-pw-template>allow-service-impact

When the service is bound to the pseudowire template, the SDP selection rules will enforce the admin group constraints specified in the sdp-include and sdp-exclude commands.

In the SDP selection process, all provisioned SDPs with the correct far-end IP address, the correct tunnel-far-end IP address, and the correct service label signaling are considered. The SDP with the lowest admin metric is selected. If more than one SDP with the same lowest metric are found then the SDP with the highest sdp-id is selected. The type of SDP, GRE or MPLS (BGP/RSVP/LDP) is not a criterion in this selection.

The selection rule with SDP admin groups is modified such that the following admin-group constraints are applied upfront to prune SDPs that do not comply:

  1. if one or more sdp-include statement is part of the PW template, then an SDP that is a member of one or more of the included groups will be considered. With the sdp-include statement, there is no preference for an SDP that belongs to all included groups versus one that belongs to one or fewer of the included groups. All SDPs satisfying the admin-group constraint will be considered and the selection above based on the lowest metric and highest sdp-id is applied.
  2. if one or more sdp-exclude statement is part of the PW template, then an sdp that is a member of any of the excluded groups will not be considered.

SDP admin group constraints can be configured on all router services that make use of the pseudowire template (BGP-AD VPLS service, BGP-VPLS service, and FEC129 VLL service). In the latter case, only support at a T-PE node is provided.

The no form of this command removes the SDP admin group constraints from the pseudowire template.

Default 

none

Parameters 
group-name—
Specifies the name of the SDP admin group. A maximum of 32 characters can be entered.

23.78. sdp-mtu

sdp-mtu

Syntax 
sdp-mtu orig-sdp-id size-inc start-octets end-octets [step step-size] [timeout timeout] [interval interval]
Context 
[Tree] (oam sdp-mtu)
Full Contexts 
oam sdp-mtu
Description 

Performs MTU Path tests on an SDP to determine the largest path-mtu supported on an SDP. The size-inc parameter can be used to easily determine the path-mtu of a given SDP-ID. The forwarding class is assumed to be Best-Effort Out-of-Profile. The message reply is returned with IP/GRE encapsulation from the far-end router. OAM request messages sent within an IP/GRE SDP must have the ‘DF’ IP header bit set to 1 to prevent message fragmentation.

To terminate an sdp-mtu in progress, use the CLI break sequence <Ctrl-C>.

Special Cases 
SDP Path MTU Tests—
SDP Path MTU tests can be performed using the sdp-mtu size-inc keyword to easily determine the path-mtu of a given SDP-ID. The forwarding class is assumed to be Best-Effort Out-of-Profile. The message reply is returned with IP/GRE encapsulation from the far-end router.

With each OAM Echo Request sent using the size-inc parameter, a response line is displayed as message output. The path MTU test displays incrementing packet sizes, the number sent at each size until a reply is received and the response message.

As the request message is sent, its size value is displayed followed by a period for each request sent of that size. Up to three requests are sent unless a valid response is received for one of the requests at that size. Once a response is received, the next size message is sent.

The response message indicates the result of the message request.

After the last reply has been received or response time out, the maximum size message replied to indicates the largest size OAM Request message that received a valid reply.

Parameters 
orig-sdp-id—
Specifies the sdp-id to be used by sdp-ping, expressed as a decimal integer. The far-end address of the specified sdp-id is the expected responder-id within each reply received. The specified sdp-id defines the encapsulation of the SDP tunnel encapsulation used to reach the far end. This can be IP/GRE or MPLS. If orig-sdp-id is invalid or administratively down or unavailable, the SDP echo request message is not sent and an appropriate error message is displayed (once the interval timer expires, sdp-ping attempts to send the next request, if required).
Values—
1 to 32767

 

start-octets—
Specifies the beginning size in octets of the first message sent for an incremental MTU test, expressed as a decimal integer.
Values—
40 to 9786

 

end-octets—
Specifies the ending size in octets of the last message sent for an incremental MTU test, expressed as a decimal integer. The specified value must be greater than start-octets.
Values—
40 to 9786

 

step-size—
Specifies the number of octets to increment the message size request for each message sent for an incremental MTU test, expressed as a decimal integer. The next size message is not sent until a reply is received or three messages have timed out at the current size.

If the incremented size exceeds the end-octets value, no more messages are sent.

Values—
1 to 512

 

Default—
32
timeout—
Specifies the timeout parameter in seconds, expressed as a decimal integer. This value is used to override the default timeout value and is the amount of time that the router waits for a message reply after sending the message request. Upon the expiration of the message time out, the requesting router assumes that the message response is not received. A request timeout message is displayed by the CLI for each message request sent that expires. Any response received after the request times out is silently discarded.
Values—
1 to 10

 

Default—
5
interval—
Specifies the interval parameter in seconds, expressed as a decimal integer. This parameter is used to override the default request message send interval and defines the minimum amount of time that must expire before the next message request is sent.

If the interval is set to 1 second, and the timeout value is set to 10 seconds, then the maximum time between message requests is 10 seconds and the minimum is 1 second. This depends upon the receipt of a message reply corresponding to the outstanding message request.

Values—
1 to 10

 

Default—
1
Output 

Sample Output for SDP MTU Path Test
*A:Dut-A# oam sdp-mtu 1201 size-inc 512 3072 step 256
Size    Sent    Response
----------------------------
512     .        Success
768     .        Success
1024    .        Success
1280    .        Success
1536    .        Success
1792    .        Success
2048    .        Success
2304    .        Success
2560    .        Success
2816    .        Success
3072    .        Success
 
Maximum Response Size: 3072
*A:Dut-A#

23.79. sdp-ping

sdp-ping

Syntax 
sdp-ping orig-sdp-id [resp-sdp resp-sdp-id] [fc fc-name [profile {in |out}]] [size octets] [count send-count] [timeout timeout] [interval interval]
Context 
[Tree] (oam sdp-ping)
[Tree] (config>saa>test>type sdp-ping)
Full Contexts 
configure saa test type sdp-ping
oam sdp-ping
Description 

This command tests SDPs for uni-directional or round trip connectivity and performs SDP MTU Path tests.

The sdp-ping command accepts an originating SDP-ID and an optional responding SDP-ID. The size, number of requests sent, message time-out and message send interval can be specified. All sdp-ping requests and replies are sent with PLP OAM-Label encapsulation, as a service-id is not specified.

For round trip connectivity testing, the resp-sdp keyword must be specified. If resp-sdp is not specified, a uni-directional SDP test is performed.

To terminate an sdp-ping in progress, use the CLI break sequence <Ctrl-C>.

An sdp-ping response message indicates the result of the sdp-ping message request. When multiple response messages apply to a single SDP echo request/reply sequence, the response message with the highest precedence is displayed. Table 133 shows the response messages sorted by precedence.

Table 133:  sdp-ping Response Messages

Result of Request

Displayed Response Message

Precedence

Request time out without reply

Request Timeout

1

Request not sent due to non-existent orig-sdp-id

Orig-SDP Non-Existent

2

Request not sent due to administratively down orig-sdp-id

Orig-SDP Admin-Down

3

Request not sent due to operationally down orig-sdp-id

Orig-SDP Oper-Down

4

Request terminated by user before reply or time out

Request Terminated

5

Reply received, invalid origination-id

Far End: Originator-ID Invalid

6

Reply received, invalid responder-id

Far End: Responder-ID Error

7

Reply received, non-existent resp-sdp-id

Far End: Resp-SDP Non-Existent

8

Reply received, invalid resp-sdp-id

Far End: Resp-SDP Invalid

9

Reply received, resp-sdp-id down (admin or oper)

Far-end: Resp-SDP Down

10

Reply received, No Error

Success

11

Special Cases 
Single Response Connectivity Tests—
A single response sdp-ping test provides detailed test results. See Table 134.

Upon request time out, message response, request termination, or request error the following local and remote information is displayed. Local and remote information is dependent upon the SDP ID existence and reception of reply.

Table 134:  sdp-ping Test Results

Field

Description

Values

Request Result

The result of the sdp-ping request message.

Sent - Request Timeout

Sent - Request Terminated

Sent - Reply Received

Not Sent - Non-Existent Local SDP-ID

Not Sent - Local SDP-ID Down

Originating SDP-ID

The originating SDP-ID specified by orig-sdp.

orig-sdp-id

Originating SDP-ID Administrative State

The local administrative state of the originating SDP-ID. If the SDP-ID has been shut down, Admin-Down is displayed. If the originating SDP-ID is in the no shutdown state, Admin-Up is displayed. If the orig-sdp-id does not exist, Non-Existent is displayed.

Admin-Up

Admin-Down

Non-Existent

Originating SDP-ID Operating State

The local operational state of the originating SDP-ID. If orig-sdp-id does not exist, N/A is displayed.

Oper-Up

Oper-Down

Originating SDP-ID Path MTU

The local path-mtu for orig-sdp-id. If orig-sdp-id does not exist locally, N/A is displayed.

orig-path-mtu

Responding SDP-ID

The SDP-ID requested as the far-end path to respond to the sdp-ping request. If resp-sdp is not specified, the responding router does not use an SDP-ID as the return path and N/A is displayed.

resp-sdp-id

Responding SDP-ID Path Used

Displays whether the responding router used the responding sdp-id to respond to the sdp-ping request. If resp-sdp-id is a valid, operational SDP-ID, it must be used for the SDP echo reply message. If the far-end uses the responding sdp-id as the return path, Yes is displayed. If the far-end does not use the responding sdp-id as the return path, No is displayed. If resp-sdp is not specified, N/A is displayed.

Yes

No

Responding SDP-ID Administrative State

The administrative state of the responding sdp-id. When resp-sdp-id is administratively down, Admin-Down is displayed. When resp-sdp-id is administratively up, Admin-Up is displayed. When resp-sdp-id exists on the far-end router but is not valid for the originating router, Invalid is displayed. When resp-sdp-id does not exist on the far-end router, Non-Existent is displayed. When resp-sdp is not specified, N/A is displayed.

Admin-Down

Admin-Up

Invalid

Non-Existent

Responding SDP-ID Operational State

The operational state of the far-end sdp-id associated with the return path for service-id. When a return path is operationally down, Oper-Down is displayed. If the return sdp-id is operationally up, Oper-Up is displayed. If the responding sdp-id is non-existent, N/A is displayed.

Oper-Up

Oper-Down

Responding SDP-ID Path MTU

The remote path-mtu for resp-sdp-id. If resp-sdp-id does not exist remotely, N/A is displayed

resp-path-mtu

Local Service IP Address

The local system IP address used to terminate remotely configured sdp-ids (as the sdp-id far-end address). If an IP address has not been configured to be the system IP address, N/A is displayed.

system-ip-addr

Local Service IP Interface Name

The name of the local system IP interface. If the local system IP interface has not been created, N/A is displayed.

system-interface-name

Local Service IP Interface State

The state of the local system IP interface. If the local system IP interface has not been created, Non-Existent is displayed.

Up

Down

Non-Existent

Expected Far End Address

The expected IP address for the remote system IP interface. This must be the far-end address configured for the orig-sdp-id.

orig-sdp-far-end-addr

dest-ip-addr

Actual Far End Address

The returned remote IP address. If a response is not received, the displayed value is N/A. If the far-end service IP interface is down or non-existent, a message reply is not expected.

resp-ip-addr

Responders Expected Far End Address

The expected source of the originators sdp-id from the perspective of the remote router terminating the sdp-id. If the far-end cannot detect the expected source of the ingress sdp-id, N/A is displayed.

resp-rec-tunnel-far-end-addr

Round Trip Time

The round trip time between SDP echo request and the SDP echo reply. If the request is not sent, times out or is terminated, N/A is displayed.

delta-request-reply

Parameters 
orig-sdp-id—
Specifies the SDP ID to be used by sdp-ping, expressed as a decimal integer. The far-end address of the specified SDP-ID is the expected responder-id within each reply received. The specified SDP-ID defines the encapsulation of the SDP tunnel encapsulation used to reach the far end. This can be IP/GRE or MPLS. If orig-sdp-id is invalid or administratively down or unavailable for some reason, the SDP Echo Request message is not sent and an appropriate error message is displayed (once the interval timer expires, sdp-ping attempts to send the next request if required).
Values—
1 to 32767

 

resp-sdp-id—
Specifies the return SDP-ID to be used by the far-end router for the message reply for round trip SDP connectivity testing. If resp-sdp-id does not exist on the far-end router, terminates on another router different than the originating router, or another issue prevents the far-end router from using resp-sdp-id, the SDP echo reply is sent using generic IP/GRE OAM encapsulation. The received forwarding class (as mapped on the ingress network interface for the far end) defines the forwarding class encapsulation for the reply message.
Values—
1 to 32767

 

Default—
null. Use the non-SDP return path for message reply.
fc-name —
Specifies the parameter to be used to indicate the forwarding class of the SDP encapsulation. The actual forwarding class encoding is controlled by the network egress DSCP or LSP-EXP mappings.

The DSCP or LSP-EXP mappings on the receive network interface controls the mapping back to the internal forwarding class used by the far-end router that receives the message request. The egress mappings of the egress network interface on the far-end router controls the forwarding class markings on the return reply message.

The DSCP or LSP-EXP mappings on the receive network interface controls the mapping of the message reply at the originating router. This is displayed in the response message output upon receipt of the message reply.

Values—
be, l2, af, l1, h2, ef, h1, nc

 

Default—
be
profile {in |out}—
Specifies the profile state of the SDP encapsulation.
Default—
out
octets—
Specifies the size parameter in octets. This parameter is used to override the default message size for the sdp-ping request. Changing the message size is a method of checking the ability of an SDP to support a path-mtu. The size of the message does not include the SDP encapsulation, VC-Label (if applied) or any DLC headers or trailers.

When the OAM message request is encapsulated in an IP/GRE SDP, the IP ‘DF’ (Do Not Fragment) bit is set. If any segment of the path between the sender and receiver cannot handle the message size, the message is discarded. MPLS LSPs are not expected to fragment the message either, as the message contained in the LSP is not an IP packet.

Values—
72 to 9786

 

Default—
72
send-count—
Specifies the number of messages to send. The count parameter is used to override the default number of message requests sent. Each message request must either time out or receive a reply before the next message request is sent. The message interval value must have expired before the next message request is sent.
Values—
1 to 100

 

Default—
1
timeout—
Specifies the time, in seconds, used to override the default timeout value and is the amount of time that the router waits for a message reply after sending the last probe for a specific test. Upon the expiration of time out, the test is marked complete and no more packets is processed for any of those request probes.
Values—
1 to 10

 

Default—
5
interval—
Specifies the time, in seconds, used to override the default request message send interval and defines the minimum amount of time that must expire before the next message request is sent.
Values—
1 to 10

 

Default—
1
Output 

Single Response Round Trip Connectivity Test Sample Output
A:router1> sdp-ping 10 resp-sdp 22 fc ef
Request Result: Sent - Reply Received
RTT:30ms
 
Err  SDP-ID Info            Local     Remote
__   SDP-ID:                10        22
__   Administrative State:  Up        Up
__   Operative State:       Up        Up
__   Path MTU               4470      4470
__   Response SDP Used:               Yes
 
Err  System IP Interface Info
Local Interface Name: "ESR-System-IP-Interface (Up to 32 chars)…"
__   Local IP Interface State:          Up
__   Local IP Address:                  10.10.10.11
__   IP Address Expected By Remote:     10.10.10.11
__   Expected Remote IP Address:        10.10.10.10
__   Actual Remote IP Address:          10.10.10.10
 
Err   FC Mapping Info      Local        Remote
__    Forwarding Class     Assured      Assured
__    Profile              In           In

Multiple Response Connectivity Tests — When the connectivity test count is greater than one (1), a single line is displayed per SDP echo request send attempt.

The request number is a sequential number starting with 1 and ending with the last request sent, incrementing by one (1) for each request. This should not be confused with the message-id contained in each request and reply message.

A response message indicates the result of the message request. Following the response message is the round trip time value. If any reply is received, the round trip time is displayed.

After the last reply has been received or response timed out, a total is displayed for all messages sent and all replies received. A maximum, minimum and average round trip time is also displayed. Error response and timed out requests do not apply towards the average round trip time.

Multiple Response Round Trip Connectivity Test Sample Output
A:router1> sdp-ping 6 resp-sdp 101size 1514 count 5
Request        Response       RTT
----------     ----------     -------
     1         Success        10ms
     2         Success        15ms
     3         Success        10ms
     4         Success        20ms
     5         Success        5ms
Sent:    5    Received:    5
Min: 5ms       Max: 20ms      Avg: 12ms

23.80. seamless-bfd

seamless-bfd

Syntax 
seamless-bfd
Context 
[Tree] (config>bfd seamless-bfd)
Full Contexts 
configure bfd seamless-bfd
Description 

This command specifies the context for the configuration of a seamless BFD reflector.

seamless-bfd

Syntax 
seamless-bfd
Context 
[Tree] (config>router>bfd seamless-bfd)
Full Contexts 
configure router bfd seamless-bfd
Description 

This command specifies the context for the configuration of seamless BFD initiator parameters that are global to this router.

The no form of this command removes the context.

23.81. search

search

Syntax 
search base-dn
no search
Context 
[Tree] (config>system>security>ldap>server search)
Full Contexts 
configure system security ldap server search
Description 

This command configures the LDAP search command. The search base-dn tells the server which part of the external directory tree to search. The search DN uses the same LDAP attribute as root-dn. For example, to search a public-key for an SSH generated for a Nokia vendor, one might use “dc=public-key,dc=nokia,dc=com”.

The no version of this command removes the search DN; as such, no search is possible on the LDAP server.

Parameters 
base-dn—
Specifies the base domain name used in the search, up to 512 characters.

23.82. secondary

secondary

Syntax 
secondary
Context 
[Tree] (config>aaa>radius-scr-plcy secondary)
Full Contexts 
configure aaa radius-script-policy secondary
Description 

This command enables the context to configure a secondary script.

secondary

Syntax 
secondary
Context 
[Tree] (config>subscr-mgmt>sub-ident-pol secondary)
Full Contexts 
configure subscriber-mgmt sub-ident-policy secondary
Description 

This command enables the context to configure secondary identification script parameters.

secondary

Syntax 
secondary ip-address[/mask] [netmask] [broadcast {all-ones|host-ones}] [igp-inhibit] [track-srrp srrp-instance]
no secondary ip-address[/mask]
Context 
[Tree] (config>service>ies>if secondary)
Full Contexts 
configure service ies interface secondary
Description 

This command assigns a secondary IP address or IP subnet/broadcast address format to the interface.

The no form of this command reverts to the default.

Parameters 
ip-address—
The IP address of the IP interface. The ip-address portion of the address command specifies the IP host address that is used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted decimal notation. Allowed values are IP addresses in the range 1.0.0.0 – 223.255.255.255 (with support of /31 subnets).
mask—
The subnet mask in dotted decimal notation. When the IP prefix is not specified in CIDR notation, a space separates the ip-address from a traditional dotted decimal mask. The mask parameter indicates the complete mask that is used in a logical and function to derive the local subnet of the IP address. Allowed values are dotted decimal addresses in the range 128.0.0.0 – 255.255.255.252.
Note:

A mask of 255.255.255.255 is reserved for system IP addresses.

netmask—
Specifies a string of 0s and 1s that mask or screen out the network part of an IP address so that only the host computer part of the address remains.
broadcast—
Overrides the default broadcast address used by the IP interface when sourcing IP broadcasts on the IP interface. If no broadcast format is specified for the IP address, the default value is host-ones which indicates a subnet broadcast address. Use this parameter to change the broadcast address to all-ones or revert back to a broadcast address of host-ones.

The broadcast format on an IP interface can be specified when the IP address is assigned or changed.

This parameter does not affect the type of broadcasts that can be received by the IP interface. A host sending either the local broadcast (all-ones) or the valid subnet broadcast address (host-ones) is received by the IP interface. (Default: host-ones)

all-ones—
Specifies the broadcast address used by the IP interface for this IP address is 255.255.255.255, also known as the local broadcast.
host-ones—
Specifies that the broadcast address used by the IP interface for this IP address is the subnet broadcast address. This is an IP address that corresponds to the local subnet described by the ip-address and the mask-length or mask with all the host bits set to binary one. This is the default broadcast address used by an IP interface. The broadcast parameter within the address command does not have a negate feature, which is usually used to revert a parameter to the default value. To change the broadcast type to host-ones after being changed to all-ones, the address command must be executed with the broadcast parameter defined.
igp-inhibit—
Signals that the given secondary IP interface should not be recognized as a local interface by the running IGP. For OSPF and IS-IS, this means that the specified secondary IP interfaces are not injected and used as passive interfaces and are not advertised as internal IP interfaces into the IGP’s link state database. For RIP, this means that these secondary IP interfaces do not source RIP updates.
track-srrp srrp-instance
Specifies the SRRP instance ID that this interface route needs to track.
Values—
1 to 4294967295

 

secondary

Syntax 
secondary ip-address[/mask] [netmask] [broadcast {all-ones |host-ones}] [igp-inhibit] [track-srrp srrp-instance]
no secondary ip-address[/mask]
Context 
[Tree] (config>service>vprn>if secondary)
[Tree] (config>service>vprn>nw-if secondary)
Full Contexts 
configure service vprn interface secondary
configure service vprn network-interface secondary
Description 

This command assigns a secondary IP address to the interface. Up to 16 total primary and secondary IPv4 and IPv6 addresses can be assigned to network interfaces, and up to 256 to access interfaces. Each address can be configured in an IP address, IP subnet or broadcast address format.

Caution:

Configurations must not exceed 16 secondary IP addresses when IPsec, GRE, L2TPv3, or IP in IP protocols are active on an access interface.

Parameters 
ip-address—
The IP address of the IP interface. The ip-address portion of the address command specifies the IP host address that will be used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted decimal notation. Allowed values are IP addresses in the range 1.0.0.0 – 223.255.255.255 (with support of /31 subnets).
mask—
The subnet mask in dotted decimal notation. When the IP prefix is not specified in CIDR notation, a space separates the ip-address from a traditional dotted decimal mask. The mask parameter indicates the complete mask that will be used in a logical ‘AND’ function to derive the local subnet of the IP address. Allowed values are dotted decimal addresses in the range 128.0.0.0 – 255.255.255.252. A mask of 255.255.255.255 is reserved for system IP addresses.
netmask—
Specifies a string of 0s and 1s that mask or screen out the network part of an IP address so that only the host computer part of the address remains.
broadcast—
The optional broadcast parameter overrides the default broadcast address used by the IP interface when sourcing IP broadcasts on the IP interface. If no broadcast format is specified for the IP address, the default value is host-ones which indicates a subnet broadcast address. Use this parameter to change the broadcast address to all-ones or revert back to a broadcast address of host-ones.

The broadcast format on an IP interface can be specified when the IP address is assigned or changed. This parameter does not affect the type of broadcasts that can be received by the IP interface. A host sending either the local broadcast (all-ones) or the valid subnet broadcast address (host-ones) will be received by the IP interface. (Default: host-ones)

all-ones—
The all-ones keyword following the broadcast parameter specifies the broadcast address used by the IP interface for this IP address will be 255.255.255.255, also known as the local broadcast.
host-ones—
The host-ones keyword following the broadcast parameter specifies that the broadcast address used by the IP interface for this IP address will be the subnet broadcast address. This is an IP address that corresponds to the local subnet described by the ip-address and the mask-length or mask with all the host bits set to binary one. This is the default used by an IP interface.

The broadcast parameter within the address command does not have a negate feature, which is usually used to revert a parameter to the default value. To change the broadcast type to host-ones after being changed to all-ones, the address command must be executed with the broadcast parameter defined.

igp-inhibit—
The optional igp-inhibit parameter signals that the given secondary IP interface should not be recognized as a local interface by the running IGP. For OSPF and IS-IS, this means that the specified secondary IP interfaces will not be injected and used as passive interfaces and will not be advertised as internal IP interfaces into the IGP’s link state database. For RIP, this means that these secondary IP interfaces will not source RIP updates.
track-srrp srrp-instance
Specifies the SRRP instance ID that this interface route needs to track.

secondary

Syntax 
[no] secondary path-name
Context 
[Tree] (config>router>mpls>lsp secondary)
Full Contexts 
configure router mpls lsp secondary
Description 

This command specifies an alternative path that the LSP uses if the primary path is not available. This command is optional and is not required if the config router mpls lsp lsp-name primary path-name command is specified. After the switch over from the primary to the secondary, the system continuously tries to revert to the primary path. The switch back to the primary path is based on the retry-timer interval.

For RSVP-TE LSPs, up to eight secondary paths can be specified (or seven if a primary is configured). For SR-TE LSPs, up to three paths of any type (with a maximum of one primary) can be configured. By default, a secondary path is non-standby unless the standby keyword is configured. All non-standby secondary paths are considered equal and the first available path is used.

The system does not switch among secondary paths. The system starts the signaling (RSVP-TE) or programming (SR-TE) of all non-standby secondary paths at the same time. Retry counters are maintained for each unsuccessful attempt. After the retry limit is reached on a path, the system does not attempt to signal the path and administratively shuts down the path. The first successfully established non-standby secondary path is made the active path for the LSP.

The no form of this command removes the association between this path-name and lsp-name. All specific configurations for this association are deleted. The secondary path must be shut down prior to deleting it. The no secondary path-name command does not result in any action except a warning message on the console indicating that the secondary path is administratively up.

Parameters 
path-name—
Specifies the case-sensitive alphanumeric name label for the LSP path, up to 64 characters.

secondary

Syntax 
secondary {ip-address/mask |ip-address netmask} [broadcast {all-ones |host-ones}] [igp-inhibit] [track-srrp srrp-instance]
no secondary {ip-address/mask |ip-address netmask}
Context 
[Tree] (config>router>if secondary)
Full Contexts 
configure router interface secondary
Description 

This command assigns additional IP addresses to the interface. Up to 16 total primary and secondary IPv4 and IPv6 addresses can be assigned to network interfaces, and up to 256 to access interfaces. Each address can be configured in an IP address, IP subnet, or broadcast address format.

Caution:

Configurations must not exceed 16 secondary IP addresses when IPsec, GRE, L2TPv3, or IP in IP protocols are active on an access interface.

Parameters 
ip-address—
Specifies the IP address of the IP interface. The ip-address portion of the address command specifies the IP host address that will be used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted decimal notation.
Values—
1.0.0.0 to 223.255.255.255

 

/—
The forward slash is a parameter delimiter that separates the ip-address portion of the IP address from the mask that defines the scope of the local subnet. No spaces are allowed between the ip-addr, the “/” and the mask-length parameter. If a forward slash does not immediately follow the ip-addr, a dotted decimal mask must follow the prefix.
mask—
Specifies the subnet mask length when the IP prefix is specified in CIDR notation. When the IP prefix is specified in CIDR notation, a forward slash (/) separates the ip-address from the mask parameter. The mask parameter indicates the number of bits used for the network portion of the IP address; the remainder of the IP address is used to determine the host portion of the IP address. Allowed values are integers in the range 1 to 32. A mask length of 32 is reserved for system IP addresses.
Values—
1 to 32

 

netmask—
Specifies the subnet mask in dotted decimal notation. When the IP prefix is not specified in CIDR notation, a space separates the ip-address from a traditional dotted decimal mask. The mask parameter indicates the complete mask that will be used in a logical ‘AND’ function to derive the local subnet of the IP address. A mask of 255.255.255.255 is reserved for system IP addresses.
Values—
128.0.0.0 to 255.255.255.255

 

broadcast—
The optional broadcast parameter overrides the default broadcast address used by the IP interface when sourcing IP broadcasts on the IP interface. If no broadcast format is specified for the IP address, the default value is host-ones, which indicates a subnet broadcast address. Use this parameter to change the broadcast address to all-ones or revert back to a broadcast address of host-ones.

The broadcast parameter within the address command does not have a negate feature, which is usually used to revert a parameter to the default value. To change the broadcast type to host-ones after being changed to all-ones, the address command must be executed with the broadcast parameter defined.

The broadcast format on an IP interface can be specified when the IP address is assigned or changed.

This parameter does not affect the type of broadcasts that can be received by the IP interface. A host sending either the local broadcast (all-ones) or the valid subnet broadcast address (host-ones) will be received by the IP interface.

all-ones—
The all-ones keyword following the broadcast parameter specifies that the broadcast address used by the IP interface for this IP address will be 255.255.255.255, also known as the local broadcast.
host-ones—
The host-ones keyword following the broadcast parameter specifies that the broadcast address used by the IP interface for this IP address will be the subnet broadcast address. This is an IP address that corresponds to the local subnet described by the ip-address and the mask with all the host bits set to binary 1. This is the default broadcast address used by an IP interface.
igp-inhibit—
The secondary IP address should not be recognized as a local interface by the running IGP.
srrp-instance—
Specifies the SRRP instance ID that this interface route needs to track.

23.83. secondary-config

secondary-config

Syntax 
secondary-config file-url
no secondary-config
Context 
[Tree] (bof secondary-config)
Full Contexts 
bof secondary-config
Description 

This command specifies the name and location of the secondary configuration file.

The system attempts to use the configuration as specified in secondary-config if the primary config cannot be located. If the secondary-config file cannot be located, the system attempts to obtain the configuration from the location specified in the tertiary-config.

Note that if an error in the configuration file is encountered, the boot process aborts.

The no form of this command removes the secondary-config configuration.

Parameters 
file-url—
Specifies the secondary configuration file location, expressed as a file URL.
Values—

file-url

[local-url | remote-url] (up to 180 characters)

local-url

[cflash-id/][file-path]

remote-url

[{ftp://|tftp://} login:pswd@remote-locn/][file-path]

cflash-id

cf1:, cf1-A:, cf1-B:, cf2:, cf2-A:, cf2-B:, cf3:, cf3-A:, cf3-B:

 

23.84. secondary-dns

secondary-dns

Syntax 
secondary-dns ip-address
no secondary-dns
Context 
[Tree] (config>service>vprn>sub-if>grp-if>wlan-gw>ranges>range>dhcp secondary-dns)
[Tree] (config>service>ies>sub-if>grp-if>wlan-gw>ranges>range>dhcp secondary-dns)
Full Contexts 
configure service ies subscriber-interface group-interface wlan-gw vlan-tag-ranges range dhcp secondary-dns
configure service vprn subscriber-interface group-interface wlan-gw vlan-tag-ranges range dhcp secondary-dns
Description 

This command configures the secondary DNS address to be returned via DHCP on WLAN-GW ISA.

The no form of this command reverts to the default.

Parameters 
ip-address—
Specifies the secondary DNS address.

secondary-dns

Syntax 
secondary-dns ip-address
no secondary-dns
Context 
[Tree] (config>service>vprn>dns secondary-dns)
Full Contexts 
configure service vprn dns secondary-dns
Description 

This command configures the secondary DNS server for DNS name resolution. The secondary DNS server is used only if the primary DNS server does not respond.

DNS name resolution can be used when executing ping, traceroute, and service-ping, and also when defining file URLs. DNS name resolution is not supported when DNS names are embedded in configuration files.

The no form of this command removes the secondary DNS server from the configuration.

Default 

no secondary-dns — No secondary DNS server is configured.

Parameters 
ip-address—
The IP or IPv6 address of the secondary DNS server.
Values—

ipv4-address -a.b.c.d

ipv6-address:

x:x:x:x:x:x:x:x[-interface]

x:x:x:x:x:x:d.d.d.d[-interface]

x: [0 to FFFF]H

d: [0 to 255]D

interface - 32 characters max, for link local addresses.

 

secondary-dns

Syntax 
secondary-dns ip-address
no secondary-dns [ip-address]
Context 
[Tree] (bof secondary-dns)
Full Contexts 
bof secondary-dns
Description 

This command configures the secondary DNS server for DNS name resolution. The secondary DNS server is used only if the primary DNS server does not respond.

DNS name resolution can be used when executing ping, traceroute, and service-ping, and also when defining file URLs. DNS name resolution is not supported when DNS names are embedded in configuration files.

The no form of this command removes the secondary DNS server from the configuration.

Default 

no secondary-dns

Parameters 
ip-address—
Specifies the IP or IPv6 address of the secondary DNS server.
Values—

ipv4-address

a.b.c.d

ipv6-address

x:x:x:x:x:x:x:x[-interface]

x:x:x:x:x:x:d.d.d.d[-interface]

x: [0 to FFFF]H

d: [0 to 255]D

interface

up to 32 characters for link local addresses

Note:

IPv6 is applicable to the 7750 SR and 7950 XRS only.

 

23.85. secondary-fast-retry-timer

secondary-fast-retry-timer

Syntax 
secondary-fast-retry-timer seconds
no secondary-fast-retry-timer
Context 
[Tree] (config>router>mpls secondary-fast-retry-timer)
Full Contexts 
configure router mpls secondary-fast-retry-timer
Description 

This command specifies the value used as the fast retry timer for a secondary path. If the first attempt to set up a secondary path fails due to a path error, the fast retry timer will be started for the secondary path so that the path can be retried sooner. If the next attempt also fails, further retries for the path will use the configured value for LSP retry timer.

If retry-timer for the LSP is configured to be less than the MPLS secondary-fast-retry-timer, all retries for the secondary path will use the LSP retry-timer.

The no form of this command reverts to the default.

Default 

no secondary-fast-retry-timer

Parameters 
seconds—
Specifies the value (in seconds), used as the fast retry timer for a secondary path
Values—
1 to 10

 

23.86. secondary-image

secondary-image

Syntax 
secondary-image file-url
no secondary-image
Context 
[Tree] (bof secondary-image)
Full Contexts 
bof secondary-image
Description 

This command specifies the secondary directory location for runtime image file loading.

The system attempts to load all runtime image files configured in the primary-image first. If this fails, the system attempts to load the runtime images from the location configured in the secondary-image. If the secondary image load fails, the tertiary image specified in tertiary-image is used.

All runtime image files (*.tim files) must be located in the same directory.

The no form of this command removes the secondary-image configuration.

Parameters 
file-url—
Specifies the file URL; can be either local (this CPM) or a remote FTP server.
Values—

file-url

{local-url | remote-url} (up to 180 characters)

local-url

[cflash-id/][file-path]

remote-url

[{ftp://|tftp://} login:pswd@remote-locn/][file-path]

cflash-id

cf1:, cf1-A:, cf1-B:, cf2:, cf2-A:, cf2-B:, cf3:, cf3-A:, cf3-B:

 

23.87. secondary-ip-address

secondary-ip-address

Syntax 
secondary-ip-address ipv4-address
no secondary-ip-address
Context 
[Tree] (config>router>bgp>orr>location secondary-ip-address)
Full Contexts 
configure router bgp optimal-route-reflection location secondary-ip-address
Description 

This command specifies the secondary IP address of a reference location used for BGP optimal route reflection. Up to three IPv4 addresses and three IPv6 addresses can be specified per location.

If the TE DB is unable to find a node in its topology database that matches the primary address, then the TE DB tries to find a node with the matching secondary address. If this attempt also fails, the TE DB then tries to find a node with the matching tertiary address.

The IP addresses specified for a location should be topologically “close” to a set of clients that should all receive the same optimal path for that location.

The no form of this command removes the secondary IP address information.

Default 

no secondary-ip-address

Parameters 
ipv4-address—
Specifies the secondary IPv4 address of a location, expressed in dotted decimal notation.
Values—
a.b.c.d

 

23.88. secondary-ipv6-address

secondary-ipv6-address

Syntax 
secondary-ipv6-address ipv6-address
no secondary-ipv6-address
Context 
[Tree] (config>router>bgp>orr>location secondary-ipv6-address)
Full Contexts 
configure router bgp optimal-route-reflection location secondary-ipv6-address
Description 

This command specifies the secondary IPv6 address of a reference location used for BGP optimal route reflection. Up to three IPv4 addresses and three IPv6 addresses can be specified per location.

If the TE DB is unable find a node in its topology database that matches a primary address of the location, then it tries to find a node matching a secondary address. If this attempt also fails, the TE DB tries to find a node matching a tertiary address.

The IP addresses specified for a location should be topologically “close” to a set of clients that should all receive the same optimal path for that location.

The no form of this command removes the secondary IPv6 address information.

Default 

no secondary-ipv6-address

Parameters 
ipv6-address—
Specifies the secondary IPv6 address of a location.
Values—
ipv6-address:
  1. x:x:x:x:x:x:x:x (eight 16-bit pieces)
  2. x:x:x:x:x:x:d.d.d.d
  3. x: [0 to FFFF]H
  4. d: [0 to 255]D

 

23.89. secondary-location

secondary-location

Syntax 
secondary-location file-url
no secondary-location
Context 
[Tree] (config>system>software-repository secondary-location)
Full Contexts 
configure system software-repository secondary-location
Description 

This command configures the secondary location for the files in the software repository. See the software-repository command description for more information.

The no form of the command removes the secondary location.

Parameters 
file-url—
Specifies the secondary location to be used to access the files in the software repository.
Values—

file url

local-url | remote-url

local-url

[cflash-id/][file-path]

200 chars maximum, including cflash-id directory length 99 characters maximum each

remote-url

[{ftp://} login:pswd@remote-locn/][file-path]

243 characters maximum

directory length 99 characters maximum each

remote-locn

[hostname | ipv4-address | [ipv6- address]]

ipv4-address

a.b.c.d

ipv6-address

x:x:x:x:x:x:x:x[-interface]

x:x:x:x:x:x:d.d.d.d[-interface]

x - [0 to FFFF]H

d - [0 to 255]D

interface - 32 characters max, for link local addresses

cflash-id

cf1:, cf1-A:, cf1-B:, cf2:, cf2-A:, cf2-B:, cf3:, cf3-A:, cf3-B:

 

23.90. secondary-nbns

secondary-nbns

Syntax 
secondary-nbns ip-address
no secondary-nbns
Context 
[Tree] (config>service>vprn>sub-if>grp-if>wlan-gw>ranges>range>dhcp secondary-nbns)
[Tree] (config>service>ies>sub-if>grp-if>wlan-gw>ranges>range>dhcp secondary-nbns)
Full Contexts 
configure service ies subscriber-interface group-interface wlan-gw vlan-tag-ranges range dhcp secondary-nbns
configure service vprn subscriber-interface group-interface wlan-gw vlan-tag-ranges range dhcp secondary-nbns
Description 

This command configures the secondary NBNS address to be returned via DHCP on WLAN-GW ISA.

The no form of this command reverts to the default.

Parameters 
ip-address—
Specifies the secondary NBNS address.

23.91. secondary-path

secondary-path

Syntax 
secondary-path
Context 
[Tree] (config>mcast-mgmt>bw-plcy>t2-paths secondary-path)
Full Contexts 
configure mcast-management bandwidth-policy t2-paths secondary-path
Description 

This command enables the context to configure secondary path queue parameters. This command overrides the default path limit for the secondary path, which is one of the three ingress multicast paths into the switch fabric.

23.92. secondary-ports

secondary-ports

Syntax 
secondary-ports
Context 
[Tree] (config>service>vpls>mac-move secondary-ports)
[Tree] (config>service>template>vpls-template>mac-move secondary-ports)
Full Contexts 
configure service template vpls-template mac-move secondary-ports
configure service vpls mac-move secondary-ports
Description 

This command opens configuration context for defining secondary vpls-ports. VPLS ports that were declared as primary prior to the execution of this command will be moved from primary port-level to secondary port-level. Changing a port to the tertiary level can only be done by first removing it from the primary port-level.

23.93. secondary-retry-limit

secondary-retry-limit

Syntax 
secondary-retry-limit {number |infinite}
no secondary-retry-limit
Context 
[Tree] (config>router>mpls>lsp>auto-bandwidth>use-last-adj-bw secondary-retry-limit)
Full Contexts 
configure router mpls lsp auto-bandwidth use-last-adj-bw secondary-retry-limit
Description 

This command configures the maximum number of retry attempts for secondary paths. After each successful attempt, the counter is reset to zero.

When the specified number is reached, no more attempts are made and the path is put into the shutdown state.

A value of 0 or infinite means that the system will retry forever.

The no form of this command reverts to the default.

Default 

no secondary-retry-limit

Parameters 
number—
Specifies the number of retries.
Values—
0 to 10000

 

Default—
5
infinite
Specifies a retry limit of infinity.

23.94. secondary-shaper

secondary-shaper

Syntax 
secondary-shaper secondary-shaper-name
no secondary-shaper
Context 
[Tree] (config>port>ethernet>access>egress>queue-group>hsmda-queue-override secondary-shaper)
Full Contexts 
configure port ethernet access egress queue-group hsmda-queue-override secondary-shaper
Description 

This command configures the HSMDA egress secondary shaper.

Parameters 
secondary-shaper-name
Specifies the HSMDA secondary shaper name, up to 32 characters.

secondary-shaper

Syntax 
secondary-shaper secondary-shaper-name
no secondary-shaper
Context 
[Tree] (config>service>epipe>sap>egress>hsmda-queue-over secondary-shaper)
[Tree] (config>service>ipipe>sap>egress>hsmda-queue-over secondary-shaper)
Full Contexts 
configure service epipe sap egress hsmda-queue-override secondary-shaper
configure service ipipe sap egress hsmda-queue-override secondary-shaper
Description 

This command configures an HSMDA egress secondary shaper.

Parameters 
secondary-shaper-name—
Specifies a secondary shaper name up to 32 characters in length.

secondary-shaper

Syntax 
secondary-shaper secondary-shaper-name
no secondary-shaper
Context 
[Tree] (config>service>vpls>sap>egress>hsmda-queue-over secondary-shaper)
Full Contexts 
configure service vpls sap egress hsmda-queue-override secondary-shaper
Description 

This command configures an HSMDA secondary shaper. A shaper override can only be configured on an HSMDA SAP.

Parameters 
secondary-shaper-name—
Specifies a secondary shaper name up to 32 characters in length

secondary-shaper

Syntax 
secondary-shaper secondary-shaper-name
no secondary-shaper
Context 
[Tree] (config>service>ies>if>sap>egress>hsmda-queue-override secondary-shaper)
Full Contexts 
configure service ies interface sap egress hsmda-queue-override secondary-shaper
Description 

This command configures an HSMDA egress secondary shaper.

Parameters 
secondary-shaper-name—
Specifies a secondary shaper name up to 32 characters in length.

secondary-shaper

Syntax 
secondary-shaper secondary-shaper-name
no secondary-shaper
Context 
[Tree] (config>service>vprn>if>sap>egress>hsmda-queue-override secondary-shaper)
Full Contexts 
configure service vprn interface sap egress hsmda-queue-override secondary-shaper
Description 

This command configures an HSMDA secondary shaper. A shaper override can only be configured on an HSMDA SAP.

Parameters 
secondary-shaper-name—
Specifies a secondary shaper name up to 32 characters in length.

23.95. secondary-shaper-hashing

secondary-shaper-hashing

Syntax 
[no] secondary-shaper-hashing
Context 
[Tree] (config>subscr-mgmt>sub-prof secondary-shaper-hashing)
Full Contexts 
configure subscriber-mgmt sub-profile secondary-shaper-hashing
Description 

This command enables LAG secondary shaper ID hashing (the equivalent of Vport hashing) for the HSMDA. With this feature enabled, secondary shaper ID hashing can span multiple forwarding complexes on egress LAG. The default is to perform secondary shaper ID hashing on egress and requires all active LAG members to be on the same forwarding complex.

The no form of this command enables the default behavior.

23.96. secondary-url

secondary-url

Syntax 
secondary-url url
no secondary-url
Context 
[Tree] (config>python>py-script secondary-url)
Full Contexts 
configure python python-script secondary-url
Description 

This command specifies the location of secondary Python script. The system supports three locations for each Python-script. Users can store scripts file on either a local CF card or a FTP server.

The no form of this command removes the URL.

Parameters 
url—
Specifies the secondary URL of the Python script, up to 180 characters, either a local CF card URL or a FTP server URL.

23.97. secret

secret

Syntax 
secret secret [hash |hash2 |custom]
no secret
Context 
[Tree] (config>router>wpp>portals>portal secret)
[Tree] (config>service>vprn>wpp>portals>portal secret)
Full Contexts 
configure router wpp portals portal secret
configure service vprn wpp portals portal secret
Description 

This command configures the secret that is used by WPPv2 to authenticate the messages between portal and BRAS.

The no form of this command removes the secret and hash from the configuration.

Parameters 
secret
Specifies the secret key to access the server, up to 64 characters.
hash—
Specifies the key is entered in an encrypted form. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
hash2—
Specifies the key is entered in a more complex encrypted form that involves more variables than the key value alone, meaning that the hash2 encrypted variable cannot be copied and pasted. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
custom—
Specifies the custom encryption to management interface.

secret

Syntax 
secret secret [hash |hash2 |custom]
no secret
Context 
[Tree] (config>router>radius-proxy>server secret)
[Tree] (config>service>vprn>radius-proxy>server secret)
Full Contexts 
configure router radius-proxy server secret
configure service vprn radius-proxy server secret
Description 

This command configures the shared secret key. The RADIUS client must have the same key to communicate with the RADIUS-proxy server.

The no form of this command removes the parameters from the configuration.

Parameters 
secret key
Specifies the secret key up to 64 characters to access the RADIUS server. This secret key must match the password on the RADIUS server.
Values—
hash-key: Up to 33 characters
hash2-key: Up to 55 characters.

 

hash—
Specifies that the key is entered in an encrypted form. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
hash2—
Specifies that the key is entered in a more complex encrypted form that involves more variables than the key value alone, meaning that the hash2 encrypted variable cannot be copied and pasted. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
custom—
Specifies the custom encryption to management interface.

secret

Syntax 
secret secret-key |hash-key [hash |hash2 |custom]
no secret
Context 
[Tree] (config>aaa>isa-radius-plcy>servers>server secret)
Full Contexts 
configure aaa isa-radius-policy servers server secret
Description 

This command configures the secret key to access the RADIUS server. This secret key must match the password on the RADIUS server.

Default 

no secret

Parameters 
hash—
Specifies the key is entered in an encrypted form. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
hash2—
Specifies the key is entered in a more complex encrypted form that involves more variables than the key value alone, meaning that the hash2 encrypted variable cannot be copied and pasted. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
custom—
Specifies the custom encryption to management interface.

23.98. section-trace

section-trace

Syntax 
section-trace {increment-z0 |byte value |string string}
Context 
[Tree] (config>port>sonet-sdh section-trace)
Full Contexts 
configure port sonet-sdh section-trace
Description 

This command configures the section trace bytes in the SONET section header to inter-operate with some older versions of ADMs or regenerators that require an incrementing STM ID. You can explicitly configure an incrementing STM value rather than a static one in the SDH overhead by specifying the z0-increment.

This command is supported on TDM satellite.

Default 

section-trace byte 0x1

Parameters 
increment-z0—
Configures an incrementing STM ID instead of a static value.
value—
Sets values in SONET header bytes.
Default—
0x1
Values—
0 to 255 or 0x00 to 0xFF

 

string—
Specifies a text string that identifies the section. The string can be a maximum of 16 characters.

23.99. secure-nd

secure-nd

Syntax 
[no] secure-nd
Context 
[Tree] (config>service>ies>if>ipv6 secure-nd)
Full Contexts 
configure service ies interface ipv6 secure-nd
Description 

This command enables Secure Neighbor Discovery (SeND) on the IPv6 interface.

The no form of this command reverts to the default and disabled SeND.

secure-nd

Syntax 
[no] secure-nd
Context 
[Tree] (config>service>vprn>if>ipv6 secure-nd)
Full Contexts 
configure service vprn interface ipv6 secure-nd
Description 

This command enables Secure Neighbor Discovery (SeND) on the IPv6 interface.

The no form of this command reverts to the default and disabled SeND.

secure-nd

Syntax 
[no] secure-nd
Context 
[Tree] (config>router>if>ipv6 secure-nd)
Full Contexts 
configure router interface ipv6 secure-nd
Description 

This command enables Secure Neighbor Discovery (SeND) on the IPv6 interface.

The no form of this command reverts to the default and disabled SeND.

23.100. secure-nd-export

secure-nd-export

Syntax 
secure-nd-export
Context 
[Tree] (admin>certificate secure-nd-export)
Full Contexts 
admin certificate secure-nd-export
Description 

This command exports IPv6 Secure Neighbor Discovery (SeND) certificates to the file cf[1..3]:\system-pki\secureNdKey in PKCS #7 DER format.

23.101. secure-nd-import

secure-nd-import

Syntax 
secure-nd-import input url-string format input-format [password password] [key-rollover]
Context 
[Tree] (admin>certificate secure-nd-import)
Full Contexts 
admin certificate secure-nd-import
Description 

This command imports IPv6 Secure Neighbor Discovery (SeND) certificates from a file, and saves them to cf[1..3]:\system-pki\secureNdKey in PKCS #7 DER format.

Parameters 
url-string
Specifies the name of an input file up to 99 characters.
Values—

local-url

<cflash-id>\<file-path>

cflash-id

cf1:|cf2:|cf3:

 

input-format —
Specifies the input file format.
Values—
pkcs12, pem, or der

 

password —
Specifies the password to decrypt the input file if it is an encrypted PKCS#12 file.
Values—
32 characters maximum

 

23.102. security

security

Syntax 
security
Context 
[Tree] (config>system security)
Full Contexts 
configure system security
Description 

This command enables the context to configure security settings.

Security commands manage user profiles and user membership. Security commands also manage user login registrations.

23.103. security-association

security-association

Syntax 
security-association security-entry-id authentication-key hex-string encryption-key hex-string spi spi transform transform-id direction direction
no security-association security-entry-id direction direction
Context 
[Tree] (config>service>ies>if>ipsec>ipsec-tunnel>manual-keying security-association)
[Tree] (config>service>vprn>if>ipsec>ipsec-tunnel>manual-keying security-association)
[Tree] (config>service>vprn>if>sap>ipsec-tunnel>manual-keying security-association)
[Tree] (config>router>if>ipsec>ipsec-tunnel>manual-keying security-association)
Full Contexts 
configure router interface ipsec ipsec-tunnel manual-keying security-association
configure service ies interface ipsec ipsec-tunnel manual-keying security-association
configure service vprn interface ipsec ipsec-tunnel manual-keying security-association
configure service vprn interface sap ipsec-tunnel manual-keying security-association
Description 

This command configures the information required for manual keying SA creation.

The no form of this command removes the security-association parameters from the configuration.

Parameters 
security-entry-id—
Specifies the ID of an SA entry.
Values—
1 to 16

 

authentication-key hex-string
Specifies an authentication key.
Values—
none or 0x0 to 0xFFFFFFFF...(max 128 hex nibbles)

 

encryption-key hex-string
Specifies the key used for the encryption algorithm.
Values—
none or 0x0 to 0xFFFFFFFF...(max 64 hex nibbles)

 

spi spi
Specifies the Security Parameter Index (SPI) used to look up the instruction to verify and decrypt the incoming IPsec packets when the direction is inbound. When the direction is outbound, the SPI that will be used in the encoding of the outgoing packets. The remote node can use this SPI to lookup the instruction to verify and decrypt the packet.
Values—
256 to 16383

 

transform transform-id
Specifies the transform entry that will be used by this SA entry. This object should be specified for all the entries created which are manual SAs. If the value is dynamic, then this value is irrelevant and will be zero.
Values—
1 to 2048

 

direction
Specifies the direction of an IPsec tunnel.

security-association

Syntax 
security-association spi spi authentication-key authentication-key encryption-key encryption-key [crypto]
no security-association spi spi
Context 
[Tree] (config>grp-encryp>encryp-keygrp security-association)
Full Contexts 
configure group-encryption encryption-keygroup security-association
Description 

This command is used to create a security association for a specific SPI value in a key group. The command is also used to enter the authentication and encryption key values for the security association, or to delete a security association.

The SPI value used for the security association is a node-wide unique value, meaning that no two security associations in any key group on the node may share the same SPI value.

Keys are entered in clear text. After configuration, they are never displayed in their original, clear text form. Keys are displayed in an encrypted form, which is indicated by the system-appended crypto keyword when an info or an admin>save command is run. For security reasons, keys encrypted on one node are not usable on other nodes (that is, keys are not exchangeable between nodes).

The no form of the command removes the security association and related key values from the list of security associations for the key group. If the no form of the command is attempted using the same SPI value that is configured for active-outbound-sa, then a warning is issued and the command is blocked. If the no form of the command is attempted on the last SPI in the key group and the key group is configured on a service, then the command is blocked.

Parameters 
spi—
Specifies the SPI ID of the SPI being referenced for the security association.
Values—
1 to 127

 

authentication-key—
Specifies the authentication key for the SPI, in hexadecimal format. The number of characters in the hexadecimal string must be 64 or 128, depending on whether the authentication algorithm is set to sha256 or sha512, respectively.
encryption-key—
Specifies the encryption key for the SPI, in hexadecimal format. The number of characters in the hexadecimal string must be 32 or 64, depending on whether the encryption algorithm is set to aes128 or aes256, respectively.
crypto—
Displays the keys showing on the CLI info display in an encrypted form.

23.104. security-param-index

security-param-index

Syntax 
security-param-index security-parameter-index
no security-param-index
Context 
[Tree] (config>test-oam>build-packet>header>ipsec-auth security-param-index)
[Tree] (debug>oam>build-packet>packet>field-override>header>ipsec-auth security-param-index)
Full Contexts 
configure test-oam build-packet header ipsec-auth security-param-index
debug oam build-packet packet field-override header ipsec-auth security-param-index
Description 

This command defines the security index to be used in the IPsec header. This same context can be used for IPv4 and IPv6 packets.

The no form of this command removes the security parameter index value.

Default 

security-param-index 1

Parameters 
security-parameter-index—
Specifies the IPsec security parameter index to be used in the IPsec header.
Values—
1 to 4294967295

 

23.105. security-parameter

security-parameter

Syntax 
security-parameter sec
no security-parameter
Context 
[Tree] (config>service>ies>if>ipv6>secure-nd security-parameter)
Full Contexts 
configure service ies interface ipv6 secure-nd security-parameter
Description 

This command configures the security parameter used in the generation of a Cryptographically Generated Address (CGA).

Parameters 
sec—
Specifies the security parameter.
Values—
0 to 1

 

security-parameter

Syntax 
security-parameter sec
[no] security-parameter
Context 
[Tree] (config>service>vprn>if>secure-nd security-parameter)
Full Contexts 
configure service vprn interface secure-nd security-parameter
Description 

This command configures the security parameter used in the generation of a Cryptographically Generated Address (CGA).

Parameters 
sec—
Specifies the security parameter.
Values—
0 to 1

 

security-parameter

Syntax 
security-parameter sec
no security-parameter
Context 
[Tree] (config>router>if>ipv6>secure-nd security-parameter)
Full Contexts 
configure router interface ipv6 secure-nd security-parameter
Description 

This command configures the security parameter used in the generation of a Cryptographically Generated Address (CGA).

Parameters 
sec—
Specifies the security parameter.
Values—
0 to 1

 

23.106. security-policy

security-policy

Syntax 
security-policy security-policy-id [create]
no security-policy security-policy-id
Context 
[Tree] (config>router>ipsec security-policy)
[Tree] (config>service>vprn>ipsec security-policy)
Full Contexts 
configure router ipsec security-policy
configure service vprn ipsec security-policy
Description 

This command configures a security policy to use for an IPsec tunnel.

The no form of this command removes the security policy ID from the configuration.

Parameters 
security-policy-id—
specifies a value to be assigned to a security policy.
Values—
1 to 32768

 

create—
Keyword used to create the security policy instance. The create keyword requirement can be enabled or disabled in the environment>create context.

security-policy

Syntax 
security-policy security-policy-id [strict-match]
no security-policy
Context 
[Tree] (config>service>ies>if>ipsec>ipsec-tunnel security-policy)
[Tree] (config>service>vprn>if>ipsec>ipsec-tunnel security-policy)
[Tree] (config>service>vprn>if>sap>ipsec-tunnel security-policy)
[Tree] (config>router>if>ipsec>ipsec-tunnel security-policy)
Full Contexts 
configure router interface ipsec ipsec-tunnel security-policy
configure service ies interface ipsec ipsec-tunnel security-policy
configure service vprn interface ipsec ipsec-tunnel security-policy
configure service vprn interface sap ipsec-tunnel security-policy
Description 

This command configures an IPsec security policy. The policy may then be associated with static IPsec tunnels defined in the same routing instance.

With strict-match parameter enabled, when a CREATE_CHILD exchange request is received for a static IPsec tunnel, and this request is not a re-key request, then ISA matches the received TSi and TSr with the configured security policy. This can be a match only when a received TS (in TSi or TSr) address range matches exactly with the subnet in a security policy entry.

If there is no match, then the setup fails, and TS_UNACCEPTABLE is sent.

If there is a match, but there is an existing CHILD_SA for the matched security policy, then the setup fails, and NO_PROPOSAL_CHOSEN.

If there is a match, and there is not CHILD_SA for the matched entry, then the subnet is sent in the matched security-policy entry as TSi and TSr, and the CHILD_SA is created.

Default 

no security-policy

Parameters 
security-policy-id—
Specifies the IPsec security policy entry that the tunnel will use.
Values—
1 to 32768

 

strict-match—
Enables strict match of security-policy entry.

23.107. seen-ip-radius-acct-policy

seen-ip-radius-acct-policy

Syntax 
seen-ip-radius-acct-policy rad-acct-plcy-name
no seen-ip-radius-acct-policy
Context 
[Tree] (config>app-assure>group>transit-ip-policy>radius seen-ip-radius-acct-policy)
Full Contexts 
configure application-assurance group transit-ip-policy radius seen-ip-radius-acct-policy
Description 

This command refers to a RADIUS accounting-policy to enable seen-IP notification.

The no form of this command removes the policy.

Default 

no seen-ip-radius-acct-policy

Parameters 
rad-acct-plcy-name—
Specifies the RADIUS accounting policy name, up to 32 characters.

23.108. segment

segment

Syntax 
segment [1..11] [create]
no segment
Context 
[Tree] (config>router>segment-routing>sr-policies>static-policy>segment-list segment)
Full Contexts 
configure router segment-routing sr-policies static-policy segment-list segment
Description 

This command creates the context to configure a segment inside a segment-list of a statically-defined segment routing policy.

Each segment list can have up to 11 segments.

The no form of this command deletes the segment context.

Default 

no segment

Parameters 
create
Keyword used to create the list.

23.109. segment-list

segment-list

Syntax 
segment-list segment-list
no segment-list
Context 
[Tree] (config>saa>test>type-multi-line>lsp-ping>sr-policy segment-list)
[Tree] (config>saa>test>type-multi-line>lsp-trace>sr-policy segment-list)
Full Contexts 
configure saa test type-multi-line lsp-ping sr-policy segment-list
configure saa test type-multi-line lsp-trace sr-policy segment-list
Description 

This command configures the segment list ID.

The no form of this command removes the configuration.

Parameters 
segment-list—
Specifies the segment list number.
Values—
1 to 32

 

segment-list

Syntax 
segment-list [1..32] [create]
no segment-list list
Context 
[Tree] (config>router>segment-routing>sr-policies segment-list)
Full Contexts 
configure router segment-routing sr-policies segment-list
Description 

This command creates the context to configure a segment list for the statically-defined segment routing policy.

Up to 32 segment lists are supported per policy.

The no form of this command deletes the segment list.

Parameters 
create
Keyword used to create the segment list.

23.110. segment-protection-type

segment-protection-type

Syntax 
segment-protection-type protection-type
no segment-protection-type
Context 
[Tree] (config>router>gmpls>lsp>working-path segment-protection-type)
[Tree] (config>router>gmpls>lsp>protect-path segment-protection-type)
Full Contexts 
configure router gmpls lsp protect-path segment-protection-type
configure router gmpls lsp working-path segment-protection-type
Description 

This command defines the requested segment recovery type for the gLSP path. This is the recovery capability requested by the router UNI-C to the UNI-N for recovery in segments of the optical network between ingress and egress UNI-N nodes.

The no form of this command removes the configured segment recovery, reverting to unprotected.

Default 

segment-protection-type unprotected

Parameters 
protection-type—
Specifies the requested GMPLS segment recovery type.
Values—
unprotected | sbr | gr | sncp | prc

 

23.111. segment-routing

segment-routing

Syntax 
segment-routing
Context 
[Tree] (config>router>bgp segment-routing)
Full Contexts 
configure router bgp segment-routing
Description 

This command enables the context to configure options related to BGP segment routing (prefix SID support).

segment-routing

Syntax 
segment-routing
no segment-routing
Context 
[Tree] (config>router>isis segment-routing)
Full Contexts 
configure router isis segment-routing
Description 

This command enables the context to configure segment routing parameters within a given IGP instance.

Segment routing adds to IS-IS and OSPF routing protocols the ability to perform shortest path routing and source routing using the concept of abstract segment. A segment can represent a local prefix of a node, a specific adjacency of the node (interface or next-hop), a service context, or a specific explicit path over the network. For each segment, the IGP advertises an identifier referred to as Segment ID (SID).

When segment routing is used together with MPLS data plane, the SID is a standard MPLS label. A router forwarding a packet using segment routing will thus push one or more MPLS labels.

Segment routing using MPLS labels can be used in both shortest path routing applications and in traffic engineering applications. This feature implements the shortest path forwarding application.

After segment routing is successfully enabled in the IS-IS or OSPF instance, the router will perform the following operations:

  1. Advertise the Segment Routing Capability Sub-TLV to routers in all areas/levels of this IGP instance. However, only neighbors with which it established an adjacency interprets the SID or label range information and use it for calculating the label to swap to or push for a given resolved prefix SID.
  2. Advertise the assigned index for each configured node SID in the new prefix SID sub-TLV with the N-flag (node-SID flag) set. Then the segment routing module programs the incoming label map (ILM) with a pop operation for each local node SID in the data path.
  3. Assign and advertise automatically an adjacency SID label for each formed adjacency over a network IP interface in the new adjacency SID sub-TLV. The segment routing module programs the incoming label map (ILM) with a pop operation, in effect with a swap to an implicit null label operation, for each advertised adjacency SID.
  4. Resolve received prefixes and if a prefix SID sub-TLV exists, the Segment Routing module programs the ILM with a swap operation and also an LTN with a push operation both pointing to the primary/LFA NHLFE. An SR tunnel is also added to the TTM.

When the user enables segment routing in a given IGP instance, the main SPF and LFA SPF are computed normally and the primary next-hop and LFA backup next-hop for a received prefix are added to RTM without the label information advertised in the prefix SID sub-TLV.

segment-routing

Syntax 
[no] segment-routing
Context 
[Tree] (config>router>ospf segment-routing)
[Tree] (config>router>ospf3 segment-routing)
Full Contexts 
configure router ospf segment-routing
configure router ospf3 segment-routing
Description 

This command enables the context to configure segment routing parameters within an IGP instance.

Segment routing adds to IS-IS, OSPF, or OSPF3 routing protocols the ability to perform shortest path routing and source routing using the concept of abstract segment. A segment can represent a local prefix of a node, a specific adjacency of the node (interface or next hop), a service context, or a specific explicit path over the network. For each segment, the IGP advertises an identifier referred to as a segment ID (SID).

When segment routing is used together with the MPLS data plane, the SID is a standard MPLS label. A router forwarding a packet using segment routing will thus push one or more MPLS labels.

Segment routing using MPLS labels can be used in both shortest path routing applications and traffic engineering applications. This feature implements the shortest path forwarding application.

After segment routing is successfully enabled in the IS-IS, OSPF, or OSPF3 instance, the router will perform the following operations:

  1. Advertise the Segment Routing Capability sub-TLV to routers in all areas or levels of the IGP instance. However, only neighbors with which the IGP instance established an adjacency will interpret the SID and label range information and use it for calculating the label to swap to or push for a particular resolved prefix SID.
  2. Advertise the assigned index for each configured node SID in the new prefix SID sub-TLV with the N-flag (node SID flag) set. The segment routing module then programs the incoming label map (ILM) with a pop operation for each local node SID in the data path.
  3. Automatically assign and advertise an adjacency SID label for each formed adjacency over a network IP interface in the new adjacency SID sub-TLV. The segment routing module programs the incoming label map (ILM) with a pop operation, in effect with a swap to an implicit null label operation, for each advertised adjacency SID.
  4. Resolve received prefixes, and if a prefix SID sub-TLV exists, the segment routing module programs the ILM with a swap operation and programs an LSP ID to NHLFE (LTN) with a push operation, both pointing to the primary/LFA NHLFE. An SR tunnel is also added to the TTM.

When the user enables segment routing in an IGP instance, the main SPF and LFA SPF are computed normally and the primary next hop and LFA backup next hop for a received prefix are added to the RTM without the label information advertised in the prefix SID sub-TLV.

segment-routing

Syntax 
segment-routing
Context 
[Tree] (config>router segment-routing)
Full Contexts 
configure router segment-routing
Description 

This command creates a context to configure protocol-independent parameters relating to segment routing.

23.112. sel-mcast-advertisement

sel-mcast-advertisement

Syntax 
[no] sel-mcast-advertisement
Context 
[Tree] (config>service>vpls>bgp-evpn sel-mcast-advertisement)
Full Contexts 
configure service vpls bgp-evpn sel-mcast-advertisement
Description 

This command enables the advertisement of BGP EVPN Selective Multicast Ethernet Tag (SMET) routes.

The no form of this command disables the advertisement of BGP EVPN SMET routes.

Default 

no sel-mcast-advertisement

23.113. selection-criteria

selection-criteria

Syntax 
selection-criteria [best-port |highest-count |highest-weight] [slave-to-partner] [subgroup-hold-time hold-time]
no selection-criteria
Context 
[Tree] (config>lag selection-criteria)
Full Contexts 
configure lag selection-criteria
Description 

This command specifies which selection criteria should be used to select the active sub-group. If there is a tie for highest-count or highest-weight, the LAG will prefer the port with the lowest priority. If that does not break the tie, the currently active subgroup will stay active (that is, non-revertive behavior).

The no form of this command reverts to the default value.

Default 

selection-criteria highest-count

Parameters 
highest-count—
Selects a sub-group with the highest number of eligible members as an active sub-group (not applicable to “power-off” mode of operations).
highest-weight—
Selects a sub-group with the highest aggregate weight as an active subgroup (not applicable to “power-off” mode of operations). Aggregate weight is calculated as the sum of (65535 - port priority) all ports within a sub-group.
best-port—
Selects a sub-group containing the port with highest priority port as an active subgroup. In case of equal port priorities, the sub-group containing the port with the lowest port-id is chosen.
slave-to-partner—
The slave-to-partner keyword specifies that it, together with the selection criteria, should be used to select the active sub-group. An eligible member is a LAG-member link which can potentially become active. This means it is operationally up (not disabled) for use by the remote side. The slave-to-partner parameter can be used to control whether or not this latter condition is taken into account.
hold-time
Applicable with LACP enabled. Specifies the optional delay timer for switching to a newly selected active sub-group from the existing active sub-group. The timer delay applies only if the existing sub-group remains operationally up.
Values—

not specified

Equivalent to specifying a value of 0. Specifies no delay and to switchover immediately to a new candidate active sub-group.

0 to 2000

Integer specifying the timer value in 10ths of a second.

infinite

Do not switchover from existing active sub-group if the subgroup remains UP. Manual switchover possible using tools perform lag force command.

 

23.114. selective

selective

Syntax 
selective
Context 
[Tree] (config>service>vprn>mvpn>provider-tunnel selective)
Full Contexts 
configure service vprn mvpn provider-tunnel selective
Description 

This command enters the context to specify selective provider tunnel parameters.

selective

Syntax 
selective
Context 
[Tree] (config>router>gtm>provider-tunnel selective)
Full Contexts 
configure router gtm provider-tunnel selective
Description 

This command enables the context for specifying selective provider tunnel parameters.

23.115. selective-label-ipv4-install

selective-label-ipv4-install

Syntax 
[no] selective-label-ipv4-install
Context 
[Tree] (config>router>bgp selective-label-ipv4-install)
[Tree] (config>router>bgp>group selective-label-ipv4-install)
[Tree] (config>router>bgp>group>neighbor selective-label-ipv4-install)
Full Contexts 
configure router bgp group neighbor selective-label-ipv4-install
configure router bgp group selective-label-ipv4-install
configure router bgp selective-label-ipv4-install
Description 

This command enables selective download for BGP label-ipv4 routes.

When this command is configured so that it applies to a BGP session, label-ipv4 routes received on this session are marked as invalid if they are not needed for any eligible service. A /32 label-ipv4 route is determined to be required if one of the following applies:

  1. It matches the far-end address of a manually configured or auto-created SDP Layer 2 VLL or VPLS service and the SDP is configured to use BGP tunnels as transport.
  2. It matches the IPv4 BGP next hop of a BGP-EVPN route and this EVPN route is either imported into a VPLS service or re-advertised by the router acting as a next-hop-self route-reflector or a model-B ASBR.
  3. It matches the IPv4 BGP next hop of a VPN-IPv4 route and this VPN-IP route is either imported into a VPRN service or re-advertised by the router acting as a next-hop-self route-reflector or a model-B ASBR.
  4. It matches the IPv4 address in the IPv4-mapped IPv6 address of a VPN IPv6 route and this VPN-IP route is either imported into a VPRN service or re-advertised by the router acting as a next-hop-self route-reflector or a model-B ASBR.

The no form of this command at the top (config>router>bgp) level disables the selective installation functionality. The no form of this command at the group or neighbor level causes the setting to be inherited from a higher level configuration.

Default 

no selective-label-ipv4-install

23.116. selective-learned-fdb

selective-learned-fdb

Syntax 
[no] selective-learned-fdb
Context 
[Tree] (config>service>vpls selective-learned-fdb)
Full Contexts 
configure service vpls selective-learned-fdb
Description 

This command determines which line cards FDB entries are allocated on for MAC addresses in the VPLS service in which the command is configured.

By default, FDB entries for MAC addresses in VPLS services are allocated on all line cards in the system. Enabling selective-learned-fdb causes FDB entries to be allocated only on the line cards on which the service has a configured object, which includes all line cards:

  1. on which a SAP is configured
  2. which have ports configured in a LAG SAP
  3. which have ports configured in an Ethernet tunnel SAP
  4. which have ports configured on a network interface (which also may be on a LAG) when the service has a mesh or spoke-SDP, VXLAN or EVPN-MPLS configured

Only MAC addresses with a type “L” or “Evpn” in the show output displaying the FDB can be allocated selectively, unless a MAC address configured as a conditional static MAC address is learned dynamically on an object other than its monitored object; this can be displayed with type “L” or “Evpn” but is allocated as global because of the conditional static MAC configuration.

The no form of this command returns the FDB MAC address entry allocation mode to its default where FDB entries for MAC addresses are allocated on all line cards in the system.

Default 

no selective-learned-fdb

23.117. send

send

Syntax 
send {broadcast |multicast |none |version-1 |both}
no send
Context 
[Tree] (config>service>vprn>rip send)
[Tree] (config>service>vprn>rip>group send)
[Tree] (config>service>vprn>rip>group>neighbor send)
[Tree] (config>service>vprn>ripng send)
[Tree] (config>service>vprn>ripng>group send)
[Tree] (config>service>vprn>ripng>group>neighbor send)
Full Contexts 
configure service vprn rip group neighbor send
configure service vprn rip group send
configure service vprn rip send
configure service vprn ripng group neighbor send
configure service vprn ripng group send
configure service vprn ripng send
Description 

This command specifies the type of RIP messages sent to RIP neighbors. This control can be issued at the global, group or interface level. The default behavior sends RIPv2 messages with the multicast (224.0.0.9) destination address.

If version-1 is specified, the router only listens for and accepts packets sent to the broadcast address.

The no form of this command resets the type of messages sent back to the default value.

Default 

no send

Parameters 
broadcast—
Send RIPv2 formatted messages to the broadcast address.
multicast—
Send RIPv2 formatted messages to the multicast address.
none—
Do not send any RIP messages (i.e. silent listener).
version-1—
Send RIPv1 formatted messages to the broadcast address.
both—
Send both RIP v1 & RIP v2 updates to the broadcast address.

send

Syntax 
send
Context 
[Tree] (config>system>security>keychain>direction>uni send)
Full Contexts 
configure system security keychain direction uni send
Description 

This command specifies the send nodal context to sign TCP segments that are being sent by the router to another device.

send

Syntax 
send option-number
no send
Context 
[Tree] (config>system>security>keychain>tcp-option-number send)
Full Contexts 
configure system security keychain tcp-option-number send
Description 

This command configures the TCP option number accepted in TCP packets sent.

Default 

send 254

Parameters 
option-number—
Specifies an enumerated integer that indicates the TCP option number to be used in the TCP header.
Values—
253, 254, tcp-ao

 

send

Syntax 
send {broadcast |multicast |none |version-1}
no send
Context 
[Tree] (config>router>rip send)
[Tree] (config>router>rip>group send)
[Tree] (config>router>rip>group>neighbor send)
Full Contexts 
configure router rip group neighbor send
configure router rip group send
configure router rip send
Description 

This command specifies the type of RIP messages sent to RIP neighbors.

If version-1 is specified, the router need only listen for and accept packets sent to the broadcast address.

This control can be issued at the global, group or interface level.

The no form of the command reverts to the default value.

Default 

send version-1

Parameters 
broadcast—
Specifies send RIPv2 formatted messages to the broadcast address.
multicast—
Specifies send RIPv2 formatted messages to the multicast address.
none—
Specifies not to send any RIP messages (i.e. silent listener).
version-1—
Specifies send RIPv1 formatted messages to the broadcast address.

send

Syntax 
send {none |ripng |unicast}
no send
Context 
[Tree] (config>router>ripng send)
[Tree] (config>router>ripng>group send)
[Tree] (config>router>ripng>group>neighbor send)
Full Contexts 
configure router ripng group neighbor send
configure router ripng group send
configure router ripng send
Description 

This command specifies if RIPng are sent to RIP neighbors or not and what type of IPv6 address is to be used to deliver the messages.

This control can be issued at the global, group or interface level.

The no form of the command reverts to the default value.

Default 

send ripng

Parameters 
ripng—
Specifies RIPng messages to be sent to the standard multicast address (FF02::9).
none—
Specifies not to send any RIPng messages (i.e. silent listener).
unicast—
Specifies to send RIPng updates as unicast messages to the defined unicast address configured through the unicast-address command. This option is only allowed within the neighbor context.

23.118. send-accounting-response

send-accounting-response

Syntax 
[no] send-accounting-response
Context 
[Tree] (config>router>radius-proxy>server send-accounting-response)
[Tree] (config>service>vprn>radius-proxy>server send-accounting-response)
Full Contexts 
configure router radius-proxy server send-accounting-response
configure service vprn radius-proxy server send-accounting-response
Description 

This command results in the system to always generate RADIUS accounting-response to acknowledge RADIUS accounting-request received from the RADIUS client.

The no form of this command disables the command.

23.119. send-acct-stop-on-fail

send-acct-stop-on-fail

Syntax 
send-acct-stop-on-fail {[on-request-failure] [on-reject] [on-accept-failure]}
no send-acct-stop-on-fail
Context 
[Tree] (config>subscr-mgmt>auth-policy send-acct-stop-on-fail)
Full Contexts 
configure subscriber-mgmt authentication-policy send-acct-stop-on-fail
Description 

This command activates the reporting of RADIUS authentication failures of a PPPoE session to a RADIUS accounting server with an Accounting Stop message.

Three failure categories can be enabled separately:

  1. on-request-failure: All failure conditions between the sending of an Access-Request and the reception of an Access-Accept or Access-Reject.
  2. on-reject:
  3. on-accept-failure: All failure conditions that appear after receiving an Access-Accept and before successful instantiation of the host or session.

The RADIUS accounting policy to be used for sending the Accounting Stop messages must be obtained prior to RADIUS authentication via local user database pre-authentication.

The no form of this command reverts to the default.

Parameters 
on-request-failure—
Specifies that an accounting stop message is sent when a RADIUS Access-Request message could not be sent (for example, there is no server configured, or timeout).
on-reject—
Specifies that an accounting stop message is sent when an Access-Reject is received.
on-accept-failure—
Specifies that an accounting stop message is sent a failure occurred after the reception of a RADIUS Access-Accept message (such as a duplicate IP address).

23.120. send-bvpls-evpn-flush

send-bvpls-evpn-flush

Syntax 
[no] send-bvpls-evpn-flush
Context 
[Tree] (config>service>vpls>pbb send-bvpls-evpn-flush)
Full Contexts 
configure service vpls pbb send-bvpls-evpn-flush
Description 

This command triggers ISID-based C-MAC flush signaling in the PBB-EVPN. When the command is enabled in an I-VPLS service, a B-MAC/ISID route is sent for the I-VPLS ISID.

Default 

no send-bvpls-evpn-flush

23.121. send-bvpls-flush

send-bvpls-flush

Syntax 
[no] send-bvpls-flush {[all-from-me] |[all-but-mine]}
Context 
[Tree] (config>service>vpls send-bvpls-flush)
Full Contexts 
configure service vpls send-bvpls-flush
Description 

This command configures the BVPLS flush. If B-SDPs are used and MAC notification mechanism is turned on in the related BVPLS (MPLS use case), it makes sense to turn off the T-LDP MAC Flush.

Parameters 
all-from-me—
Flushes on a negative event, such as pseudowire failure
all-but-mine—
Flushes on a positive event, such as pseudowire activation

send-bvpls-flush

Syntax 
send-bvpls-flush {[all-but-mine] [all-from-me]}
no send-bvpls-flush
Context 
[Tree] (config>service>vpls send-bvpls-flush)
Full Contexts 
configure service vpls send-bvpls-flush
Description 

This command enables generation of LDP MAC withdrawal “flush-all-from-me” in the B-VPLS domain when the following triggers occur in the related IVPLS:

  1. MC-LAG failure
  2. Failure of a local SAP
  3. Failure of a local pseudowire/SDP binding

A failure means transition of link SAP/pseudowire to either down or standby status.

This command does not require send-flush-on-failure in B-VPLS to be enabled on an IVPLS trigger to send an MAC flush into the BVPLS.

Default 

no send-bvpls-flush

Parameters 
all-but-mine—
Specifies to send an LDP flush all-but-mine and also sent into the B-VPLS. Both parameters can be set together.
all-from-me—
Specifies to send an LDP flush-all-from and when STP initiates a flush, it is sent into the B-VPLS using LDP MAC flush all-from-me. Both parameters can be set together.

23.122. send-chain

send-chain

Syntax 
[no] send-chain
Context 
[Tree] (config>ipsec>cert-profile>entry send-chain)
Full Contexts 
configure ipsec cert-profile entry send-chain
Description 

This command enters the configuration context of send-chain in the cert-profile entry.

The configuration of this command is optional, by default system will only send the certificate specified by cert command in the selected entry to the peer. This command allows system to send additional CA certificates to the peer. These additional CA certificates must be in the certificate chain of the certificate specified by the cert command in the same entry.

send-chain

Syntax 
[no] send-chain
Context 
[Tree] (config>system>security>tls>cert-profile>entry send-chain)
Full Contexts 
configure system security tls cert-profile entry send-chain
Description 

This command enables the sending of certificate authority (CA) certificates, and enters the context to configure send-chain information.

By default, the system only sends the TLS server certificate or TLS client certificate specified by the cert command. If CA certificates are to be sent using send-chain, they must be in the chain of certificates specified by the config>system>security>pki>ca-profile command. The specification of the send-chain is not necessary for a working TLS profile if the TLS peer has the CA certificate used to sign the server or client certificate in its own trust anchor.

For example, given a TLS client running on SROS, the ROOT CA certificate resides on the TLS server, but the subsequent SUB-CA certificate needed to complete the chain resides within SROS. The send-chain command allows these SUB-CA certificates to be sent from SROS to the peer to be authenticated using the ROOT CA certificate that resides on the peer.

The no form of the command disables the send-chain.

Default 

no send-chain

23.123. send-count

send-count

Syntax 
send-count send-count
no send-count
Context 
[Tree] (config>saa>test>type-multi-line>lsp-ping>sr-policy send-count)
Full Contexts 
configure saa test type-multi-line lsp-ping sr-policy send-count
Description 

This command configures the number of messages to send. The send-count value is used to override the default number of message requests sent. Each message request must either time out or receive a reply before the next message request is sent. The message interval value must be expired before the next message request is sent.

The no form of this command reverts to the default value.

Default 

send-count 1

Parameters 
send-count—
Specifies the send count in number of packets.
Values—
1 to 100

 

Default—
1

23.124. send-default

send-default

Syntax 
send-default [ipv4] [ipv6] [export-policy export-policy]
no send-default
Context 
[Tree] (config>router>bgp send-default)
[Tree] (config>router>bgp>group send-default)
[Tree] (config>router>bgp>group>neighbor send-default)
Full Contexts 
configure router bgp group neighbor send-default
configure router bgp group send-default
configure router bgp send-default
Description 

This command enables the advertisement of a default route. When this command is configured so that it applies to an IBGP or EBGP session, the default route for IPv4 and/or IPv6 is automatically added to the Adj_RIB-OUT of that peer. The advertised defaults are unrelated to any default routes that may be installed in the FIB of the local router.

When the command includes the ipv4 parameter, an IPv4 default route (0/0) is generated.

When the command includes the ipv6 parameter, an IPv6 default route (::/0) is generated.

If there is an active default route in the FIB of the local router and a BGP export policy allows that default route to be advertised so it conflicts with the send-default command, the artificially generated default overrides the advertisement of the installed default.

The artificially generated default route is not matched by BGP export policies. In order to modify its attributes, a route policy must be created for this purpose and it must be referenced by the export-policy parameter. Only the route modifications in the default-action of this policy are parsed and applied.

The no form of this command restores the default behavior. At the group and neighbor levels the default behavior is to inherit the configuration from a higher level. At the instance level the default behavior is to not generate nor inject a default route.

Default 

no send-default

Parameters 
ipv4—
Includes the ipv4 parameter.
ipv6—
Includes the ipv6 parameter.
export-policy—
Specifies the name of a route policy, up to 64 characters. Only the route modifications in the default-action context of this route policy are parsed. Those modifications change the attributes of the advertised default route.

23.125. send-evpn-encap

send-evpn-encap

Syntax 
send-evpn-encap [mpls] [mplsoudp]
no send-evpn-encap
Context 
[Tree] (config>service>epipe>bgp-evpn>mpls send-evpn-encap)
[Tree] (config>service>epipe>bgp-evpn>vxlan send-evpn-encap)
[Tree] (config>service>vpls>bgp-evpn>mpls send-evpn-encap)
[Tree] (config>service>vpls>bgp-evpn>vxlan send-evpn-encap)
Full Contexts 
configure service epipe bgp-evpn mpls send-evpn-encap
configure service epipe bgp-evpn vxlan send-evpn-encap
configure service vpls bgp-evpn mpls send-evpn-encap
configure service vpls bgp-evpn vxlan send-evpn-encap
Description 

This command configures the encapsulation to be advertised with the EVPN routes for the service. The encapsulation is encoded in RFC5512-based tunnel encapsulation extended communities.

When used in the bgp-evpn>mpls context, the supported options are none (no send-evpn-encap), mpls, mplsoudp or both.

When used in the bgp-evpn>vxlan context, the supported options are send-evpn-encap (the router signals a VXLAN value) or no send-evpn-encap (no encapsulation extended community is sent).

Default 

send-evpn-encap mpls (in the config>service>vpls>bgp-evpn>mpls context)

send-evpn-encap (in the config>service>vpls>bgp-evpn>vxlan context)

Parameters 
mpls
Specifies the MPLS-over-UDP encapsulation value in the RFC5512 encapsulation extended community.
mplsoudp
Specifies the MPLS encapsulation value in the RFC5512 encapsulation extended community.

23.126. send-fib-population-packets

send-fib-population-packets

Syntax 
send-fib-population-packets mode
no send-fib-population-packets
Context 
[Tree] (config>service>ies>sub-if>grp-if>srrp send-fib-population-packets)
[Tree] (config>service>vprn>sub-if>grp-if>srrp send-fib-population-packets)
Full Contexts 
configure service ies subscriber-interface group-interface srrp send-fib-population-packets
configure service vprn subscriber-interface group-interface srrp send-fib-population-packets
Description 

This command configures the mode used to send Fib population packets. When SRRP becomes master it generates gratuitous ARPs (GARPs) used by the Layer 2 access network to populate the correct SRRP gateway.

The no form of this command disables sending FDB population packets.

Default 

send-fib-population-packets all

Parameters 
mode—
Specifies on which VLANs the gratuitous ARPs are sent.
Values—
all: Generates, on SSRP master assignment, the GARPs on all VLANs
out-tag-only: Generates, on SRRP master assignment, the GARPs only on SAPs with unique outer VLAN and lowest VLAN tags

 

23.127. send-flush-on-bvpls-failure

send-flush-on-bvpls-failure

Syntax 
[no] send-flush-on-bvpls-failure
Context 
[Tree] (config>service>vpls>pbb send-flush-on-bvpls-failure)
Full Contexts 
configure service vpls pbb send-flush-on-bvpls-failure
Description 

This command enables the generation in the local I-VPLS of an LDP MAC flush-all-from-me following a failure of SAP/the whole endpoint/spoke-SDP in the related B-VPLS. The failure of mesh-SDP in B-VPLS does not generate the I-VPLS MAC flush.

The no form of this command disables the generation of LDP MAC flush in I-VPLS on failure of SAP/endpoint/spoke-SDP in the related B-VPLS.

Default 

no send-flush-on-bvpls-failure

23.128. send-flush-on-failure

send-flush-on-failure

Syntax 
[no] send-flush-on-failure
Context 
[Tree] (config>service>vpls send-flush-on-failure)
Full Contexts 
configure service vpls send-flush-on-failure
Description 

This command enables sending out flush-all-from-me messages to all LDP peers included in affected VPLS, in the event of physical port failures or “operationally down” events of individual SAPs. This feature provides an LDP-based mechanism for recovering a physical link failure in a dual-homed connection to a VPLS service. This method provides an alternative to RSTP solutions where dual homing redundancy and recovery, in the case of link failure, is resolved by RSTP running between a PE router and CE devices. If the endpoint is configured within the VPLS and send-flush-on-failure is enabled, flush-all-from-me messages will be sent out only when all spoke-SDPs associated with the endpoint go down.

This feature cannot be enabled on management VPLS.

Default 

no send-flush-on-failure

23.129. send-idr-after-eap-success

send-idr-after-eap-success

Syntax 
[no] send-idr-after-eap-success
Context 
[Tree] (config>ipsec>ike-policy send-idr-after-eap-success)
Full Contexts 
configure ipsec ike-policy send-idr-after-eap-success
Description 

This command enables the system to add the Identification Responder (IDr) payload in the last IKE authentication response after an Extensible Authentication Protocol (EAP) Success packet is received. When disabled, the system will not include IDr payload.

The no form of this command disables sending the IDr payload in the last IKE.

Default 

send-idr-after-eap-success

23.130. send-imet-ir-on-ndf

send-imet-ir-on-ndf

Syntax 
send-imet-ir-on-ndf
no send-imet-ir-on-ndf
Context 
[Tree] (config>service>vpls>bgp-evpn>vxlan send-imet-ir-on-ndf)
Full Contexts 
configure service vpls bgp-evpn vxlan send-imet-ir-on-ndf
Description 

This command controls the advertisement of Inclusive Multicast Ethernet Tag (IMET) routes for ingress replication in the case where the PE is Non-DF for a specified network interconnect VXLAN virtual ES. When enabled, the router will advertise IMET-IR routes even if the PE is NDF. This attracts BUM traffic but also speeds up convergence in case of DF failure.

The no form of this command withdraws the advertisement of the IMET-IR route on the network interconnect VXLAN NDF router.

Default 

send-imet-ir-on-ndf

23.131. send-orf

send-orf

Syntax 
send-orf [comm-id]
no send-orf [comm-id]
Context 
[Tree] (config>router>bgp>outbound-route-filtering>extended-community send-orf)
[Tree] (config>router>bgp>group>outbound-route-filtering>extended-community send-orf)
[Tree] (config>router>bgp>group>neighbor>outbound-route-filtering>extended-community send-orf)
Full Contexts 
configure router bgp group neighbor outbound-route-filtering extended-community send-orf
configure router bgp group outbound-route-filtering extended-community send-orf
configure router bgp outbound-route-filtering extended-community send-orf
Description 

This command instructs the router to negotiate the send capability in the BGP outbound route filtering (ORF) negotiation with a peer.

This command also causes the router to send a community filter, prefix filter, or AS path filter configured as an inbound filter on the BGP session to its peer as an ORF Action ADD.

The no form of this command causes the router to remove the send capability in the BGP ORF negotiation with a peer.

The no form also causes the router to send an ORF remove action for a community filter, prefix filter, or AS path filter configured as an inbound filter on the BGP session to its peer.

If the comm-id parameters are not exclusively route target communities then the router will extract appropriate route targets and use those. If, for some reason, the comm-id parameters specified contain no route targets, then the router will not send an ORF.

Default 

no send-orf

Parameters 
comm-id—
Specifies up to 32 community policies, which must consist exclusively of route target extended communities. If it is not specified, then the ORF policy is automatically generated from configured route target lists, accepted client route target ORFs and locally configured route targets.
Values—
[target: {ip-address:comm-val | 2byte-asnumber:ext-comm-val | 4byte-asnumber:comm-val}
where:
  1. ip-address — a.b.c.d
  2. comm-val — 0 to 65535
  3. 2byte-asnumber — 0 to 65535
  4. ext-comm-val — 0 to 4294967295
  5. 4byte-asnumber — 0 to 4294967295

 

23.132. send-queries

send-queries

Syntax 
[no] send-queries
Context 
[Tree] (config>service>vpls>sap>igmp-snooping send-queries)
[Tree] (config>service>vpls>spoke-sdp>igmp-snooping send-queries)
[Tree] (config>service>vpls>mesh-sdp>igmp-snooping send-queries)
[Tree] (config>service>vpls>sap>mld-snooping send-queries)
[Tree] (config>service>vpls>spoke-sdp>mld-snooping send-queries)
[Tree] (config>service>vpls>mesh-sdp>mld-snooping send-queries)
Full Contexts 
configure service vpls mesh-sdp igmp-snooping send-queries
configure service vpls mesh-sdp mld-snooping send-queries
configure service vpls sap igmp-snooping send-queries
configure service vpls sap mld-snooping send-queries
configure service vpls spoke-sdp igmp-snooping send-queries
configure service vpls spoke-sdp mld-snooping send-queries
Description 

This command specifies whether to send IGMP general query messages on the SAP or SDP.

When send-queries is configured, all type of queries generate ourselves are of the configured version. If a report of a version higher than the configured version is received, the report will get dropped and a new wrong version counter will get incremented. If send-queries is not configured, the version command has no effect. The version used will be the version of the querier. This implies that, for example, when we have a v2 querier, we will never send out a v3 group or group-source specific query when a host wants to leave a certain group.

If mrouter-port is enabled on this SAP or spoke SDP, the send-queries command parameter cannot be set.

The no form of this command disables the IGMP general query messages.

Default 

no send-queries

send-queries

Syntax 
[no] send-queries
Context 
[Tree] (config>subscr-mgmt>msap-policy>vpls-only>igmp-snp send-queries)
Full Contexts 
configure subscriber-mgmt msap-policy vpls-only-sap-parameters igmp-snooping send-queries
Description 

This command specifies whether to send IGMP general query messages on the managed SAP. When send-queries is configured, all type of queries generated are of the configured version. If a report of a version higher than the configured version is received, the report will get dropped and a new wrong version counter will get incremented.

If send-queries is not configured, the version command has no effect. The version used on that SAP/SDP is the version of the querier. This implies that, for example, when there is a v2 querier, a v3 group or group-source specific query is never sent when a host wants to leave a certain group.

The no form of this command reverts to the default.

send-queries

Syntax 
[no] send-queries
Context 
[Tree] (config>service>pw-template>igmp-snooping send-queries)
Full Contexts 
configure service pw-template igmp-snooping send-queries
Description 

This command specifies whether to send IGMP general query messages.

When send-queries is configured, all type of queries generated are of the configured version. If a report of a version higher than the configured version is received, the report will get dropped and a new wrong version counter will get incremented.

If send-queries is not configured, the version command has no effect. The version used on that SAP or SDP will be the version of the querier. This implies that, for example, when we have a v2 querier, we will never send out a v3 group or group-source specific query when a host wants to leave a certain group.

Default 

no send-queries

23.133. send-refresh

send-refresh

Syntax 
send-refresh seconds
no send-refresh
Context 
[Tree] (config>service>vpls>proxy-arp send-refresh)
[Tree] (config>service>vpls>proxy-nd send-refresh)
Full Contexts 
configure service vpls proxy-arp send-refresh
configure service vpls proxy-nd send-refresh
Description 

If enabled, this command will make the system send a refresh at the configured time. A refresh message is an ARP-request message that uses 0s as sender's IP for the case of a proxy-ARP entry. For proxy-ND entries, a refresh is a regular NS message using the chassis-mac as MAC source-address.

Default 

no send-refresh

Parameters 
seconds
Specifies the send-refresh in seconds.
Values—
120 to 86400

 

23.134. send-release

send-release

Syntax 
[no] send-release
Context 
[Tree] (config>service>ies>if>sap>ipsec-gw>dhcp send-release)
[Tree] (config>service>ies>if>sap>ipsec-gw>dhcp6 send-release)
[Tree] (config>service>vprn>if>sap>ipsec-gw>dhcp send-release)
[Tree] (config>service>vprn>if>sap>ipsec-gw>dhcp6 send-release)
Full Contexts 
configure service ies interface sap ipsec-gw dhcp send-release
configure service ies interface sap ipsec-gw dhcp6 send-release
configure service vprn interface sap ipsec-gw dhcp send-release
configure service vprn interface sap ipsec-gw dhcp6 send-release
Description 

This command enables the system to send a DHCPv4/v6 release message when the IPsec tunnel is removed.

Default 

no send-release

23.135. send-to-ebgp

send-to-ebgp

Syntax 
send-to-ebgp family [family]
no send-to-ebgp
Context 
[Tree] (config>service>vprn>bgp>group>link-bandwidth send-to-ebgp)
[Tree] (config>service>vprn>bgp>group>neighbor>link-bandwidth send-to-ebgp)
Full Contexts 
configure service vprn bgp group link-bandwidth send-to-ebgp
configure service vprn bgp group neighbor link-bandwidth send-to-ebgp
Description 

This command configures BGP to allow link-bandwidth extended community to be sent in routes advertised to EBGP peers in the scope of the command, as long the routes belong to one of the listed address families.

The link-bandwidth extended community is encoded as a non-transitive type. This means that by default it should not be attached to any route advertised to an EBGP peer and it should be discarded when received in any route from an EBGP peer. This command overrides the standard behavior.

Up to three families may be configured.

The no form of this command restores the default behavior of stripping the link-bandwidth extended community from any route advertised to an EBGP peer.

Default 

no send-to-ebgp

Parameters 
family—
Specifies the address families for which receiving the link-bandwidth extended community from EBGP peers should be supported.
Values—
ipv4 — Adds a link-bandwidth extended community to unlabeled unicast IPv4 routes.
label-ipv4 — Adds a link-bandwidth extended community to labeled-unicast IPv4 routes.
ipv6 — Adds a link-bandwidth extended community to unlabeled unicast IPv6 routes.

 

send-to-ebgp

Syntax 
send-to-ebgp family [family]
no send-to-ebgp
Context 
[Tree] (config>router>bgp>group>link-bandwidth send-to-ebgp)
[Tree] (config>router>bgp>group>neighbor>link-bandwidth send-to-ebgp)
Full Contexts 
configure router bgp group link-bandwidth send-to-ebgp
configure router bgp group neighbor link-bandwidth send-to-ebgp
Description 

This command configures BGP to allow link-bandwidth extended community to be sent in routes advertised to EBGP peers in the scope of the command, as long the routes belong to one of the listed address families.

The link-bandwidth extended community is encoded as a non-transitive type. This means that by default it should not be attached to any route advertised to an EBGP peer and it should be discarded when received in any route from an EBGP peer. This command overrides the standard behavior.

Up to six families may be configured.

The no form of this command restores the default behavior of stripping the link-bandwidth extended community from any route advertised to an EBGP peer.

Default 

no send-to-ebgp

Parameters 
family—
Specifies the address families for which receiving the link-bandwidth extended community from EBGP peers should be supported.
Values—
ipv4 — Adds a link-bandwidth extended community to unlabeled unicast IPv4 routes.
label-ipv4 — Adds a link-bandwidth extended community to labeled-unicast IPv4 routes.
vpn-ipv4 — Adds a link-bandwidth extended community to IPv4 VPN (SAFI 128) routes.
ipv6 — Adds a link-bandwidth extended community to unlabeled unicast IPv6 routes.
label-ipv6 — Adds a link-bandwidth extended community to labeled-unicast IPv6 routes.
vpn-ipv6 — Adds a link-bandwidth extended community to IPv6 VPN (SAFI 128) routes.

 

23.136. send-tunnel-encap

send-tunnel-encap

Syntax 
send-tunnel-encap [mpls] [mplsoudp]
no send-tunnel-encap
Context 
[Tree] (config>service>epipe>bgp-evpn>mpls send-tunnel-encap)
[Tree] (config>service>vpls>bgp-evpn>mpls send-tunnel-encap)
[Tree] (config>service>vprn>bgp-evpn>mpls send-tunnel-encap)
Full Contexts 
configure service epipe bgp-evpn mpls send-tunnel-encap
configure service vpls bgp-evpn mpls send-tunnel-encap
configure service vprn bgp-evpn mpls send-tunnel-encap
Description 

This command determines the tunnel value in the BGP encapsulation extended community advertised with the EVPN routes for the BGP EVPN instance.

The no form of this command reverts to the default value.

Default 

send-tunnel-encap mpls

Parameters 
mpls—
Keyword used to specify MPLS tunnel encapsulation.
mplsoudp—
Keyword used to specify MPLS over UDP tunnel encapsulation.

send-tunnel-encap

Syntax 
[no] send-tunnel-encap
Context 
[Tree] (config>service>epipe>bgp-evpn>vxlan send-tunnel-encap)
[Tree] (config>service>vpls>bgp-evpn>vxlan send-tunnel-encap)
Full Contexts 
configure service epipe bgp-evpn vxlan send-tunnel-encap
configure service vpls bgp-evpn vxlan send-tunnel-encap
Description 

This command determines the tunnel value in the BGP encapsulation extended community advertised with the EVPN routes for the BGP EVPN instance.

The no form of this command removes the configuration.

23.137. sender-id

sender-id

Syntax 
sender-id local local-name
sender-id system
no sender-id
Context 
[Tree] (config>eth-cfm>system sender-id)
Full Contexts 
configure eth-cfm system sender-id
Description 

This command allows the operator to include the configured “system name” (chassis3) or a locally configured value in ETH-CFM PDUs sent from MEPs and MIPs. The operator may only choose one of these options to use for ETH-CFM. MEPs include the sender-id TLV for CCM (not sub second CCM enabled MEPs), LBM/LBR, and LTM/LTR. MIPs include this value in the LBR and LTR PDUs.

Note:

LBR functions reflect all TLVs received in the LBM unchanged, including the SenderID TLV.

Parameters 
local-name—
Specifies a local alphanumeric string different from the “system name” chassis(3) value that can be used for other means, up to 45 characters.
system—
Allows ETH-CFM to use the configured “system name” value as the chassis(3).

23.138. sensor-group

sensor-group

Syntax 
sensor-group name [create]
no sensor-group name
Context 
[Tree] (config>system>telemetry>sensor-groups sensor-group)
Full Contexts 
configure system telemetry sensor-groups sensor-group
Description 

This command enables the context to configure sensor-related commands.

The no form of this command removes the configuration.

Parameters 
name—
Specifies the sensor group name, up to 32 characters.
create
Keyword used to create a sensor group.

sensor-group

Syntax 
sensor-group name
no sensor-group
Context 
[Tree] (config>system>telemetry>persistent-subscriptions>subscription sensor-group)
Full Contexts 
configure system telemetry persistent-subscriptions subscription sensor-group
Description 

This command assigns an existing sensor group to the specified persistent subscription. If no valid paths exist in the sensor group, the configuration is accepted; however, no gRPC connection is established when persistent subscription is activated.

The no form of this command removes the configuration.

Parameters 
name—
Specifies the sensor group name, up to 32 characters.

23.139. sensor-groups

sensor-groups

Syntax 
sensor-groups
Context 
[Tree] (config>system>telemetry sensor-groups)
Full Contexts 
configure system telemetry sensor-groups
Description 

This command enables the context for configuring a sensor group.

23.140. sequence-group

sequence-group

Syntax 
sequence-group group
no sequence-group
Context 
[Tree] (config>li>x-interfaces>lics>lic>authentication sequence-group)
Full Contexts 
configure li x-interfaces lics lic authentication sequence-group
Description 

This command configures the sequence group for the X1 and X2 interfaces.

The no form of this command reverts to the default.

Parameters 
group—
Specifies the group number.
Values—
2 to 4294967295

 

23.141. serial-notify

serial-notify

Syntax 
[no] serial-notify
Context 
[Tree] (debug>router>rpki-session>packet serial-notify)
Full Contexts 
debug router rpki-session packet serial-notify
Description 

This command enables debugging for serial notify RPKI packets.

The no form of this command disables debugging for serial notify RPKI packets.

23.142. serial-query

serial-query

Syntax 
[no] serial-query
Context 
[Tree] (debug>router>rpki-session>packet serial-query)
Full Contexts 
debug router rpki-session packet serial-query
Description 

This command enables debugging for serial query RPKI packets.

The no form of this command disables debugging for serial query RPKI packets.

23.143. server

server

Syntax 
server ip-address
no server
Context 
[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host server)
Full Contexts 
configure subscriber-mgmt local-user-db ipoe host server
Description 

This command configures the IP address of the DHCP server to relay to.

The configured DHCP server IP address must reference one of the addresses configured under the DHCP CLI context of an IES/VPRN subscriber or group interface.

The no form of this command reverts to the default.

Parameters 
ip-address—
Specifies the IP address of the DHCP server.
Values—
a.b.c.d

 

server

Syntax 
server ip-address
no server
Context 
[Tree] (config>service>vprn>sub-if>grp-if>ipv6>dhcp6>relay server)
Full Contexts 
configure service vprn subscriber-interface group-interface ipv6 dhcp6 relay server
Description 

This command configures the IPv6 address of the DHCP6 server to relay to.

The configured DHCP6 server IPv6 address must reference one of the addresses configured under the DHCP6 CLI context of an IES/VPRN subscriber or group interface.

The no form of this command reverts to the default.

Parameters 
ip-address—
Specifies up to eight IPv6 addresses of the DHCP6 server.

server

Syntax 
server [service service-id] name server-name
no server
Context 
[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host>match-radprox-cache server)
Full Contexts 
configure subscriber-mgmt local-user-db ipoe host match-radius-proxy-cache server
Description 

This command specifies the name of radius-proxy-server and optionally id of the service that the radius-proxy-server resides in.

The no form of this command removes the parameters from the configuration.

Parameters 
service service-id
Specifies the ID or name of the service.
Values—
1 to 214748365
svc-name up to 64 char maximum

 

name server-name
Specifies the name of radius-proxy-server up to 32 characters.

server

Syntax 
server ipv6z-address [ipv6z-address]
no server [ipv6z-address]
Context 
[Tree] (config>service>ies>if>ipv6>dhcp6 server)
Full Contexts 
configure service ies interface ipv6 dhcp6 server
Description 

This command specifies a list of servers where DHCP6 requests are forwarded. The list of servers can be entered as either IP addresses or fully qualified domain names. There must be at least one server specified for DHCP6 relay to work. If there are multiple servers then the request is forwarded to all servers in the list.

The no form of this command reverts to the default.

Parameters 
ipv6z-address—
Specifies up to eight non-global IPv4 addresses including a zone index as defined by the InetAddressIPv4z textual convention.
Values—

ipv6z-address:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 to FFFF]H

d: [0 to 255]D

 

server

Syntax 
server ipv6-address [ipv6-address]
Context 
[Tree] (config>service>ies>if>ipv6>dhcp6 server)
Full Contexts 
configure service ies interface ipv6 dhcp6 server
Description 

This command specifies a list of servers where DHCPv6 requests will be forwarded. The list of servers can be entered as either IP addresses or fully qualified domain names. There must be at least one server specified for DHCPv6 relay to work. If there are multiple servers then the request is forwarded to all of the servers in the list.

Default 

no server

Parameters 
ipv6-address—
Specifies the IPv6 addresses of the DHCP servers where the DHCPv6 requests will be forwarded. Up to 8 addresses can be specified.
Values—

ipv6-address:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x - [0..FFFF]H

d - [0..255]D

 

server

Syntax 
server server1 [server2]
Context 
[Tree] (config>service>ies>if>dhcp server)
[Tree] (config>service>vprn>if>dhcp server)
[Tree] (config>service>ies>sub-if>grp-if>dhcp server)
Full Contexts 
configure service ies interface dhcp server
configure service ies subscriber-interface group-interface dhcp server
configure service vprn interface dhcp server
Description 

This command specifies a list of servers where requests are forwarded. The list of servers can be entered as either IP addresses or fully qualified domain names. There must be at least one server specified for DHCP relay to work. If there are multiple servers then the request is forwarded to all servers in the list.

There can be a maximum of 8 DHCP servers configured.

The no form of this command reverts to the default.

Parameters 
server—
Specifies up to eight DHCP server IP addresses.

server

Syntax 
server server-name
no server
Context 
[Tree] (config>service>ies>sub-if>grp-if>local-address-assignment server)
[Tree] (config>service>ies>sub-if>local-address-assignment server)
[Tree] (config>service>vprn>sub-if>grp-if>local-address-assignment server)
[Tree] (config>service>vprn>sub-if>local-address-assignment server)
Full Contexts 
configure service ies subscriber-interface group-interface local-address-assignment server
configure service ies subscriber-interface local-address-assignment server
configure service vprn subscriber-interface group-interface local-address-assignment server
configure service vprn subscriber-interface local-address-assignment server
Description 

This command designates a local DHCPv4 server for local pools management where IPv4 addresses for PPPoXv4 clients are allocated without the need for the internal DHCP relay-agent. Those addresses are tied to PPPoX sessions and they are de-allocated when the PPPoX session is terminated.

Parameters 
server-name—
Specifies the name of the local DHCP server.

server

Syntax 
server server-index address ip-address secret key [hash |hash2 |custom] [port port] [create]
no server server-index
Context 
[Tree] (config>aaa>l2tp-acct-plcy>radius-acct-server server)
Full Contexts 
configure aaa l2tp-accounting-policy radius-accounting-server server
Description 

This command adds a RADIUS server and configures the RADIUS server IP address, index, and key values.

Up to five RADIUS servers can be configured at any one time. RADIUS servers are accessed in order from lowest to highest index for authentication requests until a response from a server is received. A higher indexed server is only queried if no response is received from a lower indexed server (which implies that the server is not available). If a response from a server is received, no other RADIUS servers are queried.

The no form of this command removes the server from the configuration.

Parameters 
server-index—
The index for the RADIUS server. The index determines the sequence in which the servers are queried for authentication requests. Servers are queried in order from lowest to highest index.
Values—
1 to 16 (a maximum of 5 accounting servers)

 

address ip-address—
The IP address of the RADIUS server. Two RADIUS servers cannot have the same IP address. An error message is generated if the server address is a duplicate.
secret key
The secret key to access the RADIUS server. This secret key must match the password on the RADIUS server.
Values—
secret-key — A string up to 20 characters.
hash-key — A string up to 33 characters.
hash2-key — A string up to 55 characters.

 

hash—
Specifies the key is entered in an encrypted form. If the hash parameter is not used, the key is assumed to be in a non-encrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash parameter specified.
hash2 —
Specifies the key is entered in a more complex encrypted form. If the hash2 parameter is not used, the less encrypted hash form is assumed.
custom—
Specifies the custom encryption to management interface.
port—
Specifies the UDP port number on which to contact the RADIUS server for authentication.
Values—
1 to 65535

 

server

Syntax 
server server-index address ip-address secret key [hash |hash2 |custom] [port port] [create]
no server server-index
Context 
[Tree] (config>app-assure>rad-acct-plcy>server server)
Full Contexts 
configure application-assurance radius-accounting-policy radius-accounting-server server
Description 

This command adds a RADIUS server and configures the RADIUS server IP address, index, and key values.

Up to five RADIUS servers can be configured at any one time. RADIUS servers are accessed in order from lowest to highest index for authentication requests until a response from a server is received. A higher indexed server is only queried if no response is received from a lower indexed server (which implies that the server is not available). If a response from a server is received, no other RADIUS servers are queried.

The no form of this command removes the server from the configuration.

Parameters 
server-index—
The index for the RADIUS server. The index determines the sequence in which the servers are queried for authentication requests. Servers are queried in order from lowest to highest index.
Values—
1 to 16 (a maximum of 5 accounting servers)

 

ip-address—
The IP address of the RADIUS server. Two RADIUS servers cannot have the same IP address. An error message is generated if the server address is a duplicate.
secret key
The secret key to access the RADIUS server. This secret key must match the password on the RADIUS server.
Values—
secret-key — A string up to 20 characters
hash-key — A string up to 33 characters
hash2-key — A string up to 55 characters

 

hash—
Specifies the key is entered in an encrypted form. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
hash2—
Specifies the key is entered in a more complex encrypted form that involves more variables than the key value alone, meaning that the hash2 encrypted variable cannot be copied and pasted. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
custom—
Specifies the custom encryption to management interface.
port—
Specifies the UDP port number on which to contact the RADIUS server for authentication.
Values—
1 to 65535

 

server

Syntax 
server server-index address ip-address secret key [hash |hash2 |custom] [port port-num] [coa-only] [pending-requests-limit limit]
no server index
Context 
[Tree] (config>subscr-mgmt>auth-policy>radius-auth-server server)
[Tree] (config>subscr-mgmt>acct-plcy>server server)
Full Contexts 
configure subscriber-mgmt radius-accounting-policy radius-accounting-server server
configure subscriber-mgmt authentication-policy radius-auth-server server
Description 

This command adds a RADIUS server and configures the RADIUS server IP address, index, and key values.

Up to sixteen RADIUS servers can be configured at any one time in a RADIUS authentication policy. Only five can be used for authentication, all other servers should be configured as coa-only servers. In a RADIUS accounting policy, up to five RADIUS servers can be configured. RADIUS servers are accessed in order from lowest to highest index for authentication or accounting requests until a response from a server is received. A higher indexed server is only queried if no response is received from a lower indexed server (which implies that the server is not available). If a response from a server is received, no other RADIUS servers are queried.

The no form of this command removes the server index from the configuration.

Parameters 
server-index—
Specifies the index for the RADIUS server. The index determines the sequence in which the servers are queried for authentication requests. Servers are queried in order from lowest to highest index.
Values—
1 to 16 (a maximum of 5 authentication servers)

 

ip-address
Specifies the IP address of the RADIUS server. Two RADIUS servers cannot have the same IP address. An error message is generated if the server address is a duplicate.
key
Specifies the secret key to access the RADIUS server. This secret key must match the password on the RADIUS server.
Values—
secret-key: Up to 20 characters.
hash-key: Up to 33 characters.
hash2-ke: Up to 55 characters.

 

hash—
Specifies the key is entered in an encrypted form. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
hash2—
Specifies the key is entered in a more complex encrypted form that involves more variables than the key value alone, meaning that the hash2 encrypted variable cannot be copied and pasted. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
custom—
Specifies the custom encryption to management interface.
port-num
Specifies the UDP port number on which to contact the RADIUS server for authentication.
Values—
1 to 65535

 

coa-only—
Specifies Change-of-Authorization Messages only. Servers that are marked with the coa-only flag will not be used for authentication, but they is able to accept RADIUS CoA messages, independent of the accept-authorization-change setting in the authentication policy.

For authentication purposes, the maximum number of servers is 5. All other servers may only be used as coa-only servers.

limit
Specifies the maximum number of outstanding RADIUS authentication requests for this authentication server.
Values—
1 to 4096

 

Default—
The default value when not configured is 4096

server

Syntax 
server server-name
no server
Context 
[Tree] (config>service>ies>sub-if>lcl-addr-assign server)
[Tree] (config>service>vprn>sub-if>lcl-addr-assign server)
[Tree] (config>service>ies>sub-if>grp-if>lcl-addr-assign server)
[Tree] (config>service>vprn>sub-if>grp-if>lcl-addr-assign server)
Full Contexts 
configure service ies subscriber-interface group-interface local-address-assignment server
configure service ies subscriber-interface local-address-assignment server
configure service vprn subscriber-interface group-interface local-address-assignment server
configure service vprn subscriber-interface local-address-assignment server
Description 

This command designates a local router DHCPv4 server for local pools management where IPv4 addresses for PPPoXv4 clients is allocated without the need for the internal router DHCP relay-agent. Those addresses are tied to PPPoX sessions and they are de-allocated when the PPPoX session is terminated.

Parameters 
server-name—
The name of the local 7450 ESS or 7750 SR DHCP server.

server

Syntax 
server server-name
no server
Context 
[Tree] (config>service>ies>sub-if>grp-if>lcl-addr-assign>ipv6 server)
[Tree] (config>service>vprn>sub-if>grp-if>lcl-addr-assign>ipv6 server)
Full Contexts 
configure service ies subscriber-interface group-interface local-address-assignment ipv6 server
configure service vprn subscriber-interface group-interface local-address-assignment ipv6 server
Description 

This command designates a local router DHCPv6 server for local pools management where IPv6 prefixes or address for PPPoXv6 clients or IPoEv6 clients are allocated without the need for the internal router DHCP relay-agent. Those addresses are tied to PPPoX or IPoE sessions and they are de-allocated when the PPPoX or IPoE session is terminated.

Parameters 
server-name—
The name of the local router DHCPv6 server.

server

Syntax 
server server-index name server-name
no server server-index
Context 
[Tree] (config>aaa>radius-srv-plcy>servers server)
Full Contexts 
configure aaa radius-server-policy servers server
Description 

This command adds a RADIUS server.

The no form of this command removes a RADIUS server.

Parameters 
index—
Specifies the index for the RADIUS server. The index determines the sequence in which the servers are queried for authentication requests. Servers are queried in order from lowest to highest index.
Values—
1 to 5

 

server-name—
Specifies the server name, up to 32 characters.

server

Syntax 
server server-name [address ip-address] [secret key] [hash |hash2| custom] [create]
no server server-name
Context 
[Tree] (config>router>radius-server server)
[Tree] (config>service>vprn>radius-server server)
Full Contexts 
configure router radius-server server
configure service vprn radius-server server
Description 

This command either specifies an external RADIUS server in the corresponding routing instance or enters configuration context of an existing server. The configured server could be referenced in the radius-server-policy.

The no form of this command removes the parameters from the server configuration.

Parameters 
server-name—
Specifies the name of the external RADIUS server.
ip-address
Specifies the IPv4 or IPv6 IP address of the external RADIUS server.
key
Specifies the shared secret key of the external RADIUS server, up to 64 characters.
hash—
Specifies the key is entered in an encrypted form. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
hash2—
Specifies the key is entered in a more complex encrypted form that involves more variables than the key value alone, meaning that the hash2 encrypted variable cannot be copied and pasted. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
custom—
Specifies the custom encryption to management interface.

server

Syntax 
server server-name [create] [purpose {[accounting |authentication]}] [wlan-gw-group group-id]
no server server-name
Context 
[Tree] (config>router>radius-proxy server)
[Tree] (config>service>vprn>radius-proxy server)
Full Contexts 
configure router radius-proxy server
configure service vprn radius-proxy server
Description 

This command creates a RADIUS-proxy server in the corresponding routing instance. The proxy server can be configured for the purpose of proxying authentication or accounting or both.

If a WLAN-GW ISA group is specified, then the RADIUS proxy server is instantiated on the set of ISAs in the specified wlan-gw group. The RADIUS messages from the AP are load-balanced to these ISAs. The ISA that processes the RADIUS message then hashes this message to the ISA that anchors the UE. The hash is based on UE MAC address (required to be present in the calling-station-id attribute) in the RADIUS message.

If the create parameter is not specified, then this command enters configuration context of the specified RADIUS-proxy server.

The no form of this command removes the server-name and parameters from the radius-proxy configuration.

Parameters 
server-name—
Specifies the name of the RADIUS-proxy server.
create—
Specifies that the system will create the specified RADIUS-proxy server.
purpose —
Specifies the purpose the RADIUS-proxy server.
Values—
accounting — proxy accounting packets
authentication — proxy authentication packets

 

group-id
Specifies the WLAN-GW ISA group.

server

Syntax 
server ipv6-address [ipv6-address]
no server [ipv6-address [ipv6-address]]
Context 
[Tree] (config>service>vprn>sub-if>wlan-gw>pool-manager>dhcp6-client server)
[Tree] (config>service>ies>sub-if>wlan-gw>pool-manager>dhcp6-client server)
Full Contexts 
configure service ies subscriber-interface wlan-gw pool-manager dhcpv6-client server
configure service vprn subscriber-interface wlan-gw pool-manager dhcpv6-client server
Description 

This specifies the DHCPv6 servers that are used for requesting addresses.

The no form of this command removes the server. This cannot be executed while any DHCPv6 client application is not shut down.

Parameters 
ipv6-address—
Specifies up to 8 unicast IPv6 addresses of a DHCP6 server.

server

Syntax 
server xmpp-server-name [domain-name fqdn] [username user-name] [password password] [create] [service-name service-name]
server xmpp-server-name [domain-name fqdn] [username user-name] [password password] [create] [router router-instance]
no server xmpp-server-name
Context 
[Tree] (config>system>xmpp server)
Full Contexts 
configure system xmpp server
Description 

This command configures the XMPP server as well as the Jabber ID that the 7750 SR, 7450 ESS, or 7950 XRS will use for the XMPP communication with the server. The system uses DNS to resolve the configured domain-name.

no server name will remove all the dynamic configurations in all the services.

Parameters 
xmpp-server-name —
Specifies the name of the server in lower-case letters.
fqdn —
Specifies the Fully Qualified Domain Name of the server.
user-name —
Specifies the user-name part of the Jabber ID.
password —
Specifies the password part of the Jabber ID’s user.
create —
Keyword used to create the server instance.
router-instance
Specifies the router name or service ID used to identify the router instance.
Values—

router-instance: router-name or vprn-svc-id

router-name

“Base”, “management”

vprn-svc-id

1 to 2147483647

 

Default—
Base
service-name
Specifies the service name, up to 64 characters.

server

Syntax 
server index address ip-address secret key [hash |hash2 |custom]
no server index
Context 
[Tree] (config>service>vprn>aaa>remote-servers>radius server)
Full Contexts 
configure service vprn aaa remote-servers radius server
Description 

This command adds a RADIUS server and configures the RADIUS server IP address, index, and key values.

Up to five RADIUS servers can be configured at any one time. RADIUS servers are accessed in order from lowest to highest index for authentication requests until a response from a server is received. A higher indexed server is only queried if no response is received from a lower indexed server (which implies that the server is not available). If a response from a server is received, no other RADIUS servers are queried. It is assumed that there are multiple identical servers configured as backups and that the servers do not have redundant data.

The no form of this command removes the server from the configuration.

Default 

no server

Parameters 
index—
Specifies the index for the RADIUS server. The index determines the sequence in which the servers are queried for authentication requests. Servers are queried in order from lowest to highest index.
Values—
1 to 5

 

ip-address
Specifies the IP address of the RADIUS server. Two RADIUS servers cannot have the same IP address. An error message is generated if the server address is a duplicate.
Values—

ipv4-address

a.b.c.d (host bits must be 0)

ipv6-address

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0..FFFF]H

d: [0..255]D

 

key
Specifies the secret key to access the RADIUS server. This secret key must match the password on the RADIUS server.
Values—
Up to 64 characters in length.

 

hash—
Specifies the key is entered in an encrypted form. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified
hash2—
Specifies the key is entered in a more complex encrypted form that involves more variables than the key value alone, meaning that the hash2 encrypted variable cannot be copied and pasted. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
custom—
Specifies the custom encryption to management interface.

server

Syntax 
server index address ip-address secret key [{hash |hash2 |custom}] [port port]
no server index
Context 
[Tree] (config>service>vprn>aaa>remote-servers>tacplus server)
Full Contexts 
configure service vprn aaa remote-servers tacplus server
Description 

This command adds a TACACS+ server and configures the TACACS+ server IP address, index, and key values.

Up to five TACACS+ servers can be configured at any one time. TACACS+ servers are accessed in order from lowest index to the highest index for authentication requests.

The no form of this command removes the server from the configuration.

Default 

No TACACS+ servers are configured.

Parameters 
index—
Specifies the index for the TACACS+ server. The index determines the sequence in which the servers are queried for authentication requests. Servers are queried in order from the lowest index to the highest index.
Values—
1 to 5

 

ip-address
Specifies the IP address of the TACACS+ server. Two TACACS+ servers cannot have the same IP address. An error message is generated if the server address is a duplicate.
Values—

ipv4-address

a.b.c.d (host bits must be 0)

ipv6-address

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0..FFFF]H

d: [0..255]D

 

secret key
Specifies the secret key to access the RADIUS server. This secret key must match the password on the RADIUS server.
Values—
Up to 128 characters in length.

 

hash—
Specifies the key is entered in an encrypted form. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified
hash2—
Specifies the key is entered in a more complex encrypted form that involves more variables than the key value alone, meaning that the hash2 encrypted variable cannot be copied and pasted. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
custom—
Specifies the custom encryption to management interface.
port
Specifies the port ID.
Values—
0 to 65535

 

server

Syntax 
server ipv6-address [ipv6-address]
no server
Context 
[Tree] (config>service>vprn>router-advert>dns-options server)
[Tree] (config>service>vprn>router-advert>if>dns-options server)
Full Contexts 
configure service vprn router-advertisement dns-options server
configure service vprn router-advertisement interface dns-options server
Description 

This command specifies the IPv6 DNS servers to include in the RDNSS option in Router Advertisements. When specified at the router advertisement level this applies to all interfaces that have include-dns enabled, unless the interfaces have more specific dns-options configured.

Parameters 
ipv6-address—
Specifies the IPv6 address of the DNS server(s), up to a maximum of four, specified as eight 16-bit hexadecimal pieces.

server

Syntax 
server ip-address[:port] [create]
no server ip-address[:port]
Context 
[Tree] (config>app-assure>group>url-filter>icap server)
Full Contexts 
configure application-assurance group url-filter icap server
Description 

This command configures the IP address and server port of the ICAP server.

Parameters 
ip-address[:port]—
Specifies the ICAP server IP address and port.

server

Syntax 
server ip-address [ip-address] router router-instance
server ip-address [ip-address] service-name service-name
no server
Context 
[Tree] (config>service>ies>if>sap>ipsec-gw>dhcp server)
[Tree] (config>service>vprn>if>sap>ipsec-gw>dhcp server)
Full Contexts 
configure service ies interface sap ipsec-gw dhcp server
configure service vprn interface sap ipsec-gw dhcp server
Description 

This command specifies up to eight DHCPv4 server addresses for DHCPv4-based address assignment. If multiple server addresses are specified, the first advertised DHCPv6 address received is chosen.

Default 

no server

Parameters 
ip-address—
Specifies up to eight unicast IPv4 addresses.
Values—

ipv4-address

a.b.c.d

 

router-instance—
Specifies the router instance ID used to reach the configured server address.

This variant of this command is only supported in 'classic' configuration-mode (configure system management-interface configuration-mode classic). The server ip-address service-name service-name variant can be used in all configuration modes.

Values—
{router-name | vprn-svc-id}

vprn-svc-id:

1 to 2147483647

router-name:

router-name is an alias for input only. The router-name gets replaced with an id automatically by SROS in the configuration).

 

Default—
Base
service-name—
Specifies the name of the IES or VPRN service used to reach the configured server address, up to 64 characters.

server

Syntax 
server ipv6-address [ipv6-address] router router-instance
server ipv6-address [ipv6-address] service-name service-name
no server
Context 
[Tree] (config>service>ies>if>sap>ipsec-gw>dhcp6 server)
[Tree] (config>service>vprn>if>sap>ipsec-gw>dhcp6 server)
Full Contexts 
configure service ies interface sap ipsec-gw dhcp6 server
configure service vprn interface sap ipsec-gw dhcp6 server
Description 

This command specifies up to eight DHCPv6 server addresses for DHCPv6-based address assignment. If multiple server addresses are specified, the first advertised DHCPv6 address received is chosen.

Default 

no server

Parameters 
ipv6-address—
Specifies up to eight unicast global unicast IPv6 addresses.
Values—

ipv6-address

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x - [0..FFFF]H

d - [0..255]D

 

router-instance—
Specifies the router instance ID used to reach the configured server address.

This variant of this command is only supported in 'classic' configuration-mode (configure system management-interface configuration-mode classic). The server ip-address service-name service-name variant can be used in all configuration modes.

Values—
{router-name | vprn-svc-id}

vprn-svc-id:

1 to 2147483647

router-name:

router-name is an alias for input only. The router-name gets replaced with an id automatically by SROS in the configuration).

 

Default—
Base
service-name—
Specifies the name of the IES or VPRN service used to reach the configured server address, up to 64 characters.

server

Syntax 
server server-index [create]
no server server-index
Context 
[Tree] (config>aaa>isa-radius-plcy>servers server)
Full Contexts 
configure aaa isa-radius-policy servers server
Description 

This command adds a RADIUS server and configures the RADIUS server IP address, index, and key values.

Up to five RADIUS servers can be configured at any one time. RADIUS servers are accessed in order from lowest to highest index for authentication requests until a response from a server is received. A higher indexed server is only queried if no response is received from a lower indexed server (which implies that the server is not available). If a response from a server is received, no other RADIUS servers are queried.

The no form of the command removes the server from the configuration.

Default 

none

Parameters 
server-index—
The index for the RADIUS server. The index determines the sequence in which the servers are queried for authentication requests. Servers are queried in order from lowest to highest index.
Values—
1 to 10 (a maximum of 5 accounting servers)

 

create—
Keyword used to create the server index.

server

Syntax 
server
Context 
[Tree] (config>test-oam>twamp server)
Full Contexts 
configure test-oam twamp server
Description 

This command configures the node for TWAMP server functionality.

server

Syntax 
server server [server]
Context 
[Tree] (config>router>if>dhcp server)
Full Contexts 
configure router interface dhcp server
Description 

This command specifies a list of servers where requests will be forwarded. The list of servers can be entered as either IP addresses or fully qualified domain names. There must be at least one server specified for DHCP relay to work. If there are multiple servers then the request is forwarded to all of the servers in the list. There can be a maximum of eight DHCP servers configured.

The flood command is applicable only in the VPLS case. There is a scenario with VPLS where the VPLS node only wants to add Option 82 information to the DHCP request to provider per-subscriber information, but it does not do full DHCP relay. In this case, the server is set to "flood". This means the DHCP request is still a broadcast and is sent through the VPLS domain. A node running at Layer 3 further upstream then can perform the full Layer 3 DHCP relay function.

Default 

no server

Parameters 
server—
Specifies the DHCP server IP address. A maximum of eight servers can be specified in a single statement.

server

Syntax 
server ipv6-address [ipv6-address]
no server
Context 
[Tree] (config>router>router-advert>dns-options server)
[Tree] (config>router>router-advert>if>dns-options server)
Full Contexts 
configure router router-advertisement dns-options server
configure router router-advertisement interface dns-options server
Description 

This command specifies the IPv6 DNS servers to include in the RDNSS option in Router Advertisements. When specified at the router advertisement level this applies to all interfaces that have include-dns enabled, unless the interfaces have more specific dns-options configured.

Parameters 
ipv6-address—
Specifies the IPv6 address of the DNS servers as eight 16-bit hexadecimal pieces. A maximum of four ipv6 addresses can be specified in a single statement.

server

Syntax 
server pcp-server-name [create]
no server pcp-server-name
Context 
[Tree] (config>router>pcp-server server)
Full Contexts 
configure router pcp-server server
Description 

This command enters the context to configure a PCP server.

The no form of this command deletes the specified PCP server.

Parameters 
pcp-server-name—
Specifies the PCP server name, up to 32 characters.
create—
Creates a PCP server before entering the context to configure it.

server

Syntax 
server [router router-instance |service-name service-name] {ip-address |ipv6-address |ptp} [key-id key-id] [version version] [prefer]
no server [router router-instance |service-name service-name] {ip address |ipv6-address |ptp}
Context 
[Tree] (config>system>time>ntp server)
Full Contexts 
configure system time ntp server
Description 

This command configures the node to operate in client mode with the NTP server specified in the address field of this command.

If the internal PTP process is to be used as a source of time for System Time and OAM time then it must be specified as a server for NTP. If PTP is specified, then the prefer parameter must also be specified. After PTP has established a UTC traceable time from an external grandmaster then it will always be the source for time into NTP, even if PTP goes into time holdover. PTP applies only to the 7450 ESS and 7750 SR.

Use of the internal PTP time source for NTP will promote the internal NTP server to stratum 1 level, which may impact the NTP network topology.

The no form of this command removes the server with the specified address from the configuration.

Parameters 
router-instance—
Specifies the routing context that contains the interface in the form of router-name or service-id.
Values—
router-name — Base | Management
service-id — 1 to 2147483647

 

Default—
Base
service name—
Specifies the service name for the VPRN. The name can be up to 64 characters. CPM routing instances are not supported.
ip-address—
Configures the IPv4 address of an external NTP server.
Values—
a.b.c.d

 

Default—
None
ipv6-address—
Configures the IPv6 address of an external NTP server.
Values—
  1. x:x:x:x:x:x:x:x (eight 16-bit pieces)
  2. x:x:x:x:x:x:d.d.d.d
  3. x: [0 to FFFF] H
  4. d: [0 to 255] D

 

Default—
None
key-id
Specifies the key ID that identifies the configured authentication key and authentication type used by this node to transmit NTP packets to an NTP server. If an NTP packet is received by this node, the authentication key-id, type, and key value must be valid, otherwise the packet will be rejected and an event/trap generated. This is an optional parameter.
Values—
1 to 255

 

version
Configures the NTP version number that is expected by this node. This is an optional parameter.
Values—
2 to 4

 

Default—
4
ptp—
Configures the internal PTP process as a time server into the NTP process. The prefer parameter is mandatory with this server option.
prefer—
Specifies that, when configuring more than one peer, one remote system can be configured as the preferred peer. When a second peer is configured as preferred, then the new entry overrides the old entry.

server

Syntax 
server
Context 
[Tree] (config>system>security>ssh>key-re-exchange server)
Full Contexts 
configure system security ssh key-re-exchange server
Description 

This command enables the key re-exchange context for the SSH server.

server

Syntax 
server index address ip-address secret key [hash |hash2 |custom]
no server index
Context 
[Tree] (config>system>security>radius server)
Full Contexts 
configure system security radius server
Description 

This command adds a RADIUS server and configures the RADIUS server IP address, index, and key values.

Up to five RADIUS servers can be configured at any one time. RADIUS servers are accessed in order from lowest to highest index for authentication requests until a response from a server is received. A higher indexed server is only queried if no response is received from a lower indexed server (which implies that the server is not available). If a response from a server is received, no other RADIUS servers are queried. It is assumed that there are multiple identical servers configured as backups and that the servers do not have redundant data.

The no form of this command removes the server from the configuration.

Default 

no server

Parameters 
index—
Specifies the index for the RADIUS server. The index determines the sequence in which the servers are queried for authentication requests. Servers are queried in order from lowest to highest index.
Values—
1 to 5

 

ip-address
Specifies the IP address of the RADIUS server. Two RADIUS servers cannot have the same IP address. An error message is generated if the server address is a duplicate.
Values—

ipv4-address

a.b.c.d (host bits must be 0)

ipv6-address

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0..FFFF]H

d: [0..255]D

 

key
Specifies the secret key to access the RADIUS server, up to 64 characters. This secret key must match the password on the RADIUS server.
hash—
Specifies the key is entered in an encrypted form. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
hash2—
Specifies the key is entered in a more complex encrypted form that involves more variables than the key value alone, meaning that the hash2 encrypted variable cannot be copied and pasted. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
custom—
Specifies the custom encryption to management interface.

server

Syntax 
server index address ip-address secret key [hash |hash2 |custom] [port port]
no server index
Context 
[Tree] (config>system>security>tacplus server)
Full Contexts 
configure system security tacplus server
Description 

This command adds a TACACS+ server and configures the TACACS+ server IP address, index, and key values.

Up to five TACACS+ servers can be configured at any one time. TACACS+ servers are accessed in order from lowest index to the highest index for authentication requests.

The no form of this command removes the server from the configuration.

Parameters 
index—
Specifies the index for the TACACS+ server. The index determines the sequence in which the servers are queried for authentication requests. Servers are queried in order from the lowest index to the highest index.
Values—
1 to 5

 

ip-address
Specifies the IP address of the TACACS+ server. Two TACACS+ servers cannot have the same IP address. An error message is generated if the server address is a duplicate.
Values—

ipv4-address

a.b.c.d (host bits must be 0)

ipv6-address

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0..FFFF]H

d: [0..255]D

 

secret key
Specifies the secret key, up to 128 characters to access the RADIUS server. This secret key must match the password on the RADIUS server.
hash—
Specifies the key is entered in an encrypted form. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified
hash2—
Specifies the key is entered in a more complex encrypted form that involves more variables than the key value alone, meaning that the hash2 encrypted variable cannot be copied and pasted. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
custom—
Specifies the custom encryption to management interface.
port
Specifies the port ID.
Values—
0 to 65535

 

server

Syntax 
server server-index [create]
no server server-index
Context 
[Tree] (config>system>security>ldap server)
Full Contexts 
configure system security ldap server
Description 

This command configures an LDAP server. Up to five servers can be configured, which can then work in a redundant manner.

The no version of this command removes the server connection.

Parameters 
server-index—
Specifies a unique LDAP server connection.
Values—
1 to 5

 

server

Syntax 
server server-index address ip-address secret key [hash |hash2 |custom] [auth-port auth-port] [acct-port acct-port] [type server-type]
Context 
[Tree] (config>system>security>dot1x>radius-plcy server)
Full Contexts 
configure system security dot1x radius-plcy server
Description 

This command adds a Dot1x server and configures the Dot1x server IP address, index, and key values.

Up to five Dot1x servers can be configured at any one time. Dot1x servers are accessed in order from lowest to highest index for authentication requests until a response from a server is received. A higher indexed server is only queried if no response is received from a lower indexed server (which implies that the server is not available). If a response from a server is received, no other Dot1x servers are queried. It is assumed that there are multiple identical servers configured as backups and that the servers do not have redundant data.

The no form of this command removes the server from the configuration.

Default 

no server

Parameters 
server-index—
Specifies the index for the Dot1x server. The index determines the sequence in which the servers are queried for authentication requests. Servers are queried in order from lowest to highest index.
Values—
1 to 5

 

ip-address
Specifies the IP address of the Dot1x server. Two Dot1x servers cannot have the same IP address. An error message is generated if the server address is a duplicate.
key
Specifies the secret key, up to 128 characters, to access the Dot1x server. This secret key must match the password on the Dot1x server.
hash—
Specifies the key is entered in an encrypted form. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
hash2—
Specifies the key is entered in a more complex encrypted form that involves more variables than the key value alone, meaning that the hash2 encrypted variable cannot be copied and pasted. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
custom—
Specifies the custom encryption to management interface.
acct-port
Specifies the UDP port number on which to contact the RADIUS server for accounting requests.
auth-port
Specifies a UDP port number to be used as a match criteria.
Values—
1 to 65535

 

server-type
Specifies the server type.
Values—
authorization, accounting, combined

 

server

Syntax 
[no] server ip-address [ip-address]
Context 
[Tree] (config>service>ies>sub-if>grp-if>dhcp>offer-selection server)
[Tree] (config>service>vprn>sub-if>dhcp>offer-selection server)
[Tree] (config>service>vprn>sub-if>grp-if>dhcp>offer-selection server)
Full Contexts 
configure service ies subscriber-interface group-interface dhcp offer-selection server
configure service vprn subscriber-interface dhcp offer-selection server
configure service vprn subscriber-interface group-interface dhcp offer-selection server
Description 

This command configures a DHCPv4 server destination for which a discover delay must be configured. Up to eight DHCPv4 server destinations can be configured.

The no form of this command removes the DHCPv4 server destination.

Parameters 
ip-address
Specifies the IPv4 address of the DHCP server, in dotted notation a.b.c.d.

server

Syntax 
[no] server ipv6-address [ipv6-address]
Context 
[Tree] (config>service>ies>sub-if>grp-if>ipv6>dhcp6>relay>advertise-selection server)
[Tree] (config>service>vprn>sub-if>ipv6>dhcp6>relay>advertise-selection server)
[Tree] (config>service>vprn>sub-if>grp-if>ipv6>dhcp6>relay>advertise-selection server)
Full Contexts 
configure service ies subscriber-interface group-interface ipv6 dhcp6 relay advertise-selection server
configure service vprn subscriber-interface group-interface ipv6 dhcp6 relay advertise-selection server
configure service vprn subscriber-interface ipv6 dhcp6 relay advertise-selection server
Description 

This command configures a DHCPv6 server destination for which a solicit delay or a preference option value must be configured. Up to eight DHCPv6 server destinations can be configured.

The no form of this command removes the DHCPv6 server destination.

Parameters 
ipv6-address
Specifies the IPv6 address of the DHCPv6 server.
Values—

ipv6-address:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 to FFFF]H

d: [0 to 255]D

 

23.144. server-address

server-address

Syntax 
server-address server-address [name server-name]
no server-address server-address
Context 
[Tree] (config>app-assure>group>dns-ip-cache>dns-match server-address)
Full Contexts 
configure application-assurance group dns-ip-cache dns-match server-address
Description 

This command configures a DNS server address. DNS responses from this DNS server are used to populate the dns-ip-cache. Up to 64 server addresses can be configured.

Parameters 
server-address—
Specifies the IPv4 or IPv6 address of the DNS.
Values—

ipv4-address

a.b.c.d[/mask]

mask - [1 to 32]

ipv6-address

x:x:x:x:x:x:x:x/prefix-length

x:x:x:x:x:x:d.d.d.d

x - [0 to FFFF]H

d - [0 to 255]D

prefix-length

[1 to 128]

 

server-name
Specifies an optional server name for a given server address.

server-address

Syntax 
server-address {eq |neq} ip-address
server-address {eq |neq} dns-ip-cache dns-ip-cache-name
server-address {eq |neq} ip-prefix-list ip-prefix-list-name
no server-address
Context 
[Tree] (config>app-assure>group>policy>app-filter>entry server-address)
Full Contexts 
configure application-assurance group policy app-filter entry server-address
Description 

This command configures the server address to use in application definition. The server IP address may be the source or destination, network or subscriber IP address.

The no form of this command restores the default (removes the server address from application criteria defined by this entry).

Default 

no server-address

Parameters 
eq —
Specifies a comparison operator that the value configured and the value in the flow are equal.
neq —
Specifies a comparison operator that the value configured differs from the value in the flow.
ip-address—
Specifies a valid unicast address.
Values—

ipv4-address

a.b.c.d[/mask]

  mask - [1..32]

ipv6-address

x:x:x:x:x:x:x:x/prefix-length

x:x:x:x:x:x:d.d.d.d

  x - [0..FFFF]H

  d - [0..255]D

prefix-length   [1..128]

 

dns-ip-cache-name—
Specifies a DNS IP cache name, up to 32 characters.
ip-prefix-list-name—
Specifies the name of an IP prefix list, up to 32 characters.

server-address

Syntax 
server-address ip-address [version version-number] [normal |preferred]
[interval seconds]
no server-address ip-address
Context 
[Tree] (config>system>time>sntp server-address)
Full Contexts 
configure system time sntp server-address
Description 

This command creates an SNTP server for unicast client mode.

Parameters 
ip-address—
Specifies the IP address of the SNTP server.
Values—
a.b.c.d

 

version-number
Specifies the SNTP version supported by this server.
Values—
1 to 3

 

Default—
3
normal |preferred—
Specifies the preference value for this SNTP server. When more than one time-server is configured, one server can have preference over others. The value for that server should be set to preferred. Only one server in the table can be a preferred server.
Default—
normal
seconds
Specifies the frequency at which this server is queried.
Values—
64 to 1024

 

Default—
64

23.145. server-cipher-list

server-cipher-list

Syntax 
server-cipher-list protocol-version version
Context 
[Tree] (config>system>security>ssh server-cipher-list)
Full Contexts 
configure system security ssh server-cipher-list
Description 

This command enables the configuration of the list of allowed ciphers by the SSH server.

Parameters 
version—
Specifies the SSH version.
Values—
1 — Specifies that the SSH server only accepts connections from clients that support SSH protocol version 1 2 — Specifies that the SSH server accepts connections from clients supporting either SSH protocol version 2

 

server-cipher-list

Syntax 
server-cipher-list name [create]
no server-cipher-list name
Context 
[Tree] (config>system>security>tls server-cipher-list)
Full Contexts 
configure system security tls server-cipher-list
Description 

This command creates the cipher list that is compared against cipher lists sent by the client to the server in the client hello message. The list contains all ciphers that are supported and desired by SROS for use in the TLS session. The first common cipher found in both the server and client cipher lists will be chosen. As such, the most desired ciphers should be added at the top of the list.

The no form of the command removes the cipher list.

Parameters 
name—
Specifies the name of the server cipher list, up to 32 characters in length.
create—
Keyword used to create the server cipher list.

23.146. server-id

server-id

Syntax 
server-id duid-en hex hex-string
server-id duid-en string ascii-string
server-id duid-ll
no server-id
Context 
[Tree] (config>service>ies>sub-if>grp-if>ipv6>dhcp6>proxy server-id)
[Tree] (config>service>vprn>sub-if>grp-if>ipv6>dhcp6>proxy server-id)
[Tree] (config>router>dhcp6>server server-id)
[Tree] (config>service>vprn>dhcp6>server server-id)
Full Contexts 
configure router dhcp6 local-dhcp-server server-id
configure service ies subscriber-interface group-interface ipv6 dhcp6 proxy-server server-id
configure service vprn dhcp6 local-dhcp-server server-id
configure service vprn subscriber-interface group-interface ipv6 dhcp6 proxy-server server-id
Description 

This command allows the operator to customize the server-id attribute of a DHCPv6 message (such as DHCPv6 advertise and reply). By default, the server-id uses DUID-ll derived from the chassis link layer address. Operators have the option to use a unique identifier by using the duid-en (vendor based on an enterprise number). There is a maximum length associated with the customizable hex-string and ascii-string.

The no form of this command reverts to the default.

Default 

server-id duid-ll

Parameters 
hex-string
Specifies a DUID system ID in a hex format.
Values—
0x0 to 0xFFFFFFFF (maximum 116 hex nibbles)

 

ascii-string
Specifies a DUID system ID in an ASCII format, up to 58 characters.
duid-ll—
Specifies that the DUID system ID is derived from the system link layer address.
duid-en—
Specifies the enterprise number.

23.147. server-ip

server-ip

Syntax 
server-ip {eq |neq} ip-address
no server-ip
Context 
[Tree] (debug>app-assure>group>traffic-capture>match server-ip)
Full Contexts 
debug application-assurance group traffic-capture match server-ip
Description 

This command configures debugging on a servicer IP address.

23.148. server-kex-list

server-kex-list

Syntax 
server-kex-list
Context 
[Tree] (config>system>security>ssh server-kex-list)
Full Contexts 
configure system security ssh server-kex-list
Description 

This command allows the user to configure SSH KEX algorithms for SR OS as an SSH server.

An empty list is the default list that the SSH KEX advertises. The default list contains the following:

diffie-hellman-group16-sha512

diffie-hellman-group14-sha256

diffie-hellman-group14-sha1

diffie-hellman-group1-sha1

23.149. server-mac-list

server-mac-list

Syntax 
server-mac-list
Context 
[Tree] (config>system>security>ssh server-mac-list)
Full Contexts 
configure system security ssh server-mac-list
Description 

This command allows the user to configure SSH MAC algorithms for SR OS as an SSH server.

23.150. server-policy

server-policy

Syntax 
server-policy policy-name
no server-policy
Context 
[Tree] (config>service>dynsvc>acct-1 server-policy)
[Tree] (config>service>dynsvc>acct-2 server-policy)
Full Contexts 
configure service dynamic-services dynamic-services-policy accounting-1 server-policy
configure service dynamic-services dynamic-services-policy accounting-2 server-policy
Description 

This command configures the radius server policy to be used for dynamic data services RADIUS accounting.

The no form of this command removes the radius server policy from the configuration. This is only allowed when there are no active dynamic data services referencing this policy.

Parameters 
policy-name—
Specifies the name of the radius server policy.
Values—
Up to 32 characters maximum

 

server-policy

Syntax 
server-policy policy-name
no server-policy
Context 
[Tree] (config>service>dynsvc>policy>authentication server-policy)
Full Contexts 
configure service dynsvc policy authentication server-policy
Description 

This command configures the RADIUS server policy to be used for RADIUS authentication of data-triggered dynamic services.

Local authentication and RADIUS authentication are mutually exclusive.

The no form of this command removes the server policy from the configuration and disables RADIUS authentication.

Parameters 
policy-name—
Specifies a RADIUS server policy name, up to 32 characters.

23.151. server-port

server-port

Syntax 
server-port {eq |neq |gt |lt} port-num
server-port {eq |neq} range start-port-num end-port-num
server-port {eq} {port-num |range start-port-num end-port-num} {first-packet-trusted |first-packet-validate}
server-port {eq |neq} port-list port-list-name
server-port {eq} port-list port-list-name {first-packet-trusted |first-packet-validate}
no server-port
Context 
[Tree] (config>app-assure>group>policy>app-filter>entry server-port)
Full Contexts 
configure application-assurance group policy app-filter entry server-port
Description 

This command specifies the server TCP or UDP port number to use in the application definition.

The no form of this command restores the default (removes server port number from application criteria defined by this app-filter entry).

Default 

no server-port (the server port is not used in the application definition)

Parameters 
eq —
Specifies that the value configured and the value in the flow are equal.
neq —
Specifies that the value configured differs from the value in the flow.
gt—
Specifies all port numbers greater than server-port-number match.
lt —
Specifies all port numbers less than server-port-number match.
port-list-name—
Specifies a named port list containing a set or range of ports.
port-num —
Specifies a valid server port number.
Values—
0 to 65535

 

start-port-num, end-port-num—
Specifies the starting or ending port number.
Values—
0 to 65535

 

Server Port Options:—
  1. No option specified: TCP/UDP port applications with full signature verification:
    1. AA ensures that other applications that can be identified do not run over a well-known port.
    2. Application-aware policy applied once signature-based identification completes (likely requiring several packets).
  2. first-packet-validate: TCP/UDP trusted port applications with signature verification:
    1. Application identified using well known TCP/UDP port based filters and re-identified once signature identification completes.
    2. AA policy applied from the first packet of a flow while continuing signature-based application identification. Policy re-evaluated once the signature identification completes, allowing to detect improper/unexpected applications on a well-known port.
  3. first-packet-trusted: TCP/UDP trusted port applications - no signature verification:
    1. Application identified using well known TCP/UDP port based filters only.
    2. Application Aware policy applied from the first packet of a flow.
    3. No signature processing assumes operator/customer trusts that no other applications can run on the well-known TCP/UDP port (statistics collected against trusted_tcp or trusted_udp protocol).

server-port

Syntax 
server-port {eq |neq} port-num
no server-port
Context 
[Tree] (debug>app-assure>group>traffic-capture>match server-port)
Full Contexts 
debug application-assurance group traffic-capture match server-port
Description 

This command configures debugging on a server port.

23.152. server-shutdown

server-shutdown

Syntax 
[no] server-shutdown
Context 
[Tree] (config>system>security>ssh server-shutdown)
Full Contexts 
configure system security ssh server-shutdown
Description 

This command enables the SSH servers running on the system.

Default 

no server-shutdown

23.153. server-timeout

server-timeout

Syntax 
server-timeout seconds
no server-timeout
Context 
[Tree] (config>port>ethernet>dot1x server-timeout)
Full Contexts 
configure port ethernet dot1x server-timeout
Description 

This command configures the period during which the router waits for the RADIUS server to respond to its access request message. When this timer expires, the router will re-send the access request message, up to the specified number times.

The no form of this command returns the value to the default.

Default 

server-timeout 30

Parameters 
seconds—
Specifies the server timeout period, in seconds.
Values—
1 to 300

 

23.154. server-tls-profile

server-tls-profile

Syntax 
server-tls-profile name [create]
no server-tls-profile name
Context 
[Tree] (config>system>security>tls server-tls-profile)
Full Contexts 
configure system security tls server-tls-profile
Description 

This command creates a TLS server profile. This profile can be used by applications that support TLS for encryption. The applications should not send any PDUs until the TLS handshake has been successful.

The no form of the command removes the TLS server profile.

Parameters 
name—
Specifies the name of the TLS server profile, up to 32 characters in length.
create—
Keyword used to create the TLS server profile.

23.155. server6

server6

Syntax 
server6 ipv6-address
no server6
Context 
[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host server6)
Full Contexts 
configure subscriber-mgmt local-user-db ipoe host server6
Description 

This command allows DHCP6 server selection based on the host entry in LUDB.

The configured DHCP6 server IP address must reference one of the v6 addressees configured under the config>service>vprn>sub-if>grp-if>ipv6>dhcpv6>relay or config>service>ies>sub-if>grp-if>ipv6>dhcpv6>relay context.

The no form of this command reverts to the default.

Parameters 
ipv6-address—
Specifies the retailer service ID.
Values—

ipv6-address:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 to FFFF]H

d: [0 to 255]D

 

23.156. servers

servers

Syntax 
servers
Context 
[Tree] (config>aaa>radius-srv-plcy servers)
Full Contexts 
configure aaa radius-server-policy servers
Description 

This command enables the context to configure radius-server-policy parameters.

23.157. service

service

Syntax 
service service-id
no service
Context 
[Tree] (config>service>vpls>sap>msap-defaults service)
[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host>msap-defaults service)
[Tree] (config>subscr-mgmt>loc-user-db>ppp>host>msap-defaults service)
Full Contexts 
configure service vpls sap msap-defaults service
configure subscriber-mgmt local-user-db ipoe host msap-defaults service
configure subscriber-mgmt local-user-db ppp host msap-defaults service
Description 

This command sets default service for all subscribers created based on trigger packets received on the given capture SAP in case the corresponding VSA is not included in the RADIUS authentication response. This command is applicable to capture SAP only.

The no form of this command reverts to the default.

Parameters 
service-id—
Specifies the service ID as an integer or a name.
Values—
service-id - 1 to 2147483648
service-name - up to 64 characters

 

service

Syntax 
service service-id
no service
Context 
[Tree] (config>service>vprn>sub-if>grp-if>bonding-parameters>connection service)
[Tree] (config>service>ies>sub-if>grp-if>bonding-parameters>connection service)
Full Contexts 
configure service ies subscriber-interface group-interface bonding-parameters connection service
configure service vprn subscriber-interface group-interface bonding-parameters connection service
Description 

This command binds a specified service to this connection. ESM subscribers created under this service are eligible for bonding in this group interface and are identified by the provisioned connection ID. All connections in one bonding context must use subscriber interfaces in separate router instances.

The no form of this command removes the service from this bonding context, which can only be done when bonding is administratively disabled.

Parameters 
service-id—
Specifies the service ID of the service containing this subscriber interface.

service

Syntax 
service
Context 
[Tree] (config>cflowd>collector>exp-filter>if-list service)
Full Contexts 
configure cflowd collector export-filter interface-list service
Description 

This command enables the context to configure which service interfaces' flow data is being sent to this collector

service

Syntax 
service service-id preference preference
no service service-id
Context 
[Tree] (config>router>dns>redirect-vprn service)
Full Contexts 
configure router dns redirect-vprn service
Description 

This command configures the VPRN DNS redirection for the specified service.

The no form of this command removes the service from the VPRN DNS resolution configuration.

Parameters 
service-id—
Specifies the unique service identification number or string identifying the service in the service domain.
Values—
service-id: 1 to 2147483647
svc-name: 64 characters maximum

 

preference—
Specifies the service preference.
Values—
0 to 255

 

service

Syntax 
service
Context 
[Tree] (monitor service)
Full Contexts 
monitor service
Description 

This command enables the context to configure criteria to monitor specific service SAP criteria.

service

Syntax 
[no] service service-id
Context 
[Tree] (config>log>services-all-events service)
Full Contexts 
configure log services-all-events service
Description 

This command enables access to the entire system-wide set of log events (VPRN and non-VPRN) in the logs configured within the management VPRN specified by the service ID.

The no form of the command enables the display of VPRN events only.

Parameters 
service-id—
Identifies the VPRN.
Values—
{id | svc-name}

id:

1 to 2147483647

svc-name:

up to 64 characters

 

service

Syntax 
service service-id
service name service-name
no service
Context 
[Tree] (config>system>security>pki>ca-profile>ocsp service)
Full Contexts 
configure system security pki ca-profile ocsp service
Description 

This command specifies the service or routing instance that used to contact OCSP responder. This applies to OCSP responders that either configured in CLI or defined in AIA extension of the certificate to be verified.

The responder-url will also be resolved by using the DNS server configured in the configured routing instance.

With VPRN services, the system checks whether the specified service ID or service name is an existing VPRN service at the time of CLI configuration. Otherwise the configuration fails.

Parameters 
service-id —
Specifies an existing service ID to be used in the match criteria.

This variant of this command is only supported in 'classic' configuration-mode (configure system management-interface configuration-mode classic). The service name service-name variant can be used in all configuration modes.

Values—
service-id: 1 to 2147483647 base-router: 0

 

name service-name—
Identifies the service, up to 64 characters.

23.158. service-carving

service-carving

Syntax 
service-carving
Context 
[Tree] (config>service>system>bgp-evpn>ethernet-segment service-carving)
Full Contexts 
configure service system bgp-evpn ethernet-segment service-carving
Description 

This command enables the context to configure service-carving in the Ethernet-Segment. The service-carving algorithm determines which PE is the Designated Forwarder (DF) in a specified Ethernet Segment and for a specific service.

23.159. service-category

service-category

Syntax 
service-category service-category
Context 
[Tree] (config>qos>atm-td-profile service-category)
Full Contexts 
configure qos atm-td-profile service-category
Description 

This command is used to configure an ATM service category attribute of an ATM traffic descriptor profile per ATM Forum Traffic Management Specification Version 4.1.

The router supports the ATM service categories on ATM-capable MDAs listed in Table 135.

Table 135:  ATM Service Categories

Service Category

Description

CBR

Constant Bit Rate

rt-VBR

Real time Variable Bit Rate

nrt-VBR

Non-real time Variable Bit Rate

UBR

Unspecified Bit Rate without Minimum Desired Cell Rate (defined by specifying service category to be UBR, and MIR of 0)

UBR (with MIR)

Unspecified Bit Rate with non-zero Minimum Desired Cell Rate (defined by specifying service category to be UBR, and MIR > 0)

Changing the service category of a profile will reset all traffic attributes to their defaults (see the config>qos>atm-td-profile traffic command) and will cause reprogramming of the data path (with a small impact on user traffic) and a reset of VC statistics for all VCs using this traffic descriptor profile.

Default 

service-category ubr

23.160. service-context-id

service-context-id

Syntax 
service-context-id name
no service-context-id
Context 
[Tree] (config>subscr-mgmt>diam-appl-plcy>gy>include-avp service-context-id)
Full Contexts 
configure subscriber-mgmt diameter-application-policy gy include-avp service-context-id
Description 

This command configures the value of the service context ID AVP.

The no form of this command returns the command to the default setting.

Parameters 
name—
Specifies the service context ID AVP value, up to 32 characters.

23.161. service-id

service-id

Syntax 
service-id service-id
no service-id
Context 
[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host>host-ident service-id)
Full Contexts 
configure subscriber-mgmt local-user-db ipoe host host-identification service-id
Description 

This command specifies an existing service ID from the Nokia vendor-specific sub-option in Option 82 to match.

The no form of this command returns to the default.

Parameters 
service-id—
Specifies an existing service ID or service name.
Values—
service-id — 1 to 2147483647
service-name — up to 64 characters

 

service-id

Syntax 
[no] service-id
Context 
[Tree] (config>service>vpls>sap>dhcp>option>vendor service-id)
[Tree] (config>service>vprn>if>dhcp>option>vendor service-id)
[Tree] (config>service>vprn>sub-if>grp-if>dhcp>option>vendor service-id)
[Tree] (config>service>ies>sub-if>grp-if>dhcp>option>vendor service-id)
Full Contexts 
configure service ies subscriber-interface group-interface dhcp option vendor-specific-option service-id
configure service vpls sap dhcp option vendor-specific-option service-id
configure service vprn interface dhcp option vendor-specific-option service-id
configure service vprn subscriber-interface group-interface dhcp option vendor-specific-option service-id
Description 

This command enables the sending of the service ID in the Nokia vendor-specific sub-option of the DHCP relay packet.

The no form of this command disables the sending of the service ID in the Nokia vendor-specific sub-option of the DHCP relay packet.

service-id

Syntax 
service-id service-id
no service-id
Context 
[Tree] (config>redundancy>mc>peer>mcr>ring>ibc service-id)
[Tree] (config>redundancy>mc>peer>mcr>l3-ring>ibc service-id)
Full Contexts 
configure redundancy multi-chassis peer mc-ring l3-ring in-band-control-path service-id
configure redundancy multi-chassis peer mc-ring ring in-band-control-path service-id
Description 

This command specifies the service ID if the interface used for the inband control connection belongs to a VPRN service. If not specified, the service-id is zero and the interface must belong to the Base router. This command supersedes the configuration of a service name.

The no form of this command removes the service ID from the IBC configuration.

Parameters 
service-id—
Specifies a service ID or an existing service name.
Values—
1 to 214748364 - Only supported in 'classic' configuration-mode (configure>system>management-interface>configuration-mode classic)

 

service-id

Syntax 
service-id service-id
no service-id
Context 
[Tree] (config>redundancy>mc>peer>mcr>node>cv service-id)
[Tree] (config>redundancy>mc>peer>mcr>l3-ring>node>cv service-id)
Full Contexts 
configure redundancy multi-chassis peer mc-ring l3-ring ring-node connectivity-verify service-id
configure redundancy multi-chassis peer mc-ring ring ring-node connectivity-verify service-id
Description 

This command specifies the service ID of the SAP used for the ring-node connectivity verification of this ring node. This command supersedes the configuration of a service name.

The no form of the command removes the service ID from the CV configuration.

Default 

no service-id

Parameters 
service-id—
Specifies the service ID or an existing service name.
Values—
1 to 2147483647- Only supported in “classic” configuration mode (configure system management-interface configuration-mode classic)

 

service-id

Syntax 
service-id
Context 
[Tree] (config>service>system>bgp-evpn>ethernet-segment service-id)
Full Contexts 
configure service system bgp-evpn ethernet-segment service-id
Description 

This command enables the service-id context within the virtual ethernet-segment configuration.

service-id

Syntax 
[no] service-id
Context 
[Tree] (config>router>if>dhcp>option>vendor-specific-option service-id)
Full Contexts 
configure router interface dhcp option vendor-specific-option service-id
Description 

This command enables the sending of the service ID in the Nokia vendor specific suboption of the DHCP relay packet.

The no form of this command disables the sending of the service ID in the Nokia vendor specific suboption of the DHCP relay packet.

Default 

no service-id

23.162. service-id-lag-hashing

service-id-lag-hashing

Syntax 
[no] service-id-lag-hashing
Context 
[Tree] (config>system>load-balancing service-id-lag-hashing)
Full Contexts 
configure system load-balancing service-id-lag-hashing
Description 

This command enables enhanced VLL LAG service ID hashing. This command improves the LAG spraying of VLL service packets and is applied only when both ECMP and LAG hashing are performed by the same router. By default, the ECMP interface and LAG link for all packets on the VLL service are selected based on a direct modulo operation of the service ID. This command enhances distribution and hashes the service ID prior to the LAG link modulo operation when an ECMP link modulo operation is performed.

The no form of the command preserves the default behavior of VLL LAG service ID hashing.

Default 

no service-id-lag-hashing

23.163. service-id-range

service-id-range

Syntax 
service-id-range start service-id end service-id
no service-id-range
Context 
[Tree] (config>service>md-auto-id service-id-range)
Full Contexts 
configure service md-auto-id service-id-range
Description 

This command specifies the range of IDs used by SROS to automatically assign an ID to services that are created in model-driven interfaces without an ID explicitly specified by the user or client.

A service created with an explicitly-specified ID cannot use an ID in this range. In the classic CLI and SNMP, the ID range cannot be changed while objects exist inside the previous or new range. In MD interfaces, the range can be changed, which causes any previously existing objects in the previous ID range to be deleted and re-created using a new ID in the new range.

The no form of this command removes the range values.

See the config>service md-auto-id command for further details.

Default 

no service-id-range

Parameters 
start service-id
Specifies the lower value of the ID range. The value must be less than or equal to the end value.
Values—
1 to 2147483647

 

end service-id
Specifies the upper value of the ID range. The value must be greater than or equal to the start value.
Values—
1 to 2147483647

 

23.164. service-mtu

service-mtu

Syntax 
service-mtu octets
no service-mtu
Context 
[Tree] (config>service>vpls service-mtu)
Full Contexts 
configure service vpls service-mtu
Description 

This command configures the service payload (Maximum Transmission Unit – MTU), in bytes, for the service. This MTU value overrides the service-type default MTU.

The service-mtu defines the payload capabilities of the service. It is used by the system to validate the SAP and SDP binding’s operational state within the service.

The service MTU and a SAP’s service delineation encapsulation overhead (for example, 4 bytes for a Dot1q tag) is used to derive the required MTU of the physical port or channel on which the SAP was created. If the required payload is larger than the port or channel MTU, then the SAP is placed in an inoperative state. If the required MTU is equal to or less than the port or channel MTU, the SAP is able to transition to the operative state.

When binding an SDP to a service, the service MTU is compared to the path MTU associated with the SDP. The path MTU can be administratively defined in the context of the SDP. The default or administrative path MTU can be dynamically reduced due to the MTU capabilities discovered by the tunneling mechanism of the SDP or the egress interface MTU capabilities based on the next hop in the tunnel path. If the service MTU is larger than the path MTU, the SDP binding for the service is placed in an inoperative state. If the service MTU is equal to or less than the path MTU, then the SDP binding is placed in an operational state.

In the event that a service MTU, port or channel MTU, or path MTU is dynamically or administratively modified, then all associated SAP and SDP binding operational states are automatically re-evaluated.

The no form of this command returns the default service-mtu for the indicated service type to the default value.

Default 

service-mtu 1514

Table 136 displays MTU values for specific VC types.

Table 136:  MTU Values for Specific VC Types

VC-Type

Example

Service MTU

Advertised MTU

Ethernet

1514

1500

Ethernet (with preserved dot1q)

1518

1504

VPLS

1514

1500

VPLS (with preserved dot1q)

1518

1504

VLAN (dot1p transparent to MTU value)

1514

1500

VLAN (qinq with preserved bottom qtag)

1518

1504

Parameters 
octets—
Specifies the size of the MTU in octets, expressed as a decimal integer.
Values—
1 to 9194

 

service-mtu

Syntax 
service-mtu octets
no service-mtu
Context 
[Tree] (config>service>vpls service-mtu)
[Tree] (config>service>template>vpls-template service-mtu)
Full Contexts 
configure service template vpls-template service-mtu
configure service vpls service-mtu
Description 

This command configures the service payload (Maximum Transmission Unit – MTU), in bytes, for the service. This MTU value overrides the service-type default MTU. The service-mtu defines the payload capabilities of the service. It is used by the system to validate the SAP and SDP binding’s operational state within the service.

The service MTU and a SAP’s service delineation encapsulation overhead (4 bytes for a dot1q tag) is used to derive the required MTU of the physical port or channel on which the SAP was created. If the required payload is larger than the port or channel MTU, then the SAP will be placed in an inoperative state. If the required MTU is equal to or less than the port or channel MTU, the SAP will be able to transition to the operative state.

When binding an SDP to a service, the service MTU is compared to the path MTU associated with the SDP. The path MTU can be administratively defined in the context of the SDP. The default or administrative path MTU can be dynamically reduced due to the MTU capabilities discovered by the tunneling mechanism of the SDP or the egress interface MTU capabilities based on the next hop in the tunnel path. If the service MTU is larger than the path MTU, the SDP binding for the service will be placed in an inoperative state. If the service MTU is equal to or less than the path MTU, then the SDP binding will be placed in an operational state.

If a service MTU, port or channel MTU, or path MTU is dynamically or administratively modified, then all associated SAP and SDP binding operational states are automatically re-evaluated.

For i-VPLS and Epipes bound to a b-VPLS, the service-mtu must be at least 18 bytes smaller than the b-VPLS service MTU to accommodate the PBB header.

The no form of this command returns the default service-mtu for the indicated service type to the default value.

Default 

service-mtu 1514

Parameters 
octets—
The following table displays MTU values for specific VC types

VC-Type

Example Service MTU

Advertised MTU

Ethernet

1514

1500

Ethernet (with preserved dot1q)

1518

1504

VPLS

1514

1500

VPLS (with preserved dot1q)

1518

1504

VLAN (dot1p transparent to MTU value)

1514

1500

VLAN (qinq with preserved bottom qtag)

1518

1504

The size of the MTU in octets, expressed as a decimal integer

Values—
1 to 9782

 

service-mtu

Syntax 
service-mtu octets
no service-mtu
Context 
[Tree] (config>service>apipe service-mtu)
[Tree] (config>service>cpipe service-mtu)
[Tree] (config>service>epipe service-mtu)
[Tree] (config>service>fpipe service-mtu)
[Tree] (config>service>ipipe service-mtu)
Full Contexts 
configure service apipe service-mtu
configure service cpipe service-mtu
configure service epipe service-mtu
configure service fpipe service-mtu
configure service ipipe service-mtu
Description 

This command configures the service payload (Maximum Transmission Unit – MTU), in bytes, for the service. This MTU value overrides the service-type default MTU. The service-mtu defines the payload capabilities of the service. It is used by the system to validate the SAP and SDP binding’s operational state within the service.

The service MTU and a SAP’s service delineation encapsulation overhead (4 bytes for a dot1q tag) is used to derive the required MTU of the physical port or channel on which the SAP was created. If the required payload is larger than the port or channel MTU, then the SAP will be placed in an inoperative state. If the required MTU is equal to or less than the port or channel MTU, the SAP will be able to transition to the operative state.

When binding an SDP to a service, the service MTU is compared to the path MTU associated with the SDP. The path MTU can be administratively defined in the context of the SDP. The default or administrative path MTU can be dynamically reduced due to the MTU capabilities discovered by the tunneling mechanism of the SDP or the egress interface MTU capabilities based on the next hop in the tunnel path. If the service MTU is larger than the path MTU, the SDP binding for the service will be placed in an inoperative state. If the service MTU is equal to or less than the path MTU, then the SDP binding will be placed in an operational state.

If a service MTU, port or channel MTU, or path MTU is dynamically or administratively modified, then all associated SAP and SDP binding operational states are automatically re-evaluated.

Binding operational states are automatically re-evaluated.

For i-VPLS and Epipes bound to a b-VPLS, the service-mtu must be at least 18 bytes smaller than the b-VPLS service MTU to accommodate the PBB header.

Because this connects a Layer 2 to a Layer 3 service, adjust either the service-mtu under the Epipe service. The MTU that is advertised from the Epipe side is service-mtu minus EtherHeaderSize.

The no form of this command returns the default service-mtu for the indicated service type to the default value.

By default, if no service-mtu is configured it is (1514 - 14) = 1500.

Default 

apipe, fpipe: 1508

ipipe: 1500

epipe: 1514

Table 137 shows MTU values for specific VC types.

Table 137:  MTU Values

SAP VC-Type

Example: Service MTU

Advertised MTU

Ethernet

1514

1500

Ethernet (with preserved dot1q)

1518

1504

VPLS

1514

1500

VPLS (with preserved dot1q)

1518

1504

VLAN (dot1p transparent to MTU value)

1514

1500

VLAN (qinq with preserved bottom qtag)

1518

1504

Parameters 
octets—
Specifies the size of the MTU in octets, expressed as a decimal integer.
Values—
1 to 9782
1 to 9800 (for Epipe only)

 

23.165. service-name

service-name

Syntax 
service-name service-name
no service-name
Context 
[Tree] (config>subscr-mgmt>loc-user-db>ppp>host>host-ident service-name)
Full Contexts 
configure subscriber-mgmt local-user-db ppp host host-identification service-name
Description 

This command specifies the service name tag in PADI and/or PADR packets to match for PPPoE hosts.

The no form of this command returns to the default.

Parameters 
service-name—
Specifies a PPPoE service name, up to 255 characters.

service-name

Syntax 
service-name service-name
no service-name
Context 
[Tree] (config>redundancy>mc>peer>mcr>ring>ibc service-name)
[Tree] (config>redundancy>mc>peer>mc>l3-ring>ibc service-name)
Full Contexts 
configure redundancy multi-chassis peer multi-chassis l3-ring ibc service-name
configure redundancy multi-chassis peer mc-ring ring in-band-control-path service-name
Description 

This command specifies the service name if the interface used for the inband control connection belongs to a VPRN service. If not specified the interface must belong to the Base router. This command supersedes the configuration of a service ID.

The no form of this command removes the service name from the IBC configuration.

Default 

no service-name

Parameters 
service-name—
Specifies the service name, up to 64 characters.

service-name

Syntax 
service-name service-name
no service-name
Context 
[Tree] (config>redundancy>mc>peer>mcr>node>cv service-name)
[Tree] (config>redundancy>mc>peer>mcr>l3-ring>cv service-name)
Full Contexts 
configure redundancy multi-chassis peer mc-ring l3-ring ring-node connectivity-verify service-name
configure redundancy multi-chassis peer mc-ring ring ring-node connectivity-verify service-name
Description 

This command specifies the service name of the SAP used for ring-node connectivity verification of this ring node. This command supersedes the configuration of a service ID.

The no form of this command removes the service name from the CV configuration.

Default 

no service-name

Parameters 
service-name—
Specifies a service name, up to 64 characters.

service-name

Syntax 
service-name service-name
no service-name
Context 
[Tree] (config>redundancy>mc>peer>mcr>node>cv service-name)
Full Contexts 
configure redundancy multi-chassis peer mc-ring ring ring-node connectivity-verify service-name
Description 

This command specifies the service name of the SAP used for ring-node connectivity verification of this ring node. This command supersedes the configuration of a service ID.

The no form of this command removes the service name from the CV configuration.

Default 

no service-id

Parameters 
service-name—
Specifies a service name.
Values—
A string up to 64 characters.

 

23.166. service-prefix

service-prefix

Syntax 
service-prefix {ip-prefix/ip-prefix-length |ip-prefix netmask} [exclusive]
no service-prefix {ip-prefix/ip-prefix-length |ip-prefix netmask}
Context 
[Tree] (config>router service-prefix)
Full Contexts 
configure router service-prefix
Description 

This command creates an IP address range reserved for IES or VPLS services.

The purpose of reserving IP addresses using service-prefix is to provide a mechanism to reserve one or more address ranges for services.

When services are defined, the address must be in the range specified as a service prefix. If a service prefix is defined, then IP addresses assigned for services must be within one of the ranges defined in the service-prefix command. If the service-prefix command is not configured, then no limitations exist.

Addresses in the range of a service prefix can be allocated to a network port unless the exclusive parameter is used. Then, the address range is exclusively reserved for services.

When a range that is a superset of a previously defined service prefix is defined, the subset is replaced with the superset definition; for example, if a service prefix exists for 10.10.10.0/24, and a service prefix is configured as 10.10.0.0/16, then 10.10.10.0/24 is replaced by the new 10.10.0.0/16 configuration.

When a range that is a subset of a previously defined service prefix is defined, the subset replaces the existing superset, providing addresses used by services are not affected; for example, if a service prefix exists for 10.10.0.0/16, and a service prefix is configured as 10.10.10.0/24, then the 10.10.0.0/16 entry is removed as long as no services are configured that use 10.10.x.x addresses other than 10.10.10.x.

The no form of this command removes all address reservations. A service prefix cannot be removed while one or more service uses an address or addresses in the range.

Default 

no service-prefix - No IP addresses are reserved for services.

Parameters 
ip-prefix/ip-prefix-length—
Specifies the IP address prefix to include in the service prefix allocation in dotted decimal notation.
Values—

ipv4-prefix:

a.b.c.d (host bits must be 0)

ipv4-prefix-length:

0 to 32

ipv6-prefix:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x:

[0 to FFFF]H

d:

[0 to 255]D

ipv6-prefix-length:

0 to 128

 

exclusive—
When this option is specified, the addresses configured are exclusively used for services and cannot be assigned to network ports.
Values—
exclusive

 

23.167. service-range

service-range

Syntax 
service-range service-id service-id
no service-range
Context 
[Tree] (config>service>dynsvc service-range)
Full Contexts 
configure service dynamic-services service-range
Description 

This command specifies the service ID range that is reserved for dynamic data service creation. The range cannot overlap with existing static configured services. Once configured with active dynamic services in the range, the service range can only be extended at the end.

The no form of this command removes the service-range from the configuration. This is only allowed when there are no active dynamic data services.

When no service-range is specified, the setup of dynamic data services fails.

Parameters 
service-id—
Specifies the start and end service IDs to define the service range for dynamic services.
Values—
1 to 2147483647

 

service-range

Syntax 
service-range svc-id to svc-id
no service-range
Context 
[Tree] (config>service>vsd service-range)
Full Contexts 
configure service vsd service-range
Description 

This command configures the range of service identifiers that the system allows for dynamic services configured by python, when the Nuage VSD sends the service configuration parameters for the VSD fully-dynamic integration model.

Parameters 
svc-id
Specifies the start and end service identifier values.
Values—
1 to 2147483647

 

service-range

Syntax 
service-range svc-id [to svc-id]
no service-range svc-id
Context 
[Tree] (config>service>system>bgp-evpn>eth-seg>service-id service-range)
Full Contexts 
configure service system bgp-evpn ethernet-segment service-id service-range
Description 

This command associates a specified service range to a virtual ES, along with the network-interconnect-vxlan command. Up to eight service ranges per VXLAN instance can be configured, where the ranges may overlap. The service range may be configured before the service.

The no form of this command removes the association of the service range to the virtual ES for the configured VXLAN instance.

Parameters 
svc-id
Specifies which service range will be associated with the virtual Ethernet Segment.
Values—
1 to 2147483647

 

service-range

Syntax 
service-range startid-endid [start-vlan-id startvid]
no service-range
Context 
[Tree] (config>service>vpls>vpls-group service-range)
Full Contexts 
configure service vpls vpls-group service-range
Description 

This command configures the service ID and implicitly the VLAN ID ranges to be used as input variables for related VPLS and SAP templates to pre-provision “data” VPLS instances and related SAPs using the service ID specified in the command. If the start-vlan-id is not specified then the service-range values are used for vlan-ids. The data SAPs will be instantiated on all the ports used to specify SAP instances under the related control VPLS.

Modifications of the service id and vlan ranges are allowed with the following restrictions.

  1. service-range increase can be achieved in two ways:
    1. Allowed when vpls-group is in shutdown state
    2. By creating a new vpls-group
  2. service-range decrease can be achieved in two ways:
    1. Allowed when vpls-group is in shutdown state; when shutdown command is executed the associated service instances are deleted.
    2. Allowed when vpls-group is in no shutdown state and has completed successfully instantiating services.
    3. In both cases, only the services that do not have user configured SAPs will be deleted. Otherwise the above commands are rejected. Existing declarations or registrations do not prevent service deletion.
  3. start-vlan-id change can be achieved in two ways:
    1. Allowed when vpls-group is in shutdown state
    2. At the time of range decrease by increasing the start-vlan-id which can be done when vpls-group is in no shutdown state and has completed successfully instantiating services

The no form of this command removes the specified ranges and deletes the pre-provisioned VPLS instances and related SAPs. The command will fail if any of the VPLS instances in the affected ranges have a provisioned SAP.

Default 

no service-range

Parameters 
startid-endid—
Specifies the range of service IDs
Values—
1 to 2147483647

 

startvid—
Specifies the starting VLAN ID; it provides a way to set aside a service ID range that is not the same as the VLAN range and allows for multiple MVRP control-VPLSs to control same VLAN range on different ports.
Values—
1 to 4094

 

23.168. services-all-events

services-all-events

Syntax 
services-all-events
Context 
[Tree] (config>log services-all-events)
Full Contexts 
configure log services-all-events
Description 

This command enters the context to control which log events are present in VPRN logs.

By default, the event streams for VPRN logs contain only events that are associated with the particular VPRN.

Access to the entire system-wide set of events (VPRN and non-VPRN) can be enabled using the services-all-events command.

23.169. serving-network

serving-network

Syntax 
serving-network mcc mcc-value mnc mnc-value
no serving-network
Context 
[Tree] (config>subscr-mgmt>gtp serving-network)
Full Contexts 
configure subscriber-mgmt gtp serving-network
Description 

This command configures the Operator Identifier part (MCC and MNC) of the APN.

The no form of this command removes the values from the profile.

Default 

no serving-network

Parameters 
mcc-value—
Specifies the Mobile Country Code (MCC) portion of the Serving Network.
Values—
3 digits

 

mnc-value—
Specifies the Mobile Network Code (MNC) portion of the Serving Network.
Values—
2 or 3 digits

 

23.170. session

session

Syntax 
session
Context 
[Tree] (config>isa>video-group>watermark session)
Full Contexts 
configure isa video-group watermark session
Description 

This command enables the context to configure watermark parameters based on the session.

session

Syntax 
session session-name [test-family [ethernet |ip |mpls] [session-type {proactive |on-demand}] create]
no session session-name
Context 
[Tree] (config>oam-pm session)
Full Contexts 
configure oam-pm session
Description 

This command creates the individual session containers that houses the test specific configuration parameters. Since this session context provides only a container abstract to house the individual test functions, it cannot be shut down. Individual tests sessions within the container may be shut down. No values, parameters, or configuration within this context may be changed if any individual test is active. Changes may only be made when all tests within the context are shut down. The only exception to this is the description value.

The no form of this command deletes the session.

Parameters 
session-name—
Specifies the session name, up to 32 characters.
test-family—
Indicates the type family and sets the context for the individual parameters.
Values—
ethernet — Specifies that the test is based on the Ethernet layer.
ip — Specifies that the test is based on the IP layer.
mpls — Specifies that the test is based on the MPLS layer.

 

session-type—
Specifies how to set the Type bit in the Flags byte, and influences how different test criteria may be applied to the individual test. Not all test families carry this information in the PDU.
Values—
proactive — Sets the type to always on, with an immediate start and no stop.
on-demand — Sets the type to on-demand, with an immediate start and no stop, or a stop based on the offset.

 

Default—
proactive
create—
Creates the PM session.

session

Syntax 
session session-name
Context 
[Tree] (monitor>oam-pm session)
Full Contexts 
monitor oam-pm session
Description 

This command monitors the raw measurement interval for the specified session and test.

Output 

The following sample output shows raw session measurement information.

Sample Output
monitor oam-pm session "eth-pm-service-4" dmm
-------------------------------------------------------------------------------
At time t = 0 sec (Base Statistics)
-------------------------------------------------------------------------------
---------------------------------------------------------------
Frame Delay (FD) Bin Counts
---------------------------------------------------------------
Bin      Lower Bound       Forward      Backward    Round Trip
---------------------------------------------------------------
0               0 us          3928          1125             0
1            1000 us          1197          1855          2611
2            2000 us           183          1361          1565
3            3000 us            36           762           778
4            4000 us            30           214           280
5            5000 us            14            45            81
6            6000 us             8            17            35
7            7000 us             1             5            16
8            8000 us             5            15            26
9           10000 us             1             4            11
---------------------------------------------------------------
---------------------------------------------------------------
Frame Delay Range (FDR) Bin Counts
---------------------------------------------------------------
Bin      Lower Bound       Forward      Backward    Round Trip
---------------------------------------------------------------
0               0 us          5374          5317          5321
1            5000 us            29            86            82
---------------------------------------------------------------
---------------------------------------------------------------
Inter-Frame Delay Variation (IFDV) Bin Counts
---------------------------------------------------------------
Bin      Lower Bound       Forward      Backward    Round Trip
---------------------------------------------------------------
0               0 us          2475          1268           625
1             100 us           516           676           554
2             200 us           395           479           417
3             300 us           338           451           398
4             400 us           224           291           340
5             500 us           185           212           280
6             600 us           187           137           234
7             700 us           185           134           208
8             800 us           315           223           392
9            1000 us           582          1531          1954
---------------------------------------------------------------
-------------------------------------------------------------------------------
At time t = 10 sec (Mode: Delta)
-------------------------------------------------------------------------------
---------------------------------------------------------------
Frame Delay (FD) Bin Counts
---------------------------------------------------------------
Bin      Lower Bound       Forward      Backward    Round Trip
---------------------------------------------------------------
0               0 us             0             7             0
1            1000 us            10             2             6
2            2000 us             0             1             3
3            3000 us             0             0             1
4            4000 us             0             0             0
5            5000 us             0             0             0
6            6000 us             0             0             0
7            7000 us             0             0             0
8            8000 us             0             0             0
9           10000 us             0             0             0
---------------------------------------------------------------
---------------------------------------------------------------
Frame Delay Range (FDR) Bin Counts
---------------------------------------------------------------
Bin      Lower Bound       Forward      Backward    Round Trip
---------------------------------------------------------------
0               0 us            10            10            10
1            5000 us             0             0             0
---------------------------------------------------------------
---------------------------------------------------------------
Inter-Frame Delay Variation (IFDV) Bin Counts
---------------------------------------------------------------
Bin      Lower Bound       Forward      Backward    Round Trip
---------------------------------------------------------------
0               0 us             5             4             2
1             100 us             2             2             2
2             200 us             2             1             1
3             300 us             1             0             0
4             400 us             0             0             1
5             500 us             0             0             0
6             600 us             0             0             0
7             700 us             0             0             1
8             800 us             0             0             0
9            1000 us             0             3             3
---------------------------------------------------------------
---------------------------------------------------------------
At time t = 20 sec (Mode: Delta)
---------------------------------------------------------------
---------------------------------------------------------------
Frame Delay (FD) Bin Counts
---------------------------------------------------------------
Bin      Lower Bound       Forward      Backward    Round Trip
---------------------------------------------------------------
0               0 us             9             0             0
1            1000 us             0             7             6
2            2000 us             0             3             3
3            3000 us             1             0             0
4            4000 us             0             0             0
5            5000 us             0             0             1
6            6000 us             0             0             0
7            7000 us             0             0             0
8            8000 us             0             0             0
9           10000 us             0             0             0
---------------------------------------------------------------
---------------------------------------------------------------
Frame Delay Range (FDR) Bin Counts
---------------------------------------------------------------
Bin      Lower Bound       Forward      Backward    Round Trip
---------------------------------------------------------------
0               0 us            10            10            10
1            5000 us             0             0             0
---------------------------------------------------------------
---------------------------------------------------------------
Inter-Frame Delay Variation (IFDV) Bin Counts
---------------------------------------------------------------
Bin      Lower Bound       Forward      Backward    Round Trip
---------------------------------------------------------------
0               0 us             5             3             2
1             100 us             0             2             2
2             200 us             0             1             0
3             300 us             0             3             1
4             400 us             2             0             0
5             500 us             1             0             0
6             600 us             0             1             2
7             700 us             0             0             0
8             800 us             0             0             0
9            1000 us             2             0             3
---------------------------------------------------------------
 
 
monitor oam-pm session "eth-pm-service-4" slm
-------------------------------------------------------------------------------
At time t = 0 sec (Base Statistics)
-------------------------------------------------------------------------------
------------------------------------------------------
                    Frames Sent       Frames Received
------------------------------------------------------
Forward                   54749                 54749
Backward                  54749                 54749
------------------------------------------------------
-------------------------------------------------------------------------------
Availability Counters (Und = Undetermined)
-------------------------------------------------------------------------------
           Available   Und-Avail Unavailable Und-Unavail        HLI       CHLI
-------------------------------------------------------------------------------
Forward         5475           0           0           0          0          0
Backward        5475           0           0           0          0          0
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
At time t = 10 sec (Mode: Delta)
-------------------------------------------------------------------------------
------------------------------------------------------
                    Frames Sent       Frames Received
------------------------------------------------------
Forward                     100                   100
Backward                    100                   100
------------------------------------------------------
-------------------------------------------------------------------------------
Availability Counters (Und = Undetermined)
-------------------------------------------------------------------------------
           Available   Und-Avail Unavailable Und-Unavail        HLI       CHLI
-------------------------------------------------------------------------------
Forward           10           0           0           0          0          0
Backward          10           0           0           0          0          0
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
At time t = 20 sec (Mode: Delta)
-------------------------------------------------------------------------------
------------------------------------------------------
                    Frames Sent       Frames Received
------------------------------------------------------
Forward                     100                   100
Backward                    100                   100
------------------------------------------------------
-------------------------------------------------------------------------------
Availability Counters (Und = Undetermined)
-------------------------------------------------------------------------------
           Available   Und-Avail Unavailable Und-Unavail        HLI       CHLI
-------------------------------------------------------------------------------
Forward           10           0           0           0          0          0
Backward          10           0           0           0          0          0
-------------------------------------------------------------------------------
 
 
monitor oam-pm session "ip-vprn-500" twamp-light
-------------------------------------------------------------------------------
At time t = 0 sec (Base Statistics)
-------------------------------------------------------------------------------
---------------------------------------------------------------
Frame Delay (FD) Bin Counts
---------------------------------------------------------------
Bin      Lower Bound       Forward      Backward    Round Trip
---------------------------------------------------------------
0               0 us         89719        113813         82529
1            1000 us         51728         43288         62811
2            2000 us         19304          7882         16979
3            3000 us          5207          1300          3067
4            4000 us          1166           335          1280
5            5000 us           469           255           781
6            6000 us           227           129           361
7            7000 us           121           166           152
8            8000 us            83           253           114
9           10000 us           125           728            75
---------------------------------------------------------------
---------------------------------------------------------------
Frame Delay Range (FDR) Bin Counts
---------------------------------------------------------------
Bin      Lower Bound       Forward      Backward    Round Trip
---------------------------------------------------------------
0               0 us        167124        166618        167138
1            5000 us          1025          1531          1011
---------------------------------------------------------------
---------------------------------------------------------------
Inter-Frame Delay Variation (IFDV) Bin Counts
---------------------------------------------------------------
Bin      Lower Bound       Forward      Backward    Round Trip
---------------------------------------------------------------
0               0 us         29284         45291         36062
1             100 us          9615         10793         28238
2             200 us          9289          9827         20379
3             300 us          8933          8733         14325
4             400 us          8597          8362         10257
5             500 us          8216          7789          7635
6             600 us          8178          7606          5893
7             700 us          7782          7345          4963
8             800 us         14799         14500          8416
9            1000 us         63455         47902         31980
--------------------------------------------------------------- 

session

Syntax 
session ldp-id [ldp-id] [interval seconds] [repeat repeat] [absolute |rate]
Context 
[Tree] (monitor>router>ldp session)
Full Contexts 
monitor router ldp session
Description 

This command displays statistical information for LDP sessions at the configured interval until the configured count is reached.

The first screen displays the current statistics related to the specified LDP session(s). The subsequent statistical information listed for each interval is displayed as a delta to the previous display.

When the keyword rate is specified, the rate-per-second for each statistic is displayed instead of the delta.

Monitor commands are similar to show commands but only statistical information displays. Monitor commands display the selected statistics according to the configured number of times at the interval specified.

Parameters 
ldp-id—
Specifies the IP address of the LDP session to display. Up to five IP addresses can be specified in a single statement.
Values—

ipv4-address

label-space

ipv6-address

[label-space]

label-space

0 to 65535

ipv4-address

a.b.c.d

ipv6-address

x:x:x:x:x:x:x:x (16 eight-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 to FFFF] H

d: [0 to 255] D

 

seconds
Configures the interval for each display, in seconds.
Values—
3 to 60

 

Default—
10 seconds
repeat
Configures how many times the command is repeated.
Values—
1 to 999

 

Default—
10
absolute—
Displays raw statistics, without processing. No calculations are performed on the delta or rate statistics.
rate—
Displays rate-per-second for each statistic instead of the delta.
Output 

The following output is an example of LDP session information.

Sample Output
A:ALA-103>monitor>router>ldp# session 10.10.10.104 interval 3 repeat 3 absolute
===============================================================================
Monitor statistics for LDP Session 10.10.10.104
===============================================================================
                              Sent                     Received
-------------------------------------------------------------------------------
At time t = 0 sec (Base Statistics)
-------------------------------------------------------------------------------
FECs                          1                        2
Hello                         5288                     5289
Keepalive                     8225                     8225
Init                          1                        1
Label Mapping                 1                        4
Label Request                 0                        0
Label Release                 0                        0
Label Withdraw                0                        0
Label Abort                   0                        0
Notification                  0                        0
Address                       1                        1
Address Withdraw              0                        0
-------------------------------------------------------------------------------
At time t = 3 sec (Mode: Absolute)
-------------------------------------------------------------------------------
FECs                          1                        2
Hello                         5288                     5289
Keepalive                     8226                     8226
Init                          1                        1
Label Mapping                 1                        4
Label Request                 0                        0
Label Release                 0                        0
Label Withdraw                0                        0
Label Abort                   0                        0
Notification                  0                        0
Address                       1                        1
Address Withdraw              0                        0
-------------------------------------------------------------------------------
At time t = 6 sec (Mode: Absolute)
-------------------------------------------------------------------------------
FECs                          1                        2
Hello                         5288                     5290
Keepalive                     8226                     8226
Init                          1                        1
Label Mapping                 1                        4
Label Request                 0                        0
Label Release                 0                        0
Label Withdraw                0                        0
Label Abort                   0                        0
Notification                  0                        0
Address                       1                        1
Address Withdraw              0                        0
-------------------------------------------------------------------------------
At time t = 9 sec (Mode: Absolute)
-------------------------------------------------------------------------------
FECs                          1                        2
Hello                         5288                     5290
Keepalive                     8226                     8226
Init                          1                        1
Label Mapping                 1                        4
Label Request                 0                        0
Label Release                 0                        0
Label Withdraw                0                        0
Label Abort                   0                        0
Notification                  0                        0
Address                       1                        1
Address Withdraw              0                        0
========================================================================
A:ALA-12>monitor>router>ldp#
 
 
A:ALA-12>monitor>router>ldp# session 10.10.10.104 interval 3 repeat 3 rate
===============================================================================
Monitor statistics for LDP Session 10.10.10.104
===============================================================================
                              Sent                     Received
-------------------------------------------------------------------------------
At time t = 0 sec (Base Statistics)
-------------------------------------------------------------------------------
FECs                          1                        2
Hello                         5289                     5290
Keepalive                     8227                     8227
Init                          1                        1
Label Mapping                 1                        4
Label Request                 0                        0
Label Release                 0                        0
Label Withdraw                0                        0
Label Abort                   0                        0
Notification                  0                        0
Address                       1                        1
Address Withdraw              0                        0
-------------------------------------------------------------------------------
At time t = 3 sec (Mode: Rate)
-------------------------------------------------------------------------------
FECs                          0                        0
Hello                         0                        0
Keepalive                     0                        0
Init                          0                        0
Label Mapping                 0                        0
Label Request                 0                        0
Label Release                 0                        0
Label Withdraw                0                        0
Label Abort                   0                        0
Notification                  0                        0
Address                       0                        0
Address Withdraw              0                        0
-------------------------------------------------------------------------------
At time t = 6 sec (Mode: Rate)
-------------------------------------------------------------------------------
FECs                          0                        0
Hello                         0                        0
Keepalive                     0                        0
Init                          0                        0
Label Mapping                 0                        0
Label Request                 0                        0
Label Release                 0                        0
Label Withdraw                0                        0
Label Abort                   0                        0
Notification                  0                        0
Address                       0                        0
Address Withdraw              0                        0
-------------------------------------------------------------------------------
At time t = 9 sec (Mode: Rate)
-------------------------------------------------------------------------------
FECs                          0                        0
Hello                         0                        0
Keepalive                     0                        0
Init                          0                        0
Label Mapping                 0                        0
Label Request                 0                        0
Label Release                 0                        0
Label Withdraw                0                        0
Label Abort                   0                        0
Notification                  0                        0
Address                       0                        0
Address Withdraw              0                        0
===============================================================================
A:ALA-12>monitor>router>ldp#

23.171. session-accounting

session-accounting

Syntax 
session-accounting [interim-update] [host-update]
no session-accounting
Context 
[Tree] (config>subscr-mgmt>acct-plcy session-accounting)
Full Contexts 
configure subscriber-mgmt radius-accounting-policy session-accounting
Description 

This command enables per session accounting mode. In per session accounting mode, the acct-session-id is generated per session. This acct-session-id is uniformly included in all accounting messages (START/INTERIM-UPDATE/STOP) and it can be included in RADIUS Access-Request message.

This accounting mode of operation can be used only in PPPoE environment with dual-stack host in which case both hosts (IPv4 and IPv6) are considered part of the same session. In addition to regular interim-updates, triggered interim-updates are sent by a host joining or leaving the session.

When an IPv4/v6 address is allocated, or released from a dual-stack host, a triggered interim-update message is immediately sent. This triggered interim-update message reflects the change in the IP address. The triggered interim-update has no effect on the interval at which the regular interim updates are scheduled.

Accounting counters are based on the queue counters and as such are aggregated for all host sharing the queues within an sla-profile instance (non HSMDA) or a subscriber (HSMDA).

CoA and LI is supported based on the acct-session-id of the session.

The no form of this command reverts to the default.

Parameters 
interim-update—
Specifies to enable interim updates. Without this keyword only START and STOP accounting messages are generated when the session is established or terminated. This is equivalent to a time-based accounting where only the duration of the session is required.
host-update—
Indicates that host updates messages are sent. INTERIM-UPDATE messages can be generated (volume based accounting) by selecting this keyword.

23.172. session-assign-method

session-assign-method

Syntax 
session-assign-method {weighted |weighted-random}
no session-assign-method
Context 
[Tree] (config>router>l2tp session-assign-method)
[Tree] (config>service>vprn>l2tp session-assign-method)
Full Contexts 
configure router l2tp session-assign-method
configure service vprn l2tp session-assign-method
Description 

This command configures the session assignment method.

The no form of this command reverts to the default value.

Default 

no session-assign-method

Parameters 
weighted—
Specifies that the sessions are shared between the available tunnels. If necessary, new tunnels are set up until the maximum number is reached. The distribution aims at an equal ratio of the actual number of sessions to the maximum number of sessions.
weighted-random—
Enhances the weighted algorithm such that when there are multiple tunnels with an equal number of sessions (equal weight), LAC randomly selects a tunnel.

session-assign-method

Syntax 
session-assign-method {existing-first |weighted |weighted-random}
no session-assign-method
Context 
[Tree] (config>router>l2tp>group session-assign-method)
[Tree] (config>service>vprn>l2tp>group session-assign-method)
Full Contexts 
configure router l2tp group session-assign-method
configure service vprn l2tp group session-assign-method
Description 

This command specifies how new sessions are assigned to one of the set of suitable tunnels that are available or could be made available.

The no form of this command reverts to the default value.

Default 

session-assign-method existing-first

Parameters 
existing-first—
Specifies that all new sessions are placed by preference in the existing tunnels.
weighted—
Specifies that the sessions are shared between the available tunnels. If necessary, new tunnels are set up until the maximum number is reached. The distribution aims at an equal ratio of the actual number of sessions to the maximum number of sessions.
weighted-random—
Enhances the weighted algorithm such that when there are multiple tunnels with an equal number of sessions (equal weight), LAC randomly selects a tunnel.

23.173. session-filter

session-filter

Syntax 
session-filter session-filter-name
no session-filter
Context 
[Tree] (config>app-assure>group>policy>aqp>entry>action session-filter)
Full Contexts 
configure application-assurance group policy app-qos-policy entry action session-filter
Description 

This command specifies the Application-Assurance session filter that will be evaluated. If no session filters are specified then no session filters will be evaluated.

Default 

no session-filter

Parameters 
session-filter-name—
Specifies the session filter to be applied.

session-filter

Syntax 
session-filter session-filter-name [create]
no session-filter session-filter-name
Context 
[Tree] (config>app-assure>group session-filter)
Full Contexts 
configure application-assurance group session-filter
Description 

This command creates a session filter.

Parameters 
session-filter-name—
Creates a session filter name up to 32 characters.
create—
Keyword used to create the session filter.

session-filter

Syntax 
session-filter session-filter-name
Context 
[Tree] (config>app-assure>group>statistics>tca session-filter)
Full Contexts 
configure application-assurance group statistics threshold-crossing-alert session-filter
Description 

This command configures TCA generation for a session filter.

Parameters 
session-filter-name—
Specifies the name of the session filter, up to 32 characters.

23.174. session-filter-stats

session-filter-stats

Syntax 
[no] session-filter-stats
Context 
[Tree] (config>app-assure>group>statistics>aa-admit-deny session-filter-stats)
Full Contexts 
configure application-assurance group statistics aa-admit-deny session-filter-stats
Description 

This command configures whether to include or exclude session filter admit-deny statistics in accounting records.

Default 

no session-filter-stats

23.175. session-hold-time

session-hold-time

Syntax 
session-hold-time remaining-lease-time
session-hold-time seconds
no session-hold-time
Context 
[Tree] (config>subscr-mgmt>gtp>peer-profile session-hold-time)
Full Contexts 
configure subscriber-mgmt gtp peer-profile session-hold-time
Description 

This command configures, in seconds, the time that a GTP session context is held after the corresponding UE is disconnected. If the same UE re-connects to this system before this time has elapsed, its GTP session context is re-used. When the timer expires, the GTP session context is cleared.

The no form of this command reverts to the default.

Default 

session-hold-time 30

Parameters 
remaining-lease-time—
Specifies that the timer is equal to the UE’s DHCP remaining lease time.
seconds—
Specifies the time, in seconds, to hold a GTP session after its UE is disconnected.
Values—
0 to 3600

 

23.176. session-id

session-id

Syntax 
session-id session-id
no session-id
Context 
[Tree] (config>li>li-source>nat>classic-lsn-sub session-id)
[Tree] (config>li>li-source>nat>dslite-lsn-sub session-id)
[Tree] (config>li>li-source>nat>ethernet-header session-id)
[Tree] (config>li>li-source>nat>l2-aware-sub session-id)
[Tree] (config>li>li-source>nat>nat64-lsn-sub session-id)
Full Contexts 
configure li li-source nat classic-lsn-sub session-id
configure li li-source nat dslite-lsn-sub session-id
configure li li-source nat ethernet-header session-id
configure li li-source nat l2-aware-sub session-id
configure li li-source nat nat64-lsn-sub session-id
Description 

This command configures the session ID that is inserted into the packet header for all mirrored packets of the associated LI source entry. This session ID can be used (for example by a downstream LI gateway) to identify the particular LI session to which the packet belongs.

The session ID is only valid and used for mirror services that are configured with ip-udp-shim routable encapsulation (config>mirror>mirror-dest>encap>ip-gre-shim).

For all types of li-source entries (filter, nat, sap, or subscriber), when the mirror service is configured with ip-udp-shim routable encapsulation, a session-id field (as part of the routable encapsulation) is always present in the mirrored packets. If there is no session-id configured for an li-source entry, then the default value is inserted. When a mirror service is configured with ip-gre routable encapsulation, no session-id is inserted and none should be specified against the li-source entries.

The no form of this command removes the session-id from the configuration which results in the default value being used.

Default 

no session-id (an id of 0, or no id)

Parameters 
session-id—
Specifies the value to insert into the header of the mirrored packets.
Values—
1 to 4,294,967,295 (32b)

 

session-id

Syntax 
session-id [session-id]
no session-id
Context 
[Tree] (config>li>li-source>wlan-gw session-id)
Full Contexts 
configure li li-source wlan-gw session-id
Description 

This command configures the session ID inserted in the packet header for all mirrored packets of the associated li-source. When the mirror-service is configured with the ip-udp-shim routable encapsulation, session-id field (as part of the routable encapsulation) is always present in the mirrored packets. The session-id can be used by the LIG to identify a particular LI session to which the packet belongs.

Parameters 
session-id
Specifies the session ID inserted in the LI header.
Values—
1 to 4294967295

 

session-id

Syntax 
session-id session-id
no session-id
Context 
[Tree] (config>test-oam>build-packet>header>l2tp session-id)
[Tree] (debug>oam>build-packet>packet>field-override>header>l2tp session-id)
Full Contexts 
configure test-oam build-packet header l2tp session-id
debug oam build-packet packet field-override header l2tp session-id
Description 

This command defines the session ID to be used in the L2TP header.

The no form of this command removes the session ID value.

Default 

session-id 0

Parameters 
session-id—
Specifies the L2TP session ID to be used in the L2TP header.
Values—
0 to 65535

 

23.177. session-id-format

session-id-format

Syntax 
session-id-format {description |number}
no session-id-format
Context 
[Tree] (config>subscr-mgmt>acct-plcy session-id-format)
Full Contexts 
configure subscriber-mgmt radius-accounting-policy session-id-format
Description 

This command specifies the format for the acct-session-id attribute used in RADIUS accounting requests.

The no form of this command reverts to the default.

Default 

session-id-format description

Parameters 
description—
Specifies to use a string containing following information: <subscriber>@<sap-id>@<SLA-profile>_<creation-time>
number—
Specifies to use a unique number generated by the OS to identify a given session.

23.178. session-key

session-key

Syntax 
session-key sap mac [cid] [rid]
no session-key
Context 
[Tree] (config>subscr-mgmt>ipoe-policy session-key)
Full Contexts 
configure subscriber-mgmt ipoe-policy session-key
Description 

This command configures the key to logically group subscriber hosts that belong to the same dual stack end device in an IPoE session.

The SAP and MAC address are always part of the IPoE session key. Optionally the Circuit-Id/Interface-Id or Remote-Id can be added to the session key.

The no form of this command reverts to the default.

Default 

session-key sap mac

Parameters 
sap —
Includes the SAP as part of the IPoE session key. The sap parameter is mandatory and cannot be removed from the key.
mac—
Includes the MAC address as part of the IPoE session key. The mac parameter is mandatory and cannot be removed from the key.
cid—
Optionally adds the DHCPv4 Relay Agent Circuit-Id (Option 82, sub Option 1) and DHCPv6 Interface-Id (Option 18) field to the IPoE session key.
rid—
Optionally adds the DHCPv4 Relay Agent Remote-Id (Option 82, sub Option 2) and DHCPv6 Remote-Id (Option 37) field to the IPoE session key. For DHCPv6, the enterprise number is excluded from the key.

sap and mac are mandatory parameters while cid and rid are optional and mutually exclusive. Valid IPoE session key parameters are: sap mac, sap mac cid and sap mac rid.

23.179. session-limit

session-limit

Syntax 
session-limit session-limit
session-limit unlimited
no session-limit
Context 
[Tree] (config>router>l2tp session-limit)
[Tree] (config>router>l2tp>group session-limit)
[Tree] (config>router>l2tp>group>tunnel session-limit)
[Tree] (config>service>vprn>l2tp session-limit)
[Tree] (config>service>vprn>l2tp>group session-limit)
[Tree] (config>service>vprn>l2tp>group>tunnel session-limit)
Full Contexts 
configure router l2tp group session-limit
configure router l2tp group tunnel session-limit
configure router l2tp session-limit
configure service vprn l2tp group session-limit
configure service vprn l2tp group tunnel session-limit
configure service vprn l2tp session-limit
Description 

This command configures the session limit.

This command configures the L2TP session limit for the router. The value controls how many L2TP sessions will be allowed within a given context (system, group, tunnel).

L2TP is connection-oriented. The L2TP Network Server (LNS) and LAC maintain state for each call that is initiated or answered by an LAC. An L2TP session is created between the LAC and LNS when an end-to-end PPP connection is established between a remote system and the LNS. Datagrams related to the PPP connection are sent over the tunnel between the LAC and LNS. There is a one-to-one relationship between established L2TP sessions and their associated calls.

The no form of this command removes the value from the configuration.

Default 

no session-limit

Parameters 
session-limit—
Specifies the allowed number of sessions within the given context.
Values—
1 to 131071

 

unlimited—
Specifies to use the maximum number of sessions available.

session-limit

Syntax 
session-limit session-limit
no session-limit
Context 
[Tree] (config>service>ies>sub-if>grp-if>pppoe session-limit)
[Tree] (config>service>vprn>sub-if>grp-if>pppoe session-limit)
[Tree] (config>service>ies>sub-if>pppoe session-limit)
[Tree] (config>service>vprn>sub-if>pppoe session-limit)
[Tree] (config>service>ies>sub-if>grp-if>ppp session-limit)
[Tree] (config>service>vprn>sub-if>grp-if>ppp session-limit)
Full Contexts 
configure service ies subscriber-interface group-interface ppp session-limit
configure service ies subscriber-interface group-interface pppoe session-limit
configure service ies subscriber-interface pppoe session-limit
configure service vprn subscriber-interface group-interface ppp session-limit
configure service vprn subscriber-interface group-interface pppoe session-limit
configure service vprn subscriber-interface pppoe session-limit
Description 

This command specifies the number of PPPoE hosts allowed for this group interface.

The no form of this command reverts to the default.

Default 

session-limit 1

Parameters 
session-limit—
Specifies the number of PPPoE hosts allowed.
Note:

The operational maximum value may be smaller due to equipped hardware dependencies.

Values—
1 to 131071
1 to 262143 (retail subscriber interface)

 

session-limit

Syntax 
session-limit session-limit
no session-limit
Context 
[Tree] (config>service>ies>sub-if>grp-if>ipoe-session session-limit)
[Tree] (config>service>vprn>sub-if>grp-if>ipoe-session session-limit)
[Tree] (config>service>ies>sub-if>ipoe-session session-limit)
[Tree] (config>service>vprn>sub-if>ipoe-session session-limit)
Full Contexts 
configure service ies subscriber-interface group-interface ipoe-session session-limit
configure service ies subscriber-interface ipoe-session session-limit
configure service vprn subscriber-interface group-interface ipoe-session session-limit
configure service vprn subscriber-interface ipoe-session session-limit
Description 

This command specifies the number of IPoE sessions allowed for this group interface or retail subscriber interface.

The no form of this command reverts to the default.

Default 

session-limit 1

Parameters 
session-limit—
Specifies the number of allowed IPoE sessions.
Note:

The operational maximum value may be smaller due to equipped hardware dependencies.

Values—
1 to 131071
1 to 500000 (retail subscriber interface)

 

session-limit

Syntax 
session-limit limit
Context 
[Tree] (config>li>x-interfaces>x3 session-limit)
Full Contexts 
configure li x-interfaces x3 session-limit
Description 

This command configures the number of X3 sessions that the system should initiate to the LIC.

The no form of this command reverts to the default.

Default 

session-limit 32

Parameters 
limit—
Specifies the session limit.
Values—
1 to 32

 

23.180. session-limits

session-limits

Syntax 
session-limits
Context 
[Tree] (config>isa>wlan-gw-group>nat session-limits)
Full Contexts 
configure isa wlan-gw-group nat session-limits
Description 

This command enables the context to configure session limits for the ISA WLAN gateway NAT group.

session-limits

Syntax 
session-limits
Context 
[Tree] (config>isa>nat-group session-limits)
Full Contexts 
configure isa nat-group session-limits
Description 

This command enables the context to configure session limits for the ISA NAT group.

session-limits

Syntax 
session-limits
Context 
[Tree] (config>service>nat>firewall-policy session-limits)
[Tree] (config>service>nat>nat-policy session-limits)
[Tree] (config>service>nat>up-nat-policy session-limits)
Full Contexts 
configure service nat firewall-policy session-limits
configure service nat nat-policy session-limits
configure service nat up-nat-policy session-limits
Description 

This command enables the context to configure session limits for the NAT policy.

session-limits

Syntax 
[no] session-limits
Context 
[Tree] (config>subscr-mgmt>sla-profile session-limits)
[Tree] (config>subscr-mgmt>sub-profile session-limits)
Full Contexts 
configure subscriber-mgmt sla-profile session-limits
configure subscriber-mgmt sub-profile session-limits
Description 

This command enables the context to configure session limits per SLA profile instance or per subscriber.

The no form of this command removes the configuration.

23.181. session-messages

session-messages

Syntax 
[no] session-messages
Context 
[Tree] (debug>diam>application>policy session-messages)
Full Contexts 
debug diameter application policy session-messages
Description 

This command debugs session messages.

23.182. session-optimized-stop

session-optimized-stop

Syntax 
[no] session-optimized-stop
Context 
[Tree] (config>subscr-mgmt>sub-prof>rad-acct session-optimized-stop)
Full Contexts 
configure subscriber-mgmt sub-profile radius-accounting session-optimized-stop
Description 

This command optimizes a RADIUS Accounting Stop message for a PPPoE session termination (specifically for session accounting mode when the host update is enabled). By default when a PPPoE session terminates, the system removes a dual stack host in sequence, one host at a time. Therefore, the system will generate a RADIUS accounting interim for each host termination until only the final host is left. The final host will generate a final accounting stop message. Enabling this command will trigger a single Stop RADIUS accounting message and include information of all hosts without the host updates.

23.183. session-parameters

session-parameters

Syntax 
session-parameters
Context 
[Tree] (config>router>ldp session-parameters)
Full Contexts 
configure router ldp session-parameters
Description 

This command enables the context to configure peer specific parameters.

23.184. session-time

session-time

Syntax 
[no] session-time
Context 
[Tree] (config>aaa>isa-radius-plcy>acct-include-attributes session-time)
Full Contexts 
configure aaa isa-radius-policy acct-include-attributes session-time
Description 

This command enables the inclusion of the session-time attributes.

The no form of the command excludes session-time attributes.

Default 

no session-time

23.185. session-timeout

session-timeout

Syntax 
session-timeout timeout
no session-timeout
Context 
[Tree] (config>subscr-mgmt>ppp-policy session-timeout)
Full Contexts 
configure subscriber-mgmt ppp-policy session-timeout
Description 

This command defines the time before the PPP session is terminated.

A RADIUS specified session-timeout (attribute [27] Session-Timeout) overrides the CLI configured value.

The no form of this command reverts to the default.

Parameters 
timeout—
Specifies the session timeout in seconds.
Values—
1 to 31104000

 

session-timeout

Syntax 
session-timeout timeout
no session-timeout
Context 
[Tree] (config>subscr-mgmt>ipoe-policy session-timeout)
Full Contexts 
configure subscriber-mgmt ipoe-policy session-timeout
Description 

This command defines the time in seconds between 1 second and 360 days before the IPoE session is disconnected. The default value is unlimited session timeout.

The no form of this command reverts to the default.

Parameters 
timeout—
Specifies the session timeout in seconds.
Values—
1 to 31104000

 

23.186. set-time

set-time

Syntax 
set-time date time
Context 
[Tree] (admin set-time)
Full Contexts 
admin set-time
Description 

This command sets the local system time.

The time entered should be accurate for the time zone configured for the system. The system will convert the local time to UTC before saving to the system clock which is always set to UTC. This command does not take into account any daylight saving offset if defined.

If SNTP or NTP is enabled (no shutdown) then this command cannot be used.

Parameters 
date
Specifies the local date and time accurate to the minute in the YYYY/MM/DD format.
Values—
YYYY is the four-digit year
MM is the two-digit month
DD is the two-digit date

 

time
Specifies the time (accurate to the second) in the hh:mm[:ss] format. If no seconds value is entered, the seconds are reset to :00.
Values—
hh is the two-digit hour in 24 hour format (00=midnight, 12=noon)mm is the two-digit minute

 

Default—
0

23.187. set-tos

set-tos

Syntax 
set-tos [0..255]
no set-tos
Context 
[Tree] (config>service>vprn>nat>inside>nat64 set-tos)
[Tree] (config>router>nat>inside>nat64 set-tos)
Full Contexts 
configure router nat inside nat64 set-tos
configure service vprn nat inside nat64 set-tos
Description 

This command specifies the value of the IPv4 ToS field. When enabled, the NAT64 node ignores IPv6 traffic-class and sets IPv4 ToS to the supplied ToS value in the translated IPv4 packet.

The no form of the command reverts to the default.

Default 

set-tos 0

Parameters 
[0..255]
Sets the IPv4 ToS to a fixed value the IPv6 Traffic Class and set the IPv4 ToS to a fixed value and ignores the IPv6 traffic class.

23.188. setup-role

setup-role

Syntax 
setup-role {active |passive}
Context 
[Tree] (config>router>lmp>peer>control-channel setup-role)
Full Contexts 
configure router lmp peer control-channel setup-role
Description 

This command specifies whether this node takes the active or the passive role in establishing the LMP session to the peer over a GMPLS UNI.

Default 

setup-role active

Parameters 
active—
The router takes the active role.
passive—
The router takes the passive role.

23.189. setup-timeout

setup-timeout

Syntax 
setup-timeout access-accept timeout
no setup-timeout
Context 
[Tree] (config>service>dynsvc>timers setup-timeout)
Full Contexts 
configure service dynamic-services timers setup-timeout
Description 

This command specifies the time that dynamic data services setup requests from a RADIUS Access-Accept are hold in an internal work queue waiting to be processed. If after the timeout, the dynamic data service setup request is still in the queue (meaning it is not setup), then the dynamic service setup request is removed from the queue and the setup fails.

The no form of this command reverts to the default value of 30 seconds.

Default 

no setup-timeout

Parameters 
timeout—
Specifies the setup-timeout, in seconds, for setup requests of dynamic services received via Access-Accept.
Values—
2 to 3600

 

23.190. severity

severity

Syntax 
severity {eq |neq |lt |lte |gt |gte} severity-level
no severity
Context 
[Tree] (config>service>vprn>log>filter>entry>match severity)
Full Contexts 
configure service vprn log filter entry match severity
Description 

This command adds an event severity level as a match criterion. Only one severity command can be entered per event filter entry. The latest severity command overwrites the previous command.

The no form of this command removes the severity match criterion.

Default 

no severity

Parameters 
eq |neq |lt |lte |gt |gte—
Specifies the type of match. Valid operators are listed below.
Values—

Operator

Notes

eq

equal to

neq

not equal to

lt

less than

lte

less than or equal to

gt

greater than

gte

greater than or equal to

 

severity-name
The ITU severity level name. Table 138 lists severity names and corresponding numbers per ITU standards M.3100 X.733 & X.21 severity levels.
Table 138:  Severity Levels

Severity Number

Severity Name

1

cleared

2

indeterminate (info)

3

critical

4

major

5

minor

6

warning

Values—
cleared, intermediate, critical, major, minor, warning

 

severity

Syntax 
severity syslog-severity
Context 
[Tree] (config>app-assure>group>evt-log>syslog severity)
Full Contexts 
configure application-assurance group event-log syslog severity
Description 

This command configures the syslog message severity level threshold.

Default 

severity info

Parameters 
syslog-severity—
Specifies the severity level for the syslog message.
Values—
emergency, alert, critical, error, warning, notice, info, debug

 

severity

Syntax 
severity {eq |neq |lt |lte |gt |gte} severity-level
no severity
Context 
[Tree] (config>log>filter>entry>match severity)
Full Contexts 
configure log filter entry match severity
Description 

This command adds an event severity level as a match criterion. Only one severity command can be entered per event filter entry. The latest severity command overwrites the previous command.

The no form of this command removes the severity match criterion.

Parameters 
eq |neq |lt |lte |gt |gte—
Specifies the match type. Valid operators are listed in Table 139.
Table 139:  Valid Operators

Operator

Notes

eq

equal to

neq

not equal to

lt

less than

lte

less than or equal to

gt

greater than

gte

greater than or equal to

severity-name
Specifies the ITU severity level name. Table 140 lists severity names and corresponding numbers per ITU standards M.3100 X.733 & X.21 severity levels.
Table 140:  ITU Severity Information

Severity Number

Severity Name

1

cleared

2

indeterminate (info)

3

critical

4

major

5

minor

6

warning

Values—
cleared, intermediate, critical, major, minor, warning

 

23.191. severity-level

severity-level

Syntax 
severity-level syslog-level
Context 
[Tree] (config>service>nat>syslog>syslog-export-policy severity-level)
Full Contexts 
configure service nat syslog syslog-export-policy severity-level
Description 

This command configures the severity level.

For more information, refer to the 7450 ESS, 7750 SR, 7950 XRS, and VSR System Management Guide. The config>log>syslog>level hierarchy also applies to this context.

Default 

severity-level info

Parameters 
syslog-level—
Specifies the severity level.
Values—
emergency, alert, critical, error, warning, notice, info, debug

 

23.192. sf-offset

sf-offset

Syntax 
sf-offset offset-value
no sf-offset
Context 
[Tree] (config>service>vprn>isis>if>level sf-offset)
Full Contexts 
configure service vprn isis interface level sf-offset
Description 

If the pre-FEC error rate of the associated DWDM port crosses the configured sf-threshold, this offset-value is added to the IS-IS interface metric. This parameter is only effective if the interface is associated with a DWDM port and the sf-threshold value is configured under that port.

The no form of this command reverts the offset value to 0.

Default 

no sf-offset

Parameters 
offset-value—
Specifies the amount the interface metric is increased by if the sf-threshold is crossed.
Values—
0 to 16777215

 

sf-offset

Syntax 
sf-offset offset-value
no sf-offset
Context 
[Tree] (config>router>isis>if>level sf-offset)
Full Contexts 
configure router isis interface level sf-offset
Description 

If the pre-FEC error rate of the associated DWDM port crosses the configured sf-threshold, this offset-value is added to the IS-IS interface metric. This parameter is only effective if the interface is associated with a DWDM port and the sf-threshold value is configured under that port.

The no form of this command reverts the offset value to 0.

Default 

no sf-offset

Parameters 
offset-value—
Specifies the amount the interface metric is increased by if the sf-threshold is crossed.
Values—
0 to 16777215

 

23.193. sf-sd-method

sf-sd-method

Syntax 
sf-sd-method {bip8 |fec}
Context 
[Tree] (config>port>otu sf-sd-method)
Full Contexts 
configure port otu sf-sd-method
Description 

This command specifies the method used to determine the signal failure (SF) and signal degrade (SD) alarms. When the bip8 method is selected, the SM-BIP8 errors are used. When the fec method is selected, the FEC corrected bits are used.

The following rules must be followed:

  1. The port’s OTU must be enabled to set or change the sf-sd-method.
  2. The FEC mode must be enhanced or g709 before setting sf-sd-method to fec.
  3. The SF threshold must be 5 or higher before setting sf-sd-method to bip8.
Default 

sf-sd-method fec

Parameters 
bip8—
Specifies that SM-BIP8 errors are used to declare the presence of the SF and SD conditions.
fec—
Specifies that FEC corrected bit errors are used to declare the presence of the SF and SD conditions.

23.194. sf-threshold

sf-threshold

Syntax 
sf-threshold threshold [coefficient coefficient]
Context 
[Tree] (config>port>otu sf-threshold)
Full Contexts 
configure port otu sf-threshold
Description 

This command defines the error rate at which to declare the signal failure (SF) condition.

The parameters define an error rate of (coefficient/10) * 10E-threshold. For example, sf-threshold 5 coefficient 20 defines an error rate of (20/10) * 10E-5, or 2 * 10E-5, or 0.000 02.

The SF threshold must be the following:

  1. less than the SD threshold
  2. 5 or higher before setting sf-sd-method to bip8

The coefficient parameter is only used when sf-sd-method is set to fec. When sf-sd-method is set to bip8, coefficient is considered to have the value of 10.

Parameters 
threshold—
Specifies the exponent for the SF threshold value.
Values—
3 to 6 when sf-sd-method is bip8
3 to 8 when sf-sd-method is fec

 

Default—
5
coefficient—
Specifies the coefficient for the SF threshold value.
Values—
10 to 99

 

Default—
10

sf-threshold

Syntax 
sf-threshold errored-frames
Context 
[Tree] (config>port>ethernet>efm-oam>link-mon>errored-frame sf-threshold)
Full Contexts 
configure port ethernet efm-oam link-monitoring errored-frame sf-threshold
Description 

The option defines the number of frame errors within the configured window which indicates the port has exceeded an acceptable error rate. A log event will be raised, and the port will be taken out of service by default. Configuration options exist to take additional actions when the error rate exceeds the threshold. These actions are defined using the local-sf-action configuration. This event can only be cleared through manual intervention that affects the state of the port.

Parameters 
errored-frames—
The number of errored frames within the configured window which indicates the port has become unusable.
Values—
1 to 1000000

 

Default—
1

sf-threshold

Syntax 
sf-threshold errored-frames
Context 
[Tree] (config>port>ethernet>efm-oam>link-mon>errored-frame-period sf-threshold)
Full Contexts 
configure port ethernet efm-oam link-monitoring errored-frame-period sf-threshold
Description 

This command defines the number of frame errors within the configured window which indicates the port has exceeded an acceptable error rate. A log event will be raised, and the port will be taken out of service by default. Configuration options exist to take additional actions when the error rate exceeds the threshold. These actions are defined using the local-sf-action configuration. This event can only be cleared through manual intervention that affects the state of the port.

Default 

sf-threshold 1

Parameters 
errored-frames—
Specifies the number of errored frames within the configured window which indicates the port has become unusable.
Values—
1 to 1000000

 

sf-threshold

Syntax 
sf-threshold errored-seconds
Context 
[Tree] (config>port>ethernet>efm-oam>link-mon>errored-frame-seconds sf-threshold)
Full Contexts 
configure port ethernet efm-oam link-monitoring errored-frame-seconds sf-threshold
Description 

This command defines the number of errors seconds within the configured window which indicates the port has exceeded an acceptable error rate. A log event will be raised, and the port will be taken out of service by default. Configuration options exist to take additional actions when the error rate exceeds the threshold. These actions are defined using the local-sf-action configuration. This event can only be cleared through manual intervention that affects the state of the port.

Parameters 
errored-seconds—
Specifies the number of errored seconds within the configured window which indicates the port has become unusable.
Values—
1 to 900

 

sf-threshold

Syntax 
sf-threshold errored-symbols
Context 
[Tree] (config>port>ethernet>efm-oam>link-mon>errored-symbols sf-threshold)
Full Contexts 
configure port ethernet efm-oam link-monitoring errored-symbols sf-threshold
Description 

This command defines the number of symbol errors within the configured window which indicates the port has exceeded an acceptable error rate. A log event will be raised, and the port will be taken out of service by default. Configuration options exist to take additional actions when the error rate exceeds the threshold. These actions are defined using the local-sf-action configuration.

Parameters 
errored-symbols—
Specifies the number of errored-symbols which indicates the port has become unusable.
Values—
1 to 1000000

 

sf-threshold

Syntax 
sf-threshold threshold [multiplier multiplier]
no sf-threshold
Context 
[Tree] (config>port>ethernet>sym-mon sf-threshold)
Full Contexts 
configure port ethernet symbol-monitor sf-threshold
Description 

This command specifies the error rate at which to declare the Signal Fail condition on an Ethernet interface. The value represents M*10E-N symbol errors over total symbols received over W seconds of the sliding window. The symbol errors on the interface are sampled once per second. A default of 10 seconds is used when there is no additional window-size configured. The multiplier keyword is optional. If the multiplier keyword is omitted or no sf-threshold is specified, the multiplier will return to the default value of 1.

Default 

no sf-threshold

Parameters 
threshold—
Specifies the rate of symbol errors.
Values—
1 to 9

 

multiplier
Specifies the multiplier used to scale the symbol error ratio.
Values—
1 to 9

 

sf-threshold

Syntax 
sf-threshold threshold [multiplier multiplier]
no sf-threshold
Context 
[Tree] (config>port>ethernet>crc-monitor sf-threshold)
Full Contexts 
configure port ethernet crc-monitor sf-threshold
Description 

This command specifies the error rate at which to declare the Signal Fail condition on an Ethernet interface. The value represents M*10E-N errored frames over total frames received over W seconds of the sliding window. The CRC errors on the interface are sampled once per second. A default of 10 seconds is used when there is no additional window-size configured. The multiplier keyword is optional. If the multiplier keyword is omitted or no sf-threshold is specified the multiplier will return to the default value of 1.

Default 

no sf-threshold

Parameters 
threshold
Specifies the threshold value.
Values—
1 to 9

 

multiplier
Specifies the multiplier value.
Values—
1 to 9

 

23.195. sf-threshold-clear

sf-threshold-clear

Syntax 
sf-threshold-clear threshold [coefficient coefficient]
Context 
[Tree] (config>port>otu sf-threshold-clear)
Full Contexts 
configure port otu sf-threshold-clear
Description 

This command defines the signal failure (SF) threshold clear value.

When the bit error rate falls below this value, the SF condition is cleared. The parameters define an error rate of (coefficient/10) * 10E-threshold. For example, sf-threshold-clear 7 coefficient 10 defines an error rate of (10/10) * 10E-7, or 10E-7, or 0.000 000 1.

This SF threshold clear setting is valid only when sf-sd-method is set to fec.

Parameters 
threshold—
Specifies the exponent for the SF threshold clear value.
Values—
3 to 9

 

Default—
6
coefficient—
Specifies the coefficient for the SF threshold clear value.
Values—
10 to 99

 

Default—
10

23.196. sflow

sflow

Syntax 
[no] sflow
Context 
[Tree] (config>port>ethernet sflow)
Full Contexts 
configure port ethernet sflow
Description 

This command enables sFlow data collection for a port and its SAPs that support sFlow data collection.

The no form of this of this command disables sFlow.

Default 

no sflow

sflow

Syntax 
sflow
Context 
[Tree] (config sflow)
Full Contexts 
configure sflow
Description 

This command enables the context to configure sflow agent parameters.

23.197. sfm-loss-threshold

sfm-loss-threshold

Syntax 
sfm-loss-threshold num-sfm
no sfm-loss-threshold
Context 
[Tree] (config>system>switch-fabric sfm-loss-threshold)
Full Contexts 
configure system switch-fabric sfm-loss-threshold
Description 

This command sets the number of SFMs that are permitted to fail before the system goes into SFM overload state. This command is only applicable on the 7750 SR-7s and the 7750 SR-14s. Users can select the SFM limit based on the number possible for the system minus one. For the 7750 SR-7s this is a value of 3 and for the 7750 SR-14s this is a value of 7.

For networks that can accommodate more SFM failures than the default value, this command allows the selection of the number of SFMs to fail prior to the system going into SFM overload state.

The no form of this command reverts the threshold to the default value.

Default 

7750 SR-7s: sfm-loss-threshold 1

7750 SR-14s: sfm-loss-threshold 2

Parameters 
num-sfm—
Specifies the number of SFMs permitted to fail before SFM overload state.
Values—
1 to 7

 

23.198. sg

sg

Syntax 
sg [group grp-addr [source src-addr]]
no sg
Context 
[Tree] (debug>service>id>video-interface sg)
Full Contexts 
debug service id video-interface sg
Description 

This command enables channel debugging.

Parameters 
group grp-addr
Specifies the multicast channel address.
source src-addr
Specifies the source address.

23.199. sgsn-mcc-mnc

sgsn-mcc-mnc

Syntax 
[no] sgsn-mcc-mnc
Context 
[Tree] (config>subscr-mgmt>diam-appl-plcy>gx>include-avp sgsn-mcc-mnc)
Full Contexts 
configure subscriber-mgmt diameter-application-policy gx include-avp sgsn-mcc-mnc
Description 

This command enables the inclusion of the 3GPP-SGSN-MCC-MNC AVP, which contains the MCC and MNC as configured under configure subscriber-mgmt gtp serving-network.

The no form of this command disables the inclusion of the AVP.

23.200. sgt-qos

sgt-qos

Syntax 
sgt-qos
Context 
[Tree] (config>router sgt-qos)
[Tree] (config>service>vprn sgt-qos)
Full Contexts 
configure router sgt-qos
configure service vprn sgt-qos
Description 

This command enters the context to configure DSCP/dot1p remarking for self-generated traffic.

23.201. shallow-inspection

shallow-inspection

Syntax 
[no] shallow-inspection
Context 
[Tree] (config>app-assure>group shallow-inspection)
Full Contexts 
configure application-assurance group shallow-inspection
Description 

This command disables all Layer 7 signature-based flow inspection.

23.202. sham-link

sham-link

Syntax 
sham-link ip-int-name ip-address
Context 
[Tree] (config>service>vprn>ospf>area sham-link)
Full Contexts 
configure service vprn ospf area sham-link
Description 

This command is similar to a virtual link with the exception that metric must be included in order to distinguish the cost between the MPLS-VPRN link and the backdoor.

Parameters 
ip-int-name—
The local interface name used for the sham-link. This is a mandatory parameter and interface names must be unique within the group of defined IP interfaces for config>router>if, config>service>ies>if and config>service>vprn>if commands. An interface name cannot be in the form of an IP address. Interface names can be any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters, the entire string must be enclosed between double quotes. If the IP interface name does not exist or does not have an IP address configured, an error message will be returned.
ip-address—
The IP address of the sham-link neighbor in IP address dotted decimal notation. This parameter is the remote peer of the sham link’s IP address used to set up the sham-link. This is a mandatory parameter and must be a valid IP address.

23.203. sham-neighbor

sham-neighbor

Syntax 
sham-neighbor [ip-address]
no sham-neighbor
Context 
[Tree] (debug>router>ospf sham-neighbor)
Full Contexts 
debug router ospf sham-neighbor
Description 

This command enables debugging of the OSPFv2 sham-link neighbor.

Parameters 
ip-address—
Debugs the sham-link neighbor identified by this IP address.

23.204. shape-multi-client-only

shape-multi-client-only

Syntax 
[no] shape-multi-client-only
Context 
[Tree] (config>service>ies>sub-if>grp-if>wlan-gw>egress shape-multi-client-only)
Full Contexts 
configure service ies subscriber-interface group-interface wlan-gw egress shape-multi-client-only
Description 

This command enables the egress shaping is only enabled for a wlan-gw tunnel while there are multiple UE (User Equipment) using it.

The no form of this command disables the egress shaping.

23.205. shaper

shaper

Syntax 
[no] shaper
Context 
[Tree] (config>service>sdp>binding>pw-port>egress shaper)
Full Contexts 
configure service sdp binding pw-port egress shaper
Description 

This command enables the egress shaping option for use by a pseudowire port.

The no form of the command disables the egress shaping option.

Default 

no shaper

shaper

Syntax 
[no] shaper
Context 
[Tree] (config>service>epipe>pw-port>egress shaper)
Full Contexts 
configure service epipe pw-port egress shaper
Description 

This command enables the context to configure PW-port shaper parameters.

23.206. shaping

shaping

Syntax 
shaping {per-retailer |per-tunnel}
no shaping
Context 
[Tree] (config>service>ies>sub-if>grp-if>wlan-gw>egress shaping)
Full Contexts 
configure service ies subscriber-interface group-interface wlan-gw egress shaping
Description 

This command configures the granularity of the egress shaping for wlan-gw on this group interface.

The no form of this command removes the parameter from the configuration.

Parameters 
per-tunnel—
Specifies that a separate shaper is applied to each wlan-gw tunnel.
per-retailer—
Specifies that a separate shaper is applied to each retailer Mobile Network Operator's fraction of the wlan-gw tunnel payload.

shaping

Syntax 
[no] shaping
Context 
[Tree] (config>qos>atm-td-profile shaping)
Full Contexts 
configure qos atm-td-profile shaping
Description 

This command enables cell level shaping when the ATM traffic descriptor profile is applied to an ATM SAP queue. Shaping is only applied in the egress queue of the ATM SAP. Shaping cannot be enabled on an ATM SAP with the UBR service category.

The no form of this command disables shaping.

Default 

The default is determined by the service category. Table 141 lists which defaults apply for shaping depending on the service and UBR/UBR+MIR category.

Table 141:  Default Shaping Values

Applicable Service Category

Default Shaping Value

Comments

UBR

disabled

Shaping cannot be enabled

CBR

enabled

Shaping cannot be disabled when the profile is applied to ATM SAP on ATM MDA

rt-VBR

enabled

Shaping cannot be disabled when applied to ATM SAP on ATM MDA

nrt-VBR

enabled

23.207. shared-circuit-id

shared-circuit-id

Syntax 
[no] shared-circuit-id
Context 
[Tree] (config>service>ies>sub-if>grp-if shared-circuit-id)
[Tree] (config>service>vprn>sub-if>grp-if shared-circuit-id)
Full Contexts 
configure service ies subscriber-interface group-interface shared-circuit-id
configure service vprn subscriber-interface group-interface shared-circuit-id
Description 

If configured, circuit-id in DHCPv4 Option82 is used to authenticate DHCPv6. If DHCPv6 is received before DHCPv4, it is dropped. Also, a SLAAC host is created based on DHCPv4 authentication if RADIUS returns IPv6 framed-prefix. The IPv6oE host is deleted if the linked IPv4oE host is deleted due to DHCP release or lease time-out. The linkage between IPv4 and IPv6 is based on SAP and MAC address. The sharing of circuit-id from DHCPv4 for authentication of DHCPv6 (or SLAAC) allows 7750 SR to work around lack of support for LDRA on access nodes.

The no form of this command reverts to the default.

23.208. shared-queue

shared-queue

Syntax 
shared-queue policy-name [create]
no shared-queue policy-name
Context 
[Tree] (config>qos shared-queue)
Full Contexts 
configure qos shared-queue
Description 

This command enables the context to modify the QoS default shared-queue policy.

Parameters 
policy-name—
The name of the default shared-queue policy.
Values—
default

 

23.209. shared-radius-filter-wmark

shared-radius-filter-wmark

Syntax 
shared-radius-filter-wmark low low-watermark high high-watermark
no shared-radius-filter-wmark
Context 
[Tree] (config>filter>ip-filter shared-radius-filter-wmark)
[Tree] (config>filter>ipv6-filter shared-radius-filter-wmark)
Full Contexts 
configure filter ip-filter shared-radius-filter-wmark
configure filter ipv6-filter shared-radius-filter-wmark
Description 

This command configures the low and high watermark for the number of RADIUS shared filters reporting

Default 

no shared-radius-filter-wmark

Parameters 
low-watermark
Specifies the utilization of the filter ranges for filter entry insertion, at which a table full alarm will be raised by the agent.
Values—
0 to 8000

 

high-watermark
Specifies the utilization of the filter ranges for filter entry insertion, at which a table full alarm will be cleared by the agent.
Values—
1 to 8000

 

23.210. shared-resources

shared-resources

Syntax 
shared-resources
Context 
[Tree] (config>isa>aa-grp shared-resources)
Full Contexts 
configure isa application-assurance-group shared-resources
Description 

This command enables the context to configure the shared resources pool.

23.211. shcv-policy

shcv-policy

Syntax 
shcv-policy name [create]
no shcv-policy name
Context 
[Tree] (config>subscr-mgmt shcv-policy)
Full Contexts 
configure subscriber-mgmt shcv-policy
Description 

This command configures a Subscriber Host Connectivity Verification (SHCV) policy. An SHCV policy can be applied to both the subscriber management group interface and VPLS instances. All SHCV-related features inside a group interface and a VPLS service follows the configuration specified in the SHCV policy. The SHCV policy and the SHCV configuration on a group interface are mutually exclusive. Only one can be applied to the group interface.

The no form of this command removes the policy name from the configuration.

Parameters 
name—
Specifies the name of the SHCV policy, up to 32 characters.
create—
Keyword required to create the configuration context.

shcv-policy

Syntax 
shcv-policy name
no shcv-policy
Context 
[Tree] (config>service>vprn>sub-if>grp-if shcv-policy)
[Tree] (config>service>ies>sub-if>grp-if shcv-policy)
Full Contexts 
configure service ies subscriber-interface group-interface shcv-policy
configure service vprn subscriber-interface group-interface shcv-policy
Description 

This command references the SHCV policy to be used for both IPv4 and IPv6 subscriber hosts. The policy name must already exist in the config>subscr-mgmt context.

The no form of this command removes the policy name from the service configuration.

Parameters 
name—
Specifies an existing SHCV policy name up to 32 characters.

23.212. shcv-policy-ipv4

shcv-policy-ipv4

Syntax 
shcv-policy-ipv4 name
no shcv-policy-ipv4
Context 
[Tree] (config>service>vpls shcv-policy-ipv4)
[Tree] (config>service>vpls>sap shcv-policy-ipv4)
[Tree] (config>service>ies>if shcv-policy-ipv4)
[Tree] (config>service>ies>sub-if>grp-if shcv-policy-ipv4)
[Tree] (config>service>vprn>if shcv-policy-ipv4)
[Tree] (config>service>vprn>sub-if>grp-if shcv-policy-ipv4)
Full Contexts 
configure service ies interface shcv-policy-ipv4
configure service ies subscriber-interface group-interface shcv-policy-ipv4
configure service vpls sap shcv-policy-ipv4
configure service vpls shcv-policy-ipv4
configure service vprn interface shcv-policy-ipv4
configure service vprn subscriber-interface group-interface shcv-policy-ipv4
Description 

This command specifies the Subscriber Host Connectivity Verification (SHCV) policy to be used exclusive for IPv4 subscriber hosts. The shcv-policy name must already exist in the config>subscr-mgmt context.

The no form of this command removes the policy name from the service configuration.

Parameters 
name—
Specifies an existing SHCV policy name up to 32 characters.

23.213. shcv-policy-ipv6

shcv-policy-ipv6

Syntax 
shcv-policy-ipv6 name
no shcv-policy-ipv6
Context 
[Tree] (config>service>ies>if shcv-policy-ipv6)
[Tree] (config>service>ies>sub-if>grp-if shcv-policy-ipv6)
[Tree] (config>service>vprn>if shcv-policy-ipv6)
[Tree] (config>service>vprn>sub-if>grp-if shcv-policy-ipv6)
Full Contexts 
configure service ies interface shcv-policy-ipv6
configure service ies subscriber-interface group-interface shcv-policy-ipv6
configure service vprn interface shcv-policy-ipv6
configure service vprn subscriber-interface group-interface shcv-policy-ipv6
Description 

This command references the Subscriber Host Connectivity Verification (SHCV) policy to be used exclusive for IPv6 subscriber hosts. The policy name must already exist in the config>subscr-mgmt context.

The no form of this command removes the policy name from the service configuration.

Parameters 
name—
Specifies an existing SHCV policy name up to 32 characters.

23.214. shell

shell

Syntax 
shell -password password
no shell
Context 
[Tree] (environment shell)
Full Contexts 
environment shell
Description 

This command enables and disables the shell.

Parameters 
password—
Specifies the password to enter the shell, up to 256 characters.

23.215. short-duration-flow-count

short-duration-flow-count

Syntax 
[no] short-duration-flow-count
Context 
[Tree] (config>log>acct-policy>cr>aa>aa-sub-cntr short-duration-flow-count)
Full Contexts 
configure log accounting-policy custom-record aa-specific aa-sub-counters short-duration-flow-count
Description 

This command includes the short duration flow count in the AA subscriber's custom record. This command only applies to the 7750 SR.

The no form of this command excludes the short duration flow count.

Default 

no short-duration-flow-count

23.216. short-sequence

short-sequence

Syntax 
[no] short-sequence
Context 
[Tree] (config>port>multilink-bundle short-sequence)
Full Contexts 
configure port multilink-bundle short-sequence
Description 

This command specifies that the Multi-link Point to Point Protocol (MLPPP) bundle should use short (12 bit) sequence numbers instead of the default 24-bit sequence number. This command is only valid for MLPPP bundles.

The no form of this command disables the short-sequence feature.

Default 

no short-sequence

23.217. short-sequence-numbers

short-sequence-numbers

Syntax 
[no] short-sequence-numbers
Context 
[Tree] (config>subscr-mgmt>ppp-policy>mlppp short-sequence-numbers)
[Tree] (config>router>l2tp>group>mlppp short-sequence-numbers)
[Tree] (config>router>l2tp>group>tunnel>mlppp short-sequence-numbers)
[Tree] (config>service>vprn>l2tp>group>mlppp short-sequence-numbers)
[Tree] (config>service>vprn>l2tp>group>tunnel>mlppp short-sequence-numbers)
Full Contexts 
configure router l2tp group mlppp short-sequence-numbers
configure router l2tp group tunnel mlppp short-sequence-numbers
configure service vprn l2tp group mlppp short-sequence-numbers
configure service vprn l2tp group tunnel mlppp short-sequence-numbers
configure subscriber-mgmt ppp-policy mlppp short-sequence-numbers
Description 

This command enables a peer request to send short sequence numbers. This command is applicable to LAC and LNS. By default, MLPPPoX negotiates 24bit long sequence numbers. This command allows this to be changed to shorter, 12-bit sequence numbers.

The no form of this command reverts to the default.

short-sequence-numbers

Syntax 
[no] short-sequence-numbers
Context 
[Tree] (config>subscr-mgmt>ppp-policy>mlppp short-sequence-numbers)
Full Contexts 
configure subscriber-mgmt ppp-policy mlppp short-sequence-numbers
Description 

This command enables a peer request to send short sequence numbers. This command is applicable to LAC and LNS. By default, MLPPPoX will negotiate 24bit long sequence numbers. This command allows this to be changed to shorter, 12-bit sequence numbers.

Default 

short-sequence-numbers

23.218. shortcut-local-ttl-propagate

shortcut-local-ttl-propagate

Syntax 
[no] shortcut-local-ttl-propagate
Context 
[Tree] (config>router>ldp shortcut-local-ttl-propagate)
[Tree] (config>router>mpls shortcut-local-ttl-propagate)
Full Contexts 
configure router ldp shortcut-local-ttl-propagate
configure router mpls shortcut-local-ttl-propagate
Description 

This command configures the TTL handling of locally generated packets for all LSP shortcuts originating on this ingress LER. It applies to all LDP or RSVP LSPs that are used to resolve static routes, BGP routes, and IGP routes.

The user can enable or disable the propagation of the TTL from the header of an IP packet into the header of the resulting MPLS packet independently for local and transit packets forwarded over an LSP shortcut.

Local IP packets include ICMP Ping, traceroute, and OAM packets, that are destined to a route that is resolved to the LSP shortcut. Transit IP packets are all IP packets received on any IES interface and destined to a route that is resolved to the LSP shortcut

By default, the feature propagates the TTL from the header of locally generated IP packets into the label stack of the resulting MPLS packets forwarded over the LSP shortcut. This is referred to as Uniform mode.

When the no form of this command is enabled, TTL propagation is disabled on all locally generated IP packets, including ICMP Ping, traceroute, and OAM packets, that are destined to a route that is resolved to the LSP shortcut. In this case, a TTL of 255 is programmed onto the pushed label stack. This is referred to as Pipe mode.

Default 

shortcut-local-ttl-propagate

23.219. shortcut-transit-ttl-propagate

shortcut-transit-ttl-propagate

Syntax 
[no] shortcut-transit-ttl-propagate
Context 
[Tree] (config>router>ldp shortcut-transit-ttl-propagate)
[Tree] (config>router>mpls shortcut-transit-ttl-propagate)
Full Contexts 
configure router ldp shortcut-transit-ttl-propagate
configure router mpls shortcut-transit-ttl-propagate
Description 

This command configures the TTL handling of transit packets for all LSP shortcuts originating on this ingress LER. It applies to all LDP or RSVP LSPs that are used to resolve static routes, BGP routes, and IGP routes.

The user can enable or disable the propagation of the TTL from the header of an IP packet into the header of the resulting MPLS packet independently for local and transit packets forwarded over an LSP shortcut.

By default, the feature propagates the TTL from the header of transit IP packets into the label stack of the resulting MPLS packets forwarded over the LSP shortcut. This is referred to as Uniform mode.

When the no form of the command is enabled, TTL propagation is disabled on all transit IP packets received on any IES interface and destined to a route that is resolved to the LSP shortcut. In this case, a TTL of 255 is programmed onto the pushed label stack. This is referred to as Pipe mode.

Default 

shortcut-transit-ttl-propagate

23.220. shortcut-tunnel

shortcut-tunnel

Syntax 
shortcut-tunnel
Context 
[Tree] (config>router>bgp>next-hop-resolution shortcut-tunnel)
Full Contexts 
configure router bgp next-hop-resolution shortcut-tunnel
Description 

This command creates the context to configure the tunnel types that can be used to resolve unlabeled IPv4 and IPv6 BGP routes.

The following tunnel types are supported for resolving IPv4 routes and IPv6 routes with IPv4-mapped IPv6 next-hop addresses: bgp, ldp, rsvp, sr-isis, sr-ospf, sr-policy and sr-te. In this context:

  1. bgp — refers to IPv4 tunnels created by receiving BGP label-unicast IPv4 routes for /32 IPv4 prefixes.
  2. ldp — refers to /32 and shorter length LDP FEC prefixes imported into the tunnel table. For IPv4 NLRI, BGP selects the LDP FEC that is the longest-prefix-match (LPM) of the BGP next-hop address. For IPv6 NLRI, BGP selects the /32 FEC that is an exact match of the BGP next-hop address.
  3. rsvp — refers to RSVP tunnels in the tunnel table to IPv4 destinations. This option allows BGP to use the best metric RSVP LSP to the address of the BGP next-hop. This address can correspond to the system interface or to another loopback interface of the remote BGP router. In the case of multiple RSVP LSPs with the same lowest metric, BGP selects the LSP with the lowest tunnel id.
  4. sr-isis — refers to segment routing tunnels (shortest path) to IPv4 destinations reachable by the IS-IS protocol. This option allows BGP to use the segment routing tunnel in the tunnel table submitted by the lowest preference IS-IS instance or (in case of a tie) the lowest numbered IS-IS instance.
  5. sr-ospf — refers to segment routing tunnels (shortest path) to IPv4 destinations reachable by the OSPF protocol. This option allows BGP to use the segment routing tunnel in the tunnel table submitted by the lowest preference OSPF instance or (in case of a tie) the lowest numbered OSPF instance.
  6. sr-policy — refers to segment routing policies with an IPv4 endpoint that are statically configured in the local router or learned through BGP routes (AFI 1/SAFI 73). For BGP to resolve the next hop of an unlabeled IPv4 or IPv6 route using a segment routing policy the highest numbered color extended community attached to the IPv4 or IPv6 route must match the color of the segment routing policy.
  7. sr-te — refers to traffic engineered (TE) segment routing tunnels. This option allows BGP to use the best metric SR-TE tunnel to the address of the BGP next-hop. In the case of multiple SR-TE tunnels with the same lowest metric, BGP selects the tunnel with the lowest tunnel id.
  8. udp — refers to MPLSoUDPoIPv4 tunnels set up by action of the BGP import policies.

The following tunnel types are supported for resolving IPv6 routes with IPv6 next-hops that are not IPv4-mapped IPv6 addresses: ldp, sr-isis, and sr-policy. In this context:

  1. ldp — refers to /128 LDP FEC prefixes in the tunnel table. BGP selects the /128 FEC that is an exact match of the BGP next-hop address.
  2. sr-isis — refers to segment routing tunnels (shortest path) to IPv6 destinations reachable by the IS-IS protocol. This option allows BGP to use the segment routing tunnel in the tunnel table submitted by the lowest preference IS-IS instance or (in case of a tie) the lowest numbered IS-IS instance.
  3. sr-policy — refers to segment routing policies with a null IPv4 endpoint (0.0.0.0) that are statically configured in the local router or learned through BGP routes (AFI 1/SAFI 73). For BGP to resolve the next hop of an IPv6 route using a segment routing policy the highest numbered color extended community attached to the IPv6 route must match the color of the segment routing policy and its color bits must be set to '01' or '10'.

23.221. show-ipsec-keys

show-ipsec-keys

Syntax 
[no] show-ipsec-keys
Context 
[Tree] (config>ipsec show-ipsec-keys)
Full Contexts 
configure ipsec show-ipsec-keys
Description 

This command enables user to optionally include IKE-SA or CHILD-SA keys in the output of debug ipsec or admin ipsec display-key.

The no form of this command disallows the user from including keys in the output.

Default 

no show-ipsec-keys

23.222. show-request

show-request

Syntax 
show-request [ca ca-profile-name]
Context 
[Tree] (admin>certificate>cmpv2 show-request)
Full Contexts 
admin certificate cmpv2 show-request
Description 

This command displays current the CMPv2 pending request toward the specified CA. If there is no pending request, the last pending request is displayed including the status (success/fail/rejected) and the receive time of last CMPv2 message from server.

The following information is included in the output:

  1. Request type, original input parameter (password is not displayed), checkAfter and reason in of last PollRepContent, time of original command input.
Parameters 
ca-profile-name
Specifies a ca-profile name up to 32 characters. If not specified, the system will display pending requests of all ca-profiles.

23.223. shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>dhcp>server>failover shutdown)
[Tree] (config>router>dhcp6>server>failover shutdown)
[Tree] (config>service>vpls>sap>dhcp shutdown)
[Tree] (config>service>vpls>sap>dhcp>option>vendor shutdown)
[Tree] (config>service>vpls>sap>ipoe-session shutdown)
[Tree] (config>service>vprn>if>dhcp shutdown)
[Tree] (config>service>vprn>if>dhcp>proxy-server shutdown)
[Tree] (config>subscr-mgmt>loc-user-db shutdown)
[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host shutdown)
[Tree] (config>subscr-mgmt>loc-user-db>ppp>host shutdown)
[Tree] (config>subscr-mgmt>msap-policy>vpls-only>dhcp>option>proxy-server shutdown)
Full Contexts 
configure router dhcp local-dhcp-server failover shutdown
configure router dhcp6 local-dhcp-server failover shutdown
configure service vpls sap dhcp option vendor shutdown
configure service vpls sap dhcp shutdown
configure service vpls sap ipoe-session shutdown
configure service vprn interface dhcp proxy-server shutdown
configure service vprn interface dhcp shutdown
configure subscriber-mgmt local-user-db ipoe host shutdown
configure subscriber-mgmt local-user-db ppp host shutdown
configure subscriber-mgmt local-user-db shutdown
configure subscriber-mgmt msap-policy vpls-only dhcp option proxy-server shutdown
Description 

This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system-generated configuration files.

The no form of this command places the entity into an administratively enabled state.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vpls>sap>ipoe-session shutdown)
[Tree] (config>service>ies>sub-if>grp-if>ipoe-session shutdown)
[Tree] (config>service>vprn>sub-if>grp-if>ipoe-session shutdown)
Full Contexts 
configure service ies subscriber-interface group-interface ipoe-session shutdown
configure service vpls sap ipoe-session shutdown
configure service vprn subscriber-interface group-interface ipoe-session shutdown
Description 

The shutdown command enables or disables IPoE session management on a group interface or capture SAP.

A shutdown of the IPoE session CLI hierarchy on a group-interface clears all active IPoE sessions on that interface, resulting in a deletion of all corresponding subscriber hosts.

On wlan-gw group interfaces it is not possible to disable an IPoE session.

The no form of this command reverts to the default.

Default 

shutdown no shutdown on wlan-gw group interfaces

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>ies shutdown)
[Tree] (config>service>ies>aarp-interface shutdown)
[Tree] (config>service>ies>aarp-interface>spoke-sdp shutdown)
[Tree] (config>service>ies>if shutdown)
[Tree] (config>service>ies>if>dhcp shutdown)
[Tree] (config>service>ies>if>dhcp>proxy-server shutdown)
[Tree] (config>service>ies>if>sap>eth-cfm shutdown)
[Tree] (config>service>ies>if>sap>static-host shutdown)
[Tree] (config>service>ies>if>spoke-sdp shutdown)
[Tree] (config>service>ies>if>spoke-sdp>control-channel-status shutdown)
[Tree] (config>service>ies>if>vrrp shutdown)
[Tree] (config>service>ies>redundant-interface shutdown)
[Tree] (config>service>ies>sub-if shutdown)
[Tree] (config>service>ies>sub-if>dhcp shutdown)
[Tree] (config>service>ies>sub-if>grp-if shutdown)
[Tree] (config>service>ies>sub-if>grp-if>dhcp shutdown)
[Tree] (config>service>ies>sub-if>grp-if>ipv6>dhcp6>proxy-server shutdown)
[Tree] (config>service>ies>sub-if>grp-if>ipv6>router-advertisements shutdown)
[Tree] (config>service>ies>sub-if>grp-if>pppoe shutdown)
[Tree] (config>service>ies>sub-if>grp-if>sap shutdown)
[Tree] (config>service>ies>sub-if>grp-if>sap>static-host shutdown)
[Tree] (config>service>ies>sub-if>grp-if>sap>sub-sla-mgmt shutdown)
[Tree] (config>service>ies>sub-if>grp-if>srrp shutdown)
Full Contexts 
configure service ies aarp-interface shutdown
configure service ies aarp-interface spoke-sdp shutdown
configure service ies interface dhcp proxy-server shutdown
configure service ies interface dhcp shutdown
configure service ies interface sap eth-cfm shutdown
configure service ies interface sap static-host shutdown
configure service ies interface shutdown
configure service ies interface spoke-sdp control-channel-status shutdown
configure service ies interface spoke-sdp shutdown
configure service ies interface vrrp shutdown
configure service ies redundant-interface shutdown
configure service ies shutdown
configure service ies subscriber-interface dhcp shutdown
configure service ies subscriber-interface group-interface dhcp shutdown
configure service ies subscriber-interface group-interface ipv6 dhcp6 proxy-server shutdown
configure service ies subscriber-interface group-interface ipv6 router-advertisements shutdown
configure service ies subscriber-interface group-interface pppoe shutdown
configure service ies subscriber-interface group-interface sap shutdown
configure service ies subscriber-interface group-interface sap static-host shutdown
configure service ies subscriber-interface group-interface sap sub-sla-mgmt shutdown
configure service ies subscriber-interface group-interface shutdown
configure service ies subscriber-interface group-interface srrp shutdown
configure service ies subscriber-interface shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

Services are created in the administratively down (shutdown) state. When a no shutdown command is entered, the service becomes administratively up and then tries to enter the operationally up state. Default administrative states for services and service entities is described below in Special Cases.

The no form of this command places the entity into an administratively enabled state.

Special Cases 
IES—
The default administrative status of an IES service is down. While the service is down, all its associated virtual router interfaces will be operationally down. The administrative state of the service is not reflected in the administrative state of the virtual router interface.

For example if:

1) An IES service is operational and an associated interface is shut down. 2) The IES service is administratively shutdown and brought back up. 3) The interface shutdown will remain in administrative shutdown state.

A service is regarded as operational provided that one IP Interface is operational.

Shutting down a subscriber interface will operationally shut down all child group interfaces and SAPs. Shutting down a group interface will operationally shut down all SAPs that are part of that group-interface.

IES IP Interfaces—
When the IP interface is shutdown, it enters the administratively and operationally down states. For a SAP bound to the IP interface, no packets are transmitted out the SAP and all packets received on the SAP will be dropped while incrementing the packet discard counter.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>subscr-mgmt>sub-ident-pol>primary shutdown)
[Tree] (config>subscr-mgmt>sub-ident-pol>secondary shutdown)
[Tree] (config>subscr-mgmt>sub-ident-pol>tertiary shutdown)
[Tree] (config>service>vpls>sap>sub-sla-mgmt shutdown)
[Tree] (config>service>vpls>gsmp shutdown)
[Tree] (config>service>vpls>gsmp>group shutdown)
[Tree] (config>service>vpls>gsmp>group>neighbor shutdown)
[Tree] (config>service>vprn>redundant-interface shutdown)
[Tree] (config>service>vprn>red-if>spoke-sdp shutdown)
[Tree] (config>service>vprn>subscriber-interface shutdown)
[Tree] (config>service>vprn>sub-if>grp-if shutdown)
[Tree] (config>service>vprn>sub-if>grp-if>srrp shutdown)
[Tree] (config>service>ies>subscriber-interface shutdown)
[Tree] (config>service>ies>sub-if>grp-if>srrp shutdown)
[Tree] (config>service>ies>redundant-interface shutdown)
[Tree] (config>service>ies>sub-if>grp-if>arp-host shutdown)
[Tree] (config>service>vprn>gsmp>group>neighbor shutdown)
[Tree] (config>service>ies>sub-if>grp-if>wpp shutdown)
[Tree] (config>service>vprn>sub-if>grp-if>wpp shutdown)
[Tree] (config>service>vprn>sub-if>grp-if>wpp>portals shutdown)
[Tree] (config>redundancy>multi-chassis>peer shutdown)
[Tree] (config>redundancy>multi-chassis>peer>mc-lag shutdown)
[Tree] (config>redundancy>multi-chassis>peer>sync shutdown)
[Tree] (config>subscr-mgmt>sub-mcac-policy shutdown)
[Tree] (config>aaa>route-downloader shutdown)
[Tree] (config>aaa>diam-peer-plcy>peer shutdown)
[Tree] (config>aaa>diam-peer-plcy>proxy shutdown)
[Tree] (config>aaa>wpp>portal-groups shutdown)
[Tree] (config>aaa>wpp>portal-groups>portal-group shutdown)
[Tree] (config>service>vprn>sub-if>grp-if>data-trigger shutdown)
[Tree] (config>service>ies>sub-if>grp-if>data-trigger shutdown)
[Tree] (config>service>ies>sub-if>grp-if>gtp-parameters shutdown)
[Tree] (config>service>vprn>sub-if>grp-if>gtp-parameters shutdown)
[Tree] (config>service>ies>sub-if>grp-if>srrp shutdown)
[Tree] (config>service>vprn>sub-if>grp-if>srrp shutdown)
[Tree] (config>aaa>diam>node>peer shutdown)
Full Contexts 
configure aaa diameter node peer shutdown
configure aaa diameter-peer-policy peer shutdown
configure aaa diameter-peer-policy proxy shutdown
configure aaa route-downloader shutdown
configure aaa wpp portal-groups portal-group shutdown
configure aaa wpp portal-groups shutdown
configure redundancy multi-chassis peer mc-lag shutdown
configure redundancy multi-chassis peer shutdown
configure redundancy multi-chassis peer sync shutdown
configure service ies redundant-interface shutdown
configure service ies subscriber-interface group-interface arp-host shutdown
configure service ies subscriber-interface group-interface data-trigger shutdown
configure service ies subscriber-interface group-interface gtp-parameters shutdown
configure service ies subscriber-interface group-interface srrp shutdown
configure service ies subscriber-interface group-interface wpp shutdown
configure service ies subscriber-interface shutdown
configure service vpls gsmp group neighbor shutdown
configure service vpls gsmp group shutdown
configure service vpls gsmp shutdown
configure service vpls sap sub-sla-mgmt shutdown
configure service vprn gsmp group neighbor shutdown
configure service vprn redundant-interface spoke-sdp shutdown
configure service vprn redundant-interface shutdown
configure service vprn subscriber-interface group-interface data-trigger shutdown
configure service vprn subscriber-interface group-interface gtp-parameters shutdown
configure service vprn subscriber-interface group-interface shutdown
configure service vprn subscriber-interface group-interface srrp shutdown
configure service vprn subscriber-interface group-interface wpp portals shutdown
configure service vprn subscriber-interface group-interface wpp shutdown
configure service vprn subscriber-interface shutdown
configure subscriber-mgmt sub-ident-policy primary shutdown
configure subscriber-mgmt sub-ident-policy secondary shutdown
configure subscriber-mgmt sub-ident-policy tertiary shutdown
configure subscriber-mgmt sub-mcac-policy shutdown
Description 

The shutdown command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command.

The shutdown command administratively disables an entity. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they can be deleted.

Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system generated configuration files.

Shutting down a subscriber interface on a 7750 SR will operationally shut down all child group interfaces and SAPs. Shutting down a group interface on a 7750 SR will operationally shut down all SAPs that are part of that group-interface.

The no form of this command puts an entity into the administratively enabled state.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>ies>sub-if>grp-if>pppoe shutdown)
[Tree] (config>service>vprn>sub-if>grp-if>pppoe shutdown)
Full Contexts 
configure service ies subscriber-interface group-interface pppoe shutdown
configure service vprn subscriber-interface group-interface pppoe shutdown
Description 

This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

The no form of this command places the entity into an administratively enabled state.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>redundancy>multi-chassis>peer>sync shutdown)
[Tree] (config>service>vpls shutdown)
[Tree] (config>service>vpls>bgp-ad shutdown)
[Tree] (config>service>vpls>eth-cfm>mep shutdown)
[Tree] (config>service>vpls>gsmp shutdown)
[Tree] (config>service>vpls>gsmp>group shutdown)
[Tree] (config>service>vpls>gsmp>group>neighbor shutdown)
[Tree] (config>service>vpls>igmp-snooping shutdown)
[Tree] (config>service>vpls>igmp-snooping>mvr shutdown)
[Tree] (config>service>vpls>interface shutdown)
[Tree] (config>service>vpls>mac-move shutdown)
[Tree] (config>service>vpls>mac-notification shutdown)
[Tree] (config>service>vpls>mesh-sdp shutdown)
[Tree] (config>service>vpls>mesh-sdp>eth-cfm>mep shutdown)
[Tree] (config>service>vpls>mld-snooping shutdown)
[Tree] (config>service>vpls>mld-snooping>mvr shutdown)
[Tree] (config>service>vpls>mrp shutdown)
[Tree] (config>service>vpls>mrp>mmrp shutdown)
[Tree] (config>service>vpls>mrp>mvrp shutdown)
[Tree] (config>service>vpls>sap shutdown)
[Tree] (config>service>vpls>sap>arp-host shutdown)
[Tree] (config>service>vpls>sap>dhcp>proxy shutdown)
[Tree] (config>service>vpls>sap>eth-cfm>mep shutdown)
[Tree] (config>service>vpls>sap>igmp-snooping>mcac>mc-constraints shutdown)
[Tree] (config>service>vpls>sap>mld-snooping>mcac>mc-constraints shutdown)
[Tree] (config>service>vpls>sap>l2tpv3-session shutdown)
[Tree] (config>service>vpls>sap>spb shutdown)
[Tree] (config>service>vpls>sap>stp shutdown)
[Tree] (config>service>vpls>sap>sub-sla-mgmt shutdown)
[Tree] (config>service>vpls>spb>level shutdown)
[Tree] (config>service>vpls>split-horizon-group shutdown)
[Tree] (config>service>vpls>spoke-sdp shutdown)
[Tree] (config>service>vpls>spoke-sdp>eth-cfm>mep shutdown)
[Tree] (config>service>vpls>spoke-sdp>spb shutdown)
[Tree] (config>service>vpls>spoke-sdp>stp shutdown)
[Tree] (config>service>vpls>stp shutdown)
Full Contexts 
configure redundancy multi-chassis peer sync shutdown
configure service vpls bgp-ad shutdown
configure service vpls eth-cfm mep shutdown
configure service vpls gsmp group neighbor shutdown
configure service vpls gsmp group shutdown
configure service vpls gsmp shutdown
configure service vpls igmp-snooping mvr shutdown
configure service vpls igmp-snooping shutdown
configure service vpls interface shutdown
configure service vpls mac-move shutdown
configure service vpls mac-notification shutdown
configure service vpls mesh-sdp eth-cfm mep shutdown
configure service vpls mesh-sdp shutdown
configure service vpls mld-snooping mvr shutdown
configure service vpls mld-snooping shutdown
configure service vpls mrp mmrp shutdown
configure service vpls mrp mvrp shutdown
configure service vpls mrp shutdown
configure service vpls sap arp-host shutdown
configure service vpls sap dhcp proxy-server shutdown
configure service vpls sap eth-cfm mep shutdown
configure service vpls sap igmp-snooping mcac mc-constraints shutdown
configure service vpls sap l2tpv3-session shutdown
configure service vpls sap mld-snooping mcac mc-constraints shutdown
configure service vpls sap shutdown
configure service vpls sap spb shutdown
configure service vpls sap stp shutdown
configure service vpls sap sub-sla-mgmt shutdown
configure service vpls shutdown
configure service vpls spb level shutdown
configure service vpls split-horizon-group shutdown
configure service vpls spoke-sdp eth-cfm mep shutdown
configure service vpls spoke-sdp shutdown
configure service vpls spoke-sdp spb shutdown
configure service vpls spoke-sdp stp shutdown
configure service vpls stp shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

Services are created in the administratively down (shutdown) state. When a no shutdown command is entered, the service becomes administratively up and then tries to enter the operationally up state. Default administrative states for services and service entities is described below in Special Cases.

The no form of this command places the entity into an administratively enabled state.

Special Cases 
Service Admin State—
Bindings to an SDP within the service will be put into the out-of-service state when the service is shut down. While the service is shut down, all customer packets are dropped and counted as discards for billing and debugging purposes.
Service Operational State—
A service is regarded as operational providing that two SAPs or one SDP is operational.
SDP (global)—
When an SDP is shut down at the global service level, all bindings to that SDP are put into the out-of-service state and the SDP itself is put into the administratively and operationally down states. Packets that would normally be transmitted using this SDP binding will be discarded and counted as dropped packets.
SDP (service level)—
Shutting down an SDP within a service only affects traffic on that service from entering or being received from the SDP. The SDP itself may still be operationally up for other services.
SDP Keepalives—
Enables SDP connectivity monitoring keepalive messages for the SDP ID. Default state is disabled (shutdown), in which case the operational state of the SDP ID is not affected by the keepalive message state.
VPLS SAPs and SDPs—
SAPs are created in a VPLS and SDPs are bound to a VPLS in the administratively up default state. The created SAP will attempt to enter the operationally up state. An SDP will attempt to go into the in-service state when bound to the VPLS.
Routed VPLS with forward-ipv4-multicast-to-ip-int and IGMP Snooping—
To enable IGMP snooping (configured using igmp-snooping no shutdown) in a routed VPLS supporting the forwarding of multicast traffic from the VPLS to the IP interface (configured using forward-ipv4-multicast-to-ip-int), it is necessary to enable IGMP on the routed VPLS IP interface.
Routed VPLS with forward-ipv6-multicast-to-ip-int and MLD Snooping—
To enable MLD snooping (configured using mld-snooping no shutdown) in a routed VPLS supporting the forwarding of multicast traffic from the VPLS to the IP interface (configured using forward-ipv6-multicast-to-ip-int) it is necessary to enable MLD on the routed VPLS IP interface.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vprn shutdown)
[Tree] (config>service>vprn>aaa>remote-servers>radius shutdown)
[Tree] (config>service>vprn>aarp-interface shutdown)
[Tree] (config>service>vprn>aarp-interface>spoke-sdp shutdown)
[Tree] (config>service>vprn>bgp shutdown)
[Tree] (config>service>vprn>bgp>group shutdown)
[Tree] (config>service>vprn>bgp>group>neighbor shutdown)
[Tree] (config>service>vprn>bgp-evpn>mpls shutdown)
[Tree] (config>service>vprn>gsmp shutdown)
[Tree] (config>service>vprn>gsmp>group shutdown)
[Tree] (config>service>vprn>gsmp>group>neighbor shutdown)
[Tree] (config>service>vprn>igmp shutdown)
[Tree] (config>service>vprn>igmp-trk shutdown)
[Tree] (config>service>vprn>igmp>grp-if>mcac>mc-constraints shutdown)
[Tree] (config>service>vprn>igmp>if shutdown)
[Tree] (config>service>vprn>igmp>if>mcac shutdown)
[Tree] (config>service>vprn>igmp>if>mcac>mc-constraints shutdown)
[Tree] (config>service>vprn>if shutdown)
[Tree] (config>service>vprn>if>ipv6>vrrp shutdown)
[Tree] (config>service>vprn>if>sap shutdown)
[Tree] (config>service>vprn>if>sap>static-host shutdown)
[Tree] (config>service>vprn>if>sap>ipsec-tunnel shutdown)
[Tree] (config>service>vprn>if>vrrp shutdown)
[Tree] (config>service>vprn>isis shutdown)
[Tree] (config>service>vprn>isis>if shutdown)
[Tree] (config>service>vprn>l2tp shutdown)
[Tree] (config>service>vprn>l2tp>tunnel shutdown)
[Tree] (config>service>vprn>l2tpv3 shutdown)
[Tree] (config>service>vprn>log>log-id shutdown)
[Tree] (config>service>vprn>mld>grp-if>mcac>mc-constraints shutdown)
[Tree] (config>service>vprn>mld>if>mcac>mc-constraints shutdown)
[Tree] (config>service>vprn>msdp shutdown)
[Tree] (config>service>vprn>msdp>group shutdown)
[Tree] (config>service>vprn>msdp>group>peer shutdown)
[Tree] (config>service>vprn>msdp>peer shutdown)
[Tree] (config>service>vprn>mvpn>provider-tunnel>inclusive>pim shutdown)
[Tree] (config>service>vprn>ntp shutdown)
[Tree] (config>service>vprn>nw-if shutdown)
[Tree] (config>service>vprn>nw-if>eth-cfm>mep shutdown)
[Tree] (config>service>vprn>ospf shutdown)
[Tree] (config>service>vprn>ospf>area>if shutdown)
[Tree] (config>service>vprn>ospf3 shutdown)
[Tree] (config>service>vprn>ospf3>area>if shutdown)
[Tree] (config>service>vprn>ospf3>area>virtual-link shutdown)
[Tree] (config>service>vprn>ospf>area>virtual-link shutdown)
[Tree] (config>service>vprn>ospf>area>sham-link shutdown)
[Tree] (config>service>vprn>pim shutdown)
[Tree] (config>service>vprn>pim>if shutdown)
[Tree] (config>service>vprn>pim>if>mcac>mc-constraints shutdown)
[Tree] (config>service>vprn>pim>rp>bsr-candidate shutdown)
[Tree] (config>service>vprn>pim>rp>ipv6>bsr-candidate shutdown)
[Tree] (config>service>vprn>pim>rp>ipv6>embedded-rp shutdown)
[Tree] (config>service>vprn>pim>rp>ipv6>rp-candidate shutdown)
[Tree] (config>service>vprn>red-if shutdown)
[Tree] (config>service>vprn>red-if>spoke-sdp shutdown)
[Tree] (config>service>vprn>red-if>spoke-sdp>control-channel-status shutdown)
[Tree] (config>service>vprn>rip shutdown)
[Tree] (config>service>vprn>rip>group shutdown)
[Tree] (config>service>vprn>rip>group>neighbor shutdown)
[Tree] (config>service>vprn>router-advert>if shutdown)
Full Contexts 
configure service vprn aaa remote-servers radius shutdown
configure service vprn aarp-interface shutdown
configure service vprn aarp-interface spoke-sdp shutdown
configure service vprn bgp group neighbor shutdown
configure service vprn bgp group shutdown
configure service vprn bgp shutdown
configure service vprn bgp-evpn mpls shutdown
configure service vprn gsmp group neighbor shutdown
configure service vprn gsmp group shutdown
configure service vprn gsmp shutdown
configure service vprn interface ipv6 vrrp shutdown
configure service vprn interface sap ipsec-tunnel shutdown
configure service vprn interface sap shutdown
configure service vprn interface sap static-host shutdown
configure service vprn interface shutdown
configure service vprn interface vrrp shutdown
configure service vprn igmp group-interface mcac mc-constraints shutdown
configure service vprn igmp interface mcac mc-constraints shutdown
configure service vprn igmp interface mcac shutdown
configure service vprn igmp interface shutdown
configure service vprn igmp shutdown
configure service vprn igmp-host-tracking shutdown
configure service vprn isis interface shutdown
configure service vprn isis shutdown
configure service vprn l2tp shutdown
configure service vprn l2tp tunnel shutdown
configure service vprn l2tpv3 shutdown
configure service vprn log log-id shutdown
configure service vprn mld group-interface mcac mc-constraints shutdown
configure service vprn mld interface mcac mc-constraints shutdown
configure service vprn msdp group peer shutdown
configure service vprn msdp group shutdown
configure service vprn msdp peer shutdown
configure service vprn msdp shutdown
configure service vprn mvpn provider-tunnel inclusive pim shutdown
configure service vprn ntp shutdown
configure service vprn nw-if eth-cfm mep shutdown
configure service vprn network-interface shutdown
configure service vprn ospf area interface shutdown
configure service vprn ospf area sham-link shutdown
configure service vprn ospf area virtual-link shutdown
configure service vprn ospf shutdown
configure service vprn ospf3 area interface shutdown
configure service vprn ospf3 area virtual-link shutdown
configure service vprn ospf3 shutdown
configure service vprn pim interface mcac mc-constraints shutdown
configure service vprn pim interface shutdown
configure service vprn pim rp bsr-candidate shutdown
configure service vprn pim rp ipv6 bsr-candidate shutdown
configure service vprn pim rp ipv6 embedded-rp shutdown
configure service vprn pim rp ipv6 rp-candidate shutdown
configure service vprn pim shutdown
configure service vprn redundant-interface shutdown
configure service vprn redundant-interface spoke-sdp control-channel-status shutdown
configure service vprn redundant-interface spoke-sdp shutdown
configure service vprn rip group neighbor shutdown
configure service vprn rip group shutdown
configure service vprn rip shutdown
configure service vprn router-advertisement interface shutdown
configure service vprn shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

Services are created in the administratively down (shutdown) state. When a no shutdown command is entered, the service becomes administratively up and then tries to enter the operationally up state. Default administrative states for services and service entities is described below in Special Cases.

The no form of this command places the entity into an administratively enabled state.

If the AS number was previously changed, the BGP AS number inherits the new value.

Special Cases 
Service Admin State—
Bindings to an SDP within the service will be put into the out-of-service state when the service is shutdown. While the service is shutdown, all customer packets are dropped and counted as discards for billing and debugging purposes.

A service is regarded as operational providing that one IP Interface SAP and one SDP is operational.

VPRN BGP and RIP—
This command disables the BGP or RIP instance on the given IP interface. Routes learned from a neighbor that is shutdown are immediately removed from the BGP or RIP database and RTM. If BGP or RIP is globally shutdown, then all RIP group and neighbor interfaces are shutdown operationally. If a BGP or RIP group is shutdown, all member neighbor interfaces are shutdown operationally. If a BGP or RIP neighbor is shutdown, just that neighbor interface is operationally shutdown.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>cron>sched shutdown)
[Tree] (config>system>satellite>local-forward>sap shutdown)
[Tree] (config>system>satellite>port-template shutdown)
[Tree] (config>system>time>ntp shutdown)
[Tree] (config>system>time>sntp shutdown)
[Tree] (config>system>script-control>script-policy shutdown)
[Tree] (config>system>script-control>script shutdown)
[Tree] (config>system>sync-if-timing>ref1 shutdown)
[Tree] (config>system>sync-if-timing>ref2 shutdown)
[Tree] (config>system>sync-if-timing>synce shutdown)
[Tree] (config>system>sync-if-timing>ptp shutdown)
[Tree] (config>system>sync-if-timing>bits>input shutdown)
[Tree] (config>system>sync-if-timing>bits>output shutdown)
[Tree] (config>system>persistence>app-assure shutdown)
[Tree] (config>system>persistence>dhcp-server shutdown)
[Tree] (config>system>persistence>nat-port-forward shutdown)
[Tree] (config>system>persistence>python-policy-cache shutdown)
[Tree] (config>system>persistence>subscriber-mgmt shutdown)
[Tree] (config>system>telemetry>destination-group>tcp-keepalive shutdown)
[Tree] (config>system>telemetry>persistent-subscriptions>subscription shutdown)
[Tree] (config>redundancy>multi-chassis>peer shutdown)
[Tree] (config>redundancy>multi-chassis>peer>mc-lag shutdown)
[Tree] (config>redundancy>mc>peer>mcr>node>cv shutdown)
[Tree] (config>system>lldp shutdown)
Full Contexts 
configure redundancy multi-chassis peer mc-ring ring ring-node connectivity-verify shutdown
configure redundancy multi-chassis peer mc-lag shutdown
configure redundancy multi-chassis peer shutdown
configure system cron schedule shutdown
configure system lldp shutdown
configure system persistence application-assurance shutdown
configure system persistence dhcp-server shutdown
configure system persistence nat-port-forward shutdown
configure system persistence python-policy-cache shutdown
configure system persistence subscriber-mgmt shutdown
configure system satellite local-forward sap shutdown
configure system satellite port-template shutdown
configure system script-control script shutdown
configure system script-control script-policy shutdown
configure system sync-if-timing bits input shutdown
configure system sync-if-timing bits output shutdown
configure system sync-if-timing ptp shutdown
configure system sync-if-timing ref1 shutdown
configure system sync-if-timing ref2 shutdown
configure system sync-if-timing synce shutdown
configure system telemetry destination-group tcp-keepalive shutdown
configure system telemetry persistent-subscriptions subscription shutdown
configure system time ntp shutdown
configure system time sntp shutdown
Description 

This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

The no form of this command places the entity into an administratively enabled state.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>card shutdown)
[Tree] (config>card>fp>ingress>mcast-path-management shutdown)
[Tree] (config>card>mda shutdown)
[Tree] (config>card>xiom shutdown)
[Tree] (config>card>xiom>mda shutdown)
[Tree] (config>interface-group-handler shutdown)
[Tree] (config>lag shutdown)
[Tree] (config>lag>eth-cfm>mep shutdown)
[Tree] (config>port shutdown)
[Tree] (config>port>ethernet shutdown)
[Tree] (config>port>ethernet>dwl shutdown)
[Tree] (config>port>ethernet>efm-cfm>mep shutdown)
[Tree] (config>port>ethernet>efm-oam shutdown)
[Tree] (config>port>ethernet>ssm shutdown)
[Tree] (config>port>ethernet>symbol-monitor shutdown)
[Tree] (config>port>otu shutdown)
[Tree] (config>port>sonet-sdh>path shutdown)
[Tree] (config>port>tdm>ds1 shutdown)
[Tree] (config>port>tdm>ds1>channel-group shutdown)
[Tree] (config>port>tdm>ds3 shutdown)
[Tree] (config>port>tdm>e1 shutdown)
[Tree] (config>port>tdm>e1>channel-group shutdown)
[Tree] (config>port>tdm>e3 shutdown)
[Tree] (config>port>ml-bundle>ima>test-pattern-procedure shutdown)
[Tree] (config>port>sonet-sdh>path>atm>ilmi shutdown)
[Tree] (config>port>sonet-sdh>path>atm>ilmi shutdown)
[Tree] (config>port>ethernet>dampening shutdown)
[Tree] (config>port>ethernet>eth-cfm>mep shutdown)
[Tree] (config>port>ethernet>efm-oam shutdown)
[Tree] (config>port-xc>pxc shutdown)
[Tree] (config>redundancy>multi-chassis>peer shutdown)
[Tree] (config>redundancy>mc>peer>mcr shutdown)
[Tree] (config>redundancy>mc>peer>mc-lag shutdown)
[Tree] (config>redundancy>mc>peer>mcr>ring shutdown)
[Tree] (config>redundancy>mc>peer>mcr>node>cv shutdown)
[Tree] (config>redundancy>multi-chassis>peer>mc-endpoint shutdown)
Full Contexts 
configure card fp ingress mcast-path-management shutdown
configure card mda shutdown
configure card shutdown
configure card xiom mda shutdown
configure card xiom shutdown
configure interface-group-handler shutdown
configure lag eth-cfm mep shutdown
configure lag shutdown
configure port ethernet dampening shutdown
configure port ethernet down-when-looped shutdown
configure port ethernet efm-cfm mep shutdown
configure port ethernet efm-oam shutdown
configure port ethernet eth-cfm mep shutdown
configure port ethernet shutdown
configure port ethernet ssm shutdown
configure port ethernet symbol-monitor shutdown
configure port multilink-bundle ima test-pattern-procedure shutdown
configure port otu shutdown
configure port shutdown
configure port sonet-sdh path atm ilmi shutdown
configure port sonet-sdh path shutdown
configure port tdm ds1 channel-group shutdown
configure port tdm ds1 shutdown
configure port tdm ds3 shutdown
configure port tdm e1 channel-group shutdown
configure port tdm e1 shutdown
configure port tdm e3 shutdown
configure port-xc pxc shutdown
configure redundancy multi-chassis peer mc-lag shutdown
configure redundancy multi-chassis peer mc-ring ring ring-node connectivity-verify shutdown
configure redundancy multi-chassis peer mc-ring ring shutdown
configure redundancy multi-chassis peer mc-ring shutdown
configure redundancy multi-chassis peer mc-endpoint shutdown
configure redundancy multi-chassis peer shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The operational state of the entity is disabled as well as the operational state of any entities contained within.

This command is supported on TDM satellite.

The no form of this command administratively enables an entity.

Special Cases 
card—
Specifies the default state for a card is no shutdown.
interface group handler (IGH)—
Specifies the default state for an IGH is shutdown.
mda—
Specifies the default state for a mda is no shutdown.
lag—
Specifies the default state for a Link Aggregation Group (LAG) is shutdown.
port—
Specifies the default state for a port is shutdown.
path—
Specifies the default state for a SONET/SDH path is shutdown.
xiom—
Specifies the default state for an XIOM is no shutdown.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>aaa>l2tp-acct-plcy shutdown)
Full Contexts 
configure aaa l2tp-accounting-policy shutdown
Description 

This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

The no form of this command places the entity into an administratively enabled state.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>mcast-mgmt>mcast-rprt-dest shutdown)
Full Contexts 
configure mcast-management mcast-reporting-dest shutdown
Description 

This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

The no form of this command places the entity into an administratively enabled state.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>python>py-policy>cache shutdown)
[Tree] (config>python>python-script shutdown)
Full Contexts 
configure python python-policy cache shutdown
configure python python-script shutdown
Description 

Shutting down a Python script triggers the system to load and compile the script from the configured location(s). Since the system supports three locations, the primary, secondary and tertiary, the system will try to load the Python script in that order.

Shutting down a Python script will disable the Python script and cause the corresponding packet to pass through without any modification.

The no form of this command enables the cache or policy script.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>aaa>radius-scr-plcy>primary shutdown)
[Tree] (config>aaa>radius-scr-plcy>secondary shutdown)
Full Contexts 
configure aaa radius-script-policy primary shutdown
configure aaa radius-script-policy secondary shutdown
Description 

The shutdown command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command.

The shutdown command administratively disables an entity. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they can be deleted.

Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system generated configuration files.

The no form of this command puts an entity into the administratively enabled state.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vpls>sap>dyn-svc shutdown)
Full Contexts 
configure service vpls sap dynamic-services shutdown
Description 

This command disables or enables data-triggered dynamic services on this capture-sap.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>dynsvc>ladb shutdown)
Full Contexts 
configure service dynamic-services local-auth-db shutdown
Description 

This command disables or enables the local authentication database. When disabled, the database cannot be used for authentication.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>dynsvc>ladb>user shutdown)
Full Contexts 
configure service dynamic-services local-auth-db user-name shutdown
Description 

This command disables or enables a user name entry in the local authentication database. When disabled, the entry is not matched.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>subscr-mgmt>svlan-statistics shutdown)
Full Contexts 
configure subscriber-mgmt svlan-statistics shutdown
Description 

This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system-generated configuration files.

The no form of this command places the entity into an administratively enabled state.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>subscr-mgmt>isa-svc-chain>evpn shutdown)
[Tree] (config>subscr-mgmt>isa-svc-chain>vas-filter shutdown)
Full Contexts 
configure subscriber-mgmt isa-service-chaining evpn shutdown
configure subscriber-mgmt isa-service-chaining vas-filter shutdown
Description 

This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system-generated configuration files.

The no form of this command puts an entity into the administratively enabled state.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vpls shutdown)
[Tree] (config>service>vpls>sap shutdown)
[Tree] (config>service>vpls>sap>arp-host shutdown)
[Tree] (config>service>vpls>mesh-sdp shutdown)
[Tree] (config>service>vpls>spoke-sdp shutdown)
[Tree] (config>service>ies>if>sap shutdown)
[Tree] (config>service>vprn shutdown)
Full Contexts 
configure service ies interface sap shutdown
configure service vpls mesh-sdp shutdown
configure service vpls sap arp-host shutdown
configure service vpls sap shutdown
configure service vpls shutdown
configure service vpls spoke-sdp shutdown
configure service vprn shutdown
Description 

This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system-generated configuration files.

Default administrative states for services and service entities is described below in Special Cases.

The no form of this command places the entity into an administratively enabled state.

Special Cases 
Service Admin State—
Bindings to an SDP within the service are put into the out-of-service state when the service is shutdown. While the service is shut down, all customer packets are dropped and counted as discards for billing and debugging purposes.
Service Operational State—
A service is regarded as operational providing that two SAPs or if one SDP are operational.
SDP (global)—
When an SDP is shut down at the global service level, all bindings to that SDP are put into the out-of-service state and the SDP itself is put into the administratively and operationally down states. Packets that would normally be transmitted using this SDP binding are discarded and counted as dropped packets.
SDP (service level)—
Shutting down an SDP within a service only affects traffic on that service from entering or being received from the SDP. The SDP itself may still be operationally up for other services.
SDP Keepalives—
Enables SDP connectivity monitoring keepalive messages for the SDP ID. Default state is disabled (shutdown) in which case the operational state of the SDP-ID is not affected by the keepalive message state.
VPLS SAPs and SDPs—
SAPs are created in a VPLS and SDPs are bound to a VPLS in the administratively up default state. The created SAP attempts to enter the operationally up state. An SDP attempts to go into the in-service state once bound to the VPLS.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vpls>spb shutdown)
[Tree] (config>service>vpls>sap>spb shutdown)
[Tree] (config>service>vpls>spoke-sdp>spb shutdown)
[Tree] (config>service>vpls>mrp>mmrp shutdown)
Full Contexts 
configure service vpls mrp mmrp shutdown
configure service vpls sap spb shutdown
configure service vpls spb shutdown
configure service vpls spoke-sdp spb shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The operational state of the entity is disabled as well as the operational state of any entities contained within.

The no form of this command administratively enables an entity.

SPB Interface — In the config>service>vpls>spb> context, the command disables the IS-IS interface. By default, the IS-IS interface is disabled (shutdown).

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vpls shutdown)
Full Contexts 
configure service vpls shutdown
Description 

This command disables the sending of the notification message in the BVPLS domain.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>subscr-mgmt>diam-appl-plcy>gy>efh shutdown)
Full Contexts 
configure subscriber-mgmt diameter-application-policy gy extended-failure-handling shutdown
Description 

This command enables or disables Extended Failure Handling (EFH) for Diameter Gy sessions established using this Diameter application policy.

The no form of this command enables EFH for Diameter Gy sessions established using this Diameter application policy.

The shutdown command disables EFH for Diameter Gy sessions established using this Diameter application policy.

The no form of this command reverts to the default.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>subscr-mgmt>diam-appl-plcy>gx>ccrt-replay shutdown)
[Tree] (config>subscr-mgmt>diam-appl-plcy>gy>ccrt-replay shutdown)
Full Contexts 
configure subscriber-mgmt diameter-application-policy gx ccrt-replay shutdown
configure subscriber-mgmt diameter-application-policy gy ccrt-replay shutdown
Description 

This command, enables or disables the CCR-T replay function for all Gx or Gy sessions that belong to the diameter application policy. Sessions in CCR-T replay are dropped when ccrt-replay is shut down.

The no form of this command enables the CCR-T replay function.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vprn>sub-if>grp-if>bonding-parameters shutdown)
[Tree] (config>service>ies>sub-if>grp-if>bonding-parameters shutdown)
Full Contexts 
configure service ies subscriber-interface group-interface bonding-parameters shutdown
configure service vprn subscriber-interface group-interface bonding-parameters shutdown
Description 

The shutdown command administratively disables the entity. When a bonding context is shut down, all bonding subscribers are removed and no new bonding subscribers can be created in this context. The bonding configuration can be altered.

When a bonding context is placed in no shutdown, bonding subscribers can be created with connections in the specified subscriber interfaces. The specified FPE and connections can no longer be changed in this mode.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>ies>sub-if>grp-if>ipv6>rtr-sol shutdown)
[Tree] (config>service>ies>sub-if>grp-if>ipv6>rtr-sol shutdown)
Full Contexts 
configure service ies subscriber-interface group-interface ipv6 router-solicit shutdown
Description 

This command enables SLAAC triggered host creation.

The no form of this command disables SLAAC triggered host creation.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (debug>diam>diam-peer-plcy>avp-match shutdown)
Full Contexts 
debug diameter diameter-peer-policy avp-match shutdown
Description 

This command enables or disables the avp-match id criteria for filtering debug output based on AVP value matching.

A shutdown of the avp-match id clears the learned diameter session ID.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>radius-proxy>cache shutdown)
[Tree] (config>router>radius-proxy>server>cache shutdown)
[Tree] (config>router>radius-proxy>server shutdown)
[Tree] (config>service>vprn>radius-proxy>server>cache shutdown)
[Tree] (config>service>vprn>radius-proxy>server shutdown)
[Tree] (config>service>ies>sub-if>grp-if>wlan-gw shutdown)
[Tree] (config>service>vprn>sub-if>grp-if>wlan-gw shutdown)
[Tree] (config>service>ies>sub-if>wlan-gw>pool-mgr>dhcp6-client>slaac shutdown)
[Tree] (config>service>vprn>sub-if>wlan-gw>pool-mgr>dhcp6-client>slaac shutdown)
[Tree] (config>service>ies>sub-if>wlan-gw>pool-mgr>dhcp6-client>ia-na shutdown)
[Tree] (config>service>vprn>sub-if>wlan-gw>pool-mgr>dhcp6-client>ia-na shutdown)
[Tree] (config>service>ies>sub-if>wlan-gw>pool-mgr>dhcp6-client>dhcpv4-nat shutdown)
[Tree] (config>service>vprn>sub-if>wlan-gw>pool-mgr>dhcp6-client>dhcpv4-nat shutdown)
[Tree] (config>service>ies>sub-if>grp-if>wlan-gw>ranges>range>brg shutdown)
[Tree] (config>service>vprn>sub-if>grp-if>wlan-gw>ranges>range>brg shutdown)
[Tree] (config>service>ies>sub-if>grp-if>brg shutdown)
[Tree] (config>service>vprn>sub-if>grp-if>brg shutdown)
[Tree] (config>service>ies>sub-if>grp-if>wlan-gw>vlan-ranges>range>vrgw>brg shutdown)
[Tree] (config>service>vprn>sub-if>grp-if>wlan-gw>vlan-ranges>range>vrgw>brg shutdown)
Full Contexts 
configure router radius-proxy cache shutdown
configure router radius-proxy server cache shutdown
configure router radius-proxy server shutdown
configure service ies subscriber-interface group-interface brg shutdown
configure service ies subscriber-interface group-interface wlan-gw ranges range brg shutdown
configure service ies subscriber-interface group-interface wlan-gw shutdown
configure service ies subscriber-interface group-interface wlan-gw vlan-ranges range vrgw brg shutdown
configure service ies subscriber-interface wlan-gw pool-mgr dhcp6-client dhcpv4-nat shutdown
configure service ies subscriber-interface wlan-gw pool-mgr dhcp6-client ia-na shutdown
configure service ies subscriber-interface wlan-gw pool-mgr dhcp6-client slaac shutdown
configure service vprn radius-proxy server cache shutdown
configure service vprn radius-proxy server shutdown
configure service vprn subscriber-interface group-interface brg shutdown
configure service vprn subscriber-interface group-interface wlan-gw ranges range brg shutdown
configure service vprn subscriber-interface group-interface wlan-gw shutdown
configure service vprn subscriber-interface group-interface wlan-gw vlan-ranges range vrgw brg shutdown
configure service vprn subscriber-interface wlan-gw pool-mgr dhcp6-client dhcpv4-nat shutdown
configure service vprn subscriber-interface wlan-gw pool-mgr dhcp6-client ia-na shutdown
configure service vprn subscriber-interface wlan-gw pool-mgr dhcp6-client slaac shutdown
Description 

This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system-generated configuration files.

The no form of this command places the entity into an administratively enabled state.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>aaa>radius-srv-plcy>servers>health-check>test-account shutdown)
Full Contexts 
configure aaa radius-server-policy servers health-check test-account shutdown
Description 

This command disables the test account that probes the RADIUS server.

The no form of this command enables the capability.

Default 

shutdown

shutdown

Syntax 
shutdown sap-id [create]
no shutdown sap-id
Context 
[Tree] (config>service>vprn>sub-if>grp-if>wlan-gw>l2-access-points>l2-ap shutdown)
[Tree] (config>service>ies>sub-if>grp-if>wlan-gw>l2-access-points>l2-ap shutdown)
Full Contexts 
configure service ies subscriber-interface group-interface wlan-gw l2-access-points l2-ap shutdown
configure service vprn subscriber-interface group-interface wlan-gw l2-access-points l2-ap shutdown
Description 

This command administratively enables this SAP to begin accepting Layer 2 packets for WIFI offloading.

The no form of this command disables this SAP.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>subscr-mgmt>pfcp-association shutdown)
Full Contexts 
configure subscriber-mgmt pfcp-association shutdown
Description 

The shutdown command administratively enables or disables the PFCP association.

When administratively enabled, the system will try to maintain an active PFCP association with the configured peer. While no association is established, it will continue to retry setting up the association using the association-setup-retry configuration.

Shutting down a subscriber interface on a 7750 SR operationally shuts down all child group interfaces and SAPs. Shutting down a group interface on a 7750 SR operationally shuts down all SAPs that are part of that group interface.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>pwr-mgmt>peq shutdown)
Full Contexts 
configure system power-management peq shutdown
Description 

This command administratively enables/disables the APEQ. This command is supported in the 7750 SR-S OS and 7950 XRS only.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>card>fp>egress>wred-queue-control shutdown)
Full Contexts 
configure card fp egress wred-queue-control shutdown
Description 

This command enables or disables egress WRED queue support on the forwarding plane. By default, WRED queue support is disabled (shutdown). While disabled, the various wred-queue-control commands may be executed on the forwarding plane and SAP egress QoS policies and egress queue group templates with wred-queue enabled may be applied to egress SAPs and port, respectively. The forwarding plane will allocate WRED pools to the WRED queues and the appropriate WRED mega-pool size and CBS reserve size will be calculated, but the WRED mega-pool will be empty and all buffers will be allocated to the default mega-pool. Each WRED queue will be mapped to its appropriate default pool.

Once the no shutdown command is executed, the calculated WRED mega-pool buffers will be moved from the default mega-pool to the WRED mega-pool. The WRED mega-pool CBS reserve size will be applied and each egress WRED queue will be moved from its default mega-pool buffer pool to its WRED pool within the WRED mega-pool hierarchy.

The no form of this command enables WRED queuing on an egress forwarding plane.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>macsec>connectivity-association shutdown)
Full Contexts 
configure macsec connectivity-association shutdown
Description 

This command shuts down the CA profile. All ports that are using this profile will not transmit PDUs as this command shuts down the MACsec for this profile.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>port>ethernet>efm-oam>link-monitoring shutdown)
Full Contexts 
configure port ethernet efm-oam link-monitoring shutdown
Description 

This command enables the link monitoring function. Issuing a no shutdown will start the process. Issuing a shutdown will clear any previously established negative conditions that were a result of the link monitoring process on this port and all collected data. This also controls the advertising capabilities.

The no form of this command activates the link monitoring function.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>port>ethernet>efm-oam>link-mon>errored-frame shutdown)
[Tree] (config>port>ethernet>efm-oam>link-mon>errored-frame-period shutdown)
[Tree] (config>port>ethernet>efm-oam>link-mon>errored-frame-seconds shutdown)
[Tree] (config>port>ethernet>efm-oam>link-mon>errored-symbols shutdown)
Full Contexts 
configure port ethernet efm-oam link-monitoring errored-frame shutdown
configure port ethernet efm-oam link-monitoring errored-frame-period shutdown
configure port ethernet efm-oam link-monitoring errored-frame-seconds shutdown
configure port ethernet efm-oam link-monitoring errored-symbols shutdown
Description 

This command enables or disables the local counting, thresholding and actions associated with this type of local monitor. Peer received errors are not controlled by this command. Reaction to peer messaging is defined in the peer-rdi-rx hierarchy.

The no form of this command activates the local monitoring function and actions for the event.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>port>ethernet>dot1x>macsec>sub-port shutdown)
Full Contexts 
configure port ethernet dot1x macsec sub-port shutdown
Description 

This command shuts down the MACsec under this sub-port specifically, including MKA negotiation. In the shutdown state, this port is not MACsec capable and all PDUs will be transmitted and expected without encryption and authentication.

The no form of this command puts the port in MACsec-enabled mode. A valid CA, different than any other CA configured on any other sub-port of this port and also a max-peer value larger than 0 must be configured. In MACsec-enabled mode, packets are sent in clear text until the MKA session is up, and if the rx-must-be-encrypted is set on the port, all incoming packets with no MACsec encapsulations are dropped.

Default 

shutdown

shutdown

Syntax 
shutdown
no shutdown
Context 
[Tree] (config>lag>bfd>family shutdown)
Full Contexts 
configure lag bfd family shutdown
Description 

This command disables micro BFD sessions for this address family.

The no form of this command re-enables micro BFD sessions for this address family.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>sdp shutdown)
[Tree] (config>service>sdp>class-forwarding shutdown)
[Tree] (config>service>sdp>keep-alive shutdown)
[Tree] (config>service>pw-routing>hop shutdown)
[Tree] (config>service>pw-template>stp shutdown)
[Tree] (config>service>sdp>binding>pw-port shutdown)
[Tree] (config>eth-ring>path shutdown)
[Tree] (config>eth-tunnel>path>eth-cfm>mep shutdown)
Full Contexts 
configure eth-ring path shutdown
configure eth-tunnel path eth-cfm mep shutdown
configure service pw-routing hop shutdown
configure service pw-template stp shutdown
configure service sdp binding pw-port shutdown
configure service sdp class-forwarding shutdown
configure service sdp keep-alive shutdown
configure service sdp shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

Services are created in the administratively down (shutdown) state. When a no shutdown command is entered, the service becomes administratively up and then tries to enter the operationally up state. Default administrative states for services and service entities is described below in Special Cases.

The no form of this command places the entity into an administratively enabled state.

Special Cases 
Service Admin State—
Bindings to an SDP within the service will be put into the out-of-service state when the service is shutdown. While the service is shutdown, all customer packets are dropped and counted as discards for billing and debugging purposes.
SDP (global)—
When an SDP is shutdown at the global service level, all bindings to that SDP are put into the out-of-service state and the SDP itself is put into the administratively and operationally down states. Packets that would normally be transmitted using this SDP binding will be discarded and counted as dropped packets.
SDP (service level)—
Shutting down an SDP within a service only affects traffic on that service from entering or being received from the SDP. The SDP itself may still be operationally up for other services.
SDP Keepalives—
Enables SDP connectivity monitoring keepalive messages for the SDP ID. Default state is disabled (shutdown) in which case the operational state of the SDP-ID is not affected by the keepalive message state.

shutdown

Syntax 
no shutdown
Context 
[Tree] (config>service>sdp>binding>pw-port shutdown)
Full Contexts 
configure service sdp binding pw-port shutdown
Description 

This command changes the administrative status of the PW port.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>eth-tunnel>path shutdown)
[Tree] (config>eth-tunnel shutdown)
Full Contexts 
configure eth-tunnel path shutdown
configure eth-tunnel shutdown
Description 

This command administratively enables/disables the path.

The no form of this command enables the path.

Default 

shutdown

shutdown

Syntax 
shutdown
[no] shutdown
Context 
[Tree] (config>service>epipe>bgp-evpn>mpls shutdown)
[Tree] (config>service>epipe>bgp-evpn>vxlan shutdown)
[Tree] (config>service>vpls>bgp-evpn>mpls shutdown)
[Tree] (config>service>vpls>bgp-evpn>vxlan shutdown)
Full Contexts 
configure service epipe bgp-evpn mpls shutdown
configure service epipe bgp-evpn vxlan shutdown
configure service vpls bgp-evpn mpls shutdown
configure service vpls bgp-evpn vxlan shutdown
Description 

This command controls the administrative state of EVPN-MPLS or EVPN-VXLAN in the service.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vpls>bgp-evpn>vxlan shutdown)
Full Contexts 
configure service vpls bgp-evpn vxlan shutdown
Description 

This command enables and disables the automatic creation of VXLAN auto-bindings by BGP-EVPN.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vpls>provider-tunnel>inclusive shutdown)
Full Contexts 
configure service vpls provider-tunnel inclusive shutdown
Description 

This command administratively enables and disables the service.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vpls>proxy-arp shutdown)
[Tree] (config>service>vpls>proxy-nd shutdown)
Full Contexts 
configure service vpls proxy-arp shutdown
configure service vpls proxy-nd shutdown
Description 

This command enables and disables the proxy-ARP and proxy-nd functionality. ARP/GARP/ND messages will be snooped and redirected to the CPM for lookup in the proxy-ARP/proxy-ND table. The proxy-ARP/proxy-ND table is populated with IP->MAC pairs received from different sources (EVPN, static, dynamic). When the shutdown command is issued, it flushes the dynamic/EVPN dup proxy-ARP/proxy-ND table entries and instructs the system to stop snooping ARP/ND frames. All the static entries are kept in the table as inactive, regardless of their previous Status.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vsd>domain shutdown)
Full Contexts 
configure service vsd domain shutdown
Description 

This command enables or disables a domain. A description must be provided before no shutdown is executed.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>system>bgp-evpn>ethernet-segment shutdown)
Full Contexts 
configure service system bgp-evpn ethernet-segment shutdown
Description 

This command changes the administrative status of the Ethernet-Segment.

The user can do no shutdown only when esi, multi-homing and lag/port/sdp are configured. If the Ethernet-Segment or the corresponding lag/port/sdp shutdown, the Ethernet-Segment route and the AD per-ES routes will be withdrawn. No changes are allowed when the Ethernet-Segment is no shutdown.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>xmpp>server shutdown)
Full Contexts 
configure system xmpp server shutdown
Description 

This command enables or disables the communication with a specified XMPP server. When the xmpp server is properly configured, no shutdown instructs the system to establish a TCP session with the XMPP server through the management interface first. If it fails to establish communication, the 7750 SR, 7450 ESS, or 7950 XRS uses an in-band communication and its system IP as source IP address. Shutdown does not remove the dynamic configurations.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>apipe shutdown)
[Tree] (config>service>apipe>sap shutdown)
[Tree] (config>service>apipe>spoke-sdp shutdown)
[Tree] (config>service>cpipe shutdown)
[Tree] (config>service>cpipe>sap shutdown)
[Tree] (config>service>cpipe>spoke-sdp shutdown)
[Tree] (config>service>epipe shutdown)
[Tree] (config>service>epipe>bgp-vpws shutdown)
[Tree] (config>service>epipe>site shutdown)
[Tree] (config>service>epipe>sap shutdown)
[Tree] (config>service>epipe>sap>l2tpv3-session shutdown)
[Tree] (config>service>epipe>sap>eth-cfm>mep shutdown)
[Tree] (config>service>epipe>spoke-sdp shutdown)
[Tree] (config>service>epipe>spoke-sdp>eth-cfm>mep shutdown)
[Tree] (config>service>fpipe shutdown)
[Tree] (config>service>fpipe>sap shutdown)
[Tree] (config>service>fpipe>spoke-sdp shutdown)
[Tree] (config>service>ipipe shutdown)
[Tree] (config>service>ipipe>sap shutdown)
[Tree] (config>service>ipipe>spoke-sdp shutdown)
[Tree] (config>service>epipe>pw-port shutdown)
Full Contexts 
configure service apipe sap shutdown
configure service apipe shutdown
configure service apipe spoke-sdp shutdown
configure service cpipe sap shutdown
configure service cpipe shutdown
configure service cpipe spoke-sdp shutdown
configure service epipe bgp-vpws shutdown
configure service epipe pw-port shutdown
configure service epipe sap eth-cfm mep shutdown
configure service epipe sap l2tpv3-session shutdown
configure service epipe sap shutdown
configure service epipe shutdown
configure service epipe site shutdown
configure service epipe spoke-sdp eth-cfm mep shutdown
configure service epipe spoke-sdp shutdown
configure service fpipe sap shutdown
configure service fpipe shutdown
configure service fpipe spoke-sdp shutdown
configure service ipipe sap shutdown
configure service ipipe shutdown
configure service ipipe spoke-sdp shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

Services are created in the administratively down (shutdown) state. When a no shutdown command is entered, the service becomes administratively up and then tries to enter the operationally up state. Default administrative states for services and service entities is described as follows in Special Cases.

The no form of this command places the entity into an administratively enabled state.

Special Cases 
Service Admin State—
Bindings to an SDP within the service will be put into the out-of-service state when the service is shutdown. While the service is shutdown, all customer packets are dropped and counted as discards for billing and debugging purposes.
Service Operational State—
A service is regarded as operational providing that at least one SAP and one SDP are operational or if two SAPs are operational.
SDP (global)—
When an SDP is shutdown at the global service level, all bindings to that SDP are put into the out-of-service state and the SDP itself is put into the administratively and operationally down states. Packets that would normally be transmitted using this SDP binding will be discarded and counted as dropped packets.
SDP (service level)—
Shutting down an SDP within a service only affects traffic on that service from entering or being received from the SDP. The SDP itself may still be operationally up for other services.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>epipe>bgp-vpws shutdown)
Full Contexts 
configure service epipe bgp-vpws shutdown
Description 

This command administratively enables/disables the local BGP VPWS instance. On de-activation an MP-UNREACH-NLRI is sent for the local NLRI.

The no form of this command enables the BGP VPWS addressing and the related BGP advertisement. The associated BGP VPWS MP-REACH-NLRI will be advertised in an update message and the corresponding received NLRIs must be considered to instantiate the data plane.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>ipipe>eth-legacy-fault-notification shutdown)
Full Contexts 
configure service ipipe eth-legacy-fault-notification shutdown
Description 

This command enables or disables the propagation of fault from the Ethernet segment to the legacy connection using PPP, MLPPP and HDLC for an Ipipe service. Issuing a “no shutdown” will activate the feature. Issuing a “shutdown” will deactivate the feature and stop fault notification from the Ethernet to PPP, MLPPP and HDLC protocols.

The no form of this command activates the ethernet legacy fault propagation.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vpls>bgp-vpls shutdown)
Full Contexts 
configure service vpls bgp-vpls shutdown
Description 

This command administratively enables/disables the local BGP VPLS instance. On de-activation an MP-UNREACH-NLRI must be sent for the local NLRI.

The no form of this command enables the BGP VPLS addressing and the related BGP advertisement. The associated BGP VPLS MP-REACH-NLRI will be advertised in an update message and the corresponding received NLRIs must be considered to instantiate the data plane. RT, RD usage: same as in the BGP AD solution, if the values are not configured here, the value of the VPLS-id from under the bgp-ad node is used. If VPLS-id value is not configured either the MH site cannot be activated – i.e. no shutdown returns an error. Same applies if a pseudowire template is not specified under the BGP node.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>ies>if>ipv6>secure-nd shutdown)
Full Contexts 
configure service ies interface ipv6 secure-nd shutdown
Description 

This command enables or disables Secure Neighbor Discovery (SeND) on the interface.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vprn>aaa>remote-servers>tacplus shutdown)
Full Contexts 
configure service vprn aaa remote-servers tacplus shutdown
Description 

This command administratively disables the TACACS+ protocol operation. Shutting down the protocol does not remove or change the configuration other than the administrative state.

The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

The no form of this command administratively enables the protocol which is the default state.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vprn>static-route-entry>black-hole shutdown)
[Tree] (config>service>vprn>static-route-entry>grt shutdown)
[Tree] (config>service>vprn>static-route-entry>indirect shutdown)
[Tree] (config>service>vprn>static-route-entry>ipsec-tunnel shutdown)
[Tree] (config>service>vprn>static-route-entry>next-hop shutdown)
Full Contexts 
configure service vprn static-route-entry black-hole shutdown
configure service vprn static-route-entry grt shutdown
configure service vprn static-route-entry indirect shutdown
configure service vprn static-route-entry ipsec-tunnel shutdown
configure service vprn static-route-entry next-hop shutdown
Description 

This command causes the static route to be placed in an administratively down state and removed from the active route-table

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vprn>if>secure-nd shutdown)
Full Contexts 
configure service vprn interface secure-nd shutdown
Description 

This command enables or disables Secure Neighbor Discovery (SeND) on the interface.

shutdown

Syntax 
shutdown
no shutdown
Context 
[Tree] (config>service>vprn>mvpn>provider-tunnel>inclusive>bier shutdown)
[Tree] (config>service>vprn>mvpn>provider-tunnel>selective>bier shutdown)
Full Contexts 
configure service vprn mvpn provider-tunnel inclusive bier shutdown
configure service vprn mvpn provider-tunnel selective bier shutdown
Description 

This command administratively disables and enables use of BIER for the provider tunnel.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vprn>mvpn>pt>inclusive>rsvp>lsp-template shutdown)
[Tree] (config>service>vprn>mvpn>pt>inclusive>mldp shutdown)
[Tree] (config>service>vprn>mvpn>pt>selective>rsvp shutdown)
[Tree] (config>service>vprn>mvpn>pt>selective>mldp shutdown)
Full Contexts 
configure service vprn mvpn provider-tunnel inclusive mldp shutdown
configure service vprn mvpn pt inclusive rsvp lsp-template shutdown
configure service vprn mvpn provider-tunnel selective mldp shutdown
configure service vprn mvpn provider-tunnel selective rsvp shutdown
Description 

This command administratively disables/enables use of P2MP RSVP LSP template or mLDP LSP for inclusive or selective PMSI tunnels.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vprn>mvpn>pt>selective>multistream-spmsi shutdown)
Full Contexts 
configure service vprn mvpn provider-tunnel selective multistream-spmsi shutdown
Description 

This commands enables multi-stream S-PSMI. At least one group must be active in a policy.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>vprn>mvpn>pt>inclusive>p2mp-sr shutdown)
[Tree] (config>service>vprn>mvpn>pt>selective>multistream-spmsi shutdown)
[Tree] (config>service>vprn>mvpn>pt>selective>p2mp-sr shutdown)
Full Contexts 
configure service vprn mvpn provider-tunnel inclusive p2mp-sr shutdown
configure service vprn mvpn provider-tunnel selective multistream-spmsi shutdown
configure service vprn mvpn provider-tunnel selective p2mp-sr shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

When the operational state of an entity is disabled, the operational state of any entities contained within are also disabled. Many objects must be shut down before they may be deleted.

Services are created in the administratively down (shutdown) state. When a no shutdown command is entered, the service becomes administratively up, then attempts to enter the operationally up state.

The no form of this command places the entity into an administratively enabled state.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>lmp>peer>control-channel shutdown)
Full Contexts 
configure router lmp peer control-channel shutdown
Description 

This command administratively enables or disables the IP control channel.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>lmp>peer shutdown)
Full Contexts 
configure router lmp peer shutdown
Description 

This command administratively enables or disables LMP with a given peer.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>lmp>te-link shutdown)
Full Contexts 
configure router lmp te-link shutdown
Description 

This command administratively enables or disables the TE Link.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>lmp>te-link>data-bearer shutdown)
Full Contexts 
configure router lmp te-link data-bearer shutdown
Description 

This command administratively enables or disables the data bearer.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>lmp shutdown)
Full Contexts 
configure router lmp shutdown
Description 

This command administratively enables or disables LMP.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>gmpls>lsp>working-path shutdown)
[Tree] (config>router>gmpls>lsp>protect-path shutdown)
Full Contexts 
configure router gmpls lsp protect-path shutdown
configure router gmpls lsp working-path shutdown
Description 

This command administratively enables or disables the GMPLS LSP path.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>gmpls>lsp shutdown)
Full Contexts 
configure router gmpls lsp shutdown
Description 

This command administratively enables or disables the GMPLS LSP.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>gmpls>path shutdown)
Full Contexts 
configure router gmpls path shutdown
Description 

This command disables GMPLS LSPs using the path. All services using these GMPLS LSPs are affected. Paths are created in the shutdown state.

The no form of this command administratively enables the path. All LSPs, where this path is defined as primary or defined as standby secondary, are (re)established.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>gmpls>peer shutdown)
Full Contexts 
configure router gmpls peer shutdown
Description 

This command disables or enables RSVP adjacency with the neighboring UNI-N peer node.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>gmpls shutdown)
Full Contexts 
configure router gmpls shutdown
Description 

This command disables or enables GMPLS.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>gmpls>te-link shutdown)
Full Contexts 
configure router gmpls te-link shutdown
Description 

This command enables or disables the TE Link in GMPLS.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>gmpls-tun-grp>member shutdown)
Full Contexts 
configure gmpls-tun-grp member shutdown
Description 

This command disables or enables the member of the GMPLS tunnel group.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>gmpls-tun-grp shutdown)
Full Contexts 
configure gmpls-tun-grp shutdown
Description 

This command administratively disables or enables the GMPLS tunnel group.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>ldp shutdown)
[Tree] (config>router>ldp>if-params>if shutdown)
[Tree] (config>router>ldp>if-params>if>ipv4 shutdown)
[Tree] (config>router>ldp>if-params>if>ipv6 shutdown)
[Tree] (config>router>ldp>targ-session>peer shutdown)
[Tree] (config>router>ldp>targ-session>peer-template shutdown)
[Tree] (config>router>ldp>egr-stats>fec-prefix shutdown)
[Tree] (config>router>ldp>aggregate-prefix-match shutdown)
Full Contexts 
configure router ldp aggregate-prefix-match shutdown
configure router ldp egress-statistics fec-prefix shutdown
configure router ldp interface-parameters interface ipv4 shutdown
configure router ldp interface-parameters interface ipv6 shutdown
configure router ldp interface-parameters interface shutdown
configure router ldp shutdown
configure router ldp targeted-session peer shutdown
configure router ldp targeted-session peer-template shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted. For an LDP interface, the shutdown command exists under the main interface context and under each of the interface IPv4 and IPv6 contexts.

  1. shutdown under the interface context brings down both IPv4 and IPv6 Hello adjacencies and stops Hello transmission in both contexts.
  2. shutdown under the interface IPv4 or IPv6 contexts brings down the Hello adjacency and stops Hello transmission in that context only.

The user can also delete the entire IPv4 or IPv6 context under the interface with the no ipv4 or no ipv6 command which in addition to bringing down the Hello adjacency will delete the configuration.

The no form of this command administratively enables an entity.

Unlike other commands and parameters where the default state is not indicated in the configuration file, the shutdown and no shutdown states are always indicated in system generated configuration files.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>ldp>targeted-session>auto-tx>ipv4 shutdown)
[Tree] (config>router>ldp>targeted-session>auto-rx>ipv4 shutdown)
Full Contexts 
configure router ldp targeted-session auto-rx ipv4 shutdown
configure router ldp targeted-session auto-tx ipv4 shutdown
Description 

This command administratively disables the capabilities associated with automatically sending targeted Hello messages through the auto-tx command or processing targeted Hello messages through the auto-rx command.

The no form of this command administratively enables the capabilities associated with the auto-tx and auto-rx commands.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>mpls shutdown)
[Tree] (config>router>mpls>interface shutdown)
[Tree] (config>router>mpls>ingr-stats>p2mp-template-lsp shutdown)
[Tree] (config>router>mpls>ingr-stats>p2p-template-lsp shutdown)
[Tree] (config>router>mpls>lsp>primary shutdown)
[Tree] (config>router>mpls>lsp>primary-p2mp-instance shutdown)
[Tree] (config>router>mpls>lsp>secondary shutdown)
[Tree] (config>router>mpls>lsp>egress-statistics shutdown)
[Tree] (config>router>mpls>lsp-template>egress-statistics shutdown)
Full Contexts 
configure router mpls ingress-statistics p2mp-template-lsp shutdown
configure router mpls ingress-statistics p2p-template-lsp shutdown
configure router mpls interface shutdown
configure router mpls lsp egress-statistics shutdown
configure router mpls lsp primary shutdown
configure router mpls lsp primary-p2mp-instance shutdown
configure router mpls lsp secondary shutdown
configure router mpls lsp-template egress-statistics shutdown
configure router mpls shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The config>router>mpls>ingr-stats>p2mp-template-lsp>shutdown command is supported on the 7750 SR, 7950 XRS, and with VPLS only on the 7450 ESS.

The config>router>mpls>lsp>primary-p2mp-instance>shutdown is not supported on the 7450 ESS.

MPLS is not enabled by default and must be explicitly enabled (no shutdown).

The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

The no form of this command places the entity into an administratively enabled state.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>mpls>pce-initiated-lsp>sr-te shutdown)
Full Contexts 
configure router mpls pce-initiated-lsp sr-te shutdown
Description 

This command administratively enables or disables the sr-te context for PCE initiated LSPs. A shutdown of the sr-te context under pce-initiated-lsp causes an error to be generated for new PCInitate messages, and existing PCE-initiated LSPs are taken to the oper-down state.

The no form of this command administratively enables the sr-te context for PCE initiated LSP.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>mpls>if>label-map shutdown)
Full Contexts 
configure router mpls interface label-map shutdown
Description 

This command disables the label map definition. This drops all packets that match the specified in-label specified in the label-map in-label command.

The no form of this command administratively enables the defined label map action.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>mpls>mpls-tp>transit-path shutdown)
Full Contexts 
configure router mpls mpls-tp transit-path shutdown
Description 

This command administratively enables or disables an MPLS-TP transit path.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>mpls>lsp shutdown)
[Tree] (config>router>mpls>lsp-template shutdown)
Full Contexts 
configure router mpls lsp shutdown
configure router mpls lsp-template shutdown
Description 

This command disables the existing LSP including the primary and any standby secondary paths.

To shutdown only the primary enter the config router mpls lsp lsp-name primary path-name shutdown command.

To shutdown a specific standby secondary enter the config router mpls lsp lsp-name secondary path-name shutdown command. The existing configuration of the LSP is preserved.

Use the no form of this command to restart the LSP. LSPs are created in a shutdown state. Use this command to administratively bring up the LSP.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>rib-api>mpls shutdown)
Full Contexts 
configure router rib-api mpls shutdown
Description 

This command disables the programming of tunnel and label FIB entries by the RIB-API gRPC service. It causes all existing tunnel and label FIB entries to be de-programmed from the data path, but they remain in the control plane database.

The no form of this command enables the programming of tunnel and label FIB entries by the RIB-API gRPC service.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>mpls>path shutdown)
Full Contexts 
configure router mpls path shutdown
Description 

This command disables the existing LSPs using this path. All services using these LSPs are affected. Binding information, however, is retained in those LSPs. Paths are created in the shutdown state.

The no form of this command administratively enables the path. All LSPs, where this path is defined as primary or defined as standby secondary, are (re)established.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>mpls>static-lsp shutdown)
Full Contexts 
configure router mpls static-lsp shutdown
Description 

This command is used to administratively disable the static LSP.

The no form of this command administratively enables the static LSP.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>rsvp shutdown)
[Tree] (config>router>rsvp>interface shutdown)
Full Contexts 
configure router rsvp interface shutdown
configure router rsvp shutdown
Description 

This command disables the RSVP protocol instance or the RSVP-related functions for the interface. The RSVP configuration information associated with this interface is retained. When RSVP is administratively disabled, all the RSVP sessions are torn down. The existing configuration is retained.

The no form of this command administratively enables RSVP on the interface.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>pcep>pcc shutdown)
[Tree] (config>router>pcep>pce shutdown)
Full Contexts 
configure router pcep pcc shutdown
configure router pcep pce shutdown
Description 

This command administratively disables the PCC or PCE process.

The following PCE parameters can only be modified when the PCEP session is shut down:

  1. local-address
  2. keepalive
  3. dead-timer

The unknown-message-rate PCE parameter can be modified without shutting down the PCEP session.

The following PCC parameters can only be modified when the PCEP session is shut down:

  1. local-address
  2. keepalive
  3. dead-timer
  4. peer

The following PCC parameters can be modified without shutting down the PCEP session:

  1. report-path-constraints
  2. unknown-message-rate
Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>mpls>fwd-policies>fwd-policy>egress-statistics shutdown)
[Tree] (config>router>mpls>fwd-policies>fwd-policy>ingress-statistics shutdown)
Full Contexts 
configure router mpls forwarding-policies forwarding-policy egress-statistics shutdown
configure router mpls forwarding-policies forwarding-policy ingress-statistics shutdown
Description 

This command shuts down the ingress or egress statistics in a forwarding policy.

The no form of this command enables ingress or egress statistics in a forwarding policy.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>mpls>fwd-policies>fwd-policy>nh-grp shutdown)
Full Contexts 
configure router mpls forwarding-policies forwarding-policy next-hop-group shutdown
Description 

This command shuts down an NHG entry in a forwarding policy.

When an NHG is shut down, it is removed from the data path entry of the forwarding policy.

The no form of this command brings up an NHG entry in a forwarding policy.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>mpls>fwd-policies>fwd-policy shutdown)
Full Contexts 
configure router mpls forwarding-policies forwarding-policy shutdown
Description 

This command shuts down the forwarding policy.

The no form of this command enables the forwarding policy.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>mpls>fwd-policies shutdown)
Full Contexts 
configure router mpls forwarding-policies shutdown
Description 

This command shuts down the forwarding-policies context; causing all forwarding policies to be removed from the data path, however they remain in the MPLS forwarding database.

The no form of this command enables the forwarding-policies context.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>app-assure>aarp shutdown)
[Tree] (config>app-assure>group>aa-sub-cong shutdown)
[Tree] (config>app-assure>group>cflowd shutdown)
[Tree] (config>app-assure>group>cflowd>collector shutdown)
[Tree] (config>app-assure>group>cflowd>comp shutdown)
[Tree] (config>app-assure>group>cflowd>comp>template>dynamic-fields shutdown)
[Tree] (config>app-assure>group>cflowd>rtp-perf shutdown)
[Tree] (config>app-assure>group>cflowd>rtp-perf>audio-template>dynamic-fields shutdown)
[Tree] (config>app-assure>group>cflowd>rtp-perf>video-template>dynamic-fields shutdown)
[Tree] (config>app-assure>group>cflowd>rtp-perf>voice-template>dynamic-fields shutdown)
[Tree] (config>app-assure>group>cflowd>tcp-perf shutdown)
[Tree] (config>app-assure>group>cflowd>tcp-perf>template>dynamic-fields shutdown)
[Tree] (config>app-assure>group>cflowd>volume shutdown)
[Tree] (config>app-assure>group>cflowd>volume>template>dynamic-fields shutdown)
[Tree] (config>app-assure>group>certificate-profile shutdown)
[Tree] (config>app-assure>group>dns-ip-cache shutdown)
[Tree] (config>app-assure>group>event-log shutdown)
[Tree] (config>app-assure>group>gtp shutdown)
[Tree] (config>app-assure>group>http-enrich shutdown)
[Tree] (config>app-assure>group>http-error-redirect shutdown)
[Tree] (config>app-assure>group>http-notification shutdown)
[Tree] (config>app-assure>group>http-redirect shutdown)
[Tree] (config>app-assure>group>policer>tod-override shutdown)
[Tree] (config>app-assure>group>policy>app-filter>entry shutdown)
[Tree] (config>app-assure>group>policy>app-qos-policy>entry shutdown)
[Tree] (config>app-assure>group>policy>custom-protocol shutdown)
[Tree] (config>app-assure>group>statistics>protocol shutdown)
[Tree] (config>app-assure>group>tethering-detection shutdown)
[Tree] (config>app-assure>group>transit-ip-policy>dhcp shutdown)
[Tree] (config>app-assure>group>transit-ip-policy>radius shutdown)
[Tree] (config>app-assure>group>transit-ip-policy>transit-auto-create shutdown)
[Tree] (config>app-assure>group>url-filter shutdown)
[Tree] (config>app-assure>group>url-filter>icap>server shutdown)
[Tree] (config>app-assure>group>url-list shutdown)
[Tree] (config>app-assure>group>wap1x shutdown)
[Tree] (config>app-assure>protocol shutdown)
[Tree] (config>isa>aa-grp shutdown)
[Tree] (config>service>ies>aa-interface shutdown)
[Tree] (config>service>ies>aa-interface shutdown)
[Tree] (config>service>ies>aa-interface>sap shutdown)
[Tree] (config>service>vprn>aa-interface shutdown)
[Tree] (config>service>vprn>aa-interface>sap shutdown)
Full Contexts 
configure application-assurance aarp shutdown
configure application-assurance group aa-sub-congestion-detection shutdown
configure application-assurance group certificate-profile shutdown
configure application-assurance group cflowd collector shutdown
configure application-assurance group cflowd comprehensive shutdown
configure application-assurance group cflowd comprehensive template dynamic-fields shutdown
configure application-assurance group cflowd rtp-performance audio-template dynamic-fields shutdown
configure application-assurance group cflowd rtp-performance shutdown
configure application-assurance group cflowd rtp-performance video-template dynamic-fields shutdown
configure application-assurance group cflowd rtp-performance voice-template dynamic-fields shutdown
configure application-assurance group cflowd shutdown
configure application-assurance group cflowd tcp-performance shutdown
configure application-assurance group cflowd tcp-performance template dynamic-fields shutdown
configure application-assurance group cflowd volume shutdown
configure application-assurance group cflowd volume template dynamic-fields shutdown
configure application-assurance group dns-ip-cache shutdown
configure application-assurance group event-log shutdown
configure application-assurance group gtp shutdown
configure application-assurance group http-enrich shutdown
configure application-assurance group http-error-redirect shutdown
configure application-assurance group http-notification shutdown
configure application-assurance group http-redirect shutdown
configure application-assurance group policer tod-override shutdown
configure application-assurance group policy app-filter entry shutdown
configure application-assurance group policy app-qos-policy entry shutdown
configure application-assurance group policy custom-protocol shutdown
configure application-assurance group statistics protocol shutdown
configure application-assurance group tethering-detection shutdown
configure application-assurance group transit-ip-policy dhcp shutdown
configure application-assurance group transit-ip-policy radius shutdown
configure application-assurance group transit-ip-policy transit-auto-create shutdown
configure application-assurance group url-filter icap server shutdown
configure application-assurance group url-filter shutdown
configure application-assurance group url-list shutdown
configure application-assurance group wap1x shutdown
configure application-assurance protocol shutdown
configure isa application-assurance-group shutdown
configure service ies aa-interface sap shutdown
configure service ies aa-interface shutdown
configure service vprn aa-interface sap shutdown
configure service vprn aa-interface shutdown
Description 

This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command.

The shutdown command administratively disables an entity. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>app-assure>group>transit-ip>diameter shutdown)
Full Contexts 
configure application-assurance group transit-ip-policy diameter shutdown
Description 

This command removes all transit AA subscribers created via Diameter on this transit AA subscriber IP policy and clears all corresponding Diameter sessions.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>isa>aa-grp>overload-sub-quarantine shutdown)
Full Contexts 
configure isa application-assurance-group overload-sub-quarantine shutdown
Description 

This command disables the overload subscriber detection algorithm in the ISA group for the purpose of quarantining an overloaded subscriber. It is possible to manually quarantine an AA subscriber even when this command is disabled (shutdown).

The no form of this command enables the overload subscriber detection algorithm in the ISA group. When enabled, each ISA monitors the traffic on a continuous basis to identify AA subscribers that occupy more than their fair share of ISA resources and need to be quarantined.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (debug>app-assur>group>traffic-capture shutdown)
Full Contexts 
debug app-assur group traffic-capture shutdown
Description 

This command administratively disables traffic capture.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (debug>app-assure>group>http-host-recorder shutdown)
[Tree] (debug>app-assure>group>port-recorder shutdown)
Full Contexts 
debug application-assurance group http-host-recorder shutdown
debug application-assurance group port-recorder shutdown
Description 

This commands allows to stop or start the http-host-recorder. To reset the recorded values execute shutdown followed by no shutdown.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>esa shutdown)
[Tree] (config>esa>vm shutdown)
Full Contexts 
configure esa shutdown
configure esa vm shutdown
Description 

This command administratively disables the instance. The operational state of the instance is disabled, as well as the operational state of any entities contained within. When disabled, the instance does not change, reset, or remove any configuration settings or statistics.

The no form of this command administratively enables the instance.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>ipsec>cert-profile shutdown)
[Tree] (config>ipsec>client-db shutdown)
[Tree] (config>ipsec>client-db>client shutdown)
[Tree] (config>isa shutdown)
[Tree] (config>isa>aa-group shutdown)
[Tree] (config>isa>tunnel-grp shutdown)
[Tree] (config>redundancy>multi-chassis>peer>mc-ipsec>tunnel-group shutdown)
[Tree] (config>service>ies>if>ipsec>ipsec-tunnel shutdown)
[Tree] (config>service>ies>if>sap>ip-tunnel shutdown)
[Tree] (config>service>ies>if>sap>ipsec-gw shutdown)
[Tree] (config>service>ies>if>sap>ipsec-gw>dhcp shutdown)
[Tree] (config>service>ies>if>sap>ipsec-gw>dhcp6 shutdown)
[Tree] (config>service>ies>if>sap>ipsec-gw>lcl-addr-assign shutdown)
[Tree] (config>service>vprn>if>ipsec>ipsec-tunnel shutdown)
[Tree] (config>service>vprn>if>sap>ip-tunnel shutdown)
[Tree] (config>service>vprn>if>sap>ipsec-gw shutdown)
[Tree] (config>service>vprn>if>sap>ipsec-gw>dhcp shutdown)
[Tree] (config>service>vprn>if>sap>ipsec-gw>dhcp6 shutdown)
[Tree] (config>service>vprn>if>sap>ipsec-gw>lcl-addr-assign shutdown)
Full Contexts 
configure ipsec cert-profile shutdown
configure ipsec client-db client shutdown
configure ipsec client-db shutdown
configure isa aa-group shutdown
configure isa shutdown
configure isa tunnel-group shutdown
configure redundancy multi-chassis peer mc-ipsec tunnel-group shutdown
configure service ies interface ipsec ipsec-tunnel shutdown
configure service ies interface sap ip-tunnel shutdown
configure service ies interface sap ipsec-gw dhcp shutdown
configure service ies interface sap ipsec-gw dhcp6 shutdown
configure service ies interface sap ipsec-gw local-address-assignment shutdown
configure service ies interface sap ipsec-gw shutdown
configure service vprn interface ipsec ipsec-tunnel shutdown
configure service vprn interface sap ip-tunnel shutdown
configure service vprn interface sap ipsec-gw dhcp shutdown
configure service vprn interface sap ipsec-gw dhcp6 shutdown
configure service vprn interface sap ipsec-gw local-address-assignment shutdown
configure service vprn interface sap ipsec-gw shutdown
Description 

This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command.

The shutdown command administratively disables an entity. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>security>pki>ca-prof>auto-crl-update shutdown)
Full Contexts 
configure system security pki ca-profile auto-crl-update shutdown
Description 

This command disables the auto CRL update.

The no form of this command enables an auto CRL update. Upon no shutdown, if the configured CRL file does not exist, is invalid or is expired or if the schedule-type is next-update-based and current time passed (Next-Update_of_existing_CRL - pre-update-time), then system will start downloading CRL right away.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>isa>lns-group shutdown)
Full Contexts 
configure isa lns-group shutdown
Description 

This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command.

The shutdown command administratively disables an entity. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>aaa>isa-radius-plcy>servers>server shutdown)
[Tree] (config>isa>nat-group shutdown)
[Tree] (config>router>firewall>domain shutdown)
[Tree] (config>router>nat>inside>deterministic>prefix shutdown)
[Tree] (config>router>nat>inside>dual-stack-lite shutdown)
[Tree] (config>router>nat>inside>nat64 shutdown)
[Tree] (config>router>nat>inside>redundancy>subscriber-identification shutdown)
[Tree] (config>router>nat>inside>subscriber-id shutdown)
[Tree] (config>router>nat>outside>pool shutdown)
[Tree] (config>router>nat>outside>pool>address-range shutdown)
[Tree] (config>router>nat>outside>pool>redundancy shutdown)
[Tree] (config>service>ipfix>ipfix-export-policy>collector shutdown)
[Tree] (config>service>vprn>mtrace2 shutdown)
[Tree] (config>service>vprn>nat>inside>nat64 shutdown)
[Tree] (config>service>vprn>nat>outside>pool shutdown)
[Tree] (config>service>vprn>nat>outside>pool>address-range shutdown)
[Tree] (config>service>vprn>nat>outside>pool>redundancy shutdown)
Full Contexts 
configure aaa isa-radius-policy servers server shutdown
configure isa nat-group shutdown
configure router firewall domain shutdown
configure router nat inside deterministic prefix shutdown
configure router nat inside dual-stack-lite shutdown
configure router nat inside nat64 shutdown
configure router nat inside redundancy subscriber-identification shutdown
configure router nat inside subscriber-id shutdown
configure router nat outside pool address-range shutdown
configure router nat outside pool redundancy shutdown
configure router nat outside pool shutdown
configure service ipfix ipfix-export-policy collector shutdown
configure service vprn mtrace2 shutdown
configure service vprn nat inside nat64 shutdown
configure service vprn nat outside pool address-range shutdown
configure service vprn nat outside pool redundancy shutdown
configure service vprn nat outside pool shutdown
Description 

This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command.

The shutdown command administratively disables an entity. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>epipe>nat-outside shutdown)
Full Contexts 
configure service epipe nat-outside shutdown
Description 

This command administratively enables or disables the Epipe as a NAT outside service.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>nat>map-domain>mapping-rule shutdown)
Full Contexts 
configure service nat map-domain mapping-rule shutdown
Description 

This command enables or disables a rule within a MAP domain. A MAP rule can be enabled (no shutdown) only when all parameters within the rule are defined. Disabling a rule within an instantiated MAP domain will withdraw the rule IPv4 routes and disable forwarding for the rule.

Interactions:

config>service>vprn>nat>map>map-domain domain-name

config>service>router>nat>map>map-domain domain-name

Shutdown of an instantiated MAP rule disables the rule (the rule routes will be withdrawn and forwarding will be disabled).

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>service>nat>map-domain shutdown)
Full Contexts 
configure service nat map-domain shutdown
Description 

This command enables or disables a MAP domain. A MAP domain can be enabled (no shutdown) only when the DMR prefix is configured. Disabling an instantiated domain will withdraw all routes associated with it.

Interactions:

config>service>vprn>nat>map>map-domain domain-name

config>service>router>nat>map>map-domain domain-name

Shutdown of a MAP domain template disables the instantiated MAP domain (the routes will be withdrawn and forwarding will be disabled).

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>isa>video-group shutdown)
[Tree] (config>service>ies>video-interface shutdown)
[Tree] (config>service>vpls>video-interface shutdown)
[Tree] (config>service>vprn>video-interface shutdown)
Full Contexts 
configure isa video-group shutdown
configure service ies video-interface shutdown
configure service vpls video-interface shutdown
configure service vprn video-interface shutdown
Description 

This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command.

When an entity is disabled, the operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they can be deleted.

Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system generated configuration files.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>bier shutdown)
[Tree] (config>router>bier>template shutdown)
Full Contexts 
configure router bier shutdown
configure router bier template shutdown
Description 

This command shuts down BIER or a BIER template.

The no form of this command enables BIER or the BIER template.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>gtm>provider-tunnel>inclusive>rsvp shutdown)
[Tree] (config>router>gtm>provider-tunnel>selective>rsvp shutdown)
Full Contexts 
configure router gtm provider-tunnel inclusive rsvp shutdown
configure router gtm provider-tunnel selective rsvp shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

Services are created in the administratively down (shutdown) state. When a no shutdown command is entered, the service becomes administratively up and then tries to enter the operationally up state.

The no form of this command places the entity into an administratively enabled state.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>igmp shutdown)
[Tree] (config>router>igmp>group-interface shutdown)
[Tree] (config>router>igmp>if shutdown)
[Tree] (config>router>igmp>tunnel-interface shutdown)
Full Contexts 
configure router igmp group-interface shutdown
configure router igmp interface shutdown
configure router igmp shutdown
configure router igmp tunnel-interface shutdown
Description 

The shutdown command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command and must be shut down before they may be deleted.

Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system generated configuration files.

The no form of the command puts an entity into the administratively enabled state.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>igmp>interface>mcac>mc-constraints shutdown)
[Tree] (config>router>mcac>if-policy shutdown)
[Tree] (config>router>mcac>policy>bundle shutdown)
[Tree] (config>router>mld>grp-if>mcac>mc-constraints shutdown)
[Tree] (config>router>mld shutdown)
[Tree] (config>router>mld>group-interface shutdown)
[Tree] (config>router>mld>if shutdown)
[Tree] (config>router>pim>interface>mcac>mc-constraints shutdown)
Full Contexts 
configure router igmp interface mcac mc-constraints shutdown
configure router mcac if-policy shutdown
configure router mcac policy bundle shutdown
configure router mld group-interface shutdown
configure router mld group-interface mcac mc-constraints shutdown
configure router mld interface shutdown
configure router mld shutdown
configure router pim interface mcac mc-constraints shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command and must be shut down before they may be deleted.

Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system generated configuration files.

The no form of this command puts an entity into the administratively enabled state.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>msdp shutdown)
[Tree] (config>router>msdp>peer shutdown)
[Tree] (config>router>msdp>group shutdown)
Full Contexts 
configure router msdp group shutdown
configure router msdp peer shutdown
configure router msdp shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command and must be shut down before they may be deleted.

Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system generated configuration files.

The no form of this command puts an entity into the administratively enabled state.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>pim shutdown)
[Tree] (config>router>pim>interface shutdown)
[Tree] (config>router>pim>rp>bsr-candidate shutdown)
[Tree] (config>router>pim>rp>ipv6>bsr-candidate shutdown)
[Tree] (config>router>pim>rp>ipv6>embedded-rp shutdown)
[Tree] (config>router>pim>rp>ipv6>rp-candidate shutdown)
[Tree] (config>router>pim>rp>rp-candidate shutdown)
Full Contexts 
configure router pim interface shutdown
configure router pim rp bsr-candidate shutdown
configure router pim rp ipv6 bsr-candidate shutdown
configure router pim rp ipv6 embedded-rp shutdown
configure router pim rp ipv6 rp-candidate shutdown
configure router pim rp rp-candidate shutdown
configure router pim shutdown
Description 

The shutdown command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command and must be shut down before they may be deleted.

Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system generated configuration files.

The no form of this command puts an entity into the administratively enabled state.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>p2mp-sr-tree shutdown)
[Tree] (config>router>p2mp-sr-tree>p2mp-policy shutdown)
[Tree] (config>router>p2mp-sr-tree>p2mp-policy>p2mp-candidate-path shutdown)
[Tree] (config>router>p2mp-sr-tree>replication-segment shutdown)
[Tree] (config>router>p2mp-sr-tree>replication-segment>next-hop-id shutdown)
Full Contexts 
configure router p2mp-sr-tree p2mp-policy p2mp-candidate-path shutdown
configure router p2mp-sr-tree p2mp-policy shutdown
configure router p2mp-sr-tree replication-segment next-hop-id shutdown
configure router p2mp-sr-tree replication-segment shutdown
configure router p2mp-sr-tree shutdown
Description 

This command administratively disables an entity for the P2MP SR tree. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

When the operational state of an entity is disabled, the operational state of any entities contained within are also disabled. Many objects must be shut down before they may be deleted.

Services are created in the administratively down (shutdown) state. When a no shutdown command is entered, the service becomes administratively up, then attempts to enter the operationally up state.

The no form of this command places the entity into an administratively enabled state.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>mirror>mirror-dest shutdown)
[Tree] (config>mirror>mirror-source shutdown)
[Tree] (config>mirror>mirror-dest>spoke-sdp>egress shutdown)
[Tree] (config>li>li-source shutdown)
[Tree] (config>li>log>log-id shutdown)
[Tree] (config>service>vprn>ip-mirror-interface shutdown)
[Tree] (config>service>vprn>ip-mirror-interface>spoke-sdp shutdown)
[Tree] (config>service>ies>if>ping-template shutdown)
[Tree] (config>service>vprn>if>ping-template shutdown)
Full Contexts 
configure li li-source shutdown
configure li log log-id shutdown
configure mirror mirror-dest shutdown
configure mirror mirror-dest spoke-sdp egress shutdown
configure mirror mirror-source shutdown
configure service ies interface ping-template shutdown
configure service vprn interface ping-template shutdown
configure service vprn ip-mirror-interface shutdown
configure service vprn ip-mirror-interface spoke-sdp shutdown
Description 

The shutdown command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command.

The shutdown command administratively disables an entity. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system generated configuration files.

The no form of this command puts an entity into the administratively enabled state.

Default 

See Special Cases below.

Special Cases 
Mirror Destination—
When a mirror destination service ID is shutdown, mirrored packets associated with the service ID are not accepted from the mirror source or remote source router. The associated mirror source is put into an operationally down mode. Mirrored packets are not transmitted out of the SAP or SDP. Each mirrored packet is silently discarded. If the mirror destination is a SAP, the SAP’s discard counters are incremented.

The shutdown command places the mirror destination service or mirror source into an administratively down state. The mirror-dest service ID must be shut down in order to delete the service ID, SAP or SDP association from the system.

The default state for a mirror destination service ID is shutdown. A no shutdown command is required to enable the service.

Mirror Source—
Mirror sources do not need to be shutdown in order to remove them from the system.

When a mirror source is shutdown, mirroring is terminated for all sources defined locally for the mirror destination service ID. If the remote-source command has been executed on the mirror destination associated with the shut down mirror source, mirroring continues for remote sources.

The default state for a mirror source for a given mirror-dest service ID is no shutdown. A shutdown command is required to disable mirroring from that mirror-source.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (debug>mirror-source shutdown)
Full Contexts 
debug mirror-source shutdown
Description 

This command enables mirror source debugging.

The no form of this command clears mirror source information.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>oam-pm>bin-group shutdown)
[Tree] (config>oam-pm>session>ethernet>dmm shutdown)
[Tree] (config>oam-pm>session>ethernet>slm shutdown)
[Tree] (config>oam-pm>session>ethernet>lmm shutdown)
[Tree] (config>oam-pm>session>ethernet>lmm>availability shutdown)
[Tree] (config>oam-pm>session>ip>twamp-light shutdown)
[Tree] (config>oam-pm>session>measurement-interval>event-mon shutdown)
[Tree] (config>saa>test shutdown)
[Tree] (config>test-oam>ldp-treetrace shutdown)
[Tree] (config>test-oam>twamp>server shutdown)
[Tree] (config>test-oam>twamp>server>prefix shutdown)
Full Contexts 
configure oam-pm bin-group shutdown
configure oam-pm session ethernet dmm shutdown
configure oam-pm session ethernet lmm availability shutdown
configure oam-pm session ethernet lmm shutdown
configure oam-pm session ethernet slm shutdown
configure oam-pm session ip twamp-light shutdown
configure oam-pm session measurement-interval event-mon shutdown
configure saa test shutdown
configure test-oam ldp-treetrace shutdown
configure test-oam twamp server prefix shutdown
configure test-oam twamp server shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

Entities are created in the administratively down (shutdown) state. When a no shutdown command is entered, the entity becomes administratively up and then tries to enter the operationally up state.

The no form of this command administratively enables the entity.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>test-oam>mpls-dm shutdown)
Full Contexts 
configure test-oam mpls-dm shutdown
Description 

This command disables or enables MPLS delay measurement transmission and reflection processing.

The no form of this command allows the transmission and reflection of MPLS DM packets.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>oam-pm>streaming>delay-template shutdown)
Full Contexts 
configure oam-pm streaming delay-template shutdown
Description 

This command administratively enables the template. Enabling the template allows those tests referencing that template to start collecting, computing and streaming. Disabling a template causes any test referencing the template to stop collecting, computing and streaming. The state of the delay-template has not impact on the transmission and reception of the test PDUs configured under the oam-pm>session context. It only affects the collection, computing and streaming of for those tests. Many objects must be shut down before they may be deleted.

The no form of this command administratively enables the entity.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>twamp-light>reflector shutdown)
[Tree] (config>service>vprn>twamp-light>reflector shutdown)
Full Contexts 
configure router twamp-light reflector shutdown
configure service vprn twamp-light reflector shutdown
Description 

This command disables or enables TWAMP Light functionality within the context where the configuration exists, either the base router instance or the service. Enabling the base router context enables the IES prefix list since the IES service uses the configuration under the base router instance.

The no form of this command allows the router instance or the service to accept TWAMP Light packets for processing.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>bfd>seamless-bfd>reflector shutdown)
Full Contexts 
configure bfd seamless-bfd reflector shutdown
Description 

This command specifies the administrative state of the seamless BFD reflector.

The no form of this command administratively enables the reflector. A discriminator must be configured before the no shutdown command is invoked.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>qos>hsmda-slope-policy>high-slope shutdown)
[Tree] (config>qos>hsmda-slope-policy>low-slope shutdown)
Full Contexts 
configure qos hsmda-slope-policy high-slope shutdown
configure qos hsmda-slope-policy low-slope shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

Services are created in the administratively down (shutdown) state. When a no shutdown command is entered, the service becomes administratively up, then tries to enter the operationally up state.

The no form of this command places the entity into an administratively enabled state.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>qos>slope-policy>exceed-slope shutdown)
[Tree] (config>qos>slope-policy>highplus-slope shutdown)
[Tree] (config>qos>slope-policy>high-slope shutdown)
[Tree] (config>qos>slope-policy>low-slope shutdown)
Full Contexts 
configure qos slope-policy exceed-slope shutdown
configure qos slope-policy high-slope shutdown
configure qos slope-policy highplus-slope shutdown
configure qos slope-policy low-slope shutdown
Description 

This command enables or disables the administrative status of the Random Early Detection slope.

By default, all slopes are shutdown and have to be explicitly enabled (no shutdown).

The no form of this command administratively enables the RED slope.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>cflowd shutdown)
[Tree] (config>cflowd>collector shutdown)
Full Contexts 
configure cflowd collector shutdown
configure cflowd shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

The no form of this command administratively enables an entity.

Unlike other commands and parameters where the default state is not indicated in the configuration file. The shutdown and no shutdown states are always indicated in system generated configuration files.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>filter>redirect-policy shutdown)
[Tree] (config>filter>redirect-policy>destination shutdown)
[Tree] (config>filter>log>summary shutdown)
Full Contexts 
configure filter log summary shutdown
configure filter redirect-policy destination shutdown
configure filter redirect-policy shutdown
Description 

Administratively enables/disabled (AdminUp/AdminDown) an entity. Downing an entity does not change, reset or remove any configuration settings or statistics. Many objects must be shutdown before they may be deleted.

The shutdown command administratively downs an entity. Administratively downing an entity changes the operational state of the entity to down.

Unlike other commands and parameters where the default state will not be indicated in the configuration file, shutdown and no shutdown are always indicated in system generated configuration files.

The no form of the command puts an entity into the administratively enabled state.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router shutdown)
[Tree] (config>router>if shutdown)
[Tree] (config>router>if>eth-cfm>mep shutdown)
[Tree] (config>router>mtrace2 shutdown)
[Tree] (config>router>origin-validation>rpki-session shutdown)
[Tree] (config>router>static-route-entry>black-hole shutdown)
[Tree] (config>router>static-route-entry>indirect shutdown)
[Tree] (config>router>static-route-entry>next-hop shutdown)
Full Contexts 
configure router interface eth-cfm mep shutdown
configure router interface shutdown
configure router mtrace2 shutdown
configure router origin-validation rpki-session shutdown
configure router shutdown
configure router static-route-entry black-hole shutdown
configure router static-route-entry indirect shutdown
configure router static-route-entry next-hop shutdown
Description 

The shutdown command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command.

The shutdown command administratively disables an entity. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system generated configuration files.

The no form of this command puts an entity into the administratively enabled state.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>if>ipv6>secure-nd shutdown)
Full Contexts 
configure router interface ipv6 secure-nd shutdown
Description 

This command enables or disables Secure Neighbor Discovery (SeND) on the interface.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>pcp-server>server shutdown)
Full Contexts 
configure router pcp-server server shutdown
Description 

This command administratively enables the PCP server.

The no form of this command administratively disables the PCP server.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>fad>flex-algo shutdown)
Full Contexts 
configure router flexible-algorithm-definitions flex-algo shutdown
Description 

This command administratively disables the entity.

The no form of this command administratively enables the entity.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>open-flow>of-switch shutdown)
Full Contexts 
configure open-flow of-switch shutdown
Description 

This command administratively enables or disables the OpenFlow switch instance. Disabling the switch purges all flowtable entries.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>if>vrrp shutdown)
[Tree] (config>router>if>ipv6>vrrp shutdown)
[Tree] (config>vrrp>policy shutdown)
Full Contexts 
configure router interface ipv6 vrrp shutdown
configure router interface vrrp shutdown
configure vrrp policy shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

The no form of this command administratively enables an entity.

Default 

no shutdown

Special Cases 
Non-Owner Virtual Router—
Non-owner virtual router instances can be administratively shutdown. This allows the termination of VRRP participation in the virtual router and stops all routing and other access capabilities with regards to the virtual router IP addresses. Shutting down the virtual router instance provides a mechanism to maintain the virtual routers without causing false backup/master state changes.

If the shutdown command is executed, no VRRP advertisement messages are generated and all received VRRP advertisement messages are silently discarded with no processing.

By default, virtual router instances are created in the no shutdown state.

Whenever the administrative state of a virtual router instance transitions, a log message is generated.

Whenever the operational state of a virtual router instance transitions, a log message is generated.

Owner Virtual Router—
An owner virtual router context does not have a shutdown command. To administratively disable an owner virtual router instance, use the shutdown command within the parent IP interface node which administratively downs the IP interface.

shutdown

Syntax 
[no] shutdown [active] [standby]
[no] shutdown [cflash-id]
Context 
[Tree] (file shutdown)
Full Contexts 
file shutdown
Description 

This command shuts down (unmounts) the specified CPM(s).

Use the no shutdown [active] [standby] command to enable one or both CPM.

Use the no shutdown [cflash-id] command to enable a compact flash (cf1:, cf2:, or cf3:) on the CPM/CCM. The no shutdown command can be issued for a specific slot when no compact flash is present. When a flash card is installed in the slot, the card will be activated upon detection.

In redundant systems, use the no shutdown command on cf3: on both SF/CPMs or CCMs in order to facilitate synchronization. See the config>redundancy synchronize command.

Note:

The shutdown command must be issued prior to removing a flash card. If no parameters are specified, then the drive referred to by the current working directory will be shut down.

LED Status Indicators

Table 142 lists the possible states for the compact flash and their LED status indicators.

Table 142:  LED Status Indicators 

State

Description

Operational

If a compact flash is present in a drive and operational (no shutdown), the respective LED is lit green. The LED flickers when the compact flash is accessed. Note: Do not remove the compact flash during a read/write operation.

Flash defective

If a compact flash is defective, the respective LED blinks amber to reflect the error condition and a trap is raised.

Flash drive shut down

When the compact flash drive is shut down and a compact flash present, the LED is lit amber. In this state, the compact flash can be ejected.

No compact flash present, drive shut down

If no compact flash is present and the drive is shut down the LED is unlit.

No compact flash present, drive enabled

If no compact flash is present and the drive is not shut down the LED is unlit.

Ejecting a compact flash

The compact flash drive should be shut down before ejecting a compact flash card. The LED should turn to solid (not blinking) amber. This is the only mode to safely remove the flash card. If a compact flash drive is not shut down before a compact flash is ejected, the LED blinks amber for approximately 5 seconds before shutting off.

The shutdown or no shutdown state is not saved in the configuration file. Following a reboot all compact flash drives are in their default state.

Default 

no shutdown

Parameters 
cflash-id—
Specifies the compact flash slot ID to be shut down or enabled. If cflash-id is specified, the drive is shut down or enabled. If no cflash-id is specified, the drive referred to by the current working directory is assumed. If a slot number is not specified, then the active CPM is assumed.
Values—
cf1:, cf1-A:, cf1-B:, cf2:, cf2-A:, cf2-B:, cf3:, cf3-A:, cf3-B:

 

Default—
the current compact flash device
active—
Specifies that all drives on the active CPM are shutdown or enabled.
standby—
Specifies that all drives on the standby CPM are shutdown or enabled.

When both active and standby keywords are specified, then all drives on both CPM are shutdown.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>satellite>eth-sat shutdown)
[Tree] (config>system>satellite>tdm-sat shutdown)
Full Contexts 
configure system satellite eth-sat shutdown
configure system satellite tdm-sat shutdown
Description 

This command disables the associated satellite.

If the associated satellite is active, the satellite will not be reset but all satellite client ports will be shut down.

If the satellite is not active but attempts to associate with the host, the satellite chassis will be brought up according to the satellite configuration but all client ports will be shut down.

The no form of this command removes the shutdown state and all client ports on active satellites will be brought back up.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>alarm-contact-input shutdown)
Full Contexts 
configure system alarm-contact-input shutdown
Description 

This command stops tracking the state changes associated with the alarm contact input. The system does not generate or clear the alarms for the alarm contact input, but if an alarm is generated, the system clears the alarm when the shutdown command is executed. The no form of the command starts tracking the state changes associated with the alarm contact input.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>ptp>peer shutdown)
Full Contexts 
configure system ptp peer shutdown
Description 

This command disables or enables a specific PTP peer. Shutting down a peer sends cancel unicast negotiation messages on any established unicast sessions. When shutdown, all received packets from the peer are ignored.

If the clock-type is ordinary slave or boundary, and PTP is no shutdown, the last enabled peer cannot be shutdown. This prevents the user from having PTP enabled without any peer configured and enabled.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>ptp>port shutdown)
Full Contexts 
configure system ptp port shutdown
Description 

This command disables or enables a specific PTP port. When shutdown, all PTP Ethernet messages are dropped on the IOM They will not be counted in the PTP message statistics. No PTP packets are transmitted by the node toward this port.

If the clock-type is ordinary slave or boundary, and PTP is no shutdown, the last enabled port or peer cannot be shutdown. This prevents the user from having PTP enabled without any means to synchronize the local clock to a parent clock.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>ptp>port shutdown)
Full Contexts 
configure system ptp port shutdown
Description 

This command disables or enables a specific PTP port. When shutdown, all PTP Ethernet messages are dropped on the IOM They will not be counted in the PTP message statistics. No PTP packets are transmitted by the node toward this port.

If the clock-type is ordinary slave or boundary, and PTP is no shutdown, the last enabled port or peer cannot be shutdown. This prevents the user from having PTP enabled without any means to synchronize the local clock to a parent clock.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>management-interface>remote-management shutdown)
[Tree] (config>system>management-interface>remote-management>manager shutdown)
Full Contexts 
configure system management-interface remote-management manager shutdown
configure system management-interface remote-management shutdown
Description 

This command enables and disables remote-management.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>alarms shutdown)
Full Contexts 
configure system alarms shutdown
Description 

This command enables or disables the Facility Alarm functionality. When enabled, the Facility Alarm sub-system tracks active and cleared facility alarms and controls the Alarm LEDs on the CPMs. When Facility Alarm functionality is enabled, the alarms are viewed using the show system alarms command(s).

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>log>log-id shutdown)
[Tree] (config>log>accounting-policy shutdown)
[Tree] (config>log>event-handling>handler shutdown)
[Tree] (config>log>event-handling>handler>entry shutdown)
[Tree] (config>log>event-trigger>event shutdown)
[Tree] (config>log>event-trigger>event>trigger-entry shutdown)
Full Contexts 
configure log accounting-policy shutdown
configure log event-handling handler entry shutdown
configure log event-handling handler shutdown
configure log event-trigger event shutdown
configure log event-trigger event trigger-entry shutdown
configure log log-id shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

The no form of this command administratively enables an entity.

Default 

no shutdown

Special Cases 
log-id—
When a log ID is shut down, no events are collected for the entity. This leads to the loss of event data.
accounting-policy—
When an accounting policy is shut down, no accounting data is written to the destination log ID. Counters in the billing data reflect totals, not increments, so when the policy is re-enabled (no shutdown) the counters include the data collected during the period the policy was shut down.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>management-interface>cli>md-cli>environment>progress-indicator shutdown)
Full Contexts 
configure system management-interface cli md-cli environment progress-indicator shutdown
Description 

This command controls whether the progress indicator is active during command execution.

The no form of this command reverts to the default value.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>netconf shutdown)
Full Contexts 
configure system netconf shutdown
Description 

This command disables the NETCONF server. The shutdown command is blocked if there are any active NETCONF sessions. Use the admin disconnect command to disconnect all NETCONF sessions before shutting down the NETCONF service.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>security>mgmt-access-filter>ip-filter shutdown)
[Tree] (config>system>security>mgmt-access-filter>ipv6-filter shutdown)
[Tree] (config>sys>sec>cpm>ip-filter shutdown)
[Tree] (config>system>security>keychain shutdown)
[Tree] (config>system>security>keychain>direction>bi>entry shutdown)
[Tree] (config>system>security>keychain>direction>uni>receive>entry shutdown)
[Tree] (config>system>security>keychain>direction>uni>send>entry shutdown)
[Tree] (config>system>security>dot1x shutdown)
[Tree] (config>system>security>dot1x>radius-plcy shutdown)
[Tree] (config>sys>sec>cpm>ipv6-filter shutdown)
[Tree] (config>sys>sec>cpm>mac-filter>entry shutdown)
Full Contexts 
configure system security cpm-filter ip-filter shutdown
configure system security cpm-filter ipv6-filter shutdown
config sys sec cpm mac-filter entry shutdown
configure system security dot1x radius-plcy shutdown
configure system security dot1x shutdown
configure system security keychain direction bi entry shutdown
configure system security keychain direction uni receive entry shutdown
configure system security keychain direction uni send entry shutdown
configure system security keychain shutdown
configure system security management-access-filter ip-filter shutdown
configure system security management-access-filter ipv6-filter shutdown
Description 

This command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many entities must be explicitly enabled using the no shutdown command. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

The no form of this command puts an entity into the administratively enabled state.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>security>pki>ca-profile shutdown)
Full Contexts 
configure system security pki ca-profile shutdown
Description 

Use this command to enable or disable the ca-profile. The system verifies the configured cert-file and crl-file. If the verification fails, then the no shutdown command fails.

The ca-profile in a shutdown state cannot be used in certificate authentication.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>security>ssh>key-re-exchange>client shutdown)
[Tree] (config>system>security>ssh>key-re-exchange>server shutdown)
Full Contexts 
configure system security ssh key-re-exchange client shutdown
configure system security ssh key-re-exchange server shutdown
Description 

This command stops the key exchange. It sets the minutes and bytes to infinity so there will not be any key exchange during the PDU transmission.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>security>tacplus shutdown)
Full Contexts 
configure system security tacplus shutdown
Description 

This command administratively disables the TACACS+ protocol operation. Shutting down the protocol does not remove or change the configuration other than the administrative state.

The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

The no form of this command administratively enables the protocol which is the default state.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>security>ldap shutdown)
[Tree] (config>system>security>ldap>server shutdown)
Full Contexts 
configure system security ldap server shutdown
configure system security ldap shutdown
Description 

In the ldap context, this command enables or disabled LDAP protocol operations.

In the server context, this command enables or disables the LDAP server. To perform no shutdown, an LDAP server address is required. To change the address, the user first needs to shut down the server.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>grpc>gnmi shutdown)
Full Contexts 
configure system grpc gnmi shutdown
Description 

This command stops the gNMI service.

The no form of this command starts the gNMI service.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>grpc>rib-api shutdown)
Full Contexts 
configure system grpc rib-api shutdown
Description 

This command stops the RibApi gRPC service, deletes all programmed RIB entries (stale and non-stale), but does not close the TCP connections.

The no form of this command restarts the RibApi gRPC service.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>grpc shutdown)
Full Contexts 
configure system grpc shutdown
Description 

This command stops the gRPC server. This closes all of the associated TCP connections and immediately purges all RIB entries that were programmed using the RibApi Service.

The shutdown command is not blocked if there are active gRPC sessions. Shutting down gRPC will terminate all active gRPC sessions.

The no form of this command starts the gRPC server.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>grpc>tcp-keepalive shutdown)
Full Contexts 
configure system grpc tcp-keepalive shutdown
Description 

This command stops the TCP keepalives from being sent to all gRPC clients.

The no form of this command restarts the sending of TCP keepalives to all gRPC clients.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>snmp>streaming shutdown)
Full Contexts 
configure system snmp streaming shutdown
Description 

This command administratively disables proprietary SNMP request/response bundling and TCP-based transport mechanism for optimizing network management of the router nodes.

The no form of the command administratively re-enables SNMP request/response bundling and TCP-based transport mechanism.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>snmp shutdown)
Full Contexts 
configure system snmp shutdown
Description 

This command administratively disables SNMP agent operations. System management can then only be performed using the command line interface (CLI). Shutting down SNMP does not remove or change configuration parameters other than the administrative state. This command does not prevent the agent from sending SNMP notifications to any configured SNMP trap destinations. SNMP trap destinations are configured under the config>log>snmp-trap-group context.

This command is automatically invoked in the event of a reboot when the processing of the configuration file fails to complete or when an SNMP persistent index file fails while the bof persist on command is enabled.

The no form of the command administratively enables SNMP which is the default state.

Default 

no shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>security>tls>cert-profile shutdown)
Full Contexts 
configure system security tls cert-profile shutdown
Description 

This command disables the certificate profile. When the certificate profile is disabled, it will not be sent to the TLS server.

The no form of the command enables the certificate profile and allows it to be sent to the TLS server.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>system>security>tls>client-tls-profile shutdown)
[Tree] (config>system>security>tls>server-tls-profile shutdown)
Full Contexts 
configure system security tls client-tls-profile shutdown
configure system security tls server-tls-profile shutdown
Description 

This command administratively enables or disables the TLS profile. If the TLS profile is shut down, the TLS operational status will be down. Therefore, if the TLS profile is shut down, any application using TLS should not attempt to send any PDUs.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>bgp shutdown)
[Tree] (config>router>bgp>group shutdown)
[Tree] (config>router>bgp>group>neighbor shutdown)
[Tree] (config>router>bgp>monitor shutdown)
[Tree] (config>router>bgp>segment-routing shutdown)
[Tree] (config>bmp shutdown)
[Tree] (config>bmp>station shutdown)
[Tree] (config>bmp>station>connection>tcp-keepalive shutdown)
[Tree] (config>router>bgp>monitor shutdown)
[Tree] (config>router>bgp>group>monitor shutdown)
[Tree] (config>router>bgp>group>neighbor>monitor shutdown)
[Tree] (config>service>vprn>bgp>monitor shutdown)
[Tree] (config>service>vprn>bgp>group>monitor shutdown)
[Tree] (config>service>vprn>bgp>group>neighbor>monitor shutdown)
Full Contexts 
configure bmp shutdown
configure bmp station connection tcp-keepalive shutdown
configure bmp station shutdown
configure router bgp group monitor shutdown
configure router bgp group neighbor monitor shutdown
configure router bgp group neighbor shutdown
configure router bgp group shutdown
configure router bgp monitor shutdown
configure router bgp segment-routing shutdown
configure router bgp shutdown
configure service vprn bgp group monitor shutdown
configure service vprn bgp group neighbor monitor shutdown
configure service vprn bgp monitor shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

The no form of this command administratively enables an entity.

Unlike other commands and parameters where the default state is not indicated in the configuration file, the shutdown and no shutdown states are always indicated in system generated configuration files.

Default administrative states for services and service entities are described in Special Cases.

The no form of this command places an entity in an administratively enabled state.

Special Cases 
BGP Global—
The BGP protocol is created in the no shutdown state.
BGP Group—
BGP groups are created in the no shutdown state.
BGP Neighbor—
BGP neighbors/peers are created in the no shutdown state.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>isis shutdown)
[Tree] (config>router>isis>igp-shortcut shutdown)
[Tree] (config>router>isis>interface shutdown)
[Tree] (config>router>isis>if>level shutdown)
[Tree] (config>router>isis>level>bier shutdown)
[Tree] (config>router>isis>segment-routing shutdown)
[Tree] (config>router>isis>segm-rtng>mapping-server shutdown)
Full Contexts 
configure router isis interface level shutdown
configure router isis igp-shortcut shutdown
configure router isis interface shutdown
configure router isis level bier shutdown
configure router isis segment-routing mapping-server shutdown
configure router isis segment-routing shutdown
configure router isis shutdown
Description 

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

The no form of this command administratively enables an entity.

Default 

shutdown

Special Cases 
IS-IS IGP-Shortcut—
In the config>router>isis>igp-shortcut context, the command enables or disables IGP shortcuts in the IGP instance.
IS-IS Interface—
In the config>router>isis>interface context, the command disables the IS-IS interface. By default, the IS-IS interface is enabled, no shutdown.
IS-IS Interface and Level—
In the config>router>isis>interface ip-int-name>level context, the command disables the IS-IS interface for the level. By default, the IS-IS interface at the level is enabled, no shutdown.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>isis>flexible-algorithms shutdown)
Full Contexts 
configure router isis flexible-algorithms shutdown
Description 

This command enables IS-IS flexible algorithms. If it is enabled with the no shutdown command the router starts supporting the flexible algorithms IGP LSDB extensions. Flexible algorithm IGP LSDB extensions are by default not enabled.

The no form of this command enables the router to support flexible algorithms.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>ospf shutdown)
[Tree] (config>router>ospf shutdown)
[Tree] (config>router>ospf>area>bier shutdown)
[Tree] (config>router>ospf>area>virtual-link shutdown)
[Tree] (config>router>ospf>igp-shortcut shutdown)
[Tree] (config>router>ospf>segm-rtng shutdown)
[Tree] (config>router>ospf>segm-rtng>mapping-server shutdown)
[Tree] (config>router>ospf3 shutdown)
[Tree] (config>router>ospf3>area>interface shutdown)
[Tree] (config>router>ospf3>area>virtual-link shutdown)
Full Contexts 
configure router ospf area bier shutdown
configure router ospf area virtual-link shutdown
configure router ospf igp-shortcut shutdown
configure router ospf segment-routing mapping-server shutdown
configure router ospf segment-routing shutdown
configure router ospf shutdown
configure router ospf3 area interface shutdown
configure router ospf3 area virtual-link shutdown
configure router ospf3 shutdown
Description 

The shutdown command administratively disables the entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics. The operational state of the entity is disabled as well as the operational state of any entities contained within.

Many objects must be shut down before they may be deleted. Many entities must be explicitly enabled using the no shutdown command.

Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system generated configuration files.

The no form of this command puts an entity into the administratively enabled state.

Special Cases 
OSPF Interface—
When an IP interface is configured as an OSPF interface, OSPF on the interface is in the no shutdown state by default.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>rip shutdown)
[Tree] (config>router>rip>group shutdown)
[Tree] (config>router>rip>group>neighbor shutdown)
[Tree] (config>router>ripng shutdown)
[Tree] (config>router>ripng>group shutdown)
[Tree] (config>router>ripng>group>neighbor shutdown)
Full Contexts 
configure router rip group neighbor shutdown
configure router rip group shutdown
configure router rip shutdown
configure router ripng group neighbor shutdown
configure router ripng group shutdown
configure router ripng shutdown
Description 

This command administratively disables an entity. Downing an entity does not change, reset or remove any configuration settings or statistics. Many objects must be shutdown before they may be deleted.

The shutdown command administratively downs an entity. Administratively downing an entity changes the operational state of the entity to down and the operational state of any entities contained within the administratively down entity.

Unlike other commands and parameters where the default state will not be indicated in the configuration file, shutdown and no shutdown are always indicated in system generated configuration files.

The no form of the command puts an entity into the administratively enabled state.

Special Cases 
RIP Global—
In the config>router>rip context, the shutdown command administratively enables/disables the RIP protocol instance. If RIP is globally shutdown, then all RIP group and neighbor interfaces transition to the operationally down state. Routes learned from a neighbor that is shutdown are immediately removed from the RIP database and route table manager (RTM). A RIP protocol instance is administratively enabled by default.
RIP Group—
In the config>router>rip>group group-name context, the shutdown command administratively enables/disables the RIP group. If a RIP group is shutdown, all member neighbor interfaces transition to the operationally down state. Routes learned from a neighbor that is shutdown are immediately removed from the RIP database and route table manager (RTM). A RIP group is administratively enabled by default.
RIP Neighbor—
In the config>router>rip>group group-name>neighbor ip-int-name context, the shutdown command administratively enables/disables the RIP neighbor interface. If a RIP neighbor is shutdown, the neighbor interface transitions to the operationally down state. Routes learned from a neighbor that is shutdown are immediately removed from the RIP database and route table manager (RTM). A RIP neighbor interface is administratively enabled by default.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>segment-routing>maintenance-policy shutdown)
Full Contexts 
configure router segment-routing maintenance-policy shutdown
Description 

This command deactivates all segment routing policies and removes the associated entries from the forwarding plane of the router.

The no form of this command enables all segment routing policies so that they can be revalidated and reinstalled as necessary.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>segment-routing>sr-policies>egress-statistics shutdown)
[Tree] (config>router>segment-routing>sr-policies>ingress-statistics shutdown)
Full Contexts 
configure router segment-routing sr-policies egress-statistics shutdown
configure router segment-routing sr-policies ingress-statistics shutdown
Description 

This command administratively disables the collection of egress or ingress statistics for all segment routing policies.

The no form of this command administratively enables the collection of egress or ingress statistics for all segment routing policies.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>segment-routing>sr-policies shutdown)
Full Contexts 
configure router segment-routing sr-policies shutdown
Description 

This command deactivates all segment routing policies and removes the associated entries from the forwarding plane of the router.

It is necessary to execute this shutdown if you want to make a change to the reserved-label-block reference.

The no form of this command enables all segment routing policies so that they can be revalidated and reinstalled as necessary.

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>segment-routing>sr-policies>static-policy>segment-list shutdown)
Full Contexts 
configure router segment-routing sr-policies static-policy segment-list shutdown
Description 

This command deactivates a segment-list. If this is done on an active policy with more than one segment list, then traffic forwarded by the policy will be diverted to the remaining segment-lists.

The no form of this command enables the segment list so that it can be validated and installed as necessary.

Default 

shutdown

shutdown

Syntax 
[no] shutdown
Context 
[Tree] (config>router>segment-routing>sr-policies>static-policy shutdown)
Full Contexts 
configure router segment-routing sr-policies static-policy shutdown
Description 

This command deactivates the associated static policy and causes another policy for the same (color, endpoint) combination to be promoted as the active path, assuming there is another valid policy.

It is necessary to execute this shutdown if you want to make critical configuration changes to the static policy.

The no form of this command enables the static policy so that it can be validated and installed as necessary.

23.224. sid

sid

Syntax 
sid label value
Context 
[Tree] (config>router>ospf>segm-rtng>adjacency-set sid)
[Tree] (config>router>isis>segm-rtng>adjacency-set sid)
Full Contexts 
configure router isis segment-routing adjacency-set sid
configure router ospf segment-routing adjacency-set sid
Description 

This command allows a static SID value to be assigned to an adjacency set in IS-IS or OSPF segment routing.

The label option specifies the value is assigned to an MPLS label.

The no form of this command removes the adjacency SID.

Parameters 
label value—
Specifies the value of adjacency SID label.
Values—
18432 to 524287 | 1048575 (FP4 only)

 

23.225. sid-action

sid-action

Syntax 
sid-action action
no sid-action
Context 
[Tree] (config>router>p2mp-sr-tree>replication-segment sid-action)
Full Contexts 
configure router p2mp-sr-tree replication-segment sid-action
Description 

This command configures the SID action to take for the replication segment of the P2MP SR tree.

The no form of this command removes the SID action.

Default 

no sid-action

Parameters 
action—
Specifies the name of the SID action.
Values—
push — Specifies to push an outgoing SID list and forward on to the corresponding programmed outgoing interfaces.
pop — Specifies that on the leaf node the incoming SID is popped on the underlay packet forwarded to the host.
swap — Specifies, in case an incoming SID is configured, that the SID is swapped with an outgoing SID or SID list and forwarded to the corresponding OIF.

 

23.226. sid-allocation

sid-allocation

Syntax 
sid-allocation {sequential |random}
no sid-allocation
Context 
[Tree] (config>subscr-mgmt>ppp-policy sid-allocation)
Full Contexts 
configure subscriber-mgmt ppp-policy sid-allocation
Description 

This command configures the method for allocating the PPPoE session ID.

For both sequential and random options, the session ID range is 1 to 8191.

The no form of this command reverts to the default.

Default 

sid-allocation sequential

Parameters 
sequential
Specifies for PPPoE sessions with the same client MAC address and active on the same SAP, to allocate the session ID in sequential order starting with

ID = 1.

random
Specifies for PPPoE sessions with the same client MAC address and active on the same SAP, to allocate a unique session ID in random order.

23.227. sid-map

sid-map

Syntax 
sid-map node-sid {index value [range value]} prefix {{ip-address/mask} |{ip-address} {netmask}} [set-flags {s}] [level {1 |2 |1/2}] [clear-n-flag]
no sid-map node-sid index value
Context 
[Tree] (config>router>isis>segm-rtng>mapping-server sid-map)
Full Contexts 
configure router isis segment-routing mapping-server sid-map
Description 

This command configures the Segment Routing mapping server database in IS-IS.

The user enters the node SID index for one or a range of prefixes by specifying the first index value and optionally a range value can be entered. The default value for the range option is 1. Only the first prefix in a consecutive range of prefixes must be entered. The user can enter the first prefix with a mask lower than 32 and the SID or label binding TLV is advertised, but the routers will not resolve these prefix SIDs and will generate a trap.

By setting the S-flag, the user can indicate to the IS-IS routers in the rest of the network that the flooding scope of the SID or label binding TLV is the entire domain. In that case, a router receiving the TLV advertisement should leak it between ISIS levels. If leaked from level 2 to level 1, the D-flag must be set and once set the TLV cannot be leaked back into level 2. Otherwise, the S-flag is clear by default and the TLV must not be leaked by routers that receive the mapping server advertisement.

Note that the SROS does not leak this TLV between IS-IS instances and does not support the multi-topology SID/Label Binding TLV format.

In addition, the user can specify the mapping server own flooding scope for the generated SID or label binding TLV using the level option. This option allows the user to narrow the flooding scope configured under the router IS-IS level-capability for a one or more SID or label binding TLVs if required. The default flooding scope of the mapping server is Layer 1 or Layer 2, which can be narrowed by the value configured under the router IS-IS level-capability.

The A-flag and M-flag are not supported by the mapping server feature. The mapping client ignores the flags.

Each time a prefix or a range of prefixes is configured in the SR mapping database in any routing instance, the router issues for this prefix or range of prefixes, a prefix-SID sub-TLV within a ISIS SID or label binding TLV in that instance. The flooding scope of the TLV from the mapping server is determined as explained above. No further check of the reachability of that prefix in the mapping server route table is performed. Additionally, no check is performed if the SID index is a duplicate of an existing prefix in the local IGP instance database or if the SID index is out of range with the local SRGB.

The no form of this command deletes the range of node SIDs beginning with the specified index value.

Parameters 
index
Specifies the node SID index for the IS-IS prefix which will be advertised in a SID/Label Binding TLV.
Values—
0 to 4294967295

 

Default—
none
value
Specifies the node SID range for the IS-IS prefix which will be advertised in a SID/Label Binding TLV.
Values—
0 to 65535

 

Default—
none
ip-address/mask—
Specifies the IP address and mask.
Values—
ip-address: a.b.c.d. (host bits must be 0)
mask: 0 to 32

 

ip-address netmask—
Specifies the IP address netmask.
Values—
a.b.c.d. (network bits all 1 and host bits all 0)

 

set-flags—
Specifies the flooding scope of the SID/Label binding TLV.
Default—
S-flag clear
The TLV is not leaked by routers receiving the mapping server advertisement
level {1 |2| 1/2}—
Configures the mapping server own flooding scope for the generated SID/Label binding TLV.
Default—
1/2
clear-n-flag—
Specifies whether the node-sid flag (N-flag) should be cleared in a SID Label Binding TLV.

sid-map

Syntax 
sid-map node-sid index index-value [range range-value] prefix ip-address/mask [netmask]
sid-map node-sid index index-value [range range-value] prefix ip-address/mask [netmask] scope {area area-id |as}
no sid-map node-sid index index-value
Context 
[Tree] (config>router>ospf>segm-rtng>mapping-server sid-map)
Full Contexts 
configure router ospf segment-routing mapping-server sid-map
Description 

This command configures the Segment Routing mapping server database in OSPF.

The user enters the node SID index for one or a range of prefixes by specifying the first index value and optionally a range value. The default value for the range option is 1. Only the first prefix in a consecutive range of prefixes must be entered. If the user enters the first prefix with a mask lower than 32, the OSPF Extended Prefix Range TLV is advertised but a router which receives it will not resolve SID and instead originates a trap.

The user specifies the mapping server own flooding scope for the generated OSPF Extended Prefix Range TLV using the scope option. There is no default value. If the scope is a specific area, then the TLV is flooded only in that area.

An ABR that propagates an intra-area OSPF Extended Prefix Range TLV flooded by the mapping server in that area into other areas, sets the inter-area flag (IA-flag). The ABR also propagates the TLV if received with the inter-area flag set from other ABR nodes but only from the backbone to leaf areas and not vice-versa. However, if the exact same TLV is advertised as an intra-area TLV in a leaf area, the ABR will not flood the inter-area TLV into that leaf area.

Note:

SROS does not leak this TLV between OSPF instances.

Each time a prefix or a range of prefixes is configured in the SR mapping database in any routing instance, the router issues for this prefix, or range of prefixes, a prefix-SID sub-TLV within a OSPF Extended Prefix Range TLV in that instance. The flooding scope of the TLV from the mapping server is determined as previously explained. No further check of the reachability of that prefix in the mapping server route table is performed and no check if the SID index is duplicate with some existing prefix in the local IGP instance database or if the SID index is out of range with the local SRGB.

The no form of this command deletes the range of node SIDs beginning with the specified index value.

Default 

no prefix-sid-range

Parameters 
index index-value—
Specifies the index.
Values—
0 to 4294967295

 

range range-value—
Specifies the range.
Values—
1 to 65535

 

prefix ip-address/mask—
Specifies the IP address in dotted decimal notation.
Values—
ip-address/mask:
  1. ip-address a.b.c.d (host bits must be 0)
mask: 0 to 132

 

netmask—
Specifies the netmask.
Values—
netmask — a.b.c.d (network bits all 1 and host bits all 0)

 

area area-id —
Configures the mapping server own flooding scope for the generated OSPF Extended Prefix Range TLV.
Values—
ip-address | 0 to 4294967295

 

23.228. sid-protection

sid-protection

Syntax 
[no] sid-protection
Context 
[Tree] (config>router>isis>interface sid-protection)
Full Contexts 
configure router isis interface sid-protection
Description 

This command enables or disables adjacency SID protection by LFA and remote LFA.

While LFA and remote LFA Fast-Reroute (FRR) protection is enabled for all node SIDs and local adjacency SIDs when the user enables the loopfree-alternates option in IS-IS or OSPF at the LER and LSR, there are applications where the user wants traffic to never divert from the strict hop computed by CSPF for a SR-TE LSP. In that case, the user can disable protection for all adjacency SIDs formed over a given network IP interface using this command.

The protection state of an adjacency SID is advertised in the B-FLAG of the IS-IS or OSPF Adjacency SID sub-TLV.

Default 

sid-protection

sid-protection

Syntax 
[no] sid-protection
Context 
[Tree] (config>router>ospf>area>interface sid-protection)
Full Contexts 
configure router ospf area interface sid-protection
Description 

This command enables or disables adjacency SID protection by LFA and remote LFA.

LFA and remote LFA Fast-Reroute (FRR) protection is enabled for all node SIDs and local adjacency SIDs when the user enables the loopfree-alternate option in IS-IS or OSPF at the LER and LSR. However, may be applications where the user never wants traffic to divert from the strict hop computed by CSPF for an SR-TE LSP. In this case, the user can disable protection for all adjacency SIDs formed over a particular network IP interface using this command.

The protection state of an adjacency SID is advertised in the B-FLAG of the IS-IS or OSPF Adjacency SID sub-TLV.

Default 

sid-protection

23.229. signal-label

signal-label

Syntax 
signal-label value
no signal-label
Context 
[Tree] (config>port>sonet-sdh>path signal-label)
Full Contexts 
configure port sonet-sdh path signal-label
Description 

This command sets the C2 byte value. The purpose of this byte is to communicate the payload type being encapsulated by SONET framing.

This command is supported on TDM satellite.

Default 

signal-label 0xcf

Parameters 
value—
Specifies the C2 byte value, expressed as a decimal integer or a value in hex format.
Values—
1 to 254 or 0x01 to 0xfe

 

23.230. signal-mode

signal-mode

Syntax 
signal-mode {cas}
no signal-mode
Context 
[Tree] (config>port>tdm>ds1 signal-mode)
[Tree] (config>port>tdm>e1 signal-mode)
Full Contexts 
configure port tdm ds1 signal-mode
configure port tdm e1 signal-mode
Description 

This command activates the signal mode on the channel. When enabled, it uses routing information to direct the payload of voice or data to its destination.

The no form of this command reverts to the default value.

Default 

no signal-mode

Parameters 
cas—
Specifies channel associated signaling.

23.231. signaled-vc-type-override

signaled-vc-type-override

Syntax 
signaled-vc-type-override atm-vcc
no signaled-vc-type-override
Context 
[Tree] (config>service>apipe signaled-vc-type-override)
Full Contexts 
configure service apipe signaled-vc-type-override
Description 

This command overrides the pseudowire type signaled to type 0x0009 N:1 VCC cell within an Apipe VLL service of vc-type atm-cell. Normally, this service vc-type signals a pseudowire of type 0x0003 ATM Transparent Cell.

This command is not allowed in an Apipe VLL of vc-type value atm-cell if a configured ATM SAP is not using a connection profile. Conversely, if the signaling override command is enabled, only an ATM SAP with a connection profile assigned will be allowed.

The override command is not allowed on Apipe VLL service of vc-type value other than atm-cell. It is also not allowed on a VLL service with the vc-switching option enabled since signaling of the PW FEC in a Multi-Segment PW (MS-PW) is controlled by the T-PE nodes. Therefore, for this feature to be used on a MS-PW, it is required to configure an Apipe service of vc-type atm-cell at the T-PE nodes with the signaled-vc-type-override enabled, and to configure a Apipe VLL service of vc-type atm-vcc at the S-PE node with the vc-switching option enabled.

The no form of this command returns the Apipe VLL service to signal its default pseudowire type.

Parameters 
atm-vcc—
Specifies the pseudowire type to be signaled in the pseudowire establishment.

23.232. signaling

signaling

Syntax 
signaling signaling
Context 
[Tree] (config>service>epipe>spoke-sdp-fec signaling)
Full Contexts 
configure service epipe spoke-sdp-fec signaling
Description 

This command enables a user to configure this router as the active or passive T-PE for signaling this MS-PW, or to automatically select whether this T-PE is active or passive based on the prefix. In an active role, this endpoint initiates MS-PW signaling without waiting for a T-LDP label mapping message to arrive from the far end T-PE. In a passive role, it will wait for the initial label mapping message from the far end before sending a label mapping for this end of the PW. In auto mode, if the SAII has the greater prefix value, then the router will initiate MS-PW signaling without waiting for a label mapping message from the far end. However, if the TAII has the greater value prefix, then the router will assume that the far end T-PE will initiate MS-PW signaling and will wait for that label mapping message before responding with a T-LDP label mapping message for the MS-PW in the reverse direction.

The no form of this command means that the router T-PE automatically selects the which router will initiate MS-PW signaling based on the prefix values configured in the SAII and TAII of the spoke SDP, as previously described.

Default 

signaling auto

Parameters 
signaling —
Configures this router as the active T-PE for signaling this MS-PW.
Values—
auto, master

 

signaling

Syntax 
signaling {off |tldp |bgp}
Context 
[Tree] (config>service>sdp signaling)
Full Contexts 
configure service sdp signaling
Description 

This command specifies the signaling protocol used to obtain the ingress and egress pseudowire labels in frames transmitted and received on the SDP. When signaling is off then labels are manually configured when the SDP is bound to a service. The signaling value can only be changed while the administrative status of the SDP is down. Additionally, the signaling can only be changed on an SDP if that SDP is not in use by BGP-AD or BGP-VPLS. BGP signaling can only be enabled if that SDP does not already have pseudowires signaled over it.

The no form of this command is not applicable. To modify the signaling configuration, the SDP must be administratively shut down and then the signaling parameter can be modified and re-enabled.

Default 

signaling tldp

Parameters 
off—
Ingress and egress signal auto-labeling is not enabled. If this parameter is selected, then each service using the specified SDP must manually configure VPN labels. This configuration is independent of the SDP’s transport type, GRE, MPLS (RSVP or LDP).
tldp —
Ingress and egress pseudowire signaling using T-LDP is enabled. Default value used when BGP AD automatically instantiates the SDP.
bgp—
Ingress and egress pseudowire signaling using BGP is enabled. Default value used when BGP VPLS automatically instantiates the SDP.

23.233. significant-change

significant-change

Syntax 
significant-change delta
no significant-change
Context 
[Tree] (config>subscr-mgmt>acct-plcy>cr significant-change)
Full Contexts 
configure subscriber-mgmt radius-accounting-policy custom-record significant-change
Description 

This command configures the significant change required to generate the record.

Parameters 
delta—
Specifies the delta change (significant change) that is required for the custom record to be generated.
Values—
0 to 4294967295

 

significant-change

Syntax 
significant-change delta
no significant-change
Context 
[Tree] (config>app-assure>rad-acct-plcy significant-change)
Full Contexts 
configure application-assurance radius-accounting-policy significant-change
Description 

This command configures the significant change required to generate the record.

The no form of this command reverts to the default.

Default 

no significant-change

Parameters 
delta—
Specifies the delta change (significant change) that is required for the charging-group counts to be included in the RADIUS Accounting VSAs.
Values—
0 to 4294967295

 

significant-change

Syntax 
significant-change delta
no significant-change
Context 
[Tree] (config>log>acct-policy>cr significant-change)
Full Contexts 
configure log accounting-policy custom-record significant-change
Description 

This command configures the significant change required to generate the record. The custom record is only generated when the change in the reference counters equals or exceeds the configured (non-zero) significant change value. Only the reference counters for which there are corresponding counters configured under the related queues and policers are used for the significant change comparison. For reference queues and policers, the change applies to the sum of all configured reference queue and policer counters. When no reference counters are configured or significant-change is zero, the significant change reporting is not active.

Default 

significant-change 0

Parameters 
delta—
Specifies the delta change (significant change) that is required for the custom record to be written to the XML file.
Values—
0 to 4294967295 (For custom-record-aa-sub only values 0 or 1 are supported.)

 

23.234. single-fiber

single-fiber

Syntax 
[no] single-fiber
Context 
[Tree] (config>port>ethernet single-fiber)
[Tree] (config>port>sonet-sdh single-fiber)
Full Contexts 
configure port ethernet single-fiber
configure port sonet-sdh single-fiber
Description 

This command enables packet gathering and redirection of IP packets from a single fiber (RX) port of the Ethernet or SONET/SDH interface and redistributes packets to other interfaces through either static routes or policy-based forwarding.

This parameter can be applied in conjunction with the strip-label command. If they are applied together, the port must have the single-fiber option configured before it can be associated with an interface that is configured with the strip-label option.

Once a port is configured with single-fiber, traffic will no longer be transmitted out of that port. This command can be used in conjunction with strip-label.

Default 

no single-fiber

23.235. single-mac

single-mac

Syntax 
[no] single-mac
Context 
[Tree] (config>service>ies>sub-if>grp-if>sap>static-host-mgmt>mac-learning-options single-mac)
[Tree] (config>service>vprn>sub-if>grp-if>sap>static-host-mgmt>mac-learning-options single-mac)
Full Contexts 
configure service ies subscriber-interface group-interface sap static-host-mgmt mac-learning-options single-mac
configure service vprn subscriber-interface group-interface sap static-host-mgmt mac-learning-options single-mac
Description 

This command controls how the SAP learns the IPv6 static host MAC address. Enabling this command indicates that this particular SAP only has one subscriber and only has one MAC address for all hosts. With this parameter enabled, the subscriber’s NS and RS source MAC address is used to automatically populate the subscriber MAC address. To allow this auto-populate behavior, the subscriber’s NS and RS source IP must be of type link local address.

23.236. single-sfm-overload

single-sfm-overload

Syntax 
single-sfm-overload [holdoff-time holdoff-time]
no single-sfm-overload
Context 
[Tree] (config>service>vprn single-sfm-overload)
Full Contexts 
configure service vprn single-sfm-overload
Description 

This command configures OSPF, OSPFv3 and IS-IS to set overload when the router has fewer than the full set of SFMs functioning, which reduces forwarding capacity. Setting overload enables a router to still participate in exchanging routing information, but routes all traffic away from it.

The conditions to set overload are as follows:

  1. 7950 XRS-20, 7750 SR-12/SR-7, and 7450 ESS-12/ESS-7 platforms: if an SF/CPMs fails, the protocol will set the overload
  2. 7950-40 XRS and 7750 SR-12e platforms: if two SFMs fail (a connected pair on the XRS-40) the protocol will set the overload

The no form of this command configures the router to not set overload if an SFM fails.

Default 

no single-sfm-overload

Parameters 
holdoff-time —
Specifies the delay between detecting SFM failures and setting overload.
Values—
1 to 600 seconds

 

Default—
0 seconds

single-sfm-overload

Syntax 
single-sfm-overload [holdoff-time holdoff-time]
no single-sfm-overload
Context 
[Tree] (config>router single-sfm-overload)
Full Contexts 
configure router single-sfm-overload
Description 

This command configures OSPF, OSPFv3 and IS-IS to set overload when the router has fewer than the full set of SFMs functioning, which reduces forwarding capacity. Setting overload enables a router to still participate in exchanging routing information, but routes all traffic away from it.

The conditions to set overload are as follows:

  1. 7750 SR-12/SR-7 and 7450 ESS-12/ESS-7 platforms: protocol sets overload if one of the SF/CPMs fails
  2. 7750 SR-12e and 7950 XRS platforms: protocol sets overload if two SFMs fail (two SFMs belonging to different SFM pairs on the XRS-40)

The no form of this command configures the router to not set overload if an SFM fails.

Default 

no single-sfm-overload

Parameters 
holdoff-time —
Specifies the delay between detecting SFM failures and setting overload.
Values—
1 to 600 seconds

 

Default—
0 seconds

23.237. single-sub-parameters

single-sub-parameters

Syntax 
single-sub-parameters
Context 
[Tree] (config>subscr-mgmt>msap-policy>sub-sla-mgmt single-sub-parameters)
Full Contexts 
configure subscriber-mgmt msap-policy sub-sla-mgmt single-sub-parameters
Description 

This command enables the context to configure single subscriber MSAP parameters.

single-sub-parameters

Syntax 
single-sub-parameters
Context 
[Tree] (config>service>ies>if>sap>sub-sla-mgmt single-sub-parameters)
[Tree] (config>service>ies>sub-if>grp-if>sap>sub-sla-mgmt single-sub-parameters)
[Tree] (config>service>vpls>sap>sub-sla-mgmt single-sub-parameters)
[Tree] (config>service>vprn>sub-if>grp-if>sap>sub-sla-mgmt single-sub-parameters)
Full Contexts 
configure service ies interface sap sub-sla-mgmt single-sub-parameters
configure service ies subscriber-interface group-interface sap sub-sla-mgmt single-sub-parameters
configure service vpls sap sub-sla-mgmt single-sub-parameters
configure service vprn subscriber-interface group-interface sap sub-sla-mgmt single-sub-parameters
Description 

This command enables the context to configure single subscriber SAP parameters.

23.238. sip

sip

Syntax 
[no] sip
Context 
[Tree] (config>service>nat>nat-policy>alg sip)
[Tree] (config>service>nat>firewall-policy>alg sip)
[Tree] (config>service>nat>up-nat-policy>alg sip)
Full Contexts 
configure service nat firewall-policy alg sip
configure service nat nat-policy alg sip
configure service nat up-nat-policy alg sip
Description 

This command enables SIP ALG.

The no form of the command disables SIP ALG.

Default 

no sip

sip

Syntax 
sip [hrs hours] [min minutes] [sec seconds]
no sip
Context 
[Tree] (config>service>nat>nat-policy>timeouts sip)
[Tree] (config>service>nat>firewall-policy>timeouts sip)
[Tree] (config>service>nat>up-nat-policy>timeouts sip)
Full Contexts 
configure service nat firewall-policy timeouts sip
configure service nat nat-policy timeouts sip
configure service nat up-nat-policy timeouts sip
Description 

This command configures the SIP inactive media timeout.

Default 

sip min 2

Parameters 
hours
Specifies the SIP inactive media timeout, in hours.
Values—
1 to 2

 

minutes
Specifies the SIP inactive media timeout, in minutes.
Values—
1 to 59

 

seconds
Specifies the SIP inactive media timeout, in seconds.
Values—
1 to 59

 

23.239. site

site

Syntax 
site name [create]
no site name
Context 
[Tree] (config>service>vpls site)
Full Contexts 
configure service vpls site
Description 

This command configures a VPLS site.

The no form of this command removes the name from the configuration.

Parameters 
name—
Specifies a site name up to 32 characters in length.
create—
This keyword is mandatory while creating a VPLS site.

site

Syntax 
site name [create]
no site name
Context 
[Tree] (config>service>epipe site)
Full Contexts 
configure service epipe site
Description 

This command configures a Epipe site.

The no form of this command removes the name from the configuration.

Parameters 
name —
Specifies a site name up to 32 characters in length.
create —
This keyword is mandatory while creating a Epipe service.

23.240. site-activation-timer

site-activation-timer

Syntax 
site-activation-timer seconds
no site-activation-timer
Context 
[Tree] (config>redundancy>bgp-mh site-activation-timer)
Full Contexts 
configure redundancy bgp-mh site-activation-timer
Description 

This command defines the amount of time the service manager will keep the local sites in standby status, waiting for BGP updates from remote PEs before running the DF election algorithm to decide whether the site should be unblocked. The timer is started when one of the following event occurs only if the site is operationally up:

  1. Manual site activation using “no shutdown” at site-id level or at member object(s) level (for example, SAP(s) or PW(s)
  2. Site activation after a failure

The no form of this command sets the value to 2.

Default 

no site-activation-timer

Parameters 
seconds—
Specifies the timer, in seconds.
Values—
1 to 100

 

site-activation-timer

Syntax 
site-activation-timer seconds
no site-activation-timer
Context 
[Tree] (config>service>vpls>site site-activation-timer)
Full Contexts 
configure service vpls site site-activation-timer
Description 

This command configures the time-period the system keeps the local sites in standby status, waiting for BGP updates from remote PEs before running the DF (designated-forwarder) election algorithm to decide whether the site should be unblocked. This timer if terminated if an update is received for which the remote PE has transitioned from DF to non-DF.

The no form of this command removes the value from the configuration.

Default 

site-activation-timer 2

Parameters 
seconds—
Specifies the site activation timer in seconds.
Values—
0 to 100

 

site-activation-timer

Syntax 
site-activation-timer seconds
no site-activation-timer
Context 
[Tree] (config>service>epipe>site site-activation-timer)
Full Contexts 
configure service epipe site site-activation-timer
Description 

This command configures the time-period the system keeps the local sites in standby status, waiting for BGP updates from remote PEs before running the DF (designated-forwarder) election algorithm to decide whether the site should be unblocked. This timer is terminated if an update is received for which the remote PE has transitioned from DF to non-DF.

The no form of this command removes the value from the configuration.

Default 

site-activation-timer 2

Parameters 
seconds —
Specifies the site activation timer in seconds.
Values—
0 to 100

 

site-activation-timer

Syntax 
site-activation-timer seconds
no site-activation-timer
Context 
[Tree] (config>redundancy>bgp-multi-homing site-activation-timer)
Full Contexts 
configure redundancy bgp-multi-homing site-activation-timer
Description 

This command defines the amount of time the service manager will keep the local sites in standby status, waiting for BGP updates from remote PEs before running the DF election algorithm to decide whether the site should be unblocked. The timer is started when one of the following events occurs if the site is operationally up:

  1. Manual site activation using the no shutdown command at site-id level or at member object(s) level (SAP(s) or PW(s))
  2. Site activation after a failure
Default 

no site-activation-timer

Parameters 
seconds—
Specifies the standby status in seconds.
Values—
0 to 100

 

Default—
2

23.241. site-id

site-id

Syntax 
site-id value
no site-id
Context 
[Tree] (config>service>vpls>site site-id)
Full Contexts 
configure service vpls site site-id
Description 

This command configures the identifier for the site in this service.

Parameters 
value—
Specifies the site identifier.
Values—
1 to 65535

 

site-id

Syntax 
site-id value
no site-id
Context 
[Tree] (config>service>epipe>site site-id)
Full Contexts 
configure service epipe site site-id
Description 

This command configures the identifier for the site in this service. It must match between services but it is local to the service.

Parameters 
value —
Specifies the site identifier.
Values—
1 to 65535

 

23.242. site-min-down-timer

site-min-down-timer

Syntax 
site-min-down-timer seconds
no site-min-down-timer
Context 
[Tree] (config>redundancy>bgp-multi-homing site-min-down-timer)
Full Contexts 
configure redundancy bgp-multi-homing site-min-down-timer
Description 

This command configures the BGP multi-homing site minimum down time. When set to a non-zero value, if the site goes operationally down it will remain operationally down for at least the length of time configured for the site-min-down-timer, regardless of whether other state changes would have caused it to go operationally up. This timer is restarted every time that the site transitions from up to down.

The above operation is optimized in the following circumstances:

  1. If the site goes down on the designated forwarder but there are no BGP multi-homing peers with the same site in an UP state, then the site-min-down-timer is not started and is not used.
  2. If the site goes down on the designated forwarder but there are no active BGP multi-homing peers, then the site-min-down-timer is not started and is not used.
  3. If the site-min-down-timer is active and a BGP multi-homing update is received from the designated forwarder indicating its site has gone down, the site-min-down-timer is immediately terminated and this PE becomes the designated forwarder if the BGP multi-homing algorithm determines it should be the designated forwarder.

The no form of this command removes the value from the configuration.

Default 

no site-min-down-timer

Parameters 
seconds —
Specifies the time, in seconds, that a BGP multi-homing site remains operationally down after a transition from up to down.
Values—
1 to 100

 

site-min-down-timer

Syntax 
site-min-down-timer min-down-time
no site-min-down-timer
Context 
[Tree] (config>service>vpls>site site-min-down-timer)
Full Contexts 
configure service vpls site site-min-down-timer
Description 

This command configures the BGP multi-homing site minimum down time. When set to a non-zero value, if the site goes operationally down it will remain operationally down for at least the length of time configured for the site-min-down-timer, regardless of whether other state changes would have caused it to go operationally up. This timer is restarted every time that the site transitions from up to down. Setting this parameter to zero allows the minimum down timer to be disabled for this service.

The above operation is optimized in the following circumstances:

  1. If the site goes down on the designated forwarder but there are no BGP multi-homing peers with the same site in an operationally up state, then the site-min-down-timer is not started and is not used.
  2. If the site goes down on the designated forwarder but there are no active BGP multi-homing peers, then the site-min-down-timer is not started and is not used.
  3. If the site-min-down-timer is active and a BGP multi-homing update is received from the designated forwarder indicating its site has gone down, the site-min-down-timer is immediately terminated and this PE becomes the designated forwarder if the BGP multi-homing algorithm determines it should be the designated forwarder.

The no form of this command reverts to the default value.

Default 

Taken from the value of site-min-down-timer configured for Multi-Chassis BGP multi-homing under the config>redundancy>bgp-multi-homing context.

Parameters 
min-down-time—
Specifies the time, in seconds, that a BGP multi-homing site remains operationally down after a transition from up to down.
Values—
0 to 100 seconds

 

site-min-down-timer

Syntax 
site-min-down-timer seconds
no site-min-down-timer
Context 
[Tree] (config>service>vpls>site site-min-down-timer)
Full Contexts 
configure service vpls site site-min-down-timer
Description 

This command configures the BGP multi-homing site minimum down time. When set to a non-zero value, if the site goes operationally down it will remain operationally down for at least the length of time configured for the site-min-down-timer, regardless of whether other state changes would have caused it to go operationally up. This timer is restarted every time that the site transitions from up to down. Setting this parameter to zero allows the minimum down timer to be disabled for this service.

The above operation is optimized in the following circumstances:

  1. If the site goes down on the designated forwarder but there are no BGP multi-homing peers with the same site in an UP state, then the site-min-down-timer is not started and is not used.
  2. If the site goes down on the designated forwarder but there are no active BGP multi-homing peers, then the site-min-down-timer is not started and is not used.
  3. If the site-min-down-timer is active and a BGP multi-homing update is received from the designated forwarder indicating its site has gone down, the site-min-down-timer is immediately terminated and this PE becomes the designated forwarder if the BGP multi-homing algorithm determines it should be the designated forwarder.

The no form of this command reverts to the default value.

Default 

Taken from the value of site-min-down-timer configured for Multi-Chassis BGP multi-homing under the config>redundancy>bgp-multi-homing context.

Parameters 
seconds—
Specifies the time, in seconds, that a BGP multi-homing site remains operationally down after a transition from up to down
Values—
0 to 100 seconds

 

site-min-down-timer

Syntax 
site-min-down-timer min-down-time
no site-min-down-timer
Context 
[Tree] (config>service>epipe>site site-min-down-timer)
Full Contexts 
configure service epipe site site-min-down-timer
Description 

This command configures the BGP multi-homing site minimum down time. When set to a non-zero value, if the site goes operationally down it will remain operationally down for at least the length of time configured for the site-min-down-timer, regardless of whether other state changes would have caused it to go operationally up. This timer is restarted every time that the site transitions from up to down. Setting this parameter to zero allows the minimum down timer to be disabled for this service.

The preceding operation is optimized in the following circumstances:

  1. If the site goes down on the designated forwarder but there are no BGP multi-homing peers with the same site in an operationally up state, then the site-min-down-timer is not started and is not used.
  2. If the site goes down on the designated forwarder but there are no active BGP multi-homing peers, then the site-min-down-timer is not started and is not used.
  3. If the site-min-down-timer is active and a BGP multi-homing update is received from the designated forwarder indicating its site has gone down, the site-min-down-timer is immediately terminated and this PE becomes the designated forwarder if the BGP multi-homing algorithm determines it should be the designated forwarder.

The no form of this command reverts to default value.

Default 

Taken from the value of site-min-down-timer configured for Multi-Chassis BGP multi-homing under the config>redundancy>bgp-multi-homing context.

Parameters 
min-down-time —
Specifies the time, in seconds, that a BGP multi-homing site remains operationally down after a transition from up to down.
Values—
0 to 100

 

23.243. site-preference

site-preference

Syntax 
site-preference preference-value
no site-preference
Context 
[Tree] (config>service>epipe>site site-preference)
Full Contexts 
configure service epipe site site-preference
Description 

This command defines the value to advertise in the VPLS preference field of the BGP VPWS and BGP Multi-homing NLRI extended community. This value can be changed without having to shutdown the site itself. The site-preference is only applicable to VPWS services.

When not configured, the default is zero, indicating that the VPLS preference is not in use.

Default 

no site-preference, value=0

Parameters 
preference-value—
Specifies the preference value to advertise in the NLRI L2 extended community for this site.
Values—
1 to 65535

 

primary—
Sets the site-preference to 65535.
backup—
Sets the site-preference to 1.

23.244. size

size

Syntax 
size cache-size
Context 
[Tree] (config>app-assure>group>dns-ip-cache>ip-cache size)
Full Contexts 
configure application-assurance group dns-ip-cache ip-cache size
Description 

This command configures the maximum number of entries in the cache.

Default 

size 10

Parameters 
cache-size—
Specifies the maximum number of IP addresses that can be stored in the cache.
Values—
10 to 32000

 

Default—
10

size

Syntax 
size url-list-size
Context 
[Tree] (config>app-assure>group>url-list size)
Full Contexts 
configure application-assurance group url-list size
Description 

This command specifies the size of the URL list that can be filtered. The size can be set to either standard or extended. Configuring the specified url-list as extended provides support for filtering on a larger number of URLs.

Default 

size standard

Parameters 
url-list-size
Specifies the size of the AA url-list for URL filtering.
Values—
standard, extended

 

size

Syntax 
size octets
no size
Context 
[Tree] (config>saa>test>type-multi-line>lsp-ping>sr-policy size)
[Tree] (config>saa>test>type-multi-line>lsp-trace>sr-policy size)
Full Contexts 
configure saa test type-multi-line lsp-ping sr-policy size
configure saa test type-multi-line lsp-trace sr-policy size
Description 

This command configures the MPLS echo request packet size.

The no form of this command reverts to the default value.

Default 

size 1

Parameters 
octets—
Specifies the size in octets. The request payload is padded with zeros to the specified size.
Values—
1 to 9786

 

Default—
1

size

Syntax 
size octets
no size
Context 
[Tree] (config>test-oam>icmp>ping-template size)
Full Contexts 
configure test-oam icmp ping-template size
Description 

This command configures the size of the Data field (in other words, padding) of the outgoing ICMP echo packet. Minimum packet sizes should be used to test connectivity. Larger packet size should only be used if there is a requirement to spot-check large packet size issues on a very limited number of tests and should not be used for normal connectivity testing. Packet sizes should never be configured to require fragmentation anywhere along the path. Exceeding these recommendations will negatively affect the scale and performance of icmp ping check testing.

The no form of this command reverts to the default value.

Default 

size 56

Parameters 
octets—
Specifies the size of the ICMP echo ping padding field, in octets.
Values—
12 to 9786

 

23.245. size-limit

size-limit

Syntax 
size-limit limit-value
no size-limit
Context 
[Tree] (config>call-trace>location size-limit)
Full Contexts 
configure call-trace location size-limit
Description 

This command limits the total size of call-trace files on the specified compact flash card.

The no form of this command removes the size restriction.

Default 

size-limit 1000

Parameters 
limit-value—
Specifies the total size of call-trace files on the specified compact flash card, in Mbytes.
Values—
1 to 65536

 

size-limit

Syntax 
size-limit limit-value
Context 
[Tree] (config>call-trace>trace-profile size-limit)
Full Contexts 
configure call-trace trace-profile size-limit
Description 

This command specifies a maximum of how big a trace may grow before it is stopped.

Default 

size-limit 10

Parameters 
limit-value—
Specifies the maximum data volume generated by a single call trace job to the output in megabytes. After reaching the limit the call trace job for a given host is automatically terminated.
Values—
1 to 1000

 

23.246. skip-gtp-ipv4-alloc

skip-gtp-ipv4-alloc

Syntax 
[no] skip-gtp-ipv4-alloc
Context 
[Tree] (config>subscr-mgmt>gtp>apn-policy>apn skip-gtp-ipv4-alloc)
Full Contexts 
configure subscriber-mgmt gtp apn-policy apn skip-gtp-ipv4-alloc
Description 

This command enables the ability to skip IPv4 address assignment using a GTP session setup response when PCO "allocation via NAS" is not present in a GTP session creation request. Without this configuration, IPv4 address allocation is done using GTP session setup response, even in absence of the PCO "allocation via NAS" in a GTP session setup request.

The no form of this command reverts to IPv4 address allocation using GTP.

23.247. skip-ttl-decrement

skip-ttl-decrement

Syntax 
[no] skip-ttl-decrement
Context 
[Tree] (config>filter>gre-tun-tmp>ipv4 skip-ttl-decrement)
Full Contexts 
configure filter gre-tunnel-template ipv4 skip-ttl-decrement
Description 

This command enables an option to not decrement the TTL of the IP packet matching the IPv4/IPv6 filter, when it is encapsulated into the GRE tunnel header.

The no form of this command disables this option (default). This results in the matching of IP packet’s TTL field to be decremented before it is encapsulated in the GRE tunnel header.

23.248. sla-profile

sla-profile

Syntax 
[no] sla-profile
Context 
[Tree] (config>subscr-mgmt>acct-plcy>include-radius-attribute sla-profile)
Full Contexts 
configure subscriber-mgmt radius-accounting-policy include-radius-attribute sla-profile
Description 

This command specifies that SLA profile attributes should be included into RADIUS accounting messages.

The no form of this command reverts to the default.

sla-profile

Syntax 
sla-profile sla-profile-name
no sla-profile
Context 
[Tree] (config>service>ies>if>sap>static-host sla-profile)
[Tree] (config>service>vpls>sap>static-host sla-profile)
[Tree] (config>service>ies>sub-if>grp-if>sap>static-host sla-profile)
[Tree] (config>service>vprn>if>sap>static-host sla-profile)
[Tree] (config>service>vprn>sub-if>grp-if>sap>static-host sla-profile)
Full Contexts 
configure service ies interface sap static-host sla-profile
configure service ies subscriber-interface group-interface sap static-host sla-profile
configure service vpls sap static-host sla-profile
configure service vprn interface sap static-host sla-profile
configure service vprn subscriber-interface group-interface sap static-host sla-profile
Description 

This command specifies an existing SLA profile name to be associated with the static subscriber host. The SLA profile is configured in the config>subscr-mgmt>sla-profile context.

The no form of this command reverts to the default.

Parameters 
sla-profile-name—
Specifies the SLA profile name.

sla-profile

Syntax 
sla-profile sla-profile-name [create]
no sla-profile sla-profile-name
Context 
[Tree] (config>subscr-mgmt sla-profile)
Full Contexts 
configure subscriber-mgmt sla-profile
Description 

This command configures an SLA profile mapping. Hosts associated with a subscriber are subdivided into Service Level Agreement (SLA) profiles. For each subscriber host an SLA profile can be specified. For a subscriber host, the SLA profile determines:

  1. The QoS-policies to use
    1. The classification
    2. The queues
    3. The queue mapping
  2. The IP filters to use

The SLA profile also has the attribute host-limits which limits the total number of hosts (belonging to the same subscriber) on a certain SAP that can be using this SLA profile.

The no form of this command reverts to the default.

Parameters 
sla-profile-name—
Specifies the name of the SLA profile.
create—
Keyword used to create the SLA profile.

23.249. sla-profile-map

sla-profile-map

Syntax 
sla-profile-map
Context 
[Tree] (config>subscr-mgmt>sub-ident-pol sla-profile-map)
Full Contexts 
configure subscriber-mgmt sub-ident-policy sla-profile-map
Description 

This command enables the context to configure SLA profile mapping parameters.

sla-profile-map

Syntax 
sla-profile-map
Context 
[Tree] (config>subscr-mgmt>sub-prof sla-profile-map)
Full Contexts 
configure subscriber-mgmt sub-profile sla-profile-map
Description 

This command enables the context to configure SLA profile mapping.

23.250. sla-profile-string

sla-profile-string

Syntax 
sla-profile-string sla-profile-string
no sla-profile-string
Context 
[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host>ident-strings sla-profile-string)
[Tree] (config>subscr-mgmt>loc-user-db>ppp>host>ident-strings sla-profile-string)
Full Contexts 
configure subscriber-mgmt local-user-db ipoe host identification-strings sla-profile-string
configure subscriber-mgmt local-user-db ppp host identification-strings sla-profile-string
Description 

This command specifies the SLA profile string which is encoded in the identification strings.

The no form of this command returns to the default.

Parameters 
sla-profile-string—
Specifies the SLA profile string, up to 16 characters.

sla-profile-string

Syntax 
sla-profile-string string
no sla-profile-string
Context 
[Tree] (config>subscr-mgmt>vrgw>brg>brg-profile sla-profile-string)
Full Contexts 
configure subscriber-mgmt vrgw brg brg-profile sla-profile-string
Description 

This command configures the SLA profile string which will be used as a default for SLA-profile lookup. This string can be overridden during BRG or host authentication.

The no form of the command removes the string from the configuration.

Default 

no sla-profile-string

Parameters 
string—
Specifies the string to use to look up the subscriber profile.

23.251. slaac

slaac

Syntax 
slaac
Context 
[Tree] (config>service>vprn>sub-if>wlan-gw>pool-manager>dhcp6-client slaac)
[Tree] (config>service>ies>sub-if>wlan-gw>pool-manager>dhcp6-client slaac)
Full Contexts 
configure service ies subscriber-interface wlan-gw pool-manager dhcpv6-client slaac
configure service vprn subscriber-interface wlan-gw pool-manager dhcpv6-client slaac
Description 

This command configures SLAAC for the DHCPv6 client.

23.252. slaac-prefix

slaac-prefix

Syntax 
slaac-prefix ipv6-address
no slaac-prefix
Context 
[Tree] (config>subscr-mgmt>wlan-gw>ue-query slaac-prefix)
Full Contexts 
configure subscriber-mgmt wlan-gw ue-query slaac-prefix
Description 

This command enables matching on UEs with the specified SLAAC prefix.

The no form of this command disables matching on the SLAAC prefix.

Default 

no slaac-prefix

Parameters 
ipv6-address—
Specifies the SLAAC prefix.
Values—

ipv6-address

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 to FFFF]H

d: [0 to 255]D

 

23.253. sleep

sleep

Syntax 
sleep [seconds]
Context 
[Tree] (global sleep)
Full Contexts 
global sleep
Description 

This command causes the console session to pause operation (sleep) for 1 second (default) or for the specified number of seconds.

Default 

sleep 1

Parameters 
seconds—
Specifies the number of seconds for the console session to sleep, expressed as a decimal integer.
Values—
1 to 100

 

Default—
1

23.254. slice-size

slice-size

Syntax 
slice-size slice-size
no slice-size
Context 
[Tree] (config>mirror>mirror-dest slice-size)
Full Contexts 
configure mirror mirror-dest slice-size
Description 

This command enables mirrored frame truncation and specifies the maximum size, in bytes, of a mirrored frame that can be transmitted to the mirror destination.

This command enables mirroring larger frames than the destination packet decode equipment can handle. It also allows conservation of mirroring resources by limiting the size of the packet stream through the router and the core network.

When defined, the mirror slice-size creates a threshold that truncates a mirrored frame to a specific size. For example, if the value of 256 bytes is defined, a frame larger than 256 bytes will only have the first 256 bytes transmitted to the mirror destination. The original frame is not affected by the truncation. The mirrored frame size may increase if encapsulation information is added during transmission through the network core or out the mirror destination SAP to the packet/protocol decode equipment.

The actual capability of the router to transmit a sliced or non-sliced frame is also dictated by the mirror destination SDP path-mtu or the mirror destination SAP physical MTU. Packets that require a larger MTU than the mirroring destination supports are discarded if the defined slice-size does not truncate the packet to an acceptable size.

Notes:

  1. When configuring IP mirroring, packet slice is rejected as an incorrect option as it will cause IP packets to be rejected by the next hop with an IP header verification error.
  2. Slice-size is not supported by CEM encap-types or IP-mirroring.

The no form of this command disables mirrored packet truncation.

Parameters 
slice-size—
Specifies the number of bytes to which mirrored frames are truncated, expressed as a decimal integer.
Values—
128 to 9216

 

23.255. slm

slm

Syntax 
slm [test-id test-id] [create]
no slm
Context 
[Tree] (config>oam-pm>session>ethernet slm)
Full Contexts 
configure oam-pm session ethernet slm
Description 

This command defines the test ID to be assigned to the synthetic loss test and creates the container to allow the individual test parameters to be configured.

The no form of this command removes the SLM test function from the PM Session.

Parameters 
test-id—
Specifies the value to be placed in the 4-byte test ID field of an ETH-SLM PDU.
Values—
0 to 2147483647

 

create—
Creates the test.

slm

Syntax 
slm lmm [interval seconds] [repeat repeat] [absolute |rate]
Context 
[Tree] (monitor>oam-pm>session slm)
Full Contexts 
monitor oam-pm session slm
Description 

This command monitors the Ethernet Synthetic Loss Measurement (SLM) statistics for the specified test's raw measurement interval.

Parameters 
seconds—
Specifies the time interval, in seconds.
Values—
3 to 60

 

Default—
10
repeat—
Specifies the number of times the command is repeated.
Values—
1 to 999

 

Default—
10
absolute—
Specifies that the raw statistics are displayed, without processing. No calculations are performed on the delta or rate statistics.
rate—
Specifies that the rate-per-second is displayed.
Default—
delta

slm

Syntax 
slm
Context 
[Tree] (config>eth-cfm slm)
Full Contexts 
configure eth-cfm slm
Description 

This is the container that provides the global configuration parameters for ITU-T Synthetic Loss Measurement (ETH-SL).

23.256. slope-policy

slope-policy

Syntax 
slope-policy hsmda-slope-policy-name
no slope-policy
Context 
[Tree] (config>subscr-mgmt>sub-prof>hsmda>egress-qos>qos>queue slope-policy)
Full Contexts 
configure subscriber-mgmt sub-profile hsmda egress-qos qos queue slope-policy
Description 

This command specifies an existing slope policy name. The policy contains the Maximum Buffer Size (MBS) that is applied to the queue and the high and low priority RED slope definitions. The function of the MBS and RED slopes is to provide congestion control for an HSMDA queue. The MBS parameter defines the maximum depth a queue may reach when accepting packets. The low and high priority RED slopes provides for random early detection of congestion and slope based discards based on queue depth.

An hsmda-slope-policy can be applied to queues defined in the sap-ingress and sap-egress QoS policy hsmda-queues context. Once an HSMDA slope policy is applied to a SAP QoS policy queue, it cannot be deleted. Any edits to the policy are updated to all HSMDA queues indirectly associated with the policy.

Default HSMDA Slope Policy

An hsmda-slope-policy named default always exists on the system and does not need to be created. The default policy is automatically applied to all HSMDA queues unless another HSMDA slope policy is specified for the queue. The default policy cannot be modified or deleted. Attempting to execute no hsmda-slope-policy default will result in an error.

The no form of this command removes the slope policy from the subscriber profile HSMDA configuration.

slope-policy

Syntax 
slope-policy name
no slope-policy
Context 
[Tree] (config>card>mda>access>egress>pool slope-policy)
[Tree] (config>card>mda>access>ingress>pool slope-policy)
[Tree] (config>card>mda>network>egress>pool slope-policy)
[Tree] (config>port>access>egress>channel>pool slope-policy)
[Tree] (config>port>access>egress>pool slope-policy)
[Tree] (config>port>access>ingress>pool slope-policy)
[Tree] (config>port>network>egress>pool slope-policy)
Full Contexts 
configure card mda access egress pool slope-policy
configure card mda access ingress pool slope-policy
configure card mda network egress pool slope-policy
configure port access egress channel pool slope-policy
configure port access egress pool slope-policy
configure port access ingress pool slope-policy
configure port network egress pool slope-policy
Description 

This command specifies an existing slope policy which defines high and low priority RED slope parameters and the time average factor. The policy is defined in the config>qos>slope-policy context.

Default 

slope-policy default

Parameters 
name—
Specifies the policy name, a string up to 32 characters.

slope-policy

Syntax 
slope-policy slope-policy-name
no slope-policy
Context 
[Tree] (config>card>fp>egress>wred-queue-control slope-policy)
Full Contexts 
configure card fp egress wred-queue-control slope-policy
Description 

This command configures WRED slopes within the WRED mega-pool. The WRED slopes in the WRED mega-pool are used when WRED queues are requesting buffers from the mega-pool while they are over their CBS threshold. Once over the CBS threshold, the WRED queue stops receiving buffers from the CBS reserve in the mega-pool and starts competing for buffers in the shared portion of the mega-pool. If the packet resulting in the buffer request is inplus-profile, the packet will be associated with the highplus-slope. In-profile packets are associated with the high slope. Out-of-profile packets are associated with the low slope. Exceed-profile packets are associated with the exceed slope. While the queue is within its CBS threshold, the slopes are ignored.

Within the defined slope-policy, each slope is enabled or disabled (no shutdown or shutdown) and each slope’s geometry is defined as percentages of shared portion depth. If a slope is shutdown, the related traffic uses the minimum of the queue MBS and egress WRED megapool size as a drop tail.

The slope-policy also defines the time average factor (TAF) value that is used to determine how the pool’s weighted average depth is calculated. The higher the factor, the slower the average depth tracks the actual pool depth.

The no form of this command reverts to the default slope policy to the WRED mega-pool.

Default 

slope-policy default

Parameters 
slope-policy-name—
Specifies which slope policy the system should apply to the WRED mega-pool. When slope-policy is not executed, the WRED mega-pool will use the default slope policy. The defined slope policy must already exist or the command will fail. 32 characters maximum.

slope-policy

Syntax 
slope-policy name
no slope-policy
Context 
[Tree] (config>card>fp>ingress>network>pool slope-policy)
Full Contexts 
configure card fp ingress network pool slope-policy
Description 

This command specifies an existing slope policy which defines high and low priority RED slope parameters and the time average factor. The policy is defined in the config>qos>slope-policy context.

Default 

slope-policy default

Parameters 
name—
Specifies the policy name, a string up to 32 characters.

slope-policy

Syntax 
slope-policy hsmda-slope-policy-name
no slope-policy
Context 
[Tree] (config>port>ethernet>access>egress>queue-group>hsmda-queue-override>queue slope-policy)
Full Contexts 
configure port ethernet access egress queue-group hsmda-queue-override queue slope-policy
Description 

This command configures the slope policy.

Parameters 
hsmda-slope-policy-name
Specifies the HSMDA slope policy name, up to 32 characters.

slope-policy

Syntax 
slope-policy hsmda-slope-policy-name
no slope-policy
Context 
[Tree] (config>service>epipe>sap>egress>hsmda-queue-over slope-policy)
[Tree] (config>service>ipipe>sap>egress>hsmda-queue-over slope-policy)
Full Contexts 
configure service epipe sap egress hsmda-queue-over slope-policy
configure service ipipe sap egress hsmda-queue-over slope-policy
Description 

This command assigns an HSMDA slope policy to the SAP. The policy may be assigned to an ingress or egress HSMDA queue. The policy contains the Maximum Buffer Size (MBS) that will be applied to the queue and the high and low priority RED slope definitions. The function of the MBS and RED slopes is to provide congestion control for an HSMDA queue. The MBS parameter defines the maximum depth a queue may reach when accepting packets. The low and high priority RED slopes provides for random early detection of congestion and slope based discards based on queue depth.

An HSMDA slope policy can be applied to queues defined in the SAP ingress and SAP egress QoS policy HSMDA queues context. Once an HSMDA slope policy is applied to a SAP QoS policy queue, it cannot be deleted. Any edits to the policy are updated to all HSMDA queues indirectly associated with the policy.

Default HSMDA Slope Policy

An HSMDA slope policy named “default” always exists on the system and does not need to be created. The default policy is automatically applied to all HSMDA queues unless another HSMDA slope policy is specified for the queue. The default policy cannot be modified or deleted. Attempting to execute the no hsmda-slope-policy default command results in an error.

The no form of this command removes the specified HSMDA slope policy from the configuration. If the HSMDA slope policy is currently associated with an HSMDA queue, the command will fail.

Parameters 
hsmda-slope-policy-name—
Specifies a HSMDA slope policy up to 32 characters in length. The HSMDA slope policy must be exist prior to applying the policy name to an HSMDA queue.

slope-policy

Syntax 
slope-policy hsmda-slope-policy-name
no slope-policy
Context 
[Tree] (config>service>vpls>sap>egress>hsmda-queue-over>queue slope-policy)
Full Contexts 
configure service vpls sap egress hsmda-queue-override queue slope-policy
Description 

This command specifies an existing slope policy name.

slope-policy

Syntax 
slope-policy hsmda-slope-policy-name
no slope-policy
Context 
[Tree] (config>service>ies>if>sap>egress>hsmda-queue-over slope-policy)
Full Contexts 
configure service ies interface sap egress hsmda-queue-over slope-policy
Description 

This command assigns an HSMDA slope policy to the SAP. The policy may be assigned to an ingress or egress HSMDA queue. The policy contains the Maximum Buffer Size (MBS) that will be applied to the queue and the high and low priority RED slope definitions. The function of the MBS and RED slopes is to provide congestion control for an HSMDA queue. The MBS parameter defines the maximum depth a queue may reach when accepting packets. The low and high priority RED slopes provides for random early detection of congestion and slope based discards based on queue depth.

An HSMDA slope policy can be applied to queues defined in the SAP ingress and SAP egress QoS policy HSMDA queues context. Once an HSMDA slope policy is applied to a SAP QoS policy queue, it cannot be deleted. Any edits to the policy are updated to all HSMDA queues indirectly associated with the policy.

Default HSMDA Slope Policy

An HSMDA slope policy named default always exists on the system and does not need to be created. The default policy is automatically applied to all HSMDA queues unless another HSMDA slope policy is specified for the queue. The default policy cannot be modified or deleted. Attempting to execute the no hsmda-slope-policy default command results in an error.

The no form of this command removes the specified HSMDA slope policy from the configuration. If the HSMDA slope policy is currently associated with an HSMDA queue, the command fails.

Parameters 
hsmda-slope-policy-name—
Specifies a HSMDA slope policy up to 32 characters in length. The HSMDA slope policy must be exist prior to applying the policy name to an HSMDA queue.

slope-policy

Syntax 
slope-policy hsmda-slope-policy-name
no slope-policy
Context 
[Tree] (config>service>vprn>if>sap>egress>hsmda-queue-override slope-policy)
Full Contexts 
configure service vprn interface sap egress hsmda-queue-override slope-policy
Description 

This command specifies an existing slope policy name.

slope-policy

Syntax 
slope-policy slope-policy-name
no slope-policy
Context 
[Tree] (config>isa>aa-grp>qos>egress>from-subscriber>pool slope-policy)
[Tree] (config>isa>aa-grp>qos>egress>to-subscriber>pool slope-policy)
Full Contexts 
configure isa application-assurance-group qos egress from-subscriber pool slope-policy
configure isa application-assurance-group qos egress to-subscriber pool slope-policy
Description 

This command specifies an existing slope policy which defines high and low priority RED slope parameters and the time average factor. The slope policy is defined in the config>qos>slope-policy context.

Parameters 
slope-policy-name —
Specifies the name of the slope policy, up to 32 characters.

slope-policy

Syntax 
slope-policy hsmda-slope-policy-name
no slope-policy
Context 
[Tree] (config>qos>sap-egress>hsmda-queues>queue slope-policy)
Full Contexts 
configure qos sap-egress hsmda-queues queue slope-policy
Description 

This command associates an existing HSMDA slope policy with the QoS policy HSMDA queue. The specified hsmda-slope-policy-name must exist for the command to succeed. If the policy name does not exist, the command has no effect on the existing slope policy association. When a slope policy is associated with a QoS policy queue, subscriber profile override, or SAP override, the slope policy cannot be removed from the system. Any edits to an associated slope policy are immediately applied to the queues using the slope policy.

Within the ingress and egress QoS policies, packets are classified as high priority or low-priority. For color aware policies, packets are also potentially classified as in-profile, out-of-profile, or profile-undefined. Based on these classifications, packets are mapped to the RED slopes in the following manner:

Ingress Slope Mapping

  1. In-Profile — High Slope (priority ignored)
  2. Profile-Undefined, High Priority — High Slope
  3. Out-of-Profile — Low Slope (priority ignored)
  4. Profile-Undefined, Low Priority — Low Slope

Egress Slope Mapping

  1. In-Profile from ingress — High Slope
  2. Out-of-Profile from ingress — Low Slope

The specified policy contains a value that defines the queue’s MBS value (queue-mbs). This is the maximum depth of the queue specified in bytes where all packets start to discard. The high- and low-priority RED slopes provide congestion control mechanisms that react to the current depth of the queue and start a random discard that increases in probability as the queue depth increases. The start point and end point for each discard probability slope is defined as follows:

  1. Start-Utilization — This is defined as percentage of MBS and specifies where the discard probability for the slope begins to rise above 0%. (A corresponding Start-Probability parameter is not needed as the start probability is always 0%).
  2. Maximum-Utilization — This is also defined as a percentage of MBS and specifies where (based on MBS utilized) the discard probability rises to 100%. This is the first portion of the knee coordinates and is meaningless without the Maximum-Probability parameter.
  3. Maximum-Probability — This is defined as a percentage of discard probability and in conjunction with maximum-utilization completes the knee coordinate where the discard probability deviates from the slope and rises to 100%.

Up to 1024 HSMDA slope policies may be configured on a system.

The system maintains a slope policy named hsmda-default, which acts as a default policy when an explicit slope policy has not been defined for an HSMDA queue. The default policy may be edited, but it cannot be deleted. If a no slope-policy hsmda-default command is executed, the default slope policy returns to the factory default settings. The factory default settings are as follows:

High Slope:

  1. Start-Utilization 100%
  2. Max-Utilization 100%
  3. Max-Probability 100%
  4. Shutdown

Low Slope:

  1. Start-Utilization 90%
  2. Max-Utilization 90%
  3. Max-Probability 1
  4. No Shutdown

Time-Average-Factor: 0

The no form of this command restores the association between the queue and the HSMDA default slope policy. The command has no immediate effect for queues that have a local override defined for the slope policy.

Parameters 
hsmda-slope-policy-name—
Specifies an existing slope policy within the system. If a slope policy with the specified name does not exist, the slope-policy command will fail without modifying the slope behavior on the queue. When a slope policy is associated with an HSMDA queue, the policy cannot be deleted.
Default—
hsmda-default

slope-policy

Syntax 
slope-policy policy-name
no slope-policy
Context 
[Tree] (config>qos>hs-pool-policy>mid-tier>mid-pool slope-policy)
[Tree] (config>qos>hs-pool-policy>root-tier>root-pool slope-policy)
Full Contexts 
configure qos hs-pool-policy mid-tier mid-pool slope-policy
configure qos hs-pool-policy root-tier root-pool slope-policy
Description 

This command specifies the slope policy to be used to define the high, low, and exceed slopes within the pool. The slope (high, low, or exceed) used on the egress queue for the packet that generated the buffer request is also used in the mid-pool from the applied slope policy. The pool’s current allocation amount is applied to the appropriate slope to derive the buffer rejection probability. The probability value is compared to a randomly-generated number. If the probability decision generates a rejection decision or the buffer pool has no remaining free buffers, the buffer request fails and the arriving packet is discarded. Otherwise, a buffer is allocated as long as the port-class and root-tier buffer pools also honor the buffer request.

The no form of the command restores the default slope policy to the associated pool.

Default 

slope-policy _tmnx_hs_default

Parameters 
policy-name—
Specifies the slope policy associated with this pool, up to 32 characters.

slope-policy

Syntax 
slope-policy policy-name
no slope-policy
Context 
[Tree] (config>qos>hs-port-pool-policy>alt-port-class-pools>class-pool slope-policy)
[Tree] (config>qos>hs-port-pool-policy>std-port-class-pools>class-pool slope-policy)
Full Contexts 
configure qos hs-port-pool-policy alt-port-class-pools class-pool slope-policy
configure qos hs-port-pool-policy std-port-class-pools class-pool slope-policy
Description 

This command specifies the slope policy that is used to define the high, low, and exceed slopes within the port-class pool. The slope used on the egress queue for the packet that generated the buffer request is also used in the class-pool. The pool’s current allocation amount is applied to the appropriate slope to derive the buffer rejection probability. The probability value is compared to a randomly generated number. If the probability decision generates a rejection or the buffer pool has no remaining free buffers, the buffer request fails and the arriving packet is discarded. Otherwise, a buffer is allocated as long as the mid-tier and root-tier buffer pools also honor the buffer request.

The no form of the command restores the default slope policy to the associated class-pool.

Default 

slope-policy _tmnx_hs_default

Parameters 
policy-name—
Specifies the policy name, up to 32 characters. This parameter is required when executing the slope-policy command and must refer to an existing slope policy within the system. If a slope policy with the specified name does not exist, the slope-policy command fails without modifying the slope behavior on the pool. A non-existent slope-policy error is generated. After a slope policy is associated with any HSQ queue or buffer pool, the policy cannot be deleted.

slope-policy

Syntax 
slope-policy hsmda-slope-policy-name
no slope-policy
Context 
[Tree] (config>qos>network-queue>egress-hsmda>queue slope-policy)
Full Contexts 
configure qos network-queue egress-hsmda queue slope-policy
Description 

This command associates an existing HSMDA slope policy with the QoS policy HSMDA queue. The specified hsmda-slope-policy-name must exist for the command to succeed. If the policy name does not exist, the command has no effect on the existing slope policy association. When a slope policy is associated with a QoS policy queue or override, the slope policy cannot be removed from the system. Any edits to an associated slope policy are immediately applied to the queues using the slope policy.

Within the ingress and egress QoS policies, packets are classified as high priority or low priority. For color aware policies, packets are also potentially classified as in-profile, out-of-profile, or profile-undefined. Based on these classifications, packets are mapped to the RED slopes in the following manner:

Ingress Slope Mapping

  1. In-Profile — High Slope (priority ignored)
  2. Profile-Undefined, High Priority — High Slope
  3. Out-of-Profile Low Slope (priority ignored)
  4. Profile-Undefined, Low Priority — Low Slope

Egress Slope Mapping

  1. In-Profile from ingress — High Slope
  2. Out-of-Profile from ingress — Low Slope

The specified policy contains a value that defines the queue’s MBS value (queue-mbs). This is the maximum depth of the queue, specified in bytes, where all packets start to discard. The high- and low-priority RED slopes provide congestion control mechanisms that react to the current depth of the queue and start a random discard that increases in probability as the queue depth increases. The start point and end point for each discard probability slope is defined as follows:

  1. Start-Utilization — This is defined as a percentage of MBS and specifies where the discard probability for the slope begins to rise above 0%. (A corresponding Start-Probability parameter is not needed as the start probability is always 0%.
  2. Maximum-Utilization — This is also defined as a percentage of MBS and specifies where (based on MBS utilized) the discard probability rises to 100%. This is the first portion of the knee coordinates and is meaningless without the Maximum-Probability parameter.
  3. Maximum-Probability — This is defined as a percentage of discard probability and in conjunction with maximum-utilization completes the knee coordinate where the discard probability deviates from the slope and rises to 100%.

Up to 1024 HSMDA slope policies may be configured on a system.

The system maintains a slope policy named hsmda-default, which acts as a default policy when an explicit slope policy has not been defined for an HSMDA queue. The default policy may be edited, but it cannot be deleted. If a no slope-policy hsmda-default command is executed, the default slope policy returns to the factory default settings. The factory default settings are as follows:

High Slope:

  1. Start-Utilization 100%
  2. Max-Utilization 100%
  3. Max-Probability 100%
  4. Shutdown

Low Slope:

  1. Start-Utilization 90%
  2. Max-Utilization 90%
  3. Max-Probability 1
  4. No Shutdown

Time-Average-Factor: 0

The no form of this command restores the association between the queue and the HSMDA default slope policy. The command has no immediate effect for queues that have a local override defined for the slope policy.

Parameters 
hsmda-slope-policy-name—
Specifies an existing slope policy within the system. If a slope policy with the specified name does not exist, the slope-policy command will fail without modifying the slope behavior on the queue. When a slope policy is associated with an HSMDA queue, the policy cannot be deleted.
Default—
hsmda-default

slope-policy

Syntax 
slope-policy hsmda-slope-policy-name
no slope-policy
Context 
[Tree] (config>qos>qgrps>egr>qgrp>hsmda-group>queue slope-policy)
Full Contexts 
configure qos queue-group-templates egress queue-group hsmda-group queue slope-policy
Description 

This command specifies the name of the slope policy which overrides the default policy.

Parameters 
hsmda-slope-policy-name—
Specifies the name of the slope policy.

slope-policy

Syntax 
slope-policy name [create]
no slope-policy name
Context 
[Tree] (config>qos slope-policy)
Full Contexts 
configure qos slope-policy
Description 

This command enters the context to configure a QoS slope policy.

Default 

slope-policy “default”

Parameters 
name—
The name of the slope policy.
Values—
Valid names consist of any string up to 32 characters, composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes.

 

slope-policy

Syntax 
slope-policy src-name dst-name [overwrite]
Context 
[Tree] (config>qos>copy slope-policy)
Full Contexts 
configure qos copy slope-policy
Description 

This command copies existing QoS policy entries for a QoS policy-id to another QoS policy-id.

The copy command is a configuration-level maintenance tool used to create new policies using existing policies. It also allows bulk modifications to an existing policy with the use of the overwrite keyword.

Parameters 
slope-policy—
Indicates that the source policy ID and the destination policy ID are slope policy IDs. Specify the source policy ID that the copy command will attempt to copy from and specify the destination policy ID to which the command will copy a duplicate of the policy.
overwrite—
Specifies to replace the existing destination policy. Everything in the existing destination policy will be overwritten with the contents of the source policy. If overwrite is not specified, an error will occur if the destination policy ID exists.
ALA-7>config>qos# copy slope-policy default sp1
MINOR: CLI Destination "sp1" exists - use {overwrite}.
ALA-7>config>qos#overwrite

23.257. slow-psc-timer

slow-psc-timer

Syntax 
slow-psc-timer interval
no slow-psc-timer
Context 
[Tree] (config>router>mpls>mpls-tp>protection-template slow-psc-timer)
Full Contexts 
configure router mpls mpls-tp protection-template slow-psc-timer
Description 

This command configures the slow timer value to be used for protection switching coordination (PSC) packets for MPLS-TP linear protection (RFC 6378).

Default 

slow-psc-timer 5

Parameters 
interval—
Specifies the slow timer interval in seconds.
Values—
5 to 60

 

23.258. slow-queue-threshold

slow-queue-threshold

Syntax 
slow-queue-threshold kilobits-per-second
no slow-queue-threshold
Context 
[Tree] (config>card>virt-sched-adj slow-queue-threshold)
Full Contexts 
configure card virtual-scheduler-adjustment slow-queue-threshold
Description 

This command overrides the system default rate threshold where policers and queues are placed in the “slow” queue category. Slow rate policers and queues use a different minimum rate calculation interval time than fast rate queues. The rate is determined based on the previous calculated offered rate for the policer or queue.

The default slow policer or queue rate is 1 Mb/s. The fast rate is derived by multiplying the slow rate by a factor of 1.5 resulting in a default fast rate of 1.5 Mb/s. The slow-queue-threshold command uses a “Kilobit-Per-Second” value to modify the default slow queue rate threshold and indirectly changes the fast queue rate threshold.

The no form of this command restores the default slow queue and fast rate thresholds.

Default 

no slow-queue-threshold

Parameters 
kilobits-per-second—
Specifies that the kilobit-per-second parameter is required and is used to modify the default slow rate threshold. Defining a value of 0 forces all policers and queues to be treated as fast rate. Defining a value of 1000 (1 Mb/s) returns the threshold to the default value and is equivalent to executing no slow-queue-threshold.

The fast rate threshold is derived by multiplying the new slow rate threshold by a factor of 1.5.

Values—
0 to 1000000 kb/s

 

Default—
1000 kb/s

23.259. sm-tti

sm-tti

Syntax 
sm-tti
Context 
[Tree] (config>port>otu sm-tti)
Full Contexts 
configure port otu sm-tti
Description 

This command enables the context to configure section monitoring trail trace identifier parameters.

23.260. snap-oui

snap-oui

Syntax 
snap-oui {zero |non-zero}
no snap-oui
Context 
[Tree] (config>qos>sap-ingress>mac-criteria>entry>match snap-oui)
Full Contexts 
configure qos sap-ingress mac-criteria entry match snap-oui
Description 

Configures an IEEE 802.3 LLC SNAP Ethernet frame OUI zero or non-zero value to be used as a service ingress QoS policy match criterion.

The no form of this command removes the criterion from the match criteria.

Default 

no snap-oui

Parameters 
zero—
Specifies to match packets with the 3-byte OUI field in the SNAP-ID set to zero.
non-zero—
Specifies to match packets with the 3-byte OUI field in the SNAP-ID not set to zero.

snap-oui

Syntax 
snap-oui {zero |non-zero}
no snap-oui
Context 
[Tree] (config>filter>mac-filter>entry>match snap-oui)
Full Contexts 
configure filter mac-filter entry match snap-oui
Description 

This command configures an IEEE 802.3 LLC SNAP Ethernet Frame OUI zero or non-zero value to be used as a MAC filter match criterion.

The no form of the command removes the criterion from the match criteria.

Default 

no snap-oui

Parameters 
zero—
Specifies to match packets with the three-byte OUI field in the SNAP-ID set to zero.
non-zero—
Specifies to match packets with the three-byte OUI field in the SNAP-ID not set to zero.

snap-oui

Syntax 
snap-oui {zero |non-zero}
no snap-oui
Context 
[Tree] (config>system>security>mgmt-access-filter>mac-filter>entry>match snap-oui)
Full Contexts 
configure system security management-access-filter mac-filter entry match snap-oui
Description 

This command configures an IEEE 802.3 LLC SNAP Ethernet Frame OUI zero or non-zero value to be used as a MAC filter match criterion.

The no form of this command removes the criterion from the match criteria.

Default 

no snap-oui

Parameters 
zero—
Specifies to match packets with the three-byte OUI field in the SNAP-ID set to zero.
non-zero—
Specifies to match packets with the three-byte OUI field in the SNAP-ID not set to zero.

23.261. snap-pid

snap-pid

Syntax 
snap-pid snap-pid
no snap-pid
Context 
[Tree] (config>qos>sap-ingress>mac-criteria>entry>match snap-pid)
Full Contexts 
configure qos sap-ingress mac-criteria entry match snap-pid
Description 

Configures an IEEE 802.3 LLC SNAP Ethernet frame PID value to be used as a service ingress QoS policy match criterion.

This is a 2-byte protocol id that is part of the IEEE 802.3 LLC SNAP Ethernet Frame that follows the 3-byte OUI field.

The snap-pid field, etype field, ssap, and dsap fields are mutually exclusive and cannot be part of the same match criteria.

The snap-pid match criteria is independent of the OUI field within the SNAP header. Two packets with different 3-byte OUI fields, but the same PID field, will both match the same policy entry based on a snap-pid match criteria.

The no form of this command removes the snap-pid value as the match criteria.

Default 

no snap-pid

Parameters 
snap-pid—
The 2-byte snap-pid value to be used as a match criterion in hexadecimal.
Values—
0x0000 to 0xFFFF

 

snap-pid

Syntax 
snap-pid snap-pid
no snap-pid
Context 
[Tree] (config>filter>mac-filter>entry>match snap-pid)
Full Contexts 
configure filter mac-filter entry match snap-pid
Description 

Configures an IEEE 802.3 LLC SNAP Ethernet Frame PID value to be used as a MAC filter match criterion.

This is a two-byte protocol id that is part of the IEEE 802.3 LLC SNAP Ethernet Frame that follows the three-byte OUI field.

The snap-pid field, etype field, ssap and dsap fields are mutually exclusive and may not be part of the same match criteria.

The snap-pid match criterion is independent of the OUI field within the SNAP header. Two packets with different three-byte OUI fields but the same PID field will both match the same filter entry based on a snap-pid match criteria.

The no form of the command removes the snap-pid value as the match criteria.

Default 

no snap-pid

Parameters 
snap-pid—
Specifies the two-byte snap-pid value to be used as a match criterion. The value can be expressed in decimal integer or hexadecimal format.
Values—
0 to 65535 or 0x0000 to 0xFFFF

 

snap-pid

Syntax 
snap-pid snap-pid
no snap-pid
Context 
[Tree] (config>system>security>mgmt-access-filter>mac-filter>entry>match snap-pid)
Full Contexts 
configure system security management-access-filter mac-filter entry match snap-pid
Description 

This command configures an IEEE 802.3 LLC SNAP Ethernet Frame PID value to be used as a MAC filter match criterion.

This is a two-byte protocol id that is part of the IEEE 802.3 LLC SNAP Ethernet Frame that follows the three-byte OUI field.

The snap-pid field, etype field, ssap and dsap fields are mutually exclusive and may not be part of the same match criteria. Refer to the 7450 ESS, 7750 SR, 7950 XRS, and VSR Router Configuration Guide for information about MAC Match Criteria Exclusivity Rules fields that are exclusive based on the frame format.

Note:

The snap-pid match criterion is independent of the OUI field within the SNAP header. Two packets with different three-byte OUI fields but the same PID field will both match the same filter entry based on a snap-pid match criteria.

The no form of this command removes the snap-pid value as the match criteria.

Default 

no snap-pid

Parameters 
pid-value—
Specifies the two-byte snap-pid value to be used as a match criterion in hexadecimal.
Values—
0x0000 to 0xFFFF

 

23.262. snmp

snmp

Syntax 
snmp
Context 
[Tree] (config>service>vprn snmp)
Full Contexts 
configure service vprn snmp
Description 

This command enters the context to configure SNMP parameters for this VPRN.

snmp

Syntax 
snmp
Context 
[Tree] (config>system>security>user snmp)
Full Contexts 
configure system security user snmp
Description 

This command creates the context to configure SNMP group membership for a specific user and defines encryption and authentication parameters.

All SNMPv3 users must be configured with the commands available in this CLI node.

The OS always uses the configured SNMPv3 user name as the security user name.

snmp

Syntax 
snmp
Context 
[Tree] (config>system snmp)
[Tree] (config>system>security snmp)
Full Contexts 
configure system security snmp
configure system snmp
Description 

This command creates the context to configure SNMPv1, SNMPv2, and SNMPv3 parameters.

23.263. snmp-trap-group

snmp-trap-group

Syntax 
[no] snmp-trap-group log-id
Context 
[Tree] (config>service>vprn>log snmp-trap-group)
Full Contexts 
configure service vprn log snmp-trap-group
Description 

This command creates the context to configure a group of SNMP trap receivers and their operational parameters for a given log-id.

A group specifies the types of SNMP traps and specifies the log ID which will receive the group of SNMP traps. A trap group must be configured in order for SNMP traps to be sent.

To suppress the generation of all alarms and traps see the event-control command. To suppress alarms and traps that are sent to this log-id, see the filter command. Once alarms and traps are generated they can be directed to one or more SNMP trap groups. Logger events that can be forwarded as SNMP traps are always defined on the main event source.

The no form of this command deletes the SNMP trap group.

Default 

There are no default SNMP trap groups.

Parameters 
log-id—
The log ID value of a log configured in the log-id context. Alarms and traps cannot be sent to the trap receivers until a valid log-id exists.
Values—
1 to 99

 

snmp-trap-group

Syntax 
[no] snmp-trap-group log-id
Context 
[Tree] (config>log snmp-trap-group)
Full Contexts 
configure log snmp-trap-group
Description 

This command creates the context to configure a group of SNMP trap receivers and their operational parameters for a given log-id.

A group specifies the types of SNMP traps and specifies the log ID which will receive the group of SNMP traps. A trap group must be configured in order for SNMP traps to be sent.

To suppress the generation of all alarms and traps see the event-control command. To suppress alarms and traps that are sent to this log-id, see the filter command. Once alarms and traps are generated they can be directed to one or more SNMP trap groups. Logger events that can be forwarded as SNMP traps are always defined on the main event source.

The no form of this command deletes the SNMP trap group.

Parameters 
log-id—
Specifies the log ID value of a log configured in the log-id context. Alarms and traps cannot be sent to the trap receivers until a valid log-id exists.
Values—
1 to 99

 

23.264. snoop

snoop

Syntax 
[no] snoop
Context 
[Tree] (config>service>vpls>sap>dhcp snoop)
[Tree] (config>service>vpls>spoke-sdp>dhcp snoop)
[Tree] (config>service>vpls>mesh-sdp>dhcp snoop)
[Tree] (config>service>vprn>if>dhcp>option snoop)
[Tree] (config>service>vprn>nw-if>dhcp snoop)
Full Contexts 
configure service vpls mesh-sdp dhcp snoop
configure service vpls sap dhcp snoop
configure service vpls spoke-sdp dhcp snoop
configure service vprn interface dhcp option snoop
configure service vprn nw-if dhcp snoop
Description 

This command enables snooping of DHCP or DHCP6 messages on the SAP or SDP. Enabling DHCP or DHCP6 snooping on interfaces (SAPs and SDP bindings) is required where DHCP or DHCP6 messages important to lease state table population are received, or where Option 82 information is to be inserted. This includes interfaces that are in the path to receive messages from either DHCP or DHCP6 servers or from subscribers.

The no form of this command disables DHCP or DHCP6 snooping on the specified SAP or SDP binding.

Default 

no snoop

23.265. snooping

snooping

Syntax 
[no] snooping
Context 
[Tree] (config>service>ies>sub-if>grp-if>ipv6>dhcp6 snooping)
[Tree] (config>service>vprn>sub-if>grp-if>ipv6>dhcp6 snooping)
Full Contexts 
configure service ies subscriber-interface group-interface ipv6 dhcp6 snooping
configure service vprn subscriber-interface group-interface ipv6 dhcp6 snooping
Description 

This command enables the group-interface to snoop DHCPv6 relay messages exchange between the subscriber host and the DHCPv6 server. A successful DHCPv6 address assignment triggers ESM DHCPv6 host creation and a release of the lease triggers host deletion. This feature is for ESMv6 applications where a Layer 3 aggregation network is upstream from the BNG.

The no form of this command reverts to the default.

23.266. sntp

sntp

Syntax 
[no] sntp
Context 
[Tree] (config>system>time sntp)
Full Contexts 
configure system time sntp
Description 

This command creates the context to edit the Simple Network Time Protocol (SNTP).

SNTP can be configured in either broadcast or unicast client mode. SNTP is a compact, client-only version of the NTP. SNTP can only receive the time from SNTP/NTP servers. It cannot be used to provide time services to other systems.

The system clock is automatically adjusted at system initialization time or when the protocol first starts up.

When the time differential between the SNTP/NTP server and the system is more than 2.5 seconds, the time on the system is gradually adjusted.

SNTP is created in an administratively enabled state (no shutdown).

The no form of the command removes the SNTP instance and configuration. SNTP does not need to be administratively disabled when removing the SNTP instance and configuration.

Default 

sntp

23.267. socket

socket

Syntax 
socket [neighbor ip-address |group name]
no socket
Context 
[Tree] (debug>router>bgp socket)
Full Contexts 
debug router bgp socket
Description 

This command logs all TCP socket events to the debug log.

The no form of this command disables debugging.

Parameters 
neighbor ip-address
Debugs only events affecting the specified BGP neighbor.
Values—
ipv4-address:
  1. a.b.c.d (host bits must be 0)
ipv6-address:
  1. x:x:x:x:x:x:x:x [-interface] (eight 16-bit pieces)
  2. x:x:x:x:x:x:d.d.d.d [-interface]
  3. x: [0 to FFFF]H
  4. d: [0 to 255]D
  5. interface: up to 32 characters for link local addresses

 

group name
Debugs only events affecting the specified peer group name, up to 64 characters, and associated neighbors.

23.268. software-repository

software-repository

Syntax 
software-repository repository-name
no software-repository
Context 
[Tree] (config>system>satellite>eth-sat software-repository)
[Tree] (config>system>satellite>tdm-sat software-repository)
Full Contexts 
configure system satellite eth-sat software-repository
configure system satellite tdm-sat software-repository
Description 

This command binds the specified software repository to the associated satellite. The software repository is used to locate and serve the correct software image to the satellite at boot time.

The configured software repository is only used when the satellite boots. Changing the software repository for an active satellite does not have an effect until the next time a satellite boots.

A satellite cannot be booted if there is no software repository defined for it.

The no form of the command removes the software repository.

Default 

no software-repository

Parameters 
repository-name—
Specifies a string, up to 32 characters, that uniquely identifies the software repository.

software-repository

Syntax 
software-repository repository-name [create]
no software-repository repository-name
Context 
[Tree] (config>system software-repository)
Full Contexts 
configure system software-repository
Description 

This command creates or deletes an instance of a software repository. The instance is identified by a repository name.

A software repository is used to obtain files to upgrade software on certain subsystems of the router (for example, Ethernet satellites).

Up to three locations can be specified within a software repository for the router to access files in the repository. The router will first attempt to access the file at the primary location. If the primary location is not configured or the files are not found at the primary location, then the router will attempt to access the files at the secondary location. If the secondary location is not configured or the files are not found at the secondary location, then the router will attempt to access the files at the tertiary location. If the tertiary location is not configured or the files are not found at the tertiary location, then the software repository access will fail.

The no form of the command removes the software repository.

Parameters 
repository-name—
Specifies a string, up to 32 characters, that uniquely identifies the software repository.
create
Specifies the keyword required when the software-repository context is first created. Once the context is created, it can be accessed without the create keyword.

23.269. solicit-delay

solicit-delay

Syntax 
solicit-delay delay
no solicit-delay
Context 
[Tree] (config>service>ies>sub-if>grp-if>ipv6>dhcp6>relay>advertise-selection solicit-delay)
[Tree] (config>service>vprn>sub-if>ipv6>dhcp6>relay>advertise-selection solicit-delay)
[Tree] (config>service>vprn>sub-if>grp-if>ipv6>dhcp6>relay>advertise-selection solicit-delay)
Full Contexts 
configure service ies subscriber-interface group-interface ipv6 dhcp6 relay advertise-selection solicit-delay
configure service vprn subscriber-interface group-interface ipv6 dhcp6 relay advertise-selection solicit-delay
configure service vprn subscriber-interface ipv6 dhcp6 relay advertise-selection solicit-delay
Description 

This command configures the default time to delay DHCPv6 solicit messages. The delay is applied to all DHCPv6 solicit messages for which no per DHCPv6 server or per client MAC delay or preference option value is configured. The solicit-delay and preference-option value commands are mutually exclusive.

The no form of this command removes the delay timeout.

Parameters 
delay
Specifies the default amount of time to delay DHCPv6 solicit messages, in deci-seconds.
Values—
1 to 100

 

solicit-delay

Syntax 
solicit-delay delay
no solicit-delay
Context 
[Tree] (config>service>ies>sub-if>grp-if>ipv6>dhcp6>relay>advertise-selection>client-mac solicit-delay)
[Tree] (config>service>vprn>sub-if>ipv6>dhcp6>relay>advertise-selection>client-mac solicit-delay)
[Tree] (config>service>vprn>sub-if>grp-if>ipv6>dhcp6>relay>advertise-selection>client-mac solicit-delay)
Full Contexts 
configure service ies subscriber-interface group-interface ipv6 dhcp6 relay advertise-selection client-mac solicit-delay
configure service vprn subscriber-interface group-interface ipv6 dhcp6 relay advertise-selection client-mac solicit-delay
configure service vprn subscriber-interface ipv6 dhcp6 relay advertise-selection client-mac solicit-delay
Description 

This command configures the time to delay DHCPv6 solicit messages with an odd or even source MAC address. Both solicit-delay and mac-address commands must be configured in the client-mac context. The solicit-delay and preference-option value commands are mutually exclusive.

The no form of this command removes the delay timeout.

Parameters 
delay
Specifies the time to delay DHCPv6 solicit messages with an odd or even source MAC address, in deci-seconds.
Values—
1 to 100

 

solicit-delay

Syntax 
solicit-delay delay
no solicit-delay
Context 
[Tree] (config>service>ies>sub-if>grp-if>ipv6>dhcp6>relay>advertise-selection>server solicit-delay)
[Tree] (config>service>vprn>sub-if>ipv6>dhcp6>relay>advertise-selection>server solicit-delay)
[Tree] (config>service>vprn>sub-if>grp-if>ipv6>dhcp6>relay>advertise-selection>server solicit-delay)
Full Contexts 
configure service ies subscriber-interface group-interface ipv6 dhcp6 relay advertise-selection server solicit-delay
configure service vprn subscriber-interface group-interface ipv6 dhcp6 relay advertise-selection server solicit-delay
configure service vprn subscriber-interface ipv6 dhcp6 relay advertise-selection server solicit-delay
Description 

This command configures the time to delay DHCPv6 solicit messages relayed to the server. The solicit-delay and preference-option value commands are mutually exclusive.

The no form of this command removes the delay timeout.

Parameters 
delay
Specifies the time to delay DHCPv6 solicit messages that are relayed to the server, in deci-seconds.
Values—
1 to 100

 

23.270. solicited-release

solicited-release

Syntax 
[no] solicited-release
Context 
[Tree] (config>service>vprn>dhcp6>server>lease-hold-time-for solicited-release)
[Tree] (config>router>dhcp6>server>lease-hold-time-for solicited-release)
[Tree] (config>service>vprn>dhcp>server>lease-hold-time-for solicited-release)
[Tree] (config>router>dhcp>server>lease-hold-time-for solicited-release)
Full Contexts 
configure router dhcp local-dhcp-server lease-hold-time-for solicited-release
configure router dhcp6 local-dhcp-server lease-hold-time-for solicited-release
configure service vprn dhcp local-dhcp-server lease-hold-time-for solicited-release
configure service vprn dhcp6 local-dhcp-server lease-hold-time-for solicited-release
Description 

This command enables the server to hold up a lease even in case of solicited release; for example, when the server receives a normal DHCP release message.

The no form of this command disables the ability of the server to hold up a lease when a solicited release is received.

23.271. sonet-sdh

sonet-sdh

Syntax 
sonet-sdh
Context 
[Tree] (config>port sonet-sdh)
Full Contexts 
configure port sonet-sdh
Description 

This command enables access to the context to configure SONET/SDH ports. This context can only be used when configuring an OC-3, OC-12, OC-48, OC-192, and OC-768 SONET/SDH ports on an appropriate MDA.

This command also enables access to the context to configure SONET/SDH parameters for an Ethernet port in WAN PHY (xgig wan) mode.

The 10 Gigabit Ethernet LAN port also has SONET/SDH characteristics. However, these characteristics are predetermined and not configurable.

This command is supported by TDM satellite.

23.272. source

source

Syntax 
[no] source ipv6-address
Context 
[Tree] (config>subscr-mgmt>igmp-policy>static>group source)
[Tree] (config>subscr-mgmt>igmp-policy source)
[Tree] (config>subscr-mgmt>mld-policy>static>group source)
Full Contexts 
configure subscriber-mgmt igmp-policy source
configure subscriber-mgmt igmp-policy static group source
configure subscriber-mgmt mld-policy static group source
Description 

This command adds or removes a static multicast source.

The no form of this command reverts to the default.

Parameters 
grp-ipv6-address—
Specifies the IPv6 address.
Values—
ipv6-address - x:x:x:x:x:x:x:x (eight 16-bit pieces) x:x:x:x:x:x:d.d.d.d
x - [0 to FFFF]H
d - [0 to 255]D
- multicast group IPv6 address

 

source

Syntax 
[no] source ip-address
[no] source src-ipv6-address
Context 
[Tree] (config>service>vpls>sap>igmp-snooping>static>group source)
[Tree] (config>service>vpls>spoke-sdp>igmp-snooping>static>group source)
[Tree] (config>service>vpls>mesh-sdp>igmp-snooping>static>group source)
[Tree] (config>service>vpls>sap>mld-snooping>static>group source)
[Tree] (config>service>vpls>spoke-sdp>mld-snooping>static>group source)
[Tree] (config>service>vpls>mesh-sdp>mld-snooping>static>group source)
Full Contexts 
configure service vpls mesh-sdp igmp-snooping static group source
configure service vpls mesh-sdp mld-snooping static group source
configure service vpls sap igmp-snooping static group source
configure service vpls sap mld-snooping static group source
configure service vpls spoke-sdp igmp-snooping static group source
configure service vpls spoke-sdp mld-snooping static group source
Description 

This command specifies a IPv4 or IPv6 unicast address that sends data on an interface. This enables a multicast receiver host to signal a router the group to receive multicast traffic from, and from the sources that the traffic is expected.

The source command is mutually exclusive with the specification of individual sources for the same group.

The source command in combination with the group is used to create a specific (S,G) static group entry.

Static (s,g) entries cannot be entered when a starg is already created.

Use the no form of this command to remove the source from the configuration.

Parameters 
ip-address —
Specifies the IPv4 unicast address
src-ipv6-address —
Specifies the IPv6 unicast address.

source

Syntax 
source ip-address
no source
Context 
[Tree] (config>service>if>ies>sap source)
[Tree] (config>service>if>vprn>sap>ip-tunnel source)
Full Contexts 
configure service interface ies sap source
configure service interface vprn sap ip-tunnel source
Description 

This command sets the source IPv4 address of encapsulated packets associated with a particular tunnel. It must be an address in the subnet of the associated public tunnel SAP interface. The GRE does not come up until a valid source address is configured.

The no form of this command deletes the source address from the tunnel configuration. The tunnel must be administratively shutdown before issuing the no source command.

Parameters 
ip-address—
Specifies the source IPv4 address of the tunnel.
Values—
1.0.0.0 to 223.255.255.255

 

source

Syntax 
source ip-address
no source
Context 
[Tree] (config>service>ies>if>sap>ip-tunnel source)
[Tree] (config>service>vprn>if>sap>ip-tunnel source)
Full Contexts 
configure service ies interface sap ip-tunnel source
configure service vprn interface sap ip-tunnel source
Description 

This command configures the source IPv4 or IPv6 address to use for an IP tunnel. This configuration applies to the outer IP header of the encapsulated packets. The IPv4 or IPv6 address must belong to the one of the IP subnets associated with the public SAP interface of the tunnel-group. The source address, remote-ip address and backup-remote-ip address of a tunnel must all belong to the same address family (IPv4 or IPv6). When the source address contains an IPv6 address it must be a global unicast address.

The no form of this command deletes the source address from the tunnel configuration. The tunnel must be administratively shutdown before issuing the no source command.

Default 

no source

Parameters 
Ip-address—
Specifies an IPv4 address or an IPv6 address.
Values—

ipv4-address

a.b.c.d

ipv6-address

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x

[0..FFFF]H

d

[0..255]D

 

source

Syntax 
[no] source ip-address
Context 
[Tree] (config>service>vprn>igmp>ssm-translate>grp-range source)
Full Contexts 
configure service vprn igmp ssm-translate grp-range source
Description 

This command specifies the source IP address for the group range. Whenever a (*,G) report is received in the range specified by grp-range start and end parameters, it is translated to an (S,G) report with the value of this object as the source address.

Parameters 
ip-address—
Specifies the IP address that will be sending data.

source

Syntax 
source ip-address
Context 
[Tree] (config>service>vprn>igmp>if>static>group source)
Full Contexts 
configure service vprn igmp interface static group source
Description 

This command specifies an IPv4 unicast address that sends data on an interface. This enables a multicast receiver host to signal a router the group is to receive multicast traffic from, and from the sources that the traffic is expected.

The source command is mutually exclusive with the specification of individual sources for the same group.

The source command in combination with the group is used to create a specific (S,G) static group entry.

Use the no form of this command to remove the source from the configuration.

Parameters 
ip-address—
Specifies the IPv4 unicast address.

source

Syntax 
[no] source src-ipv6-address
Context 
[Tree] (config>service>vprn>mld>if>static>group source)
Full Contexts 
configure service vprn mld interface static group source
Description 

This command specifies an IPv6 unicast address that sends data on an interface. This enables a multicast receiver host to signal a router the group to receive multicast traffic from, and from the sources that the traffic is expected.

The source command is mutually exclusive with the specification of individual sources for the same group.

The source command, in combination with the group, is used to create a specific (S,G) static group entry.

The no form of this command removes the source from the configuration.

Parameters 
src-ipv6-address—
Specifies the IPv6 unicast address.

source

Syntax 
[no] source ip-address
Context 
[Tree] (config>service>vprn>mld>ssm-translate>grp-range source)
Full Contexts 
configure service vprn mld ssm-translate grp-range source
Description 

This command specifies the source IP address for the group range. Whenever a (*,G) report is received in the range specified by grp-range start and end parameters, it is translated to an (S,G) report with the value of this object as the source address.

Parameters 
ip-address—
Specifies the IP address that will be sending data.

source

Syntax 
[no] source unicast-ip-prefix/mask
Context 
[Tree] (config>service>vprn>msdp source)
Full Contexts 
configure service vprn msdp source
Description 

This command limits the number of active source messages the router accepts from sources in the specified address range.

If the prefix and mask provided is already a configured then this command only provides the context to configure the parameters pertaining to this active source-message filter.

If the prefix and mask provided is not already a configured, then the source node instance must be created and the context to configure the parameters pertaining to this node should be provided. In this case, the $ prompt to indicate that a new entity (source) is being created should be used.

The source active msdp messages are not rate limited based on the source address range.

The no form of this message removes the source active rate limiter for this source address range.

Parameters 
unicast-ip-prefix—
Specifies the IP prefix in dotted decimal notation for the range used by the ABR to advertise that summarizes the area into another area.
Values—
ip-prefix/mask: ip-prefix a.b.c.d (host bits must be 0)

 

mask—
Specifies the subnet mask for the range expressed as a decimal integer mask length or in dotted decimal notation.
Values—
0 to 32 (mask length), 0.0.0.0 to 255.255.255.255 (dotted decimal)

 

source

Syntax 
[no] source ip-address [/mask]
[no] source any
Context 
[Tree] (config>service>vprn>mvpn>pt>selective>multistream-spmsi>group source)
Full Contexts 
configure service vprn mvpn provider-tunnel selective multistream-spmsi group source
Description 

This command creates source prefixes for specific groups that map to the multicast stream.

Parameters 
Ip-address/mask—
Specifies the IP address of the group.
Values—

ipv4-prefix

a.b.c.d

ipv4-prefix-le

[0..32]

ipv6-prefix

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x

[0..FFFF]H

d

[0..255]D

ipv6-prefix-le

[0..128]

 

source

Syntax 
source source-type
source source-type level level
no source source-type
Context 
[Tree] (config>app-assure>group>anl source)
Full Contexts 
configure application-assurance group access-network-location source
Description 

This command configures location sources for the dynamic experience management. The location source types are, for example, 3G and congestion point.

Default 

source mobile-3g

Parameters 
source-type—
Specifies the location or access technology.
Values—
access-point — Provides Dynamic Experience Management (DEM) for the WLGW access point.
Note:

The access points do not need to support the Nokia CEA function.

 

level—
Specifies which congestion point within the specified source-type to monitor for congestion.
Values—
MAC+VLAN — WLGW access point (MAC) and radio (VLAN).
Note:

The access points do not need to support the Nokia CEA function.

 

source

Syntax 
[no] source ip-address
Context 
[Tree] (config>router>igmp>if>ssm-translate>grp-range source)
[Tree] (config>router>igmp>ssm-translate>grp-range source)
Full Contexts 
configure router igmp interface ssm-translate grp-range source
configure router igmp ssm-translate grp-range source
Description 

This command specifies the source IP address for the group range. Whenever a (*,G) report is received in the range specified by grp-range start and end parameters, it is translated to an (S,G) report with the value of this object as the source address.

Parameters 
ip-address—
Specifies the IP address that will be sending data.

source

Syntax 
[no] source ip-address
Context 
[Tree] (config>router>igmp>if>static>group source)
Full Contexts 
configure router igmp interface static group source
Description 

This command specifies a IPv4 unicast address that sends data on an interface. This enables a multicast receiver host to signal a router the group to receive multicast traffic from, and from the source(s) that the traffic is expected.

The source command is mutually exclusive with the specification of individual sources for the same group.

The source command in combination with the group is used to create a specific (S,G) static group entry.

The no form of the command removes the source from the configuration.

Parameters 
ip-address—
Specifies the IPv4 unicast address.

source

Syntax 
[no] source ip-address
Context 
[Tree] (config>router>igmp>tunnel-interface>static>group source)
Full Contexts 
configure router igmp tunnel-interface static group source
Description 

This command specifies a IPv4 unicast address of a multicast source. The source command is mutually exclusive with the specification of individual sources for the same group. The source command in combination with the group is used to create a specific (S,G) group entry in a static group join on a tunnel interface associated with a P2MP RSVP LSP.

The no form of the command removes the source from the configuration.

Parameters 
ip-address —
Specifies the IPv4 unicast address.

source

Syntax 
[no] source src-ipv6-address
Context 
[Tree] (config>router>mld>if>static>group source)
Full Contexts 
configure router mld interface static group source
Description 

This command specifies an IPv6 unicast address that sends data on an interface. This enables a multicast receiver host to signal a router the group to receive multicast traffic from, and from the source(s) that the traffic is expected.

The source command is mutually exclusive with the specification of individual sources for the same group.

The source command, in combination with the group, is used to create a specific (S,G) static group entry.

The no form of this command removes the source from the configuration.

Parameters 
src-ipv6-address—
Specifies the IPv6 unicast address.

source

Syntax 
[no] source ipv6-address
Context 
[Tree] (config>router>mld>ssm-translate>grp-range source)
[Tree] (config>router>mld>if>ssm-translate>grp-range source)
Full Contexts 
configure router mld interface ssm-translate grp-range source
configure router mld ssm-translate grp-range source
Description 

This command specifies the source IP address for the group range. Whenever a (*,G) report is received in the range specified by grp-range start and end parameters, it is translated to an (S,G) report with the value of this object as the source address.

The no form of this command removes the IPv6 address form the group range configuration.

Parameters 
ipv6-address—
Specifies the IPv6 address that will be sending data.

source

Syntax 
[no] source ip-prefix/mask
Context 
[Tree] (config>router>msdp source)
Full Contexts 
configure router msdp source
Description 

This command limits the number of active source messages the router accepts from sources in the specified address range.

If the prefix and mask provided is already a configured then this command only provides the context to configure the parameters pertaining to this active source-message filter.

If the prefix and mask provided is not already a configured, then the source node instance must be created and the context to configure the parameters pertaining to this node should be provided. In this case, the $ prompt to indicate that a new entity (source) is being created should be used.

The source active config>router msdp messages are not rate limited based on the source address range.

The no form of this message removes the source active rate limiter for this source address range.

Parameters 
ip-prefix—
Specifies the IP prefix in dotted decimal notation for the range used by the ABR to advertise that summarizes the area into another area.
Values—
ip-prefix/mask: ip-prefix a.b.c.d (host bits must be 0)

 

mask—
Specifies the subnet mask for the range expressed as a decimal integer mask length or in dotted decimal notation.
Values—
0 to 32 (mask length), 0.0.0.0 to 255.255.255.255 (dotted decimal)

 

source

Syntax 
source mep mep-id domain md-index association ma-index
source mep mep-id domain-name admin-name association-name admin-name
no source
Context 
[Tree] (config>oam-pm>session>ethernet source)
Full Contexts 
configure oam-pm session ethernet source
Description 

This command defines the source launch point identification Y.1731 parameters that are used by the individual tests within the session. If an MEP matching the configuration does not exist, the session is allowed to become active, however the frames sent frames and received as seen under the show >oam-pm>statistics>session session-name command is zero. The preferred reference to the MEP launch point is by admin-name. Therefore, the syntax source mep mep-id domain-name admin-name association-name admin-name should be used.

The no form of this command removes this session parameter.

Parameters 
mep-id—
Specifies the maintenance association end point identifier of the launch point.
Values—
1 to 8191

 

md-index—
Specifies the maintenance domain (MD) index value of the launch point. The domain-name admin-name parameter is preferred for specifying the domain information.
Values—
1 to 4294967295

 

ma-index—
Specifies the maintenance association (MA) index value of the launch point. The association-name ma-name parameter is preferred for specifying the association information.
Values—
1 to 4294967295

 

admin-name—
Specifies the name reference for the maintenance domain (MD), or the association (MA) admin-name value of the launch point, up to 64 characters.

source

Syntax 
source ip-address
no source
Context 
[Tree] (config>oam-pm>session>ip source)
Full Contexts 
configure oam-pm session ip source
Description 

This command defines the source IP address that the session controller (launch point) uses for the test. The source address must be a local resident IP address in the context; otherwise, the response packets are processed by the TWAMP Light application. Only source addresses configured as part of TWAMP tests can process the reflected TWAMP packets from the session reflector.

The no form of this command removes the source address parameters.

Parameters 
source —
Indicates the launch point.
ip-address—
Specifies the source IP address that the session controller (launch point) uses for the test.
Values—

ipv4-address:

a.b.c.d

ipv6-address:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x:

[0 to FFFF]H

d:

[0 to 255]D

 

source

Syntax 
source {line-ref |internal-clock}
Context 
[Tree] (config>system>sync-if-timing>bits>output source)
Full Contexts 
configure system sync-if-timing bits output source
Description 

This command configures the values used to identify the source of the BITS (Building Integrated Timing Supply) output. This is either the signal recovered directly from ref1, ref2 or ptp, or it is the output of the node’s central clock. The directly recovered signal would be used when the BITS output signal is feeding into an external standalone timing distribution device (BITS/SASE). The specific directly recovered signal used is the best of the available signals based of the QL and/or the ref-order. The central clock output would be used when no BITS/SASE device is present and the BITS output signal is used to monitor the quality of the recovered clock within the system.

Default 

source line-ref

Parameters 
line-ref—
Specifies that the BITS output timing is selected from one of the input references, without any filtering.
internal-clock—
Specifies that the BITS output timing is driven from the system timing.

23.273. source-address

source-address

Syntax 
source-address ipv6-address
no source-address
Context 
[Tree] (config>service>ies>if>ipv6>dhcp6-relay source-address)
[Tree] (config>service>ies>sub-if>ipv6>dhcp6>relay source-address)
[Tree] (config>service>ies>sub-if>grp-if>ipv6>dhcp6>relay source-address)
[Tree] (config>service>vprn>if>ipv6>dhcp6-relay source-address)
[Tree] (config>service>vprn>sub-if>ipv6>dhcp6>relay source-address)
[Tree] (config>service>vprn>sub-if>grp-if>ipv6>dhcp6>relay source-address)
Full Contexts 
configure service ies interface ipv6 dhcp6-relay source-address
configure service ies subscriber-interface group-interface ipv6 dhcp6 relay source-address
configure service ies subscriber-interface ipv6 dhcp6 relay source-address
configure service vprn interface ipv6 dhcp6-relay source-address
configure service vprn subscriber-interface group-interface ipv6 dhcp6 relay source-address
configure service vprn subscriber-interface ipv6 dhcp6 relay source-address
Description 

This command configures the source IPv6 address of the DHCPv6 relay messages.

The no form of this command reverts to the default.

Parameters 
ipv6-address—
Specifies the source IPv6 address of the DHCPv6 relay messages.
Values—

ipv6-address:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 to FFFF]H

d: [0 to 255]D

 

source-address

Syntax 
source-address ip-address
no source-address
Context 
[Tree] (config>aaa>l2tp-acct-plcy>radius-acct-server source-address)
Full Contexts 
configure aaa l2tp-accounting-policy radius-accounting-server source-address
Description 

This command configures the source address of the RADIUS messages.

The no form of this command reverts to the default value.

Parameters 
ip-address—
Specifies the source address to be used for NAT RADIUS accounting.

source-address

Syntax 
source-address ip-address
no source-address
Context 
[Tree] (config>system>management-interface>remote-management source-address)
Full Contexts 
configure system management-interface remote-management source-address
Description 

This command configures the address local to this device that NISH uses to connect to this node.

If this command is also configured for a specific manager in the config>system> management-interface>remote-management>manager context, that configuration takes precedence.

The no form of this command causes the system to try to select the source address based on the selected routing instance of the manager.

Parameters 
ip-address —
Specifies the IP address that NISH managers uses to connect to the node.
Values—

ipv4-address:

a.b.c.d

ipv6-address:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x - [0 to FFFF]H

d - [0 to 255]D

 

source-address

Syntax 
source-address ip-address
no source-address
Context 
[Tree] (config>system>management-interface>remote-management>manager source-address)
Full Contexts 
configure system management-interface remote-management manager source-address
Description 

This command configures the address local to this device that this NISH manager uses to connect to this node.

This command takes precedence over the command configured in the global context (config>system>management-interface>remote-management).

The no form of this command causes the source address to be inherited from the global context (config>system>management-interface>remote-management).

Parameters 
ip-address —
Specifies the IP address that this NISH manager uses to connect to the node.
Values—

ipv4-address:

a.b.c.d

ipv6-address:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x - [0 to FFFF]H

d - [0 to 255]D

 

source-address

Syntax 
source-address ip-address
no source-address
Context 
[Tree] (config>subscr-mgmt>auth-plcy-srvr source-address)
[Tree] (config>subscr-mgmt>acct-plcy>server source-address)
Full Contexts 
configure subscriber-mgmt radius-accounting-policy radius-accounting-server source-address
configure subscriber-mgmt auth-plcy-srvr source-address
Description 

This command configures the source address of the RADIUS packet.

The system IP address must be configured in order for the RADIUS client to work. See Configuring a System Interface in the Router Configuration Guide.

Note:

The system IP address must only be configured if the source-address is not specified. When the no source-address command is executed, the source address is determined at the moment the request is sent. This address is also used in the nas-ip-address attribute: over there it is set to the system IP address if no source-address was given.

The no form of this command reverts to the default value.

Default 

System IP address

Parameters 
ip-address —
Specifies the IP prefix for the IP match criterion in dotted decimal notation.
Values—
0.0.0.0 to 255.255.255.255

 

source-address

Syntax 
source-address ip-address [allow-connections]
no source-address
Context 
[Tree] (config>aaa>diam>node source-address)
Full Contexts 
configure aaa diameter node source-address
Description 

This command configures IPv4 source address that the SR OS node will use for its peering connection.

The no form of this command removes the IP address from the configuration.

Parameters 
ip-address —
Specifies IP prefix for the IP match criterion in dotted decimal notation
Values—
0.0.0.0 to 255.255.255.255

 

allow-connections—
Specifies to accept peering connections on the configured source IPv4 address. The peer initiating the connection can only be an inter-chassis peer.

source-address

Syntax 
source-address ip-address
no source-address
Context 
[Tree] (config>redundancy>multi-chassis>peer source-address)
Full Contexts 
configure redundancy multi-chassis peer source-address
Description 

This command specifies the source address used to communicate with the multi-chassis peer.

The no form of this command reverts to the default.

Parameters 
ip-address—
Specifies the source address used to communicate with the multi-chassis peer.
Values—

ipv4-address:

a.b.c.d

ipv6-address:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x - [0 to FFFF]H

d - [0 to 255]D

 

source-address

Syntax 
source-address ip-address
no source-address
Context 
[Tree] (config>aaa>radius-srv-plcy>servers source-address)
Full Contexts 
configure aaa radius-server-policy servers source-address
Description 

This command configures the source address of the RADIUS packet. The system IP address must be configured in order for the RADIUS client to work. See Configuring a System Interface in the 7750 SROS Configuration Guide.

Note:

The system IP address must only be configured if the source-address is not specified. When the no source-address command is executed, the source address is determined at the moment the request is sent. This address is also used in the nas-ip-address attribute: over there it is set to the system IP address if no source-address was given.

The no form of this command reverts to the default value.

Parameters 
ip-address—
Specifies the source address of RADIUS packet.

source-address

Syntax 
source-address ipv6-address
no source-address
Context 
[Tree] (config>service>ies>if>ipv6>dhcp6 source-address)
Full Contexts 
configure service ies interface ipv6 dhcp6 source-address
Description 

This command configures the source IPv6 address of the DHCPv6 relay messages.

Parameters 
ipv6-address—
Specifies the source IPv6 address of the DHCPv6 relay messages.
Values—

ipv6-address:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x - [0 to FFFF]H

d - [0 to 255]D

 

source-address

Syntax 
source-address
Context 
[Tree] (config>service>vprn source-address)
Full Contexts 
configure service vprn source-address
Description 

This command enters the context to specify the source address and application that should be used in all unsolicited packets.

source-address

Syntax 
source-address ip-address
no source-address
Context 
[Tree] (config>router>ldp>lsp-bfd source-address)
Full Contexts 
configure router ldp lsp-bfd source-address
Description 

This command configures the source address of periodic LSP ping packets and BFD control packets for LSP BFD sessions that are associated with LDP prefixes in the prefix list. The system IP address is used by default. If the system IP address is not routable from the far-end node of the BFD session, then an alternate routable IP address that is local to the source node should be used.

Default 

no source-address

Parameters 
ip-address—
Specifies a routable IPv4 or IPv6 address that is local to the node.
Values—
ipv4-address — a.b.c.d
ipv6-address — x:x:x:x:x:x:x:x (eight 16-bit pieces)
                          x:x:x:x:x:x:d.d.d.d
                          x — 0 to FFFF in hexadecimal
                          d — 0 to 255 in decimal

 

Default—
system IP address

source-address

Syntax 
source-address ip-address
no source-address
Context 
[Tree] (config>app-assure>rad-acct-plcy>server source-address)
Full Contexts 
configure application-assurance radius-accounting-policy radius-accounting-server source-address
Description 

This command configures the source address of the RADIUS packet. The system IP address must be configured in order for the RADIUS client to work. See “Configuring a System Interface” in the 7450 ESS, 7750 SR, 7950 XRS, and VSR Router Configuration Guide. The system IP address must only be configured if the source-address is not specified. When the no source-address command is executed, the source address is determined at the moment the request is sent. This address is also used in the nas-ip-address attribute: over there it is set to the system IP address if no source address was given.

The no form of this command reverts to the default value, where the source address is the system IP address.

Default 

no source-address

Parameters 
ip-address—
The IP prefix for the IP match criterion in dotted decimal notation.
Values—
0.0.0.0 - 255.255.255.255

 

source-address

Syntax 
source-address ip-address
no source-address
Context 
[Tree] (config>service>ipfix>export-policy>collector source-address)
Full Contexts 
configure service ipfix ipfix-export-policy collector source-address
Description 

This command configures the source address from which UDP streams containing IPFIX flow records will be sourced.

Default 

no source-address

Parameters 
ip-address—
Source IPv4 address from which UDP streams are sent.

source-address

Syntax 
source-address ip-address
no source-address
Context 
[Tree] (config>filter>gre-tun-tmp>ipv4 source-address)
Full Contexts 
configure filter gre-tunnel-template ipv4 source-address
Description 

This command defines the source IPv4 address to be used in the GRE IP header used to encapsulate the matching IPv4/IPv6 packet. This IP address can be configured as any value and is not validated against a local IP address. The source-address command must be configured for the template to be valid.

The no form of this command removes the source IP address configuration from the associated GRE tunnel template.

Parameters 
ip-address—
Specifies the IPv4 address (in dotted decimal notation) to be used as the source address.

source-address

Syntax 
source-address [ip-address]
no source-address
Context 
[Tree] (config>filter>redirect-policy>dest>ping-test source-address)
Full Contexts 
configure filter redirect-policy destination ping-test source-address
Description 

This command configures the source address to use in the IP packet of the ping test for this destination.

Default 

no source-address

Parameters 
ip-address—
The source address of the IP packet. This can be IPv4 only for an IPv4 destination and IPv6 only for an IPv6 destination.
Values—

ipv4-address:

a.b.c.d.

ipv6-address:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 to FFFF]H

d: [0 to 255]D

 

source-address

Syntax 
source-address
Context 
[Tree] (config>system>security source-address)
Full Contexts 
configure system security source-address
Description 

This command specifies the source address that should be used in all unsolicited packets sent by the application.

This feature only applies to inband interfaces and does not apply to the out of band management interface. Packets going out the management interface will keep using that as source IP address. In other words, when the RADIUS server is reachable through both the management interface and a network interface, the management interface is used despite whatever is configured by the source-address command.

When a source address is specified for the ptp application, the port-based 1588 hardware timestamping assist function will be applied to PTP packets matching the IPv4 address of the router interface used to ingress the SR/ESS or IP address specified in this command. If the IP address is removed, then the port-based 1588 hardware timestamping assist function will only be applied to PTP packets matching the IPv4 address of the router interface.

source-address

Syntax 
source-address ip-address
Context 
[Tree] (config>system>security>dot1x>radius-plcy source-address)
Full Contexts 
configure system security dot1x radius-plcy source-address
Description 

This command configures the NAS IP address to be sent in the RADIUS packet.

The no form of this command reverts to the default value.

Parameters 
ip-address —
Specifies the IP prefix for the IP match criterion in dotted decimal notation.
Values—
0.0.0.0 to 255.255.255.255

 

source-address

Syntax 
source-address ip-address
source-address prefix-list prefix-list-name
no source-address
Context 
[Tree] (config>router>policy-options>policy-statement>entry>from source-address)
Full Contexts 
configure router policy-options policy-statement entry from source-address
Description 

This command specifies the source address that is embedded in the join or prune packet as a filter criterion.

The no form of this command removes the criterion from the configuration.

This command specifies a multicast data source address as a match criterion for this entry.

Default 

no source-address

Parameters 
ip-address —
Specifies the IP prefix for the IP match criterion in dotted decimal notation.
Values—
ipv4-address:
  1. a.b.c.d
ipv6-address:
  1. x:x:x:x:x:x:x:x
  2. x:x:x:x:x:x:d.d.d.d
  3. x: [0 to FFFF]H
  4. d: [0 to 255]D

 

prefix-list-name—
The prefix list name. Allowed values are any string up to 32 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

23.274. source-address-range

source-address-range

Syntax 
source-address-range start-ip-address
no source-address-range
Context 
[Tree] (config>aaa>isa-radius-plcy>servers source-address-range)
Full Contexts 
configure aaa isa-radius-policy servers source-address-range
Description 

This command specifies the first IP address in the range of IPv4 addresses that are assigned to a BB-ISA in a given NAT group for NAT RADIUS accounting. The IP addresses are unique within the NAT group and are used to bind the RADIUS client instantiated on each BB-ISA card. The number of IPv4 addresses allocated is equal to the number of BB-ISAs in a NAT group that are enabled for NAT RADIUS accounting. Although only the first IPv4 address is explicitly configured with this command, each internally allocated IPv4 address associated with the BB-ISA card can be seen in the routing table (via show commands) as /32 with protocol designation ‘NAT’.

Default 

no source-address-range

Parameters 
start-ip-address—
The starting IP address of the IP address range.
Values—
0.0.0.0 - 255.255.255.255

 

source-address-range

Syntax 
[no] source-address-range start ip-address end ip-address
Context 
[Tree] (config>service>vprn>wlan-gw>gtp>source-ranges source-address-range)
Full Contexts 
configure service vprn wlan-gw gtp source-ranges source-address-range
Description 

This command configures a range of IP addresses used by ISA MDA's as source address in GTP messages.

The no form of this command removes the IP address ranges.

Parameters 
start ip-address—
Specifies the start of the source IP address range.
Values—
ipv4-address: a.b.c.d
ipv6-address: x:x:x:x:x:x:x:x (eight 16-bit pieces)
x:x:x:x:x:x:d.d.d.d
x [0..FFFF]H
d [0..255]D

 

end ip-address—
Specifies the end of the source IP address range.
Values—
ipv4-address: a.b.c.d
ipv6-address: x:x:x:x:x:x:x:x (eight 16-bit pieces)
x:x:x:x:x:x:d.d.d.d
x [0..FFFF]H
d [0..255]D

 

23.275. source-bmac

source-bmac

Syntax 
source-bmac ieee-address
no source-bmac
Context 
[Tree] (config>service>pbb source-bmac)
Full Contexts 
configure service pbb source-bmac
Description 

This command configures the source B-VPLS MAC address to use with PBB and provisions a chassis level source B-MAC.

Parameters 
ieee-address—
The MAC address assigned to the B-MAC. The value should be input in either a xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx format.

source-bmac

Syntax 
source-bmac ieee-address
Context 
[Tree] (config>service>vpls>pbb source-bmac)
Full Contexts 
configure service vpls pbb source-bmac
Description 

This command configures the base source B-MAC for the B-VPLS. The first 32 bits must be the same with what is configured in the MC-LAG peer. If not configured here, it will inherit the chassis level B-MAC configured under the new PBB object added in the previous section. If the use-sap-bmac command is on, the value of the last 16 bits (lsb) of the source B-MAC must be part of the reserved-source-bmac-lsb configured at chassis level, under service PBB component. If that is not the case, the command will fail.

23.276. source-bmac-lsb

source-bmac-lsb

Syntax 
source-bmac-lsb MAC-Lsb [es-bmac-table-size size]
no source-bmac-lsb
Context 
[Tree] (config>service>system>bgp-evpn>ethernet-segment source-bmac-lsb)
Full Contexts 
configure service system bgp-evpn ethernet-segment source-bmac-lsb
Description 

This command configures the least significant two bytes of the B-MAC used as the source B-MAC for packets generated from the Ethernet-Segment in PBB-EVPN.

When the multi-homing mode is all-active, this value and the first high order four bytes must match on all the PEs that are part of the same Ethernet-Segment.

The es-bmac-table-size parameter modifies the default value (8) for the maximum number of virtual bmacs that can be associated to the Ethernet-Segment, that is, the es-bmacs. When the source-bmac-lsb is configured, the associated es-bmac-table-size is reserved out of the total FDB. The es-bmac will consume a separate B-MAC per B-VPLS that is linked to an Ethernet-Segment.

Parameters 
MAC-Lsb—
Specifies the two least significant bytes of the es-bmac.
Values—
1 to 65535, or xx-xx or xx:xx

 

size—
Specifies the reserved space in the FDB for a specified es-bmac. By default the system reserves 8 entries for a specified Ethernet-Segment B-MAC.
Values—
1 to 511999

 

Default—
8

source-bmac-lsb

Syntax 
source-bmac-lsb mac-lsb control-pw-vc-id vc-id
no source-bmac-lsb
Context 
[Tree] (config>service>sdp source-bmac-lsb)
Full Contexts 
configure service sdp source-bmac-lsb
Description 

This command defines the 16 least significant bits (lsb) which, when combined with the 32 most significant bits of the PBB source-bmac, are used as the virtual backbone MAC associated with this SDP. The virtual backbone MAC is used as the source backbone MAC for traffic received on a PBB EPIPE spoke-SDP with use-sdp-bmac configured (that is, a redundant pseudowire) and forwarded into the B-VPLS domain.

The control-pw-vc-id defines VC identifier of the spoke-SDP relating to the control pseudowire whose status is to be used to determine whether SPBM advertises this virtual backbone MAC. This is a mandatory parameter when the source-bmac-lsb is added or changed. The spoke SDP must have the parameter use-sdp-bmac for the control pseudowire to be active.

Default 

no source-bmac-lsb

Parameters 
mac-lsb
Specifies the 16 least significant bits of the virtual backbone MAC associated with this SDP.
Values—
1 to 65535 or xx-xx or xx:xx

 

control-pw-vc-id vc-id
Specifies the VC identifier of the control pseudowire.
Values—
1 to 4294967295

 

23.277. source-class

source-class

Syntax 
source-class source-index
no source-class [source-index]
Context 
[Tree] (config>service>vprn>static-route-entry>indirect source-class)
[Tree] (config>service>vprn>static-route-entry>ipsec-tunnel source-class)
[Tree] (config>service>vprn>static-route-entry>next-hop source-class)
Full Contexts 
configure service vprn static-route-entry indirect source-class
configure service vprn static-route-entry ipsec-tunnel source-class
configure service vprn static-route-entry next-hop source-class
Description 

This command configures the policy accounting source-class index to be used when incrementing accounting statistic for traffic matching the associated static route.

If source route policy accounting is enabled and a source-class index is configured, traffic with a source IP address matches the associated static route, the source accounting statistics for the specified class will be incremented.

The no form of this command removes the associated destination-class from the associated static route nexthop.

Default 

no source-class

Parameters 
source-index
Specifies an integer value for the accounting source class index.
Values—
1 to 255

 

source-class

Syntax 
source-class source-index
no source-class [source-index]
Context 
[Tree] (config>router>static-route-entry>indirect source-class)
[Tree] (config>router>static-route-entry>next-hop source-class)
Full Contexts 
configure router static-route-entry indirect source-class
configure router static-route-entry next-hop source-class
Description 

This command configures the policy accounting source-class index to be used when incrementing accounting statistic for traffic matching the associated static route.

If source route policy accounting is enabled and a source-class index is configured, traffic with a source IP address matches the associated static route, the source accounting statistics for the specified class will be incremented.

The no form of this command removes the associated destination-class from the associated static route nexthop.

Default 

no source-class

Parameters 
source-index
Specifies an integer value for the accounting source class index.
Values—
1 to 255

 

source-class

Syntax 
source-class index [index]
source-class {index |all}
Context 
[Tree] (config>router>policy-acct-template source-class)
Full Contexts 
configure router policy-acct-template source-class
Description 

This command configures a source class index.

The no form of this command deletes the specified source class index.

Parameters 
index—
Specifies the index value.
Values—
1 to 255

 

all—
Deletes all the source class indices.

source-class

Syntax 
source-class [value]
no source-class
Context 
[Tree] (config>router>policy-options>policy-statement>entry>action source-class)
[Tree] (config>router>policy-options>policy-statement>default-action source-class)
Full Contexts 
configure router policy-options policy-statement default-action source-class
configure router policy-options policy-statement entry action source-class
Description 

This command specifies the policy accounting source class index to associate with matched routes.

Parameters 
value—
Specifies the default operational source-class for this policy statement.
Values—
1 to 255

 

23.278. source-destination-prefix

source-destination-prefix

Syntax 
[no] source-destination-prefix
Context 
[Tree] (config>cflowd>collector>aggregation source-destination-prefix)
Full Contexts 
configure cflowd collector aggregation source-destination-prefix
Description 

This command configures cflowd aggregation based on source and destination prefixes.

The no form of this command removes this type of aggregation from the collector configuration.

23.279. source-ip

source-ip

Syntax 
source-ip ip-address
no source-ip
Context 
[Tree] (config>subscr-mgmt>shcv-policy>vpls source-ip)
Full Contexts 
configure subscriber-mgmt shcv-policy vpls source-ip
Description 

This command configures the IPv4 address to be used as source address for connectivity verification in a VPLS service.

The no form of this command reverts to the default.

Parameters 
ip-address—
Specifies the IPv4 address to be used as source address for connectivity verification in a VPLS service.

source-ip

Syntax 
source-ip ipv6-address
no source-ip
Context 
[Tree] (config>service>vprn>sub-if>wlan-gw>pool-manager>dhcp6-client source-ip)
[Tree] (config>service>ies>sub-if>wlan-gw>pool-manager>dhcp6-client source-ip)
Full Contexts 
configure service ies subscriber-interface wlan-gw pool-manager dhcpv6-client source-ip
configure service vprn subscriber-interface wlan-gw pool-manager dhcpv6-client source-ip
Description 

This command specifies the source-ip to be used by the DHCPv6 client.

The no form of this command removes the specific source-ip. In this case the DHCPv6 client will fall back to the IP address configured on the outgoing interface.

Parameters 
ipv6-address—
Specifies the IPv6 address, up to 32 characters.

23.280. source-ip-address-ranges

source-ip-address-ranges

Syntax 
source-ip-address-ranges
Context 
[Tree] (config>service>vprn>wlan-gw>gtp source-ip-address-ranges)
Full Contexts 
configure service vprn wlan-gw gtp source-ip-address-ranges
Description 

This command enables the context to configure IP addresses used by the ISA MDA's as source address in GTP messages

23.281. source-ip-origin

source-ip-origin

Syntax 
source-ip-origin {interface |vrrp}
no source-ip-origin
Context 
[Tree] (config>subscr-mgmt>shcv-policy>layer-3 source-ip-origin)
Full Contexts 
configure subscriber-mgmt shcv-policy layer-3 source-ip-origin
Description 

This command selects the source IP address to be used for SHCV messages.

The no form of this command reverts to the default.

Parameters 
interface—
Specifies to use the interface IP as the source address of SHCV.
vrrp—
Specifies to use the VRRP configured IP as the source address of SHCV.

23.282. source-mac

source-mac

Syntax 
source-mac ieee-address
no source-mac
Context 
[Tree] (config>subscr-mgmt>shcv-policy>vpls source-mac)
Full Contexts 
configure subscriber-mgmt shcv-policy vpls source-mac
Description 

Specifies the MAC address to be used as source address for connectivity verification in a VPLS service.

The no form of this command reverts to the default.

Parameters 
ieee-address—
Specifies the 48-bit MAC address in the xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx format.

23.283. source-override

source-override

Syntax 
source-override ip-address [create]
no source-override ip-address
Context 
[Tree] (config>mcast-mgmt>mcast-info-plcy>bundle>channel source-override)
Full Contexts 
configure mcast-management multicast-info-policy bundle channel source-override
Description 

This command defines a multicast channel parameter override context for a specific multicast sender within the channel range. The specified sender’s IP address must be the same IP type, IPv4 or IPv6, as defined in the channel command.

The no form of this command removes the specified sender override context from the channel range.

Parameters 
ip-address—
Specifies either an IPv4 or IPv6 address and must be the same IP type as the containing channel command range.
Values—

ipv4-address

a.b.c.d

ipv6-address

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x - [0 to FFFF]H

d - [0 to 255]D

 

create—
The create keyword is required if creating a new source override when the system is configured to require the explicit use of the keyword to prevent accidental object creation. Objects may be accidentally created when this protection is disabled and an object name is mistyped when attempting to edit the object. This keyword is not required when the protection is disabled. The keyword is ignored when the specified source override IP address already exists.

23.284. source-port

source-port

Syntax 
source-port port-num
no source-port
Context 
[Tree] (config>mcast-mgmt>mcast-info-plcy>bundle>video source-port)
Full Contexts 
configure mcast-management multicast-info-policy bundle video source-port
Description 

This command configures the source port for upstream RET requests. The source-port port-num value is the only configuration parameter in the bundle “default” context.

The no form of the command removes the value from the configuration.

Parameters 
port-num—
Specifies the source port in the received RTP multicast stream.
Values—
1024 to 65535

 

source-port

Syntax 
source-port port-id
no source-port
Context 
[Tree] (config>system>sync-if-timing>ref1 source-port)
[Tree] (config>system>sync-if-timing>ref2 source-port)
Full Contexts 
configure system sync-if-timing ref1 source-port
configure system sync-if-timing ref2 source-port
Description 

This command configures the source port for timing reference ref1 or ref2. If the port is unavailable or the link is down, then the reference sources are re-evaluated according to the reference order configured in the ref-order command.

In addition to physical port on the 7750 SR, T1 or E1 channels on a channelized OC3/OC12/STM1/STM4 Circuit Emulation Service port can be specified if they are using adaptive timing.

There are restrictions on the source-port location for ref1 and ref2 based on platform. Refer to the description of the ref1 command for details.

Default 

no source-port

Parameters 
port-id—
Identifies the physical port in the slot/mda/port, esat-id/slot/port, or pxc-id.sub-port format.
Values—
slot/mda/port [.channel]

 

source-port

Syntax 
source-port port
source-port grpc
no source-port
Context 
[Tree] (config>system>management-interface>remote-management source-port)
Full Contexts 
configure system management-interface remote-management source-port
Description 

This command configures the TCP port local to this device that NISH uses to send packets to this node.

If this command is also configured for a specific manager in the config>system> management-interface>remote-management>manager context, that configuration takes precedence.

The no form of this command causes the system to select the default gRPC port, 57400.

Parameters 
port—
Specifies the TCP source port.
Values—
1 to 65535

 

Default—
57400
grpc—
Keyword that specifies the default gRPC protocol port as the source port.

source-port

Syntax 
source-port port
source-port grpc
no source-port
Context 
[Tree] (config>system>management-interface>remote-management>manager source-port)
Full Contexts 
configure system management-interface remote-management manager source-port
Description 

This command configures the TCP port local to this device that this NISH manager uses to send packets to this node.

This command takes precedence over the same command configured in the global context (config>system>management-interface>remote-management).

The no form of this command causes the source port to be inherited from the global context (config>system>management-interface>remote-management).

Parameters 
port—
Specifies the TCP source port.
Values—
1 to 65535

 

Default—
57400
grpc—
Keyword that specifies the default gRPC protocol port as the source port.

23.285. source-prefix

source-prefix

Syntax 
[no] source-prefix
Context 
[Tree] (config>cflowd>collector>aggregation source-prefix)
Full Contexts 
configure cflowd collector aggregation source-prefix
Description 

This command configures cflowd aggregation based on source prefix information.

The no form of this command removes this type of aggregation from the collector configuration.

23.286. source-prefix-list

source-prefix-list

Syntax 
source-prefix-list prefix-list-name
no source-prefix-list
Context 
[Tree] (config>service>vprn>nat>inside source-prefix-list)
[Tree] (config>router>nat>inside source-prefix-list)
Full Contexts 
configure router nat inside source-prefix-list
configure service vprn nat inside source-prefix-list
Description 

This command references the nat-prefix-list that contains source IP addresses on the inside (private side).

The source IP addresses on the inside must be known in advance in a dnat-only instance. This is required so the corresponding routes can be installed in the routing table and thus the downstream traffic is properly routed towards the MS-ISAs where the original translation was performed (and state is kept).

In the dnat-only case, it is mandatory that the inside (private side) and the outside (public side) are in separated VPRNs.

Default 

none

Parameters 
prefix-list-name—
Specifies the name, up to 32 characters in length, of the NAT prefix list that contains the source IP addresses (original IP addresses).

23.287. source-udp-port

source-udp-port

Syntax 
source-udp-port udp-port-number
no source-udp-port
Context 
[Tree] (config>oam-pm>session>ip source-udp-port)
Full Contexts 
configure oam-pm session ip source-udp-port
Description 

This command should only be used if a TWAMP Client is used to establish a TCP connection and communicate the test parameters to a TWAMP Server over TWAMP TCP Control and the test is launched from OAM-PM (Session-Sender). This command should not be used when the reflection point is a TWAMP Light reflector that does not require TCP TWAMP Control. When this command is included, the source UDP range is restricted. When this command is omitted, the source UDP port is dynamically allocated by the system.

The no form of this command removes the source UDP port setting when the default allocation is used.

Parameters 
udp-port-number—
Specifies the UDP source port.
Values—
64374 to 64383

 

23.288. source-vtep-security

source-vtep-security

Syntax 
[no] source-vtep-security
Context 
[Tree] (config>service>vpls>vxlan source-vtep-security)
Full Contexts 
configure service vpls vxlan source-vtep-security
Description 

This command enables the outer IP Source Address lookup of incoming VXLAN packets, and discards those coming from untrusted VTEPs. The list of trusted VTEPs is shown in the show service vxlan command. Specifically, it shows the existing learned EVPN VTEPs (always trusted), and the statically configured VTEPs in any service (Epipe and VPLS).

The command is supported in VXLAN instances with static egress VTEPs or VXLAN instances with EVPN created VTEPs.

The no version of this command disables the outer IP source address lookup.

Default 

no source-vtep-security

23.289. sp-reverse-route

sp-reverse-route

Syntax 
sp-reverse-route [ignore-default-route]
no sp-reverse-route
Context 
[Tree] (config>ipsec>tnl-temp sp-reverse-route)
Full Contexts 
configure ipsec tunnel-template sp-reverse-route
Description 

This command enables the system to automatically create a reverse route based on dynamic LAN-to-LAN tunnel’s TSi in private service.

If ignore-default-route is specified, the system ignores any full range traffic selector when creating a reverse route. Otherwise, the system refuses to create a CHILD_SA if any full range traffic selector is included in TSi.

The no form of this command disables sp-reverse-route.

Default 

no sp-reverse-route

Parameters 
ignore-default-route—
Specifies to ignore any full range traffic selector in TSi.

23.290. space

space

Syntax 
[no] space
Context 
[Tree] (config>system>management-interface>cli>md-cli>environment>command-completion space)
Full Contexts 
configure system management-interface cli md-cli environment command-completion space
Description 

This command enables completion on the space character.

The no form of this command reverts to the default value.

Default 

space

23.291. spb

spb

Syntax 
spb [isis-instance] [fid fid] [create]
no spb
Context 
[Tree] (config>service>vpls spb)
[Tree] (config>service>vpls>sap spb)
[Tree] (config>service>vpls>spoke-sdp spb)
Full Contexts 
configure service vpls sap spb
configure service vpls spb
configure service vpls spoke-sdp spb
Description 

This command enables Shortest Path Bridging (SPB) on a B-VPLS instance. SPB uses IS-IS that supports multiple instances, therefore an instance must be specified. The declaration of SPB in this context is the control configuration for the SPB. This is an SPB management interface and it manages the configuration for IS-IS. Various parameters that define this SPB instance are configured under this SPB instance. Several of the parameters are shared with other B-VPLS service instances using SPB.

SPB enables an instance of IS-IS protocol with the no shutdown command. Alternatively, the IS-IS protocol instance under SPB is disabled with the shutdown command in the config>service>vpls b-vpls>spb context.

A Forwarding Identifier (FID) is optionally specified which is an abstraction of the BVID used for forwarding in SPB. When no FID is configured the control VPLS is advertised with FID value 1. When a FID value is specified, the control VPLS is advertised and associated with the FID value specified. The default algorithm for any FID declared or implicit is low-path-id. When a FID is specified, the ect-algorithm can be specified for the FID and changed only when there are no VPLS, SAPs or SDP bindings associated with the FID. The FID for a control instance cannot be changed after it is created. To change a FID the SPB component would have to be shutdown, deleted and re-created with a new FID.

Note:

SPB operates with disable-learning, disable aging and discard-unknown. The state of these commands is ignored when SPB is configured.

Default 

no spb

Parameters 
isis-instance—
Specifies the instance ID for an SPB IS-IS instance.
Values—
1024 to 2047 (4 available)

 

Default—
1024
FID—
Specifies the FID value.
Values—
1 to 4095

 

Default—
1

23.292. spbm-control-vpls

spbm-control-vpls

Syntax 
spbm-control-vpls service-id fid fid
no spbm-control-vpls
Context 
[Tree] (config>service>vpls>b-vpls spbm-control-vpls)
Full Contexts 
configure service vpls b-vpls spbm-control-vpls
Description 

This command associates a user B-VPLS with a particular control B-VPLS and a FID. The ECT algorithm and the behavior of unicast and multicast come from the association to the FID.

A Forwarding Identifier (FID) is specified which is an abstraction of the BVID used for forwarding in SPB. The ect-algorithm is associated with the FID and can be changed only when there are no VPLS, SAPs or SDP bindings associated with the FID. The FID must be independent from the FID assigned to other services.

Parameters 
service-id—
The B-VPLS service identifier.
Values—
1 to 2147483647 | svc-name: 64 characters max

 

fid—
The forwarding identifier.
Values—
1 to 4095

 

23.293. spe-address

spe-address

Syntax 
spe-address global-id:prefix
no spe-address
Context 
[Tree] (config>service>pw-routing spe-address)
Full Contexts 
configure service pw-routing spe-address
Description 

This command configures a single S-PE Address for the node to be used for dynamic MS-PWs. This value is used for the pseudowire switching point TLV used in LDP signaling, and is the value used by pseudowire status signaling to indicate the PE that originates a pseudowire status message. Configuration of this parameter is mandatory to enable dynamic MS-PW support on a node.

If the S-PE Address is not configured, spoke-sdps that use dynamic MS-PWs and pw-routing local-prefixes cannot be configured on a T-PE. Furthermore, the node will send a label release for any label mappings received for FEC129 AII type 2.

The S-PE Address cannot be changed unless the dynamic ms-pw configuration is removed. Furthermore, changing the S-PE Address will also result in all dynamic MS-PWs for which this node is an S-PE being released. It is recommended that the S-PE Address should be configured for the life of an MS-PW configuration after reboot of the router.

The no form of this command removes the configured S-PE Address.

Default 

no spe-address

Parameters 
global-id —
Specifies a 4-octet value that is unique to the service provider. For example, the global ID can contain the 2-octet or 4-octet value of the provider's Autonomous System Number (ASN).
Values—

<global-id:prefix>:

<global-id>:{<prefix>|<ipaddress>}

global-id

1 to 4294967295

prefix

1 to 4294967295

ipaddress

a.b.c.d

 

23.294. speed

speed

Syntax 
speed {10 |100 |1000 |10000 |25000 |40000 |50000 |100000}
Context 
[Tree] (config>port>ethernet speed)
Full Contexts 
configure port ethernet speed
Description 

For ports that support multiple speeds, this command configures the port speed to be used. This applies to the following:

  1. fast Ethernet when autonegotiate is disabled
  2. 10/100/1000 Ethernet when autonegotiate is disabled
  3. 10/1G ports supporting 10G SFP+ or 1G SFP
  4. 40/100G ports supporting QSFP28s on non-connector-based MDAs

If the port is configured to autonegotiate this parameter is ignored. Speed cannot be configured for ports that are part of a Link Aggregation Group (LAG).

Default 

dependent on port type

Parameters 
10—
Sets the link to 10 Mb/s speed.
100—
Sets the link to 100 Mb/s speed.
1000—
Sets the link to 1000 Mb/s speed.
10000—
Sets the link to 10000 Mb/s speed.
25000—
Sets the link to 25000 Mb/s speed.
40000—
Sets the link to 40000 Mb/s speed.
50000—
Sets the link to 50000 Mb/s speed.
100000—
Sets the link to 100000 Mb/s speed.

speed

Syntax 
speed {oc3 |oc12}
no speed
Context 
[Tree] (config>port>sonet-sdh speed)
Full Contexts 
configure port sonet-sdh speed
Description 

This command configures the speed of a SONET/SDH port as either OC3 or OC12. The framer for this MDA operates in groups of four. Changing the port speed for a port requires resetting the framer and causes a slight disruption on all four ports. The first framer controls ports 1,2,3,4, the second framer controls ports 5,6,7,8 and so on.

To change the port speed on a SONET/SDH port, the port must be administratively shut down and all channels must be removed. When the port speed is changed, the default channel configuration is recreated.

The no form of this command reverts back to default.

This command is supported on TDM satellite.

Default 

speed oc12

Parameters 
oc3—
Sets the speed of the port to OC-3.
oc12—
Sets the speed of the port to OC-12.

speed

Syntax 
speed {56 |64}
Context 
[Tree] (config>port>tdm>ds1>channel-group speed)
[Tree] (config>port>tdm>e1>channel-group speed)
Full Contexts 
configure port tdm ds1 channel-group speed
configure port tdm e1 channel-group speed
Description 

This command sets the speed of the DS-0 channels used in the associated channel-group.

Default 

speed 64

Parameters 
56 —
Specifies that 56k byte (7-bits per byte) encoding will be used for the associated DS-0 channels. This channel speed value is only supported on the m4-chds3-as and m12-chds3-as MDAs and on DS-1 channels (ESF and SF framing) and not on E-1 (G.704) channels.
64 —
Specifies that 64k byte (8-bits per byte) encoding will be used for the associated DS-0 channels.

speed

Syntax 
speed speed
Context 
[Tree] (bof speed)
Full Contexts 
bof speed
Description 

This command configures the speed for the CPM management Ethernet port when autonegotiation is disabled in the running configuration and the Boot Option File (BOF).

If the port is configured to autonegotiate, this parameter is ignored.

Available speed options are dependent on the specific CPM variant in the system.

Default 

speed 100

Parameters 
speed—
Sets the link speed, in Mb/s.
Values—
10, 100, 1000

 

23.295. spf

spf

Syntax 
[no] spf [level-number] [system-id]
Context 
[Tree] (debug>router>isis spf)
Full Contexts 
debug router isis spf
Description 

This command enables debugging for IS-IS SFP.

The no form of the command disables debugging.

Parameters 
system-id—
When specified, only the specified system-id is debugged. A 6-octet system identifier (xxxx.xxxx.xxxx).
level-number—
Specifies the interface level (1, 2, or 1 and 2).

spf

Syntax 
spf [type] [dest-addr]
no spf
Context 
[Tree] (debug>router>ospf spf)
[Tree] (debug>router>ospf3 spf)
Full Contexts 
debug router ospf spf
debug router ospf3 spf
Description 

This command enables debugging for OSPF SPF. Information regarding overall SPF start and stop times will be shown. To see detailed information regarding the SPF calculation of a given route, the route must be specified as an optional argument.

Parameters 
type—
Specifies the area to debug.
Values—
intra-area, inter-area, external

 

dest-addr—
Specifies the destination IP address to debug.

23.296. spf-wait

spf-wait

Syntax 
spf-wait spf-wait [spf-initial-wait spf-initial-wait] [spf-second-wait spf-second-wait]
no spf-wait
Context 
[Tree] (config>service>vpls>b-vpls>spb>timers spf-wait)
Full Contexts 
configure service vpls b-vpls spb timers spf-wait
Description 

This command defines the maximum interval between two consecutive SPF calculations in milliseconds. Timers that determine when to initiate the first, second and subsequent SPF calculations after a topology change occurs can be controlled with this command.

Subsequent SPF runs (if required) will occur at exponentially increasing intervals of the spf-second-wait interval. For example, if the spf-second-wait interval is 1000, then the next SPF will run after 2000 milliseconds, and then next SPF will run after 4000 milliseconds, etc., until it reaches the spf-wait value. The SPF interval will stay at spf-wait value until there are no more SPF runs scheduled in that interval. After a full interval without any SPF runs, the SPF interval will drop back to spf-initial-wait.

Default 

no spf-wait

Parameters 
spf-wait—
Specifies the maximum interval in milliseconds between two consecutive SPF calculations.
Values—
10 to 120000

 

Default—
10000
spf-initial-wait—
Specifies the initial SPF calculation delay in milliseconds after a topology change.
Values—
10 to 100000

 

Default—
1000
spf-second-wait—
Specifies the hold time in milliseconds between the first and second SPF calculation.
Values—
10 to 100000

 

Default—
1000

spf-wait

Syntax 
spf-wait spf-wait [spf-initial-wait spf-initial-wait] [spf-second-wait spf-second-wait]
no spf-wait
Context 
[Tree] (config>service>vpls>spb>timers spf-wait)
Full Contexts 
configure service vpls spb timers spf-wait
Description 

This command defines the maximum interval between two consecutive SPF calculations in milliseconds. Timers that determine when to initiate the first, second and subsequent SPF calculations after a topology change occurs can be controlled with this command.

Subsequent SPF runs (if required) will occur at exponentially increasing intervals of the spf-second-wait interval. For example, if the spf-second-wait interval is 1000, then the next SPF will run after 2000 milliseconds, and then next SPF will run after 4000 milliseconds, and so on, until it reaches the spf-wait value. The SPF interval will stay at spf-wait value until there are no more SPF runs scheduled in that interval. After a full interval without any SPF runs, the SPF interval will drop back to spf-initial-wait.

Note:

The IS-IS timer granularity is 100 ms. Timer values are rounded down to the nearest granularity, for example a configured value of 550 ms is internally rounded down to 500 ms.

Default 

spf-wait 10000 spf-initial-wait 1000 spf-second-wait 1000

Parameters 
spf-wait —
Specifies the maximum interval in milliseconds between two consecutive SPF calculations.
Values—
10 to 120000

 

Default—
10000
initial-wait —
Specifies the initial SPF calculation delay in milliseconds after a topology change
Values—
10 to 100000

 

Default—
1000
second-wait —
Specifies the hold time in milliseconds between the first and second SPF calculation
Values—
10 to 100000

 

Default—
1000

spf-wait

Syntax 
spf-wait spf-wait [spf-initial-wait initial-wait] [spf-second-wait second-wait]
no spf-wait
Context 
[Tree] (config>service>vprn>isis>timers spf-wait)
Full Contexts 
configure service vprn isis timers spf-wait
Description 

This command defines the maximum interval, in milliseconds, between two consecutive SPF calculations. Timers that determine when to initiate the first, second and subsequent SPF calculations after a topology change occurs can be controlled with this command.

Subsequent SPF runs (if required) will occur at exponentially increasing intervals of the spf-second-wait interval. For example, if the spf-second-wait interval is 1000, then the next SPF will run after 2000 milliseconds, and the next SPF after that will run after 4000 milliseconds, and so on, until it reaches the spf-wait value. The SPF interval will stay at the spf-wait value until there are no more SPF runs scheduled in that interval. After a full interval without any SPF runs, the SPF interval will drop back to the SPF initial-wait value.

Note:

The timer granularity is 100 ms. Timer values are rounded down to the nearest granularity, for example a configured value of 550 ms is internally rounded down to 500 ms.

Parameters 
spf-wait —
Specifies the maximum interval, in milliseconds, between two consecutive SPF calculations.
Values—
10 to 120000

 

Default—
10000
initial-wait —
Specifies the initial SPF calculation delay, in milliseconds, after a topology change.
Values—
10 to 100000

 

Default—
1000
second-wait —
Specifies the hold time, in milliseconds, between the first and second SPF calculation.
Values—
10 to 100000

 

Default—
1000

spf-wait

Syntax 
spf-wait max-spf-wait [spf-initial-wait spf-initial-wait] [spf-second-wait spf-second-wait]
no spf-wait
Context 
[Tree] (config>service>vprn>ospf>timers spf-wait)
[Tree] (config>service>vprn>ospf3>timers spf-wait)
Full Contexts 
configure service vprn ospf timers spf-wait
configure service vprn ospf3 timers spf-wait
Description 

This command defines the maximum interval between two consecutive SPF calculations in milliseconds. Timers that determine when to initiate the first, second, and subsequent SPF calculations after a topology change occurs can be controlled with this command.

Subsequent SPF runs (if required) will occur at exponentially increasing intervals of the spf-second-wait interval. For example, if the spf-second-wait interval is 1000, then the next SPF will run after 2000 milliseconds, and then next SPF will run after 4000 milliseconds, and so on, until it reaches the spf-wait value. The SPF interval will stay at the spf-wait value until there are no more SPF runs scheduled in that interval. After a full interval without any SPF runs, the SPF interval will drop back to spf-initial-wait.

Use the no form of this command to return to the default.

Note:

The timer granularity is 10 ms if the value is less than 500 ms, and 100 ms if the value is ≥ 500 ms. Timer values are rounded down to the nearest granularity, for example a configured value of 550 ms is internally rounded down to 500 ms.

Parameters 
max-spf-wait—
Specifies the maximum interval in milliseconds between two consecutive SPF calculations.
Values—
10 to 120000

 

Default—
10000
spf-initial-wait —
Specifies the initial SPF calculation delay in milliseconds after a topology change.
Values—
10 to 100000

 

Default—
1000
spf-second-wait —
Specifies the hold time in milliseconds between the first and second SPF calculation.
Values—
10 to 100000

 

Default—
1000

spf-wait

Syntax 
spf-wait max-wait [initial-wait initial-wait] [second-wait second-wait]
no spf-wait
Context 
[Tree] (config>router>bgp>optimal-route-reflection spf-wait)
Full Contexts 
configure router bgp optimal-route-reflection spf-wait
Description 

This command controls the interval between consecutive SPF calculations performed by the TE DB in support of BGP optimal route reflection. The time parameters of this command implement an exponential back-off algorithm.

The no form of this command causes a return to default values.

Default 

no spf-wait

Parameters 
max-wait—
Specifies the maximum interval in seconds between two consecutive SPF calculations.
Values—
1 to 600

 

Default—
60
initial-wait initial-wait—
Specifies the initial SPF calculation delay in seconds after a topology change.
Values—
1 to 300

 

Default—
5
second-wait second-wait—
Specifies the delay in seconds between the first and second SPF calculation.
Values—
1 to 300

 

Default—
15

spf-wait

Syntax 
spf-wait spf-wait [spf-initial-wait initial-wait] [spf-second-wait second-wait]]
no spf-wait
Context 
[Tree] (config>router>isis>timers spf-wait)
Full Contexts 
configure router isis timers spf-wait
Description 

This command defines the maximum interval between two consecutive SPF calculations in milliseconds. Timers that determine when to initiate the first, second and subsequent SPF calculations after a topology change occurs can be controlled with this command.

Subsequent SPF runs (if required) will occur at exponentially increasing intervals of the spf-second-wait interval. For example, if the spf-second-wait interval is 1000, then the next SPF will run after 2000 milliseconds, and then next SPF will run after 4000 milliseconds, etc., until it reaches the spf-wait value. The SPF interval will stay at spf-wait value until there are no more SPF runs scheduled in that interval. After a full interval without any SPF runs, the SPF interval will drop back to spf-initial-wait.

Note:

The timer granularity is 100 ms. Timer values are rounded down to the nearest granularity, for example a configured value of 550 ms is internally rounded down to 500 ms.

Default 

spf-wait 10000 spf-initial-wait 1000 spf-second-wait 1000

Parameters 
spf-wait —
Specifies the maximum interval, in milliseconds, between two consecutive SPF calculations.
Values—
10 to 120000

 

initial-wait —
Specifies the initial SPF calculation delay, in milliseconds, after a topology change.
Values—
10 to 100000

 

second-wait —
Specifies the hold time, in milliseconds, between the first and second SPF calculation.
Values—
10 to 100000

 

spf-wait

Syntax 
spf-wait max-spf-wait [spf-initial-wait spf-initial-wait [spf-second-wait spf-second-wait]]
no spf-wait
Context 
[Tree] (config>router>ospf>timers spf-wait)
[Tree] (config>router>ospf3>timers spf-wait)
Full Contexts 
configure router ospf timers spf-wait
configure router ospf3 timers spf-wait
Description 

This command defines the maximum interval between two consecutive SPF calculations in milliseconds. Timers that determine when to initiate the first, second, and subsequent SPF calculations after a topology change occurs can be controlled with this command. Subsequent SPF runs (if required) will occur at exponentially increasing intervals of the spf-second-wait interval. For example, if the spf-second-wait interval is 1000, then the next SPF will run after 2000 milliseconds, and then next SPF will run after 4000 milliseconds, and so on, until it reaches the spf-wait value. The SPF interval will stay at the spf-wait value until there are no more SPF runs scheduled in that interval. After a full interval without any SPF runs, the SPF interval will drop back to spf-initial-wait.

The timer must be entered in increments of 100 milliseconds. Values entered that do not match this requirement will be rejected.

Use the no form of this command to return to the default.

Note:

The timer granularity is 10 ms if the value is less than 500 ms, and 100 ms if the value is greater than or equal to 500 ms. Timer values are rounded down to the nearest granularity, for example a configured value of 550 ms is internally rounded down to 500 ms.

Default 

spf-wait 10000

Parameters 
max-spf-wait—
Specifies the maximum interval in milliseconds between two consecutive SPF calculations.
Values—
10 to 120000

 

Default—
10000
spf-initial-wait —
Specifies the initial SPF calculation delay in milliseconds after a topology change.
Values—
10 to 100000

 

Default—
1000
spf-second-wait —
Specifies the hold time in milliseconds between the first and second SPF calculation.
Values—
10 to 100000

 

Default—
1000

23.297. spi

spi

Syntax 
spi spi
no spi
Context 
[Tree] (config>ipsec>static-sa spi)
Full Contexts 
configure ipsec static-sa spi
Description 

This command configures the SPI key value for an IPsec manual SA.

This command specifies the SPI (Security Parameter Index) used to lookup the instruction to verify and decrypt the incoming IPsec packets when the value of the direction command is inbound.

The SPI value specifies the SPI that will be used in the encoding of the outgoing packets when the when the value of the direction command is outbound. The remote node can use this SPI to lookup the instruction to verify and decrypt the packet.

If no spi is selected, then this static SA cannot be used.

The no form of this command reverts to the default value.

Default 

no spi

Parameters 
spi—
Specifies the security parameter index for this SA.
Values—
256 to 16383

 

23.298. spi-load-balancing

spi-load-balancing

Syntax 
[no] spi-load-balancing
Context 
[Tree] (config>service>vpls>load-balancing>config>service>template>vpls-template>load-balancing spi-load-balancing)
Full Contexts 
configure service vpls load-balancing config service template vpls-template load-balancing spi-load-balancing
Description 

This command enables use of the SPI in hashing for ESP/AH encrypted IPv4/v6 traffic. This is a per interface setting.

The no form disables the SPI function.

Default 

no spi-load-balancing

spi-load-balancing

Syntax 
[no] spi-load-balancing
Context 
[Tree] (config>service>ies>if>load-balancing spi-load-balancing)
Full Contexts 
configure service ies interface load-balancing spi-load-balancing
Description 

This command enables use of the SPI in hashing for ESP/AH encrypted IPv4/v6 traffic. This is a per interface setting.

The no form disables the SPI function.

Default 

no spi-load-balancing

spi-load-balancing

Syntax 
[no] spi-load-balancing
Context 
[Tree] (config>service>vprn>if>load-balancing>config>service>vprn>nw-if>load-balancing spi-load-balancing)
Full Contexts 
configure service vprn interface load-balancing config service vprn nw-if load-balancing spi-load-balancing
Description 

This command enables use of the SPI in hashing for ESP/AH encrypted IPv4/v6 traffic. This is a per interface setting.

The no form disables the SPI function.

Default 

no spi-load-balancing

spi-load-balancing

Syntax 
[no] spi-load-balancing
Context 
[Tree] (config>router>if>load-balancing spi-load-balancing)
Full Contexts 
configure router interface load-balancing spi-load-balancing
Description 

This command enables use of the SPI in hashing for ESP/AH encrypted IPv4/v6 traffic. This is a per interface setting.

The no form disables the SPI function.

Default 

no spi-load-balancing

23.299. spi-sharing-group-id

spi-sharing-group-id

Syntax 
spi-sharing-group-id group-id
no spi-sharing-group-id
Context 
[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host>ident-strings spi-sharing-group-id)
[Tree] (config>subscr-mgmt>loc-user-db>ppp>host>ident-strings spi-sharing-group-id)
Full Contexts 
configure subscriber-mgmt local-user-db ipoe host identification-strings spi-sharing-group-id
configure subscriber-mgmt local-user-db ppp host identification-strings spi-sharing-group-id
Description 

This command configures the SLA Profile Instance (SPI) sharing group identifier for an IPoE or PPPoE session. It overrides the default SPI sharing method (def-instance-sharing) configured in the SLA profile.

When an spi-sharing-group-id is configured, the IPoE or PPPoE session shares the SLA Profile Instance with other IPoE or PPPoE sessions from the same subscriber that: have the same SLA profile associated, are active on the same SAP, and have the same group identifier.

Configuring an spi-sharing-group-id group-id for an IPoE host, when the IPoE session is disabled on the group interface, results in a setup failure.

The no form of this command returns the SPI sharing group identifier to its default.

Parameters 
group-id—
Specifies the SPI group identifier.
Values—
0 to 65535

 

23.300. spi-sharing-id

spi-sharing-id

Syntax 
[no] spi-sharing-id
Context 
[Tree] (config>subscr-mgmt>acct-plcy>include-radius-attribute spi-sharing-id)
Full Contexts 
configure subscriber-mgmt radius-accounting-policy include-radius-attribute spi-sharing-id
Description 

This command enables RADIUS accounting messages to include the Alc-SPI-Sharing-Id RADIUS attribute. Together with the SLA profile name, this attribute provides details on the applicable SPI or queuing instance for this accounting session.

The no form of this command reverts to the default.

23.301. split-horizon

split-horizon

Syntax 
split-horizon
no split-horizon
Context 
[Tree] (config>service>vprn>bgp split-horizon)
[Tree] (config>service>vprn>bgp>group split-horizon)
[Tree] (config>service>vprn>bgp>group>neighbor split-horizon)
Full Contexts 
configure service vprn bgp group neighbor split-horizon
configure service vprn bgp group split-horizon
configure service vprn bgp split-horizon
Description 

This command enables the use of split-horizon. When applied globally, to a group, or a specific peer, split-horizon prevents routes from being reflected back to a peer that sends the best route. It applies to routes of all address families and to any type of sending peer; confed-EBGP, EBGP and IBGP.

The configuration default is no split-horizon, meaning that no effort is taken to prevent a best route from being reflected back to the sending peer.

Caution:

Use of the split-horizon command may have a detrimental impact on peer and route scaling and therefore operators are encouraged to use it only when absolutely needed.

The no form of this command disables split horizon command which allows the lower level to inherit the setting from an upper level.

Default 

no split-horizon

split-horizon

Syntax 
split-horizon {enable |disable}
no split-horizon
Context 
[Tree] (config>service>vprn>rip split-horizon)
[Tree] (config>service>vprn>rip>group split-horizon)
[Tree] (config>service>vprn>rip>group>neighbor split-horizon)
[Tree] (config>service>vprn>ripng split-horizon)
[Tree] (config>service>vprn>ripng>group split-horizon)
[Tree] (config>service>vprn>ripng>group>neighbor split-horizon)
Full Contexts 
configure service vprn rip group neighbor split-horizon
configure service vprn rip group split-horizon
configure service vprn rip split-horizon
configure service vprn ripng group neighbor split-horizon
configure service vprn ripng group split-horizon
configure service vprn ripng split-horizon
Description 

This command enables the use of split-horizon. RIP uses split-horizon with poison-reverse to protect from such problems as “counting to infinity”. Split-horizon with poison reverse means that routes learned from a neighbor through a given interface are advertised in updates out of the same interface but with a metric of 16 (infinity).

The split-horizon disable command enables split horizon without poison reverse. This allows the routes to be re-advertised on interfaces other than the interface that learned the route, with the advertised metric equaling an increment of the metric-in value.

This configuration parameter can be set at three levels: global level (applies to all groups and neighbor interfaces), group level (applies to all neighbor interfaces in the group) or neighbor level (only applies to the specified neighbor interface). The most specific value is used. In particular if no value is set (no split-horizon), the setting from the less specific level is inherited by the lower level.

The no form of this command disables split horizon command which allows the lower level to inherit the setting from an upper level.

Default 

split-horizon enable

split-horizon

Syntax 
[no] split-horizon
Context 
[Tree] (config>router>bgp split-horizon)
[Tree] (config>router>bgp>group split-horizon)
[Tree] (config>router>bgp>group>neighbor split-horizon)
Full Contexts 
configure router bgp group neighbor split-horizon
configure router bgp group split-horizon
configure router bgp split-horizon
Description 

This command enables the use of split-horizon. Split-horizon prevents routes from being reflected back to a peer that sends the best route. It applies to routes of all address families and to any type of sending peer; confed-EBGP, EBGP and IBGP.

The configuration default is no split-horizon, meaning that no effort is taken to prevent a best route from being reflected back to the sending peer.

Default 

no split-horizon

split-horizon

Syntax 
split-horizon {enable |disable}
no split-horizon
Context 
[Tree] (config>router>rip split-horizon)
[Tree] (config>router>rip>group split-horizon)
[Tree] (config>router>rip>group>neighbor split-horizon)
[Tree] (config>router>ripng split-horizon)
[Tree] (config>router>ripng>group split-horizon)
[Tree] (config>router>ripng>group>neighbor split-horizon)
Full Contexts 
configure router rip group neighbor split-horizon
configure router rip group split-horizon
configure router rip split-horizon
configure router ripng group neighbor split-horizon
configure router ripng group split-horizon
configure router ripng split-horizon
Description 

This command enables the use of split-horizon.

RIP uses split-horizon with poison-reverse to protect from such problems as “counting to infinity”. Split-horizon with poison reverse means that routes learned from a neighbor through a given interface are advertised in updates out of the same interface but with a metric of 16 (infinity).

The split-horizon disable command enables split horizon without poison reverse. This allows the routes to be re-advertised on interfaces other than the interface that learned the route, with the advertised metric equaling an increment of the metric-in value.

This configuration parameter can be set at three levels: global level (applies to all groups and neighbor interfaces), group level (applies to all neighbor interfaces in the group) or neighbor level (only applies to the specified neighbor interface). The most specific value is used. In particular if no value is set (no split-horizon), the setting from the less specific level is inherited by the lower level.

The no form of the command disables split horizon command which allows the lower level to inherit the setting from an upper level.

Default 

enabled

Parameters 
enable—
Specifies enable split horizon and poison reverse.
disable—
Specifies disable split horizon allowing routes to be re-advertised on the same interface on which they were learned with the advertised metric incremented by the metric-in value.

23.302. split-horizon-group

split-horizon-group

Syntax 
[no] split-horizon-group [group-name] [residential-group]
Context 
[Tree] (config>service>vpls split-horizon-group)
Full Contexts 
configure service vpls split-horizon-group
Description 

This command creates a new split horizon group for the VPLS instance. Traffic arriving on a SAP or spoke SDP within this split horizon group will not be copied to other SAPs or spoke SDPs in the same split horizon group.

A split horizon group must be created before SAPs and spoke SDPs can be assigned to the group.

The split horizon group is defined within the context of a single VPLS. The same group-name can be re-used in different VPLS instances.

Up to 30 split horizon groups can be defined per VPLS instance.

The no form of the command removes the group name from the configuration.

Parameters 
group-name —
Specifies the name of the split horizon group to which the SDP belongs.
residential-group—
Defines a split horizon group as a residential split horizon group (RSHG). Doing so entails that:
  1. SAPs which are members of this Residential Split Horizon Group will have:
    1. Double-pass queuing at ingress as default setting (can be disabled)
    2. STP disabled (cannot be enabled)
    3. ARP reply agent enabled per default (can be disabled)
    4. MAC pinning enabled per default (can be disabled)
    5. Besides the multicast downstream also broadcast packets are discarded thus also blocking the unknown, flooded traffic
  2. Spoke SDPs which are members of this Residential Split Horizon Group will have:
    1. Downstream multicast traffic supported
    2. Double-pass queuing is not applicable
    3. STP is disabled (can be enabled)
    4. ARP reply agent is not applicable (dhcp-lease-states are not supported on spoke SDPs)
    5. MAC pinning enabled per default (can be disabled)

split-horizon-group

Syntax 
split-horizon-group [group-name] [residential-group]
no split-horizon-group
Context 
[Tree] (config>service>vpls split-horizon-group)
Full Contexts 
configure service vpls split-horizon-group
Description 

This command creates a new split horizon group for the VPLS instance. Traffic arriving on a SAP or spoke SDP within this split horizon group is not copied to other SAPs or spoke SDPs in the same split horizon group.

A split horizon group must be created before SAPs and spoke SDPs can be assigned to the group.

The split horizon group is defined within the context of a single VPLS. The same group name can be re-used in different VPLS instances.

Up to 30 split horizon groups can be defined per VPLS instance.

The no form of this command removes the group name from the configuration.

Parameters 
group-name —
Specifies the name of the split horizon group to which the SDP belongs.
residential-group—
Defines a split horizon group as a residential split horizon group (RSHG). Doing so entails that:
  1. SAPs that are members of this Residential Split Horizon Group have:
    1. Double-pass queuing at ingress as default setting (can be disabled)
    2. STP disabled (cannot be enabled)
    3. ARP reply agent enabled by default (can be disabled)
    4. MAC pinning enabled by default (can be disabled)
    5. broadcast packets are discarded, blocking unknown, flooded traffic
  2. Spoke SDPs that are members of this RSHG have:
    1. Downstream multicast traffic supported
    2. Double-pass queuing is not applicable
    3. STP is disabled (can be enabled)
    4. ARP reply agent is not applicable (dhcp-lease-states are not supported on spoke SDPs)
    5. MAC pinning enabled per default (can be disabled)

split-horizon-group

Syntax 
split-horizon-group [group-name] [residential-group] [create]
Context 
[Tree] (config>service>vpls split-horizon-group)
Full Contexts 
configure service vpls split-horizon-group
Description 

This command creates a new split horizon group for the VPLS instance. Traffic arriving on a SAP or spoke-SDP within this split horizon group will not be copied to other SAPs or spoke-SDPs in the same split horizon group.

A split horizon group must be created before SAPs and spoke-SDPs can be assigned to the group.

The split horizon group is defined within the context of a single VPLS. The same group-name can be re-used in different VPLS instances.

Up to 30 split horizon groups can be defined per VPLS instance. Half are supported in i-VPLS.

The no form of this command removes the group name from the configuration.

Default 

A split horizon group is by default not created as a residential-group.

Parameters 
group-name —
Specifies the name of the split horizon group to which the SDP belongs
residential-group—
Defines a split horizon group as a residential split horizon group (RSHG). Doing so entails that:

a) SAPs which are members of this Residential Split Horizon Group will have:

  1. Double-pass queuing at ingress as default setting (can be disabled)
  2. STP disabled (cannot be enabled)
  3. ARP reply agent enabled per default (can be disabled)
  4. MAC pinning enabled per default (can be disabled)
  5. Downstream broadcast packets are discarded thus also blocking the unknown, flooded traffic
  6. Downstream multicast packets are allowed when IGMP snooping is enabled

b) Spoke SDPs which are members of this Residential Split Horizon Group will have:

  1. Downstream multicast traffic supported
  2. Double-pass queuing is not applicable
  3. STP is disabled (can be enabled)
  4. ARP reply agent is not applicable (dhcp-lease-states are not supported on spoke-SDPs)
  5. MAC pinning enabled per default (can be disabled)

split-horizon-group

Syntax 
split-horizon-group group-name
Context 
[Tree] (config>subscr-mgmt>msap-policy>vpls-only>igmp-snp split-horizon-group)
Full Contexts 
configure subscriber-mgmt msap-policy vpls-only igmp-snp split-horizon-group
Description 

This command specifies the name of the split horizon group to which the MSAP belongs.

Parameters 
group-name—
Specifies the split horizon group name up to 32 characters.

split-horizon-group

Syntax 
split-horizon-group name
no split-horizon-group
Context 
[Tree] (config>service>vpls>bgp-evpn>mpls split-horizon-group)
Full Contexts 
configure service vpls bgp-evpn mpls split-horizon-group
Description 

This command allows the user to configure an explicit split-horizon-group for all BGP-EVPN MPLS destinations that can be shared by other SAPs and/or spoke SDPs. The use of explicit split-horizon-groups for EVPN-MPLS and spoke SDPs allows the integration of VPLS and EVPN-MPLS networks.

If the split-horizon-group command for bgp-evpn>mpls> is not used, the default split-horizon-group (that contains all the EVPN destinations) is still used, but it is not possible to refer to it on SAPs/spoke SDPs. User-configured split-horizon-groups can be configured within the service context. The same group-name can be associated to SAPs, spoke SDPs, pw-templates, pw-template-bindings and EVPN-MPLS destinations. The configuration of bgp-evpn>mpls> split-horizon-group will only be allowed if bgp-evpn>mpls is shutdown; no changes are allowed when bgp-evpn>mpls is no shutdown.

When the SAPs and/or spoke SDPs (manual or BGP-AD-discovered) are configured within the same split-horizon-group as the EVPN-MPLS endpoints, MAC addresses will still be learned on them but they will not be advertised in BGP-EVPN. If provider-tunnel is enabled in the bgp-evpn service, the SAPs and SDP bindings that share the same split-horizon-group of the EVPN-MPLS provider-tunnel will be brought operationally down if the point-to-multipoint tunnel is operationally up.

Default 

no split-horizon-group

Parameters 
name—
Specifies the split-horizon-group name.

split-horizon-group

Syntax 
split-horizon-group group-name
no split-horizon-group
Context 
[Tree] (config>service>vpls>site split-horizon-group)
Full Contexts 
configure service vpls site split-horizon-group
Description 

This command configures the value of split-horizon group associated with this site.

The no form of this command reverts the default.

Default 

no split-horizon-group

Parameters 
group-name—
Specifies a split-horizon group name

split-horizon-group

Syntax 
split-horizon-group group-name
no split-horizon-group
Context 
[Tree] (config>service>vpls>site split-horizon-group)
Full Contexts 
configure service vpls site split-horizon-group
Description 

This command configures the value of split-horizon group associated with this site.

The no form of this command reverts the default.

Default 

no split-horizon-group

Parameters 
group-name—
Specifies a split-horizon group name

split-horizon-group

Syntax 
split-horizon-group group-name
no split-horizon-group
Context 
[Tree] (config>service>pw-template split-horizon-group)
Full Contexts 
configure service pw-template split-horizon-group
Description 

This command creates a new split horizon group (SGH).

Comparing a “residential” SGH and a “regular” SHG is that a residential SHG:

  1. Has different defaults for the SAP or SDP that belong to this group (ARP reply agent enabled (SAP only), MAC pinning enabled). These can be disabled in the configuration.
  2. Does not allow enabling spanning tree (STP) on a SAP. It is allowed on an SDP.
  3. Does not allow for downstream broadcast (broadcast/unknown unicast) on a SAP. It is allowed on an SDP.
  4. On a SAP, downstream multicast is only allowed when IGMP is enabled (for which an MFIB state exists; only IP multicast); on a SDP, downstream mcast is allowed.

When the feature was initially introduced, residential SHGs were also using ingress shared queuing by default to increase SAP scaling.

A residential SAP (SAP that belongs to a RSHG) is used to scale the number of SAPs in a single VPLS instance. The limit depends on the hardware used and is higher for residential SAPs (where there is no need for egress multicast replication on residential SAPs) than for regular SAPs. Therefore, residential SAPs are useful in residential aggregation environments (for example, triple play networks) with a VLAN/subscriber model.

The no form of the command removes the group name from the configuration.

Parameters 
group-name —
Specifies the name of the split horizon group to which the SDP belongs.
residential-group—
Defines a split horizon group as a residential split horizon group (RSHG). Doing so entails that:
  1. SAPs which are members of this Residential Split Horizon Group will have:
    1. Double-pass queuing at ingress as default setting (can be disabled)
    2. STP disabled (cannot be enabled)
    3. ARP reply agent enabled per default (can be disabled)
    4. MAC pinning enabled per default (can be disabled)
    5. Downstream Broadcast packets are discarded thus also blocking the unknown, flooded traffic
    6. Downstream Multicast packets are allowed when IGMP snooping is enabled
  2. Spoke SDPs which are members of this Residential Split Horizon Group will have:
    1. Downstream multicast traffic supported
    2. Double-pass queuing is not applicable
    3. STP is disabled (can be enabled)
    4. ARP reply agent is not applicable on the 7750 SR and 7450 ESS (dhcp-lease-states are not supported on spoke SDPs)
    5. MAC pinning enabled per default (can be disabled)

23.303. spoke-sdp

spoke-sdp

Syntax 
spoke-sdp sdp-id[:vc-id] [vc-type {ether |vlan}] [split-horizon-group group-name] [create]
no spoke-sdp sdp-id[:vc-id]
Context 
[Tree] (config>service>vpls spoke-sdp)
Full Contexts 
configure service vpls spoke-sdp
Description 

This command binds a service to an existing Service Distribution Point (SDP). A spoke SDP is treated like the equivalent of a traditional bridge “port” where flooded traffic received on the spoke SDP is replicated on all other “ports” (other spoke and mesh SDPs or SAPs) and not transmitted on the port it was received.

The SDP has an operational state which determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service is down.

The SDP must already be defined in the config>service>sdp context in order to associate an SDP with a VPLS service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id does exist, a binding between that sdp-id and the service is created.

SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end devices can participate in the service.

The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service. Once removed, no packets are forwarded to the far-end router.

Default 

No sdp-id is bound to a service.

Special Cases 
VPLS—
Several SDPs can be bound to a VPLS service. Each SDP must use unique vc-ids. An error message is generated if two SDP bindings with identical vc-ids terminate on the same router. Split horizon groups can only be created in the scope of a VPLS service.
Parameters 
sdp-id—
Specifies the SDP identifier
Values—
1 to 17407

 

vc-id—
Specifies the virtual circuit identifier
Values—
1 to 4294967295

 

vc-type—
This command overrides the default VC type signaled for the spoke or mesh binding to the far end of the SDP. The VC type is a 15 bit-quantity containing a value which represents the type of VC. The actual signaling of the VC type depends on the signaling parameter defined for the SDP. If signaling is disabled, the vc-type command can still be used to define the dot1q value expected by the far-end provider equipment. Changing the binding’s VC type causes the binding to signal the new VC type to the far end when signaling is enabled. VC types are derived according to IETF draft-martini-l2circuit-trans-mpls.

The VC type value for Ethernet is 0x0005.

The VC type value for an Ethernet VLAN is 0x0004.

Values—
ether, vlan

 

ether—
Defines the VC type as Ethernet. The ethernet and vlan keywords are mutually exclusive. When the VC type is not defined then the default is Ethernet for spoke SDP bindings. Defining Ethernet is the same as executing no vc-type and restores the default VC type for the spoke SDP binding. (hex 5)
vlan—
Defines the VC type as VLAN. The ethernet and vlan keywords are mutually exclusive. When the VC type is not defined then the default is Ethernet for spoke SDP bindings.

The VLAN VC-type inserts one dot1q tag within each encapsulated Ethernet packet transmitted to the far end and strips one dotQ tag, if a tag is present, from traffic received on the pseudowire.

The system expects a symmetrical configuration with its peer, specifically it expects to remove the same number of VLAN tags from received traffic as it adds to transmitted traffic. As some of the related configuration parameters are local and not communicated in the signaling plane, an asymmetrical behavior cannot always be detected and so cannot be blocked. Consequently, protocol extractions will not necessarily function for asymmetrical configurations as they would with a symmetrical configurations resulting in an unexpected operation.

group-name
Specifies the name of the split horizon group to which the SDP belongs
endpoint
Specifies the service endpoint to which this SDP bind is attached. The service ID of the SDP binding must match the service ID of the service endpoint.
no endpoint—
Removes the association of a spoke SDP with an explicit endpoint name
root-leaf-tag—
Specifies a tagging spoke SDP under an E-Tree VPLS. When a tag SDP binding is required, it is created with a root-leaf-tag flag. Only VLAN tag SDP bindings are supported. The VLAN type must be set to VC VLAN type. The root-leaf-tag parameter indicates this SDP binding is a tag SDP that will use a default VID tag of 1 for root and 2 for leaf. The SDP binding tags egress E-Tree traffic with root and leaf VIDs as appropriate. Root and leaf VIDs are only significant between peering VPLS but the values must be consistent on each end. On ingress a tag SDP binding removes the VID tag on the interface between VPLS in the same E-Tree service. The tag SDP receives root tagged traffic and marks the traffic with a root indication internally. This option is not available on BGP EVPN-enabled E-Tree services.
leaf-ac—
Specifies an access (AC) spoke SDP binding under a E-Tree VPLS as a leaf access (AC) SDP. The default E-Tree SDP binding type is a root-ac if leaf-ac or root-leaf-tag is not specified at SDP creation. This option is only available when the VPLS is designated as an E-Tree VPLS. BGP EVPN-enabled E-Tree VPLS services support the leaf-ac option.

spoke-sdp

Syntax 
spoke-sdp sdp-id[:vc-id] [vc-type {ether |vlan}] [split-horizon-group group-name] [create] endpoint endpoint root-leaf-tag
spoke-sdp sdp-id[:vc-id] [vc-type {ether |vlan}] [split-horizon-group group-name] [create] endpoint endpoint leaf-ac
spoke-sdp sdp-id[:vc-id] [vc-type {ether |vlan}] [split-horizon-group group-name] [create] [no-endpoint]
spoke-sdp sdp-id[:vc-id] [vc-type {ether |vlan}] [split-horizon-group group-name] [create] endpoint endpoint
spoke-sdp sdp-id[:vc-id] [vc-type {ether |vlan}] [split-horizon-group group-name] [create] [no-endpoint] leaf-ac
spoke-sdp sdp-id[:vc-id] [vc-type {ether |vlan}] [split-horizon-group group-name] [create] [no-endpoint] root-leaf-tag
no spoke-sdp sdp-id[:vc-id]
Context 
[Tree] (config>service>vpls spoke-sdp)
Full Contexts 
configure service vpls spoke-sdp
Description 

This command binds a service to an existing Service Distribution Point (SDP).

A spoke SDP is treated like the equivalent of a traditional bridge port where flooded traffic received on the spoke SDP is replicated on all other ports (other spoke and mesh SDPs or SAPs) and not transmitted on the port it was received.

The SDP has an operational state which determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service is down.

The SDP must already be defined in the config>service>sdp context in order to associate an SDP with a VPLS service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id does exist, a binding between that sdp-id and the service is created.

SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end 7450 ESS or 7750 SR devices can participate in the service.

The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service. Once removed, no packets are forwarded to the far-end router.

Special Cases 
VPLS—
Several SDPs can be bound to a VPLS service. Each SDP must use unique vc-ids. An error message is generated if two SDP bindings with identical vc-ids terminate on the same router. Split horizon groups can only be created in the scope of a VPLS service.
Parameters 
sdp-id—
Specifies the SDP identifier.
Values—
1 to 17407

 

vc-id—
Specifies the virtual circuit identifier.
Values—
1 to 4294967295

 

vc-type—
This command overrides the default VC type signaled for the spoke or mesh binding to the far end of the SDP. The VC type is a 15 bit-quantity containing a value which represents the type of VC. The actual signaling of the VC type depends on the signaling parameter defined for the SDP. If signaling is disabled, the vc-type command can still be used to define the dot1q value expected by the far-end provider equipment. A change of the binding’s VC type causes the binding to signal the new VC type to the far end when signaling is enabled.

VC types are derived according to IETF draft-martini-l2circuit-trans-mpls.

The VC type value for Ethernet is 0x0005.

The VC type value for an Ethernet VLAN is 0x0004.

Values—
ether, vlan

 

ether—
Defines the VC type as Ethernet. The ethernet, vlan, and vpls keywords are mutually exclusive. When the VC type is not defined then the default is Ethernet for spoke SDP bindings. Defining Ethernet is the same as executing no vc-type and restores the default VC type for the spoke SDP binding (hex 5).
vlan—
Defines the VC type as VLAN. The ethernet, vlan, and vpls keywords are mutually exclusive. When the VC type is not defined then the default is Ethernet for spoke SDP bindings. The VLAN VC-type requires at least one dot1Q tag within each encapsulated Ethernet packet transmitted to the far end.
group-name
Specifies the name of the split horizon group to which the SDP belongs.
root-leaf-tag—
Specifies a SAP as a root leaf tag SDP. This option is only available when the VPLS is designated as an E-Tree VPLS.
leaf-tag-vid
Specifies to replace the outer SDP ID for leaf traffic. The leaf tag VID is only significant between peering VPLS but the values must be consistent on each end.
leaf-ac—
Specifies a SDP as a leaf access (AC) SDP. The default E-Tree SAP type is root AC if leaf-ac (or root-leaf-tag) is not specified at SDP creation. This option is only available when the VPLS is designated as an E-Tree VPLS.
create—
Keyword used to create the spoke SDP. The create keyword requirement can be enabled or disabled in the environment>create context.

spoke-sdp

Syntax 
spoke-sdp sdp-id:vc-id [vc-type {ether |vlan}] [split-horizon-group group-name] endpoint [no-endpoint] [root-leaf-tag |leaf-ac]
no spoke-sdp sdp-id:vc-id
Context 
[Tree] (config>service>vpls spoke-sdp)
Full Contexts 
configure service vpls spoke-sdp
Description 

This command binds a service to an existing Service Distribution Point (SDP). A spoke-SDP is treated like the equivalent of a traditional bridge “port” where flooded traffic received on the spoke-SDP is replicated on all other “ports” (other spoke and mesh SDPs or SAPs) and not transmitted on the port it was received.

The SDP has an operational state which determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service will be down.

The SDP must already be defined in the config>service>sdp context in order to associate an SDP with a VPLS service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id does exist, a binding between that sdp-id and the service is created.

SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end devices can participate in the service.

The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service. After it is removed, no packets are forwarded to the far-end router.

Parameters 
sdp-id—
Specifies the SDP identifier
Values—
1 to 17407

 

vc-id—
Specifies the virtual circuit identifier
Values—
1 to 4294967295

 

vc-type—
This command overrides the default VC type signaled for the spoke or mesh binding to the far end of the SDP. The VC type is a 15 bit-quantity containing a value which represents the type of VC. The actual signaling of the VC type depends on the signaling parameter defined for the SDP. If signaling is disabled, the vc-type command can still be used to define the dot1q value expected by the far-end provider equipment. A change of the bindings VC type causes the binding to signal the new VC type to the far end when signaling is enabled. VC types are derived according to IETF draft-martini-l2circuit-trans-mpls.

The VC type value for Ethernet is 0x0005.

The VC type value for an Ethernet VLAN is 0x0004.

Values—
ether, vlan

 

ether—
Defines the VC type as Ethernet. The ethernet and vlan keywords are mutually exclusive. When the VC type is not defined then the default is Ethernet for spoke-SDP bindings. Defining Ethernet is the same as executing no vc-type and restores the default VC type for the spoke-SDP binding. (hex 5)
vlan—
Defines the VC type as VLAN. The ethernet and vlan keywords are mutually exclusive. When the VC type is not defined then the default is Ethernet for spoke-SDP bindings. The VLAN VC-type inserts one dot1q tag within each encapsulated Ethernet packet transmitted to the far end and strips one dotQ tag, if a tag is present, from traffic received on the pseudowire.

Note: The system expects a symmetrical configuration with its peer, specifically it expects to remove the same number of VLAN tags from received traffic as it adds to transmitted traffic. As some of the related configuration parameters are local and not communicated in the signaling plane, an asymmetrical behavior cannot always be detected and so cannot be blocked. Consequently, protocol extractions will not necessarily function for asymmetrical configurations as they would with a symmetrical configurations resulting in an unexpected operation.

group-name
Specifies the name of the split horizon group to which the SDP belongs.
endpoint
Specifies the service endpoint to which this SDP bind is attached. The service ID of the SDP binding must match the service ID of the service endpoint.
no endpoint—
Removes the association of a spoke-SDP with an explicit endpoint name.
root-leaf-tag—
Specifies a tagging spoke-SDP under an E-Tree VPLS. When a tag SDP binding is required, it is created with a root-leaf-tag flag. Only VLAN tag SDP bindings are supported. The VLAN type must be set to VC VLAN type. The root-leaf-tag parameter indicates this SDP binding is a tag SDP that will use a default VID tag of 1 for root and 2 for leaf. The SDP binding tags egress E-Tree traffic with root and leaf VIDs as appropriate. Root and leaf VIDs are only significant between peering VPLS but the values must be consistent on each end. On ingress a tag SDP binding removes the VID tag on the interface between VPLS in the same E-Tree service. The tag SDP receives root tagged traffic and marks the traffic with a root indication internally. This option is not available on BGP EVPN-enabled E-Tree services.
leaf-ac—
Specifies an access (AC) spoke-SDP binding under a E-Tree VPLS as a leaf access (AC) SDP. The default E-Tree SDP binding type is a root-ac if leaf-ac or root-leaf-tag is not specified at SDP creation. This option is only available when the VPLS is designated as an E-Tree VPLS. BGP EVPN-enabled E-Tree VPLS services support the leaf-ac option.

spoke-sdp

Syntax 
spoke-sdp sdp-id[:vc-id] [vc-type {ether |vlan}] [split-horizon-group group-name] endpoint [no-endpoint] [root-leaf-tag |leaf-ac]
no spoke-sdp sdp-id[:vc-id]
Context 
[Tree] (config>service>vpls spoke-sdp)
Full Contexts 
configure service vpls spoke-sdp
Description 

This command binds a service to an existing Service Distribution Point (SDP). A spoke-SDP is treated like the equivalent of a traditional bridge “port” where flooded traffic received on the spoke-SDP is replicated on all other “ports” (other spoke and mesh SDPs or SAPs) and not transmitted on the port it was received.

The SDP has an operational state which determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service will be down.

The SDP must already be defined in the config>service>sdp context in order to associate an SDP with a VPLS service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id does exist, a binding between that sdp-id and the service is created.

SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end devices can participate in the service.

The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service. Once removed, no packets are forwarded to the far-end router.

Default 

No sdp-id is bound to a service.

Special Cases 
VPLS—
Several SDPs can be bound to a VPLS service. Each SDP must use unique vc-ids. An error message is generated if two SDP bindings with identical vc-ids terminate on the same router. Split horizon groups can only be created in the scope of a VPLS service.
Parameters 
sdp-id—
Specifies the SDP identifier
Values—
1 to 17407

 

vc-id—
Specifies the virtual circuit identifier
Values—
1 to 4294967295

 

vc-type—
This command overrides the default VC type signaled for the spoke or mesh binding to the far end of the SDP. The VC type is a 15 bit-quantity containing a value which represents the type of VC. The actual signaling of the VC type depends on the signaling parameter defined for the SDP. If signaling is disabled, the vc-type command can still be used to define the dot1q value expected by the far-end provider equipment. A change of the bindings VC type causes the binding to signal the new VC type to the far end when signaling is enabled. VC types are derived according to IETF draft-martini-l2circuit-trans-mpls.

The VC type value for Ethernet is 0x0005.

The VC type value for an Ethernet VLAN is 0x0004.

Values—
ether, vlan

 

ether—
Defines the VC type as Ethernet. The ethernet and vlan keywords are mutually exclusive. When the VC type is not defined then the default is Ethernet for spoke-SDP bindings. Defining Ethernet is the same as executing no vc-type and restores the default VC type for the spoke-SDP binding. (hex 5)
vlan—
Defines the VC type as VLAN. The ethernet and vlan keywords are mutually exclusive. When the VC type is not defined then the default is Ethernet for spoke-SDP bindings. The VLAN VC-type inserts one dot1q tag within each encapsulated Ethernet packet transmitted to the far end and strips one dotQ tag, if a tag is present, from traffic received on the pseudowire.

Note: The system expects a symmetrical configuration with its peer, specifically it expects to remove the same number of VLAN tags from received traffic as it adds to transmitted traffic. As some of the related configuration parameters are local and not communicated in the signaling plane, an asymmetrical behavior cannot always be detected and so cannot be blocked. Consequently, protocol extractions will not necessarily function for asymmetrical configurations as they would with a symmetrical configurations resulting in an unexpected operation.

group-name
Specifies the name of the split horizon group to which the SDP belongs
endpoint
Specifies the service endpoint to which this SDP bind is attached. The service ID of the SDP binding must match the service ID of the service endpoint.
no endpoint—
Removes the association of a spoke-SDP with an explicit endpoint name
root-leaf-tag—
Specifies a tagging spoke-SDP under an E-Tree VPLS. When a tag SDP binding is required, it is created with a root-leaf-tag flag. Only VLAN tag SDP bindings are supported. The VLAN type must be set to VC VLAN type. The root-leaf-tag parameter indicates this SDP binding is a tag SDP that will use a default VID tag of 1 for root and 2 for leaf. The SDP binding tags egress E-Tree traffic with root and leaf VIDs as appropriate. Root and leaf VIDs are only significant between peering VPLS but the values must be consistent on each end. On ingress a tag SDP binding removes the VID tag on the interface between VPLS in the same E-Tree service. The tag SDP receives root tagged traffic and marks the traffic with a root indication internally. This option is not available on BGP EVPN-enabled E-Tree services.
leaf-ac—
Specifies an access (AC) spoke-SDP binding under a E-Tree VPLS as a leaf access (AC) SDP. The default E-Tree SDP binding type is a root-ac if leaf-ac or root-leaf-tag is not specified at SDP creation. This option is only available when the VPLS is designated as an E-Tree VPLS. BGP EVPN-enabled E-Tree VPLS services support the leaf-ac option.

spoke-sdp

Syntax 
[no] spoke-sdp sdp-id
Context 
[Tree] (config>service>vprn spoke-sdp)
Full Contexts 
configure service vprn spoke-sdp
Description 

This command binds a service to an existing Service Distribution Point (SDP).

A spoke SDP is treated like the equivalent of a traditional bridge “port” where flooded traffic received on the spoke SDP is replicated on all other “ports” (other spoke and mesh SDPs or SAPs) and not transmitted on the port it was received.

The SDP has an operational state which determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service is down.

The SDP must already be defined in the config>service>sdp context in order to associate an SDP with a VPRN service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id does exist, a binding between that sdp-id and the service is created.

SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end 7750 SR devices can participate in the service.

The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service. Once removed, no packets are forwarded to the far-end router.

Special Cases 
VPRN—
Several SDPs can be bound to a VPRN service. Each SDP must be destined to a different 7750 SROS. If two sdp-id bindings terminate on the same 7750 SR, an error occurs and the second SDP binding is rejected.
Parameters 
sdp-id—
Specifies the SDP identifier. Allowed values are integers in the range of 1 and 17407 for existing SDPs.
vc-id—
Specifies the virtual circuit identifier.
Values—
1 to 4294967295

 

spoke-sdp

Syntax 
spoke-sdp sdp-id[:vc-id] [vc-type {ether |ipipe}] [create]
no spoke-sdp sdp-id[:vc-id]
Context 
[Tree] (config>service>ies>if spoke-sdp)
[Tree] (config>service>ies>redundant-interface spoke-sdp)
[Tree] (config>service>vprn>if spoke-sdp)
[Tree] (config>service>vprn>red-if spoke-sdp)
Full Contexts 
configure service ies interface spoke-sdp
configure service ies redundant-interface spoke-sdp
configure service vprn interface spoke-sdp
configure service vprn redundant-interface spoke-sdp
Description 

This command binds a service to an existing Service Distribution Point (SDP).

A spoke SDP is treated like the equivalent of a traditional bridge “port” where flooded traffic received on the spoke SDP is replicated on all other “ports” (other spoke and mesh SDPs or SAPs) and not transmitted on the port it was received.

The SDP has an operational state which determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service is down.

The SDP must already be defined in the config>service>sdp context in order to associate an SDP with an IES service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id does exist, a binding between that sdp-id and the service is created.

SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end devices can participate in the service.

Class-based forwarding is not supported on a spoke SDP used for termination on an IES or VPRN services. All packets are forwarded over the default LSP.

The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service. Once removed, no packets are forwarded to the far-end router. The spoke SDP must be shut down first before it can be deleted from the configuration.

Default 

no spoke-sdp

Special Cases 
IES—
At most, only one sdp-id can be bound to an IES service.
Parameters 
sdp-id—
Specifies the SDP identifier. Allowed values are integers in the range of 1 and 17407 for existing SDPs.
vc-id—
Specifies the virtual circuit identifier.
Values—
1 to 4294967295

 

vc-type—
Specifies the encapsulation and pseudowire type for the spoke SDP.
Values—
ether: specifies Ethernet pseudowire as the type of virtual circuit (VC) associated with the SDP binding
ipipe: specifies Ipipe pseudowire as the type of virtual circuit (VC) associated with the SDP binding

 

Default—
ether
create—
Keyword used to create the spoke SDP. The create keyword requirement can be enabled or disabled in the environment>create context.

spoke-sdp

Syntax 
spoke-sdp sdp-id:vc-id
no spoke-sdp
Context 
[Tree] (config>service>vpls>site spoke-sdp)
Full Contexts 
configure service vpls site spoke-sdp
Description 

This command binds a service to an existing Service Distribution Point (SDP).

The no form of this command removes the parameter from the configuration.

Parameters 
sdp-id—
Specifies the SDP identifier
Values—
1 to 17407

 

vc-id—
Specifies the virtual circuit identifier.
Values—
1 to 429496729

 

spoke-sdp

Syntax 
spoke-sdp sdp-id[:vc-id] [no-endpoint]
spoke-sdp sdp-id[:vc-id] endpoint endpoint-name [icb]
no spoke-sdp sdp-id[:vc-id]
Context 
[Tree] (config>service>apipe spoke-sdp)
[Tree] (config>service>cpipe spoke-sdp)
[Tree] (config>service>fpipe spoke-sdp)
[Tree] (config>service>ipipe spoke-sdp)
Full Contexts 
configure service apipe spoke-sdp
configure service cpipe spoke-sdp
configure service fpipe spoke-sdp
configure service ipipe spoke-sdp
Description 

This command binds a service to an existing Service Distribution Point (SDP). A spoke SDP is treated like the equivalent of a traditional bridge “port” where flooded traffic received on the spoke SDP is replicated on all other “ports” (other spoke and mesh SDPs or SAPs) and not transmitted on the port it was received.

The SDP has an operational state which determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service will be down.

The SDP must already be defined in the config>service>sdp context in order to associate an SDP with a service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id does exist, a binding between that sdp-id and the service is created.

SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end SR/ESS devices can participate in the service.

The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service. Once removed, no packets are forwarded to the far-end router.

Default 

No sdp-id is bound to a service.

Parameters 
sdp-id—
The SDP identifier.
Values—
1 to 32767

 

vc-id—
The virtual circuit identifier.
Values—
1 to 4294967295

 

no-endpoint—
Adds or removes a spoke SDP association.
endpoint-name—
Specifies the name of the service endpoint.
icb—
Configures the spoke SDP as an inter-chassis backup SDP binding.

spoke-sdp

Syntax 
spoke-sdp sdp-id[:vc-id] [vc-type {ether |vlan}] [create] [no-endpoint]
spoke-sdp sdp-id[:vc-id] [vc-type {ether |vlan}] [create] endpoint endpoint-name [icb]
no spoke-sdp sdp-id[:vc-id]
Context 
[Tree] (config>service>epipe spoke-sdp)
Full Contexts 
configure service epipe spoke-sdp
Description 

This command binds a service to an existing Service Distribution Point (SDP). A spoke SDP is treated like the equivalent of a traditional bridge “port” where flooded traffic received on the spoke SDP is replicated on all other “ports” (other spoke and mesh SDPs or SAPs) and not transmitted on the port it was received.

The SDP has an operational state which determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service will be down.

The SDP must already be defined in the config>service>sdp context in order to associate an SDP with an Epipe, VPLS, VPRN, VPRN service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id does exist, a binding between that sdp-id and the service is created.

SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end devices can participate in the service.

This command can also be used to associate a GRE tunnel carrying Ethernet payload with an Epipe and terminate it on a PW port referenced within the same Epipe service. The spoke SDP represents a L2oGRE tunnel with SDP delivery type set to eth-gre-bridged. With this configuration, the vc-id is unused since there is no multiplexing of Ethernet payload within the same tunnel. The vc-id value is included only to maintain the expected spoke SDP structure within an EPIPE service. For L2oGRE tunnels, the vc-id can be set to any arbitrary value within its configurable range.

The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service. Once removed, no packets are forwarded to the far-end router.

Default 

No sdp-id is bound to a service.

Special Cases 
Epipe—
At most, only one sdp-id can be bound to an Epipe service. Since an Epipe is a point-to-point service, it can have, at most, two end points. The two end points can be one SAP and one SDP or two SAPs. Vc-switching VLLs are an exception. If the VLL is a “vc-switching” VLL, then the two endpoints must both be SDPs.

L2TPv3 SDP types are only supported on Epipe services and not other xpipe services.

Parameters 
sdp-id—
The SDP identifier.
Values—
1 to 17407

 

vc-id—
The virtual circuit identifier. The VC-ID is not used with L2TPv3 SDPs or L2oGRE tunnels, however it must be configured.
Values—
1 to 4294967295

 

vc-type—
This command overrides the default VC type signaled for the spoke or mesh binding to the far end of the SDP. The VC type is a 15 bit-quantity containing a value which represents the type of VC. The actual signaling of the VC type depends on the signaling parameter defined for the SDP. If signaling is disabled, the vc-type command can still be used to define the dot1q value expected by the far-end provider equipment. A change of the bindings VC type causes the binding to signal the new VC type to the far end when signaling is enabled.

VC types are derived according to IETF draft-martini-l2circuit-trans-mpls.

The VC type value for Ethernet is 0x0005.

The VC type value for an Ethernet VLAN is 0x0004.

Values—
ethernet

 

ether—
Defines the VC type as Ethernet. The ethernet and vlan keywords are mutually exclusive. When the VC type is not defined then the default is Ethernet for spoke SDP bindings. Defining Ethernet is the same as executing no vc-type and restores the default VC type for the spoke SDP binding.
vlan—
Defines the VC type as VLAN. The top VLAN tag, if a VLAN tag is present, is stripped from traffic received on the pseudowire, and a VLAN tag is inserted when forwarding into the pseudowire. The ethernet and vlan keywords are mutually exclusive. When the VC type is not defined then the default is Ethernet for spoke SDP bindings.

The VLAN VC-type requires at least one dot1q tag within each encapsulated Ethernet packet transmitted to the far end.

Note: The system expects a symmetrical configuration with its peer, specifically it expects to remove the same number of VLAN tags from received traffic as it adds to transmitted traffic. As some of the related configuration parameters are local and not communicated in the signaling plane, an asymmetrical behavior cannot always be detected and so cannot be blocked. Consequently, protocol extractions will not necessarily function for asymmetrical configurations as they would with a symmetrical configurations resulting in an unexpected operation.

no-endpoint—
Removes the association of a spoke SDP with an explicit endpoint name.
endpoint-name—
Specifies the name of the service endpoint.
icb—
Specifies the spoke SDP as an inter-chassis backup SDP binding.

spoke-sdp

Syntax 
[no] spoke-sdp spoke-id
Context 
[Tree] (config>service>vpls>mac-move>primary-ports spoke-sdp)
[Tree] (config>service>vpls>mac-move>secondary-ports spoke-sdp)
Full Contexts 
configure service vpls mac-move primary-ports spoke-sdp
configure service vpls mac-move secondary-ports spoke-sdp
Description 

This command declares a specified spoke-SDP as a primary (or secondary) VPLS port.

Parameters 
spoke-id—
Specifies the SDP ID to configure as the primary VPLS port
Values—
1 to 17407

 

vc-id—
Specifies the virtual circuit identifier
Values—
1 to 4294967295

 

spoke-sdp

Syntax 
spoke-sdp sdp-id:vc-id [create]
no spoke-sdp sdp-id:vc-id
Context 
[Tree] (config>service>ies>aarp-interface spoke-sdp)
Full Contexts 
configure service ies aarp-interface spoke-sdp
Description 

This command binds a service to an existing SDP. A spoke SDP is treated like the equivalent of a traditional bridge port where flooded traffic received on the spoke SDP is replicated on all other “ports” (other spoke and mesh SDPs or SAPs) and not transmitted on the port it was received.

The SDP has an operational state which determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service will be down.

SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end devices can participate in the service.

The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service. Once removed, no packets are forwarded to the far-end router.

Default 

no spoke-sdp

Parameters 
sdp-id—
Specifies the SDP identifier.
Values—
1 to 17407

 

vc-id—
Specifies the virtual circuit identifier. The VC-ID is not used with L2TPv3 SDPs, however it must be configured.
Values—
1 to 4294967295

 

create—
Keyword used to create the spoke SDP.

spoke-sdp

Syntax 
spoke-sdp sdp-id:vc-id [create]
no spoke-sdp sdp-id:vc-id
Context 
[Tree] (config>service>vprn>aarp-interface spoke-sdp)
Full Contexts 
configure service vprn aarp-interface spoke-sdp
Description 

This command binds a service to an existing SDP. A spoke SDP is treated like the equivalent of a traditional bridge port where flooded traffic received on the spoke SDP is replicated on all other “ports” (other spoke and mesh SDPs or SAPs) and not transmitted on the port it was received.

The SDP has an operational state which determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service will be down.

SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end devices can participate in the service.

The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service. Once removed, no packets are forwarded to the far-end router.

Default 

no spoke-sdp

Parameters 
sdp-id—
— Specifies the SDP identifier.
Values—
1 to 17407

 

vc-id—
The virtual circuit identifier. The VC-ID is not used with L2TPv3 SDPs, however it must be configured.
Values—
1 to 4294967295

 

create—
Keyword used to create the spoke SDP.

spoke-sdp

Syntax 
spoke-sdp sdp-id:vc-id [create] [no-endpoint]
spoke-sdp sdp-id:vc-id [create] endpoint name [icb]
no sdp sdp-id:vc-id
Context 
[Tree] (config>mirror>mirror-dest spoke-sdp)
[Tree] (config>mirror>mirror-dest>remote-source spoke-sdp)
Full Contexts 
configure mirror mirror-dest remote-source spoke-sdp
configure mirror mirror-dest spoke-sdp
Description 

This command binds an existing (mirror) service distribution path (SDP) to the mirror destination service ID.

Spoke SDPs are used to send and receive mirrored traffic between mirror source and destination routers in a remote mirroring solution. A spoke SDP configured in the remote-source context (remote-src>spoke-sdp) is used on the destination router. A spoke SDP configured in the mirror service context (mirror-dest>spoke-sdp) is used on the source router.

The destination node should be configured with remote-src>spoke-sdp entries when using L2TPv3, MPLS-TP or LDP IPv6 LSP SDPs in the remote mirroring solution. For all other types of SDPs, remote-source>far-end entries should be used.

Spoke SDPs are not applicable when routable LI encapsulation is employed (mirror-dest>encap).

A mirror destination service that is configured for a destination router must not be configured as for a source router.

The no form of this command removes the SDP binding from the mirror destination service.

Default 

An SDP ID is bound to a mirror destination service ID. If no SDP is bound to the service, the mirror destination will be local and cannot be sent to another router over the core network.

Parameters 
sdp-id:vc-id —
Specifies a locally unique SDP identification (ID) number. The SDP ID must exist. If the SDP ID does not exist, an error will occur and the command will not execute.

For mirror services, the vc-id defaults to the service-id. However, there are scenarios where the vc-id is being used by another service. In this case, the SDP binding cannot be created. So, to avoid this, the mirror service SDP bindings now accepts vc-ids.

Values—
1 to 17407

 

no-endpoint—
Removes the association of a SAP or a SDP with an explicit endpoint name.
name
Specifies the name of the endpoint associated with the SAP.
icb—
Indicates that the SDP is of type Inter-Chassis Backup (ICB). This is a special pseudowire used for MC-LAG and pseudowire redundancy application.

An explicitly named endpoint can have a maximum of one SAP and one ICB. Once a SAP is added to the endpoint, only one more object of type ICB SDP is allowed. The ICB SDP cannot be added to the endpoint if the SAP is not part of a MC-LAG instance. This means that all other SAP types cannot exist on the same endpoint as an ICB SDP since non Ethernet SAP cannot be part of a MC-LAG instance. Conversely, a SAP which is not part of a MC-LAG instance cannot be added to an endpoint which already has an ICB SDP.

An explicitly named endpoint, which does not have a SAP object, can have a maximum of four SDPs, which can include any of the following: a single primary SDP, one or many secondary SDPs with precedence, and a single ICB SDP.

Default—
Null. The user should explicitly configure this option at create time. The user can remove the ICB type simply by retyping the SDP configuration without the icb keyword.

spoke-sdp

Syntax 
spoke-sdp sdp-id:vc-id [create]
no spoke-sdp sdp-id:vc-id
Context 
[Tree] (config>service>vprn>ip-mirror-interface spoke-sdp)
Full Contexts 
configure service vprn ip-mirror-interface spoke-sdp
Description 

This command binds a service to an existing SDP.

The SDP must already be defined in the config>service>sdp context in order to associate an SDP with the VPRN service. SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end devices can participate in the service.

The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service. Once removed, no packets are forwarded to the far-end router. The spoke SDP must be shut down before it can be deleted from the configuration.

Parameters 
sdp-id—
Specifies SDP identifier.
Values—
1 to 32767

 

vc-id—
Specifies the virtual circuit identifier.
Values—
1 to 4294967295

 

create—
Keyword used to create an IP mirror interface.

23.304. spoke-sdp-fec

spoke-sdp-fec

Syntax 
spoke-sdp-fec
spoke-sdp-fec spoke-sdp-fec-id [fec fec-type] [aii-type aii-type] [create]
spoke-sdp-fec spoke-sdp-fec-id no-endpoint
spoke-sdp-fec spoke-sdp-fec-id [fec fec-type] [aii-type aii-type] [create] endpoint name [icb]
Context 
[Tree] (config>service>epipe spoke-sdp-fec)
Full Contexts 
configure service epipe spoke-sdp-fec
Description 

This command binds a service to an existing Service Distribution Point (SDP), using a dynamic MS-PW.

A spoke SDP is treated like the equivalent of a traditional bridge “port” where flooded traffic received on the spoke SDP is replicated on all other “ports” (other spoke and mesh SDPs or SAPs) and not transmitted on the port it was received.

The SDP has an operational state which determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service will be down.

When using dynamic MS-PWs, the particular SDP to bind-to is automatically selected based on the Target Attachment Individual Identifier (TAII) and the path to use, specified under spoke SDP FEC. The selected SDP will terminate on the first hop S-PE of the MS-PW. Therefore, an SDP must already be defined in the config>service>sdp context that reaches the first hop router of the MS-PW. The router will in order to associate an SDP with a service. If an SDP to that is not already configured, an error message is generated. If the sdp-id does exist, a binding between that sdp-id and the service is created.

It differs from the spoke-sdp command in that the spoke-sdp command creates a spoke SDP binding that uses a pseudowire with the PW ID FEC. However, the spoke-sdp-fec command enables pseudowires with other FEC types to be used. Only the Generalized ID FEC (FEC129) may be specified using this command.

The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service. Once removed, no packets are forwarded to the far-end router.

Parameters 
spoke-sdp-fec-id —
An unsigned integer value identifying the spoke SDP.
Values—
1 to 4294967295

 

fec-type —
An unsigned integer value for the type of the FEC used by the MS-PW.
Values—
129 to 130

 

aii-type —
An unsigned integer value for the Attachment Individual Identifier (AII) type used to identify the MS-PW endpoints.
Values—
1 to 2

 

endpoint-name —
Specifies the name of the service endpoint.
no endpoint —
Adds or removes a spoke SDP association.
icb —
Configures the spoke SDP as an inter-chassis backup SDP binding.

23.305. spt-switchover-threshold

spt-switchover-threshold

Syntax 
spt-switchover-threshold {grp-ip-address/mask |grp-ip-address netmask} spt-threshold
spt-switchover-threshold grp-ipv6-addr/prefix-length spt-threshold
no spt-switchover-threshold {grp-ip-address/mask |grp-ip-address netmask}
no spt-switchover-threshold grp-ipv6-addr/prefix-length
Context 
[Tree] (config>service>vprn>pim spt-switchover-threshold)
Full Contexts 
configure service vprn pim spt-switchover-threshold
Description 

This command configures a shortest path tree (SPT tree) switchover threshold for a group prefix.

Parameters 
grp-ip-address—
Specifies the multicast group address.
grp-ipv6-address—
Specifies the multicast group address.
prefix-length —
Specifies the address prefix length.
Values—

grp-ipv6-address

: x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x [0 to FFFF]H

d [0 to 255]D

prefix-length

[1 to 128]

 

mask—
Defines the mask of the multicast-ip-address.
Values—
4 to 32

 

netmask—
The subnet mask in dotted decimal notation.
Values—
0.0.0.0 to 255.255.255.255 (network bits all 1 and host bits all 0)

 

spt-threshold—
Specifies the configured threshold in kilobits per second (kb/s) for the group to which this (S,G) belongs. For a group G configured with a threshold, switchover to SPT for an (S,G) is attempted only if the (S,G)'s rate exceeds this configured threshold.

spt-switchover-threshold

Syntax 
spt-switchover-threshold {grp-ipv4-prefix/ipv4-prefix-length |grp-ipv4-prefix netmask |grp-ipv6-prefix/ipv6-prefix-length} spt-threshold
no spt-switchover-threshold {grp-ipv4-prefix/ipv4-prefix-length |grp-ipv4-prefix netmask |grp-ipv6-prefix/ipv6-prefix-length}
Context 
[Tree] (config>router>pim spt-switchover-threshold)
Full Contexts 
configure router pim spt-switchover-threshold
Description 

This command configures shortest path (SPT) tree switchover thresholds for group prefixes.

PIM-SM routers with directly connected routers receive multicast traffic initially on a shared tree rooted at the Rendezvous Point (RP). Once the traffic arrives on the shared tree and the source of the traffic is known, a switchover to the SPT tree rooted at the source is attempted.

For a group that falls in the range of a prefix configured in the table, the corresponding threshold value determines when the router should switch over from the shared tree to the source specific tree. The switchover is attempted only if the traffic rate on the shared tree for the group exceeds the configured threshold.

In the absence of any matching prefix in the table, the default behavior is to switchover when the first packet is seen. In the presence of multiple prefixes matching a given group, the most specific entry is used.

The no form of this command removes the parameters from the PIM configuration.

Parameters 
grp-ipv4-prefix—
Specifies the group IPv4 multicast address in dotted decimal notation.
Values—
a.b.c.d

 

ipv4-prefix-length—
Specifies the length of the IPv4 prefix.
Values—
4 to 32

 

netmask—
Specifies the netmask associated with the IPv4 prefix, expressed in dotted decimal notation. Network bits must be 1, and host bits must be 0.
Values—
a.b.c.d

 

grp-ipv6-prefix—
Specifies the group IPv6 multicast address in hexadecimal notation.
Values—
xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (eight 16-bit pieces)
x:x:x:x:x:x:d.d.d.d
xx — 0 to FF (hex)

 

ipv6-prefix-length—
Specifies the length of the IPv6 prefix.
Values—
8 to 128

 

spt-threshold—
Specifies the configured threshold in kilobits per second (kb/s) for a group prefix. A switchover is attempted only if the traffic rate on the shared tree for the group exceeds this configured threshold. When the infinity keyword is specified, no switchover will occur at any time, regardless of the traffic level is detected.
Values—
1 to 4294967294, infinity

 

23.306. squelch

squelch

Syntax 
[no] squelch
Context 
[Tree] (config>system>sync-if-timing>bits>output squelch)
Full Contexts 
configure system sync-if-timing bits output squelch
Description 

This command configures the behavior of the BITSout port when there is no valid reference selected. When enabled with no valid reference, no signal is sent out the port. When disabled with no valid reference, an AIS signal is presented along with the QL-DNU/TL-DUS SSM code if the signal format supports SSM.

Default 

no squelch

23.307. squelch-ingress-levels

squelch-ingress-levels

Syntax 
squelch-ingress-levels [md-level [md-level]
no squelch-ingress-levels
Context 
[Tree] (config>service>epipe>sap>eth-cfm squelch-ingress-levels)
[Tree] (config>service>epipe>spoke-sdp>eth-cfm squelch-ingress-levels)
[Tree] (config>service>vpls>sap>eth-cfm squelch-ingress-levels)
[Tree] (config>service>vpls>spoke-sdp>eth-cfm squelch-ingress-levels)
[Tree] (config>service>vpls>mesh-sdp>eth-cfm squelch-ingress-levels)
[Tree] (config>service>ipipe>sap>eth-cfm squelch-ingress-levels)
[Tree] (config>service>template>vpls-sap-template>eth-cfm squelch-ingress-levels)
Full Contexts 
configure service epipe sap eth-cfm squelch-ingress-levels
configure service epipe spoke-sdp eth-cfm squelch-ingress-levels
configure service ipipe sap eth-cfm squelch-ingress-levels
configure service template vpls-sap-template eth-cfm squelch-ingress-levels
configure service vpls mesh-sdp eth-cfm squelch-ingress-levels
configure service vpls sap eth-cfm squelch-ingress-levels
configure service vpls spoke-sdp eth-cfm squelch-ingress-levels
Description 

This command defines the levels of the ETH-CFM PDUs that will silently be discarded on ingress into the SAP or SDP binding from the wire. All ETH-CFM PDUs inbound to the SAP or SDP binding will be dropped that match the configured levels without regard for any other ETH-CFM criteria. No statistical information or drop count will be available for any ETH-PDU that is silently discarded by this option. The operator must configure a complete contiguous list of md-levels up to the highest level that will be dropped. The command must be retyped in complete form to modify a previous configuration, if the operator does not want to delete it first.

The no form of this command removes the silent discarding of previously matching ETH-CFM PDUs.

Default 

no squelch-ingress-levels

Parameters 
md-level—
Identifies the level.
Values—
0 to 7

 

squelch-ingress-levels

Syntax 
squelch-ingress-levels [md-level [md-level]]
no squelch-ingress-levels
Context 
[Tree] (config>service>ies>if>sap>eth-cfm squelch-ingress-levels)
[Tree] (config>service>ies>if>spoke-sdp>eth-cfm squelch-ingress-levels)
[Tree] (config>service>ies>sub-if>grp-if>sap>eth-cfm squelch-ingress-levels)
Full Contexts 
configure service ies interface sap eth-cfm squelch-ingress-levels
configure service ies interface spoke-sdp eth-cfm squelch-ingress-levels
configure service ies subscriber-interface group-interface sap eth-cfm squelch-ingress-levels
Description 

This command defines the levels of the ETH-CFM PDUs that will silently be discarded on ingress into the SAP or SDP Binding from the wire. All ETH-CFM PDUs inbound to the SAP or SDP binding will be dropped that match the configured levels without regard for any other ETH-CFM criteria. No statistical information or drop count will be available for any ETH-PDU that is silently discarded by this option. The operator must configure a complete contiguous list of md-levels up to the highest level that will be dropped. The command must be retyped in complete form to modify a previous configuration, if the operator does not want to delete it first.

The no form of this command removes the silent discarding of previously matching ETH-CFM PDUs.

Default 

no squelch-ingress-levels

Parameters 
md-level—
Identifies the level.
Values—
0 to 7

 

squelch-ingress-levels

Syntax 
squelch-ingress-levels [md-level [md-level]]
no squelch-ingress-levels
Context 
[Tree] (config>service>vprn>if>sap>eth-cfm squelch-ingress-levels)
[Tree] (config>service>vprn>if>spoke-sdp>eth-cfm squelch-ingress-levels)
[Tree] (config>service>vprn>sub-if>grp-if>sap>eth-cfm squelch-ingress-levels)
Full Contexts 
configure service vprn interface sap eth-cfm squelch-ingress-levels
configure service vprn interface spoke-sdp eth-cfm squelch-ingress-levels
configure service vprn subscriber-interface group-interface sap eth-cfm squelch-ingress-levels
Description 

This command defines the levels of the ETH-CFM PDUs that will silently be discarded on ingress into the SAP or SDP Binding from the wire. All ETH-CFM PDUs inbound to the SAP or SDP binding will be dropped that match the configured levels without regard for any other ETH-CFM criteria. No statistical information or drop count will be available for any ETH-PDU that is silently discarded by this option. The operator must configure a complete contiguous list of md-levels up to the highest level that will be dropped. The command must be retyped in complete form to modify a previous configuration, if the operator does not want to delete it first.

The no form of this command removes the silent discarding of previously matching ETH-CFM PDUs.

Default 

no squelch-ingress-levels

Parameters 
md-level—
Identifies the level.
Values—
0 to 7

 

23.308. sr-isis

sr-isis

Syntax 
[no] sr-isis
Context 
[Tree] (config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter sr-isis)
[Tree] (config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter sr-isis)
[Tree] (config>service>vprn>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter sr-isis)
Full Contexts 
configure service epipe bgp-evpn mpls auto-bind-tunnel resolution-filter sr-isis
configure service vpls bgp-evpn mpls auto-bind-tunnel resolution-filter sr-isis
configure service vprn bgp-evpn mpls auto-bind-tunnel resolution-filter sr-isis
Description 

This command selects the Segment Routing (SR) tunnel type programed by an IS-IS instance in TTM.

When the sr-isis value (or sr-ospf) is enabled, an SR tunnel to the BGP next hop is selected in the TTM from the lowest-numbered IS-IS (OSPF) instance.

The no form of this command disables the SR-ISIS setting for the auto-bind tunnel.

sr-isis

Syntax 
[no] sr-isis
Context 
[Tree] (config>service>vprn>auto-bind-tunnel>resolution-filter sr-isis)
Full Contexts 
configure service vprn auto-bind-tunnel resolution-filter sr-isis
Description 

This command enables setting the Segment Routing (SR) tunnel type programed by an IS-IS instance in TTM.

When the sr-isis (or sr-ospf) value is enabled, an SR tunnel to the BGP next hop is selected in the TTM from the lowest-numbered IS-IS (OSPF) instance.

sr-isis

Syntax 
[no] sr-isis
Context 
[Tree] (config>router>static-route-entry>indirect>tunnel-next-hop>resolution-filter sr-isis)
Full Contexts 
configure router static-route-entry indirect tunnel-next-hop resolution-filter sr-isis
Description 

This command enables the use of SR-ISIS sourced tunnel entries in the TTM to resolve the associated static route next hop.

Default 

no sr-isis

sr-isis

Syntax 
[no] sr-isis
Context 
[Tree] (config>service>sdp sr-isis)
Full Contexts 
configure service sdp sr-isis
Description 

This command configures an MPLS SDP of LSP type ISIS Segment Routing. The SDP of LSP type sr-isis can be used with the far-end option. The signaling protocol for the service labels for an SDP using an SR tunnel can be configured to static (off), T-LDP (tldp), or BGP (bgp).

sr-isis

Syntax 
[no] sr-isis
Context 
[Tree] (config>router>bgp>next-hop-resolution>shortcut-tunn>family>resolution-filter sr-isis)
[Tree] (config>router>bgp>next-hop-resolution>labeled-routes>transport-tunnel>family>resolution-filter sr-isis)
Full Contexts 
configure router bgp next-hop-resolution labeled-routes transport-tunnel family resolution-filter sr-isis
configure router bgp next-hop-resolution shortcut-tunnel family resolution-filter sr-isis
Description 

This command selects the Segment Routing (SR) tunnel type programmed by an IS-IS instance in TTM for next-hop resolution of BGP routes and labeled routes. This option allows BGP to use the segment- routing tunnel in the tunnel table submitted by the lowest preference IS-IS instance or, in case of a tie, the lowest numbered IS-IS instance.

23.309. sr-label-index

sr-label-index

Syntax 
sr-label-index {value |param-name} [prefer-igp]
no sr-label-index
Context 
[Tree] (config>router>policy-options>policy-statement>entry>action sr-label-index)
[Tree] (config>router>policy-options>policy-statement>default-action sr-label-index)
Full Contexts 
configure router policy-options policy-statement default-action sr-label-index
configure router policy-options policy-statement entry action sr-label-index
Description 

This command associates a BGP segment-routing label index value with all /32 BGP labeled IPv4 routes matching the entry or policy default-action.

Note:

Avoid using this action in a policy entry that matches more than one /32 label-ipv4 route, otherwise SID conflicts are created.

The sr-label-index action only takes effect in BGP peer import policies (and only on received /32 label-ipv4 routes) and in route-table-import policies associated with the label-ipv4 RIB.

The prefer-igp applies only in a route-table-import policy. If prefer-igp is specified and BGP segment-routing uses prefix-sid-range global, then BGP tries, as a first priority, to use the IGP segment routing label index for the IGP route matched by the route-table-import policy. If the IGP route does not have an SID index, or prefer-igp is not configured or prefix-sid-range is not global, BGP tries to use the label index value specified by this command.

When this action occurs in a policy applied as a peer-import policy, it can add a prefix SID attribute to a received /32 label-ipv4 route that was not sent with this attribute, or it can replace the received prefix SID attribute with a new one.

If this command specifies an index value that causes a SID conflict with another BGP route, then all conflicting BGP routes are re-advertised with label values based on dynamic allocation rather than SID-based allocation.

If this command specifies an index value that causes a SID conflict with an IGP route, the BGP route is re-advertised with a label value based on dynamic allocation rather than an SID-based allocation.

The no form of this command causes matched BGP routes to be advertised without any new or changed prefix SID attributes.

Default 

no sr-label-index

Parameters 
value—
Specifies the BGP segment routing label index to associate with the matched route or routes.
Values—
0 to 52487

 

param-name—
Specifies the type parameter variable name, up to 32 characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Policy parameters must start and end with at-signs (@); for example, “@variable@”.
prefer-igp
A keyword that is applicable only in route-table-import policies, to instruct BGP to borrow the SID index from the IGP route if it has an SID index and the prefix-sid-range is global.

23.310. sr-labels

sr-labels

Syntax 
sr-labels start start-value end end-value
no sr-labels
Context 
[Tree] (config>router>mpls-labels sr-labels)
Full Contexts 
configure router mpls-labels sr-labels
Description 

This command configures the range of the Segment Routing Global Block (SRGB). It is a label block which is used for assigning labels to segment routing prefix SIDs originated by this router. This range is carved from the system dynamic label range and is not instantiated by default.

This is a reserved label and once configured it cannot be used by other protocols such as RSVP, LDP, and BGP to assign a label dynamically.

Default 

no sr-labels

Parameters 
start-value—
Specifies the start label value in the SRGB
Values—
18432 to 524287 within dynamic label range | 1048575 (FP4 only)

 

end-value—
Specifies the end label value in the SRGB
Values—
18432 to 524287 within dynamic label range | 1048575 (FP4 only)

 

23.311. sr-maintenance-policy

sr-maintenance-policy

Syntax 
sr-maintenance-policy maintenance-policy-name
no sr-maintenance-policy
Context 
[Tree] (config>router>policy-options>policy-statement>entry>action sr-maintenance-policy)
Full Contexts 
configure router policy-options policy-statement entry action sr-maintenance-policy
Description 

This command applies a named segment routing maintenance policy to the matching routes. It is only used for SR policy routes. The named policy must exist under the config>router>segment-routing context.

The no form of this command removes the specified maintenance policy.

Parameters 
maintenance-policy-name—
Specifies the name of the maintenance policy, up to 32 characters and cannot start with a space or underscore.

23.312. sr-ospf

sr-ospf

Syntax 
[no] sr-ospf
Context 
[Tree] (config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter sr-ospf)
[Tree] (config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter sr-ospf)
[Tree] (config>service>vprn>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter sr-ospf)
Full Contexts 
configure service epipe bgp-evpn mpls auto-bind-tunnel resolution-filter sr-ospf
configure service vpls bgp-evpn mpls auto-bind-tunnel resolution-filter sr-ospf
configure service vprn bgp-evpn mpls auto-bind-tunnel resolution-filter sr-ospf
Description 

This command selects the Segment Routing (SR) tunnel type programed by an OSPF instance in TTM.

When the sr-ospf (or sr-isis) value is enabled, an SR tunnel to the BGP next hop is selected in the TTM from the lowest-numbered IS-IS (OSPF) instance.

The no form of this command disables the SR-OSPF setting for the auto-bind tunnel.

sr-ospf

Syntax 
[no] sr-ospf
Context 
[Tree] (config>service>vprn>auto-bind-tunnel>resolution-filter sr-ospf)
Full Contexts 
configure service vprn auto-bind-tunnel resolution-filter sr-ospf
Description 

This command enables setting the SR-OSPF3 type for the auto bind tunnel.

When the sr-ospf (sr-isis) value is enabled, a SR tunnel to the BGP next hop is selected in the TTM from the lowest numbered IS-IS (OSPF) instance.

sr-ospf

Syntax 
[no] sr-ospf
Context 
[Tree] (config>router>static-route-entry>indirect>tunnel-next-hop>resolution-filter sr-ospf)
Full Contexts 
configure router static-route-entry indirect tunnel-next-hop resolution-filter sr-ospf
Description 

This command enables the use of SR-OSPF sourced tunnel entries in the TTM to resolve the associated static route next hop.

Default 

no sr-ospf

sr-ospf

Syntax 
[no] sr-ospf
Context 
[Tree] (config>service>sdp sr-ospf)
Full Contexts 
configure service sdp sr-ospf
Description 

This command configures an MPLS SDP of LSP type OSPF Segment Routing. The SDP of LSP type sr-ospf can be used with the far-end option. The signaling protocol for the service labels for an SDP using an SR tunnel can be configured to static (off), T-LDP (tldp), or BGP (bgp).

sr-ospf

Syntax 
[no] sr-ospf
Context 
[Tree] (config>router>bgp>next-hop-resolution>shortcut-tunn>family>resolution-filter sr-ospf)
[Tree] (config>router>bgp>next-hop-resolution>labeled-routes>transport-tunnel>family>resolution-filter sr-ospf)
Full Contexts 
configure router bgp next-hop-resolution labeled-routes transport-tunnel family resolution-filter sr-ospf
configure router bgp next-hop-resolution shortcut-tunnel family resolution-filter sr-ospf
Description 

This command selects the Segment Routing (SR) tunnel type programmed by an OSPF instance in TTM for next-hop resolution of BGP routes and labeled routes. This option allows BGP to use the segment routing tunnel in the tunnel table submitted by the lowest preference OSPF instance or, in case of a tie, the lowest numbered OSPF instance.

23.313. sr-ospf3

sr-ospf3

Syntax 
[no] sr-ospf3
Context 
[Tree] (config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter sr-ospf3)
[Tree] (config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter sr-ospf3)
[Tree] (config>service>vprn>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter sr-ospf3)
Full Contexts 
configure service epipe bgp-evpn mpls auto-bind-tunnel resolution-filter sr-ospf3
configure service vpls bgp-evpn mpls auto-bind-tunnel resolution-filter sr-ospf3
configure service vprn bgp-evpn mpls auto-bind-tunnel resolution-filter sr-ospf3
Description 

This command selects the Segment Routing (SR) tunnel type programed by an OSPF3 instance in TTM.

When the sr-ospf3 (or sr-isis) command is enabled, an SR tunnel to the BGP next hop is selected in the TTM from the lowest-numbered IS-IS (OSPF) instance.

The no form of this command disables the SR-OSPF3 setting for the auto-bind tunnel.

sr-ospf3

Syntax 
[no] sr-ospf3
Context 
[Tree] (config>service>vprn>auto-bind-tunnel>resolution-filter sr-ospf3)
Full Contexts 
configure service vprn auto-bind-tunnel resolution-filter sr-ospf3
Description 

This command enables setting the SR-OSPFv3 tunnel type for the auto bind tunnel.

When the sr-ospf3 value is enabled, a SR tunnel to the BGP next hop is selected in the TTM from the lowest numbered OSPFv3 instance.

sr-ospf3

Syntax 
[no] sr-ospf3
Context 
[Tree] (config>router>bgp>next-hop-resolution>shortcut-tunn>family>resolution-filter sr-ospf3)
[Tree] (config>router>bgp>next-hop-resolution>labeled-routes>transport-tunnel>family>resolution-filter sr-ospf3)
Full Contexts 
configure router bgp next-hop-resolution labeled-routes transport-tunnel family resolution-filter sr-ospf3
configure router bgp next-hop-resolution shortcut-tunnel family resolution-filter sr-ospf3
Description 

This command selects the IPv6 segment routing tunnel type programmed by an OSPFv3 instance in the TTMv6 for next-hop resolution of BGP routes and labeled routes. This option allows BGP to use the segment routing tunnel in the tunnel table submitted by the lowest preference OSPFv3 instance or, in case of a tie, the lowest-numbered OSPFv3 instance.

23.314. sr-policies

sr-policies

Syntax 
sr-policies
Context 
[Tree] (config>router>segment-routing sr-policies)
Full Contexts 
configure router segment-routing sr-policies
Description 

This command creates the context to configure segment routing policies. A segment routing policy specifies traffic to be matched by the policy and actions to take on the matched traffic by applying the instructions encoded in one or more segment lists.

23.315. sr-policy

sr-policy

Syntax 
[no] sr-policy
Context 
[Tree] (config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter sr-policy)
[Tree] (config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter sr-policy)
[Tree] (config>service>vprn>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter sr-policy)
Full Contexts 
configure service epipe bgp-evpn mpls auto-bind-tunnel resolution-filter sr-policy
configure service vpls bgp-evpn mpls auto-bind-tunnel resolution-filter sr-policy
configure service vprn bgp-evpn mpls auto-bind-tunnel resolution-filter sr-policy
Description 

This command selects tunnel type for the SR policy.

The sr-policy value instructs BGP to search for an SR policy with a non-null endpoint and color value that matches the BGP next hop and color extended community value of the EVPN route.

The no form of this command disables the SR policy setting for the auto-bind tunnel.

sr-policy

Syntax 
[no] sr-policy
Context 
[Tree] (config>service>vprn>auto-bind-tunnel>resolution-filter sr-policy)
Full Contexts 
configure service vprn auto-bind-tunnel resolution-filter sr-policy
Description 

This command enables setting the SR policy tunnel type for the auto bind tunnel.

The sr-policy value instructs BGP to search for an SR policy with a non-null endpoint and color value that matches the BGP next hop and color extended community value, respectively, of the VPN-IP route.

sr-policy

Syntax 
sr-policy
sr-policy color color-id endpoint ip-address
Context 
[Tree] (config>saa>test>type-multi-line>lsp-ping sr-policy)
[Tree] (config>saa>test>type-multi-line>lsp-trace sr-policy)
Full Contexts 
configure saa test type-multi-line lsp-ping sr-policy
configure saa test type-multi-line lsp-trace sr-policy
Description 

This command configures the SR policy target FEC.

Note:

The sr-policy target FEC type is supported under the OAM context and under type-multi-line node in the SAA context.

Parameters 
color color—
Specifies the color ID.
Values—
0 to 4294967295

 

endpoint ip-address
Specifies the endpoint address.
Values—

ipv4-address: a.b.c.d

ipv6-address: x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x - [0 to FFFF]H

d - [0 to 255]D

 

sr-policy

Syntax 
[no] sr-policy
Context 
[Tree] (config>router>bgp>next-hop-resolution>shortcut-tunn>family>resolution-filter sr-policy)
[Tree] (config>router>bgp>next-hop-resolution>labeled-routes>transport-tunnel>family>resolution-filter sr-policy)
Full Contexts 
configure router bgp next-hop-resolution labeled-routes transport-tunnel family resolution-filter sr-policy
configure router bgp next-hop-resolution shortcut-tunnel family resolution-filter sr-policy
Description 

This command enables the use of segment routing policies to resolve the BGP next-hop of certain BGP routes (depending on the context). The segment routing policies that are considered are statically configured in the local router or learned by BGP routes (AFI 1/SAFI 73). For a BGP route to be resolved by an SR policy, the highest numbered color extended community attached to BGP route must match the color of the SR policy. Next hop resolution of VPN IP routes by SR policies is not supported.

23.316. sr-policy-import

sr-policy-import

Syntax 
[no] sr-policy-import
Context 
[Tree] (config>router>bgp sr-policy-import)
Full Contexts 
configure router bgp sr-policy-import
Description 

This command instructs BGP to import all statically-configured non-local segment routing policies from the segment routing DB into the BGP RIB so that they can be advertised, as originated routes, towards BGP peers supporting the sr-policy-ipv4 address family.

The no form of this command instructs BGP to not import any statically defined segment routing policies into BGP.

Default 

no sr-policy-import

23.317. sr-te

sr-te

Syntax 
[no] sr-te
Context 
[Tree] (config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter sr-te)
[Tree] (config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter sr-te)
[Tree] (config>service>vprn>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter sr-te)
Full Contexts 
configure service epipe bgp-evpn mpls auto-bind-tunnel resolution-filter sr-te
configure service vpls bgp-evpn mpls auto-bind-tunnel resolution-filter sr-te
configure service vprn bgp-evpn mpls auto-bind-tunnel resolution-filter sr-te
Description 

This command selects the Segment Routing (SR) Traffic Engineered (SR-TE) LSP programmed in TTM.

The sr-te value instructs the system to search for the best metric SR-TE LSP to the address of the BGP next hop. The LSP metric is provided by MPLS in the tunnel table. In the case of multiple SR-TE LSPs with the same lowest metric, BGP selects the LSP with the lowest tunnel ID.

The no form of this command disables the SR-TE LSP setting for the auto-bind tunnel.

sr-te

Syntax 
[no] sr-te
Context 
[Tree] (config>service>vprn>auto-bind-tunnel>resolution-filter sr-te)
Full Contexts 
configure service vprn auto-bind-tunnel resolution-filter sr-te
Description 

This command enables setting the SR-TE tunnel type for the auto bind tunnel.

The sr-te value instructs the system to search for the best metric SR-TE LSP to the address of the BGP next hop. The LSP metric is provided by MPLS in the tunnel table. In the case of multiple SR-TE LSPs with the same lowest metric, BGP selects the LSP with the lowest tunnel-id.

sr-te

Syntax 
[no] sr-te
Context 
[Tree] (config>router>mpls>pce-initiated-lsp sr-te)
Full Contexts 
configure router mpls pce-initiated-lsp sr-te
Description 

This command enables support for SR-TE PCE-initiated LSPs.

The no form of this command removes SR-TE PCE-initiated LSP support. All PCE-initiated SR-TE LSPs are deleted.

sr-te

Syntax 
[no] sr-te
Context 
[Tree] (config>router>static-route-entry>indirect>tunnel-next-hop>resolution-filter sr-te)
Full Contexts 
configure router static-route-entry indirect tunnel-next-hop resolution-filter sr-te
Description 

The sr-te value instructs the code to search for the set of lowest metric SR-TE LSPs to the address of the indirect next-hop. The LSP metric is provided by MPLS in the tunnel table. The static route treats a set of SR-TE LSPs with the same lowest metric as an ECMP set. The user has the option of configuring a list of SR-TE LSP names to be used exclusively instead of searching in the tunnel table. In that case, all LSPs must have the same LSP metric in order for the static route to use them as an ECMP set. Otherwise, only the LSPs with the lowest common metric value are selected.

Default 

no sr-te

sr-te

Syntax 
[no] sr-te
Context 
[Tree] (config>router>bgp>next-hop-resolution>shortcut-tunn>family>resolution-filter sr-te)
[Tree] (config>router>bgp>next-hop-resolution>labeled-routes>transport-tunnel>family>resolution-filter sr-te)
Full Contexts 
configure router bgp next-hop-resolution labeled-routes transport-tunnel family resolution-filter sr-te
configure router bgp next-hop-resolution shortcut-tunnel family resolution-filter sr-te
Description 

This command selects the Segment Routing (SR) tunnel type programmed by a traffic engineered (TE) instance in TTM for next-hop resolution. In the case of multiple SR-TE tunnels with the same lowest metric, BGP selects the tunnel with the lowest tunnel ID.

sr-te

Syntax 
[no] sr-te
Context 
[Tree] (config>router>isis>igp-shortcut>tunnel-next-hop>family sr-te)
Full Contexts 
configure router isis igp-shortcut tunnel-next-hop family sr-te
Description 

This command selects the SR-TE tunnel type in the resolution of the IP prefix or SR tunnel family using IGP shortcuts.

sr-te

Syntax 
[no] sr-te
Context 
[Tree] (config>router>ospf>igp-shortcut>tunnel-next-hop>family sr-te)
[Tree] (config>router>ospf3>igp-shortcut>tunnel-next-hop>family sr-te)
Full Contexts 
configure router ospf igp-shortcut tunnel-next-hop family sr-te
configure router ospf3 igp-shortcut tunnel-next-hop family sr-te
Description 

This command selects the SR-TE tunnel type in the resolution of the IP prefix or SR tunnel family using IGP shortcuts.

sr-te

Syntax 
sr-te {legacy |application-specific-link-attributes}
no sr-te
Context 
[Tree] (config>router>ospf>traffic-engineering-options sr-te)
Full Contexts 
configure router ospf traffic-engineering-options sr-te
Description 

This command configures the advertisement of TE attributes of each link on a per-application basis. Two applications are supported in SROS: RSVP-TE and SR-TE. Although the legacy mode of advertising TE attributes is supported, additional configurations are possible.

The no form of this command deletes the context.

Default 

no sr-te

Parameters 
legacy
Advertises the TE attributes for MPLS-enabled SR links using TE Opaque LSAs.
Note:

Do not configure the legacy mode if the network has both RSVP-TE and SR-TE attributes and the links are not congruent.

application-specific-link-attributes
Advertises TE information for MPLS-enabled SR links using the new Application Specific Link Attributes (ASLA) TLVs.

23.318. sr-te-lsp

sr-te-lsp

Syntax 
[no] sr-te-lsp lsp-name
Context 
[Tree] (config>service>sdp sr-te-lsp)
Full Contexts 
configure service sdp sr-te-lsp
Description 

This command configures an MPLS SDP of LSP type SR-TE.

The user can specify up to 16 SR-TE LSP names. The destination address of all LSPs must match that of the SDP far-end option. Service data packets are sprayed over the set of LSPs in the SDP using the same procedures as for tunnel selection in ECMP. Each SR-TE LSP can, however, have up to 32 next-hops at the ingress LER when the first segment is a node SID-based SR tunnel. Thus service data packet will be forwarded over one of a maximum of 16x32 next-hops.

The tunnel-far-end option is not supported. In addition, the mixed-lsp-mode option does not support the sr-te tunnel type.

The signaling protocol for the service labels for an SDP using a SR-TE LSP can be configured to static (off), T-LDP (tldp), or BGP (bgp).

23.319. sr-te-resignal

sr-te-resignal

Syntax 
sr-te-resignal
Context 
[Tree] (config>router>mpls sr-te-resignal)
Full Contexts 
configure router mpls sr-te-resignal
Description 

This command enables the context to configure the re-optimization parameters of SR-TE LSPs.

23.320. src-access-list

src-access-list

Syntax 
src-access-list list-name
no src-access-list list-name
Context 
[Tree] (config>system>security>snmp src-access-list)
Full Contexts 
configure system security snmp src-access-list
Description 

This command is used to identify a list of source IP addresses that can be used to validate SNMPv1 and SNMPv2c requests once the list is associated with one or more SNMPv1 and SNMPv2c communities.

An src-address-list referenced by one or more community instances is used to verify the source IP addresses of an SNMP request using the community regardless of which VPRN/VRF interface (or “Base” interface) the request arrived on. For example, if an SNMP request arrives on an interface in vprn 100 but the request is referencing a community, then the source IP address in the packet would be validated against the src-address-list configured for the community. This occurs regardless of whether the request is destined to a VPRN interface address and the VPRN has SNMP access enabled, or the request is destined to the base system address via GRT leaking. If the request message’s source IP address does not match the ip-address of any of the src-hosts contained in the list, then the request will be discarded and logged as an SNMP authentication failure.

Using src-access-list validation can have an impact on the time it takes for an SR OS node to reply to an SNMP request. It is recommended to keep the lists short, including only the addresses that are needed, and to place SNMP managers that send the highest volume of requests, such as the NSP NFM-P, at the top of the list.

A maximum of 16 source access lists can be configured. Each source access lists can contain a maximum of 16 source hosts.

The no form of this command removes the named src-access-list. You cannot remove an src-access-list that is referenced by one or more community instances.

Parameters 
list-name—
Configures the name or key of the src-access-list. The list-name parameter must begin with a letter (a-z or A-Z).

23.321. src-gsn

src-gsn

Syntax 
src-gsn ip address
src-gsn ip-prefix-list ip-prefix-list-name
no src-gsn
Context 
[Tree] (config>app-assure>group>gtp>gtp-fltr>imsi-apn-fltr>entry src-gsn)
Full Contexts 
configure application-assurance group gtp gtp-filter imsi-apn-filter entry src-gsn
Description 

This command configures a matching condition for the GSN IP address. The IP address value is checked only against the source IP address of the GTP packets that contain an APN IE or an IMSI IE.

Parameters 
ip address—
Specifies a valid unicast address associated with the IMSI-APN filter entry.
Values—

ipv4-address

a.b.c.d[/mask]

  mask - [1..32]

ipv6-address

x:x:x:x:x:x:x:x/prefix-length

x:x:x:x:x:x:d.d.d.d

  x - [0..FFFF]H

  d - [0..255]D

prefix-length   [1..128]

 

ip-prefix-list-name—
Specifies an IP address prefix list for the source IP address match criteria, up to 32 characters.

23.322. src-host

src-host

Syntax 
src-host host-name address ip-address
no src-host host-name
Context 
[Tree] (config>system>security>snmp>src-access-list src-host)
Full Contexts 
configure system security snmp src-access-list src-host
Description 

This command is used to configure a source IP address entry that can be used to validate SNMPv1 and SNMPv2c requests.

The no form of this command removes the specified entry.

Parameters 
host-name—
Configures the name of the src-host entry.
ip-address—
Configures an allowed source address for SNMP requests. This can be an IPv4 or IPv6 address.
Values—
ipv4-address: a.b.c.d
ipv6-address: x:x:x:x:x:x:x:x
x:x:x:x:x:x:d.d.d.d
x: [0..FFFF]H
d: [0..255]D

 

23.323. src-ip

src-ip

Syntax 
src-ip {ip-address/mask |ip-address netmask}
src-ip {ipv6-address |prefix-length}
no src-ip
Context 
[Tree] (config>subscr-mgmt>cat-map>category>exh-lvl>egr-ip>entry>match src-ip)
[Tree] (config>subscr-mgmt>cat-map>category>exh-lvl>egr-ipv6>entry>match src-ip)
Full Contexts 
configure subscriber-mgmt category-map category exhausted-credit-service-level egress-ip-filter-entries entry match src-ip
configure subscriber-mgmt category-map category exhausted-credit-service-level egress-ipv6-filter-entries entry match src-ip
Description 

This command configures the source IP match condition.

The no form of this command reverts to the default.

Parameters 
ipv6-address—
Specifies the IPv6 address (applies only to the 7750 SR).
Values—

ipv6-address

x:x:x:x:x:x:x:x (where x is [0 to FFFF]H)

x:x:x:x:x:x:d.d.d.d (where d is [0 to 255]D)

 

prefix-length—
Specifies the prefix length (applies only to the 7750 SR).
Values—
1 to 128

 

ip-address/mask—
Specifies the IPv4 address and mask.
Values—
ip-address a.b.c.d
mask 0 to 32

 

netmask—
Specifies the mask, expressed as a dotted quad.
Values—
a.b.c.d

 

src-ip

Syntax 
src-ip ip-address
no src-ip
Context 
[Tree] (config>redundancy>mc>peer>mcr>ring-node>connect-verify src-ip)
[Tree] (config>redundancy>mc>peer>mc>l3-ring>connectivity-verify src-ip)
Full Contexts 
configure redundancy multi-chassis peer multi-chassis l3-ring connectivity-verify src-ip
configure redundancy multi-chassis peer mc-ring ring-node connectivity-verify src-ip
Description 

This command specifies the source IP address used in ring-node connectivity verification of this ring node.

The no form of this command reverts to the default.

Parameters 
ip-address—
Specifies the source IP address used in ring-node connectivity verification of this ring node.

src-ip

Syntax 
src-ip ip-prefix/length
no src-ip
Context 
[Tree] (config>subscr-mgmt>isa-filter>entry>match src-ip)
[Tree] (config>subscr-mgmt>isa-filter>ipv6>entry>match src-ip)
Full Contexts 
configure subscriber-mgmt isa-filter entry match src-ip
configure subscriber-mgmt isa-filter ipv6 entry match src-ip
Description 

This command configures the source IP or IPv6 address match condition.

The no form of this command reverts to the default value.

src-ip

Syntax 
src-ip ip-address
no src-ip
Context 
[Tree] (config>redundancy>mc>peer>mcr>node>cv src-ip)
Full Contexts 
configure redundancy multi-chassis peer mc-ring ring ring-node connectivity-verify src-ip
Description 

This command specifies the source IP address used in the ring-node connectivity verification of this ring node.

Default 

no src-ip

Parameters 
ip-address—
Specifies the source IP address.
Values—
a.b.c.d (no multicast address)

 

src-ip

Syntax 
src-ip {eq |neq} ip-address
src-ip {eq |neq} ip-prefix-list ip-prefix-list-name
no src-ip
Context 
[Tree] (config>app-assure>group>policy>aqp>entry>match src-ip)
Full Contexts 
configure application-assurance group policy app-qos-policy entry match src-ip
Description 

This command specifies a source TCP/UDP address to use as match criteria.

Default 

no src-ip

Parameters 
eq—
Specifies that a successful match occurs when the flow matches the specified address or prefix.
neq —
Specifies that a successful match occurs when the flow does not match the specified address or prefix.
ip-address—
Specifies a valid unicast address.
Values—

ipv4-address

a.b.c.d[/mask]

  mask - [1..32]

ipv6-address

x:x:x:x:x:x:x:x/prefix-length

x:x:x:x:x:x:d.d.d.d

  x - [0..FFFF]H

  d - [0..255]D

prefix-length   [1..128]

 

ip-prefix-list-name—
Specifies an IP prefix list name, up to 32 characters.

src-ip

Syntax 
src-ip ip-address
src-ip ip-prefix-list ip-prefix-list-name
no src-ip
Context 
[Tree] (config>app-assure>group>sess-fltr>entry>match src-ip)
Full Contexts 
configure application-assurance group session-filter entry match src-ip
Description 

This command specifies a source TCP/UDP address to use as match criteria.

Default 

no src-ip

Parameters 
ip-address—
Specifies a valid unicast address.
Values—

ipv4-address

a.b.c.d[/mask]

  mask - [1..32]

ipv6-address

x:x:x:x:x:x:x:x/prefix-length

x:x:x:x:x:x:d.d.d.d

  x - [0..FFFF]H

  d - [0..255]D

prefix-length   [1..128]

 

ip-prefix-list-name—
Specifies an IP prefix list name, up to 32 characters.

src-ip

Syntax 
src-ip {eq |neq} ip-address
no src-ip
Context 
[Tree] (debug>app-assure>group>traffic-capture>match src-ip)
Full Contexts 
debug application-assurance group traffic-capture match src-ip
Description 

This command configures debugging on a source IP address.

src-ip

Syntax 
src-ip {ip-address/mask |ip-address ipv4-address-mask}
Context 
[Tree] (config>li>li-filter>li-ip-filter>entry>match src-ip)
Full Contexts 
configure li li-filter li-ip-filter entry match src-ip
Description 

This command configures source IP address LI filter match criterion.

The no form of this command removes any configured source IP. The match criterion is ignored.

Parameters 
ip-address—
Specifies an address specified as dotted quad.
Values—
a.b.c.d

 

mask—
Specifies eight 16-bit hexadecimal pieces representing bit match criteria.
Values—
1 to 32

 

ipv4-address-mask—
Any mask expressed in dotted quad notation.
Values—
0.0.0.0 to 255.255.255.255

 

src-ip

Syntax 
src-ip {ipv6-address/prefix-length |ipv6-address ipv6-address-mask}
no src-ip
Context 
[Tree] (config>li>li-filter>li-ipv6-filter>entry>match src-ip)
Full Contexts 
configure li li-filter li-ipv6-filter entry match src-ip
Description 

This command configures source IPv6 address LI filter match criterion.

The no form of this command removes any configured source IPv6 address. The match criterion is ignored.

Parameters 
ipv6-address—
Specifies an IPv6 address entered as:.
Values—
x:x:x:x:x:x:x:x (eight 16-bit pieces)
x:x:x:x:x:x:d.d.d.d
x - [0 to FFFF]H
d - [0 to 255]D

 

prefix-length—
Specifies a length.
Values—
1 to 128

 

ipv6-address-mask—
Specifies an IPv6 address mask expressed as:
Values—
x:x:x:x:x:x:x:x (eight 16-bit pieces)
x:x:x:x:x:x:d.d.d.d
x - [0 to FFFF]H
d - [0 to 255]D

 

src-ip

Syntax 
src-ip {ip-address/mask |ip-address [ipv4-address-mask] |ip-prefix-list prefix-list-name}
no src-ip
Context 
[Tree] (config>qos>sap-ingress>ip-criteria>entry>match src-ip)
[Tree] (config>qos>sap-egress>ip-criteria>entry>match src-ip)
Full Contexts 
configure qos sap-egress ip-criteria entry match src-ip
configure qos sap-ingress ip-criteria entry match src-ip
Description 

This command configures a source IPv4 address range to be used as an SAP QoS policy match criterion.

To match on the source IPv4 or IPv6 address, specify the address and its associated mask, e.g. 10.1.0.0/16. The conventional notation of 10.1.0.0 255.255.0.0 can also be used for IPv4.

The no form of this command removes the source IPv4 or IPv6 address match criterion.

Default 

no src-ip

Parameters 
ip-address—
Specifies the source IPv4 address specified in dotted decimal notation.
Values—
ip-address: a.b.c.d

 

mask—
Specifies the length in bits of the subnet mask.
Values—
1 to 32

 

ipv4-address-mask—
Specifies the subnet mask in dotted decimal notation.
Values—
a.b.c.d (dotted quad equivalent of mask length)

 

prefix-list-name—
Specifies the IPv4 prefix list name, a string of up to 32 printable ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

src-ip

Syntax 
src-ip {ipv6-address/prefix-length |ipv6-address ipv6-address-mask |ipv6-prefix-list ipv6-prefix-list-name}
no src-ip
Context 
[Tree] (config>qos>sap-ingress>ipv6-criteria>entry>match src-ip)
[Tree] (config>qos>sap-egress>ipv6-criteria>entry>match src-ip)
Full Contexts 
configure qos sap-egress ipv6-criteria entry match src-ip
configure qos sap-ingress ipv6-criteria entry match src-ip
Description 

This command configures a source IPv6 address range to be used as an SAP QoS policy match criterion.

To match on the source IPv6 address, specify the address and its associated mask, for example, 2001:db8:1000::/64.

The no form of this command removes the source IPv6 address match criterion.

Default 

no src-ip

Parameters 
ipv6-address—
Specifies the IPv6 address for the IP match criterion in hexadecimal digits.
Values—
x:x:x:x:x:x:x:x (eight 16-bit pieces) x:x:x:x:x:x:d.d.d.d x: [0 to FFFF]H d: [0 to 255]D

 

prefix-length—
Specifies the IPv6 prefix length for the IPv6 address expressed as a decimal integer.
Values—
1 to 128

 

ipv6-address-mask —
Specifies the IPv6 address mask.
Values—
x:x:x:x:x:x:x:x (eight 16-bit pieces)
x:x:x:x:x:x:d.d.d.d
x: [0 to FFFF]H
d: [0 to 255]D

 

ipv6-prefix-list-name—
Specifies the IPv6 prefix list name, a string of up to 32 printable ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

src-ip

Syntax 
src-ip {ip-address/mask |ip-address ipv4-address-mask |ip-prefix-list ip-prefix-list-name}
src-ip {ipv6-address/mask |ipv6-address ipv6-address-mask |ipv6-prefix-list ipv6-prefix-list-name}
no src-ip
Context 
[Tree] (config>qos>network>ingress>ip-criteria>entry>match src-ip)
[Tree] (config>qos>network>ingress>ipv6-criteria>entry>match src-ip)
[Tree] (config>qos>network>egress>ip-criteria>entry>match src-ip)
[Tree] (config>qos>network>egress>ipv6-criteria>entry>match src-ip)
Full Contexts 
configure qos network egress ip-criteria entry match src-ip
configure qos network egress ipv6-criteria entry match src-ip
configure qos network ingress ip-criteria entry match src-ip
configure qos network ingress ipv6-criteria entry match src-ip
Description 

This command configures a source IPv4 or IPv6 address range to be used as a network QoS policy match criterion.

To match on the source IPv4 or IPv6 address, specify the address and its associated mask, for example, when specifying an IPv4 address, 10.1.0.0/16 or 10.1.0.0 255.255.0.0 can be used.

The no form of this command removes the source IPv4 or IPv6 address match criterion.

Parameters 
ip-address —
Specifies the source IPv4 address specified in dotted decimal notation.
Values—
ip-address: a.b.c.d

 

mask —
Specifies the length in bits of the subnet mask.
Values—
1 to 32

 

ipv4-address-mask —
Specifies the subnet mask in dotted decimal notation.
Values—
a.b.c.d (dotted quad equivalent of mask length)

 

ip-prefix-list-name—
Specifies an IPv4 prefix list which contains IPv4 address prefixes to be matched. IP prefix lists are only supported at a network ingress.
Values—
A string of up to 32 characters of printable ASCII characters. If special characters are used, the string must be enclosed within double quotes.

 

ipv6-address —
Specifies the IPv6 prefix for the IP match criterion in hex digits.
Values—

ipv6-address:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 to FFFF]H

d: [0 to 255]D

 

mask —
Specifies the length of the ipv6-address expressed as a decimal integer.
Values—
1 to 128

 

ipv6-address-mask —
Specifies the eight 16-bit hexadecimal pieces representing bit match criteria.
Values—
x:x:x:x:x:x:x (eight 16-bit pieces)

 

ipv6-prefix-list-name—
Specifies an IPv6 prefix list which contains IPv6 address prefixes to be matched. IPv6 prefix lists are only supported at a network ingress.
Values—
A string of up to 32 characters of printable ASCII characters. If special characters are used, the string must be enclosed within double quotes.

 

src-ip

Syntax 
IPv4:
src-ip {ip-address/mask |ip-address ipv4-address-mask |ip-prefix-list prefix-list-name}
IPv6:
src-ip {ipv6-address/prefix-length |ipv6-address ipv6-address-mask |ipv6-prefix-list prefix-list-name}
no src-ip
Context 
[Tree] (config>filter>ip-exception>entry>match src-ip)
[Tree] (config>filter>ipv6-filter>entry>match src-ip)
[Tree] (config>filter>ipv6-exception>entry>match src-ip)
[Tree] (config>filter>ipv6-filter>entry>match src-ip)
Full Contexts 
configure filter ip-exception entry match src-ip
configure filter ipv6-exception entry match src-ip
configure filter ipv6-filter entry match src-ip
Description 

This command configures a source IPv4 or IPv6 address range to be used as an IP filter or IP exception match criterion.

To match on the source IPv4 or IPv6 address, specify the address and its associated mask, for example, 10.1.0.0/16 for IPv4. The conventional notation of 10.1.0.0 255.255.0.0 may also be used for IPv4.

The no form of the command removes the source IP address match criterion.

Default 

no src-ip

Parameters 
ip-address—
Specifies the destination IPv4 address specified in dotted decimal notation.
Values—
a.b.c.d

 

mask—
Specifies the length in bits of the subnet mask.
Values—
1 to 32

 

ipv4-address-mask—
Specifies the subnet mask in dotted decimal notation.
Values—
a.b.c.d (dotted quad equivalent of mask length)

 

ip-prefix-list or ipv6-prefix-list prefix-list-name —
Specifies to use a list of IP prefixes referred to by prefix-list-name, which is a string of up to 32 characters of printable ASCII characters. If special characters are used, the string must be enclosed within double quotes.
ipv6-address —
Specifies an IPv6 prefix for the IP match criterion in hex digits.
Values—
x:x:x:x:x:x:x:x (eight 16-bit pieces)
x:x:x:x:x:x:d.d.d.d
x: [0..FFFF]H
d: [0..255]D

 

prefix-length —
Specifies whether a the IPv6 prefix length for the specified ipv6-address expressed as a decimal integer.
Values—
1 to 128

 

ipv6-address-mask —
Specifies eight 16-bit hexadecimal pieces representing bit match criteria.
Values—
x:x:x:x:x:x:x:x (eight 16-bit pieces)
x:x:x:x:x:x:d.d.d.d
x: [0..FFFF]H
d: [0..255]D

 

src-ip

Syntax 
src-ip ip-prefix[/mask] [netmask]
src-ip ip-prefix-list ip-prefix-list-name
no src-ip
Context 
[Tree] (config>system>security>mgmt-access-filter>ip-filter>entry src-ip)
Full Contexts 
configure system security management-access-filter ip-filter entry src-ip
Description 

This command configures a source IP address range or an IP prefix list to be used as a management access filter match criterion.

The no form of this command removes the source IP address match criterion.

Default 

no src-ip

Parameters 
ip-prefix—
Specifies the IP prefix for the IP match criterion in dotted decimal notation.
mask—
Specifies the subnet mask length expressed as a decimal integer.
Values—
1 to 32 (mask length), 0.0.0.0 to 255.255.255.255 (dotted decimal)

 

netmask—
Specifies the dotted quad equivalent of the mask length.
Values—
0.0.0.0 to 255.255.255.255

 

ip-prefix-list-name —
Specifies the IP prefix list used as a match criterion for the source IP address. It is a string of up to 32 characters of printable ASCII characters. If special characters are used, the string must be enclosed within double quotes .

src-ip

Syntax 
src-ip ipv6-address/prefix-length
src-ip ipv6-prefix-list ipv6-prefix-list-name
no src-ip
Context 
[Tree] (config>system>security>mgmt-access-filter>ipv6-filter>entry src-ip)
Full Contexts 
configure system security management-access-filter ipv6-filter entry src-ip
Description 

This command configures a source IPv6 address range or an IPv6 prefix list to be used as a management access filter match criterion. This command only applies to the 7750 SR and 7950 XRS.

The no form of this command removes the source IPv6 address match criterion.

Default 

no src-ip

Parameters 
ipv6-address/prefix-length—
Specifies the IPv6 address for the IPv6 match criterion in dotted decimal notation. An IPv6 IP address is written as eight 4-digit (16-bit) hexadecimal numbers separated by colons. One string of zeros per address can be left out, so that 2001:db8::0:217A is the same as 2001:db8:0:0:0:0:0:217A.
Values—

ipv6-address

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0..FFFF]H

d: [0..255]D

prefix-length

1 to 128

 

ipv6-prefix-list-name —
Specifies the IPv6 prefix list used a match criterion for the source IP address. It is a string of up to 32 characters of printable ASCII characters. If special characters are used, the string must be enclosed within double quotes .

src-ip

Syntax 
src-ip [ipv6-address/prefix-length| ip-prefix-list prefix-list-name]
no src-ip
Context 
[Tree] (config>sys>sec>cpm>ip-filter>entry>match src-ip)
Full Contexts 
config sys sec cpm ip-filter entry match src-ip
Description 

This command specifies the IP address to match the source IP address of the packet.

To match on the source IP address, specify the address and its associated mask, such as 10.1.0.0/16. The conventional notation of 10.1.0.0 255.255.0.0 may also be used.

The no form of this command removes the source IP address match criterion.

Default 

no src-ip

Parameters 
ipv6-address/prefix-length—
Specifies the IP address for the match criterion in dotted decimal notation. An IP address is written as eight 4-digit (16-bit) hexadecimal numbers separated by colons. One string of zeros per address can be left out, so that 2001:db8::0:217A is the same as 2001:db8:0:0:0:0:0:217A.
Values—

ipv4-address

a.b.c.d (host bits must be 0)

x:x:x:x:x:x:d.d.d.d[-interface]

x: [0..FFFF]H

d: [0..255]D

interface: 32 characters maximum, mandatory for link local addresses

prefix-length

1 to 128

 

ip-prefix-list —
Creates a list of IPv4 prefixes for match criteria in IPv4 ACL and CPM filter policies.
ip-prefix-list-name—
Specifies a string of up to 32 characters of printable ASCII characters. If special characters are used, the string must be enclosed within double quotes.

src-ip

Syntax 
src-ip [ip-address/mask |ipv6-prefix-list ipv6-prefix-list-name]
no src-ip
Context 
[Tree] (config>sys>sec>cpm>ipv6-filter>entry>match src-ip)
Full Contexts 
config sys sec cpm ipv6-filter entry match src-ip
Description 

This command specifies the IPv6 address to match the source IPv6 address of the packet.

To match on the source IP address, specify the address and its associated mask, such as 10.1.0.0/16. The conventional notation of 10.1.0.0 255.255.0.0 may also be used.

The no form of this command removes the source IP address match criterion.

This command only applies to the 7750 SR and 7950 XRS.

Default 

no src-ip

Parameters 
ip-address/mask—
Specifies the IP address for the match criterion in dotted decimal notation. An IP address is written as eight 4-digit (16-bit) hexadecimal numbers separated by colons. One string of zeros per address can be left out, so that 2001:db8::0:217A is the same as 2001:db8:0:0:0:0:0:217A.
Values—

ipv6-address

x:x:x:x:x:x:x:x[-interface]

x:x:x:x:x:x:d.d.d.d[-interface]

x: [0..FFFF]H

d: [0..255]D

interface: 32 characters maximum, mandatory for link local addresses

mask:

Specifies eight 16-bit hexadecimal pieces representing bit match criteria.

Values

x:x:x:x:x:x:x (eight 16-bit pieces)

 

ipv6-prefix-list —
Creates a list of IPv6 prefixes for match criteria in IPv6 ACL and CPM filter policies.
ipv6-prefix-list-name—
Specifies a string of up to 32 characters of printable ASCII characters. If special characters are used, the string must be enclosed within double quotes.

23.324. src-ip-address

src-ip-address

Syntax 
src-ip-address ip-address
no src-ip-address
Context 
[Tree] (config>saa>test>type-multi-line>lsp-ping>sr-policy src-ip-address)
[Tree] (config>saa>test>type-multi-line>lsp-trace>sr-policy src-ip-address)
Full Contexts 
configure saa test type-multi-line lsp-ping sr-policy src-ip-address
configure saa test type-multi-line lsp-trace sr-policy src-ip-address
Description 

This command configures the source IP address. This option is used when an OAM packet must be generated from a different address than the node’s system interface address. For example, when the OAM packet is sent over an LDP LSP and the LDP LSR-ID of the corresponding LDP session to the next hop is set to an address other than the system interface address.

The no form of this command removes the configuration.

Parameters 
ip-address
Specifies the source IP address.
Values—

ipv4-address: a.b.c.d

ipv6-address: x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x - [0 to FFFF]H

d - [0 to 255]D

 

23.325. src-ipv4-address

src-ipv4-address

Syntax 
src-ipv4-address a.b.c.d
no src-ipv4-address
Context 
[Tree] (config>test-oam>build-packet>header>ipv4 src-ipv4-address)
[Tree] (debug>oam>build-packet>packet>field-override>header>ipv4 src-ipv4-address)
Full Contexts 
configure test-oam build-packet header ipv4 src-ipv4-address
debug oam build-packet packet field-override header ipv4 src-ipv4-address
Description 

This command defines the source IPv4 address to be used in the IPv4 header.

The no form of this command removes the source IPv4 address.

Default 

src-ipv4-address 0.0.0.0

Parameters 
a.b.c.d—
Specifies the IPv4 source address to be used in the IPv4 header.

23.326. src-ipv6-address

src-ipv6-address

Syntax 
src-ipv6-address ipv6-address
no src-ipv6-address
Context 
[Tree] (config>test-oam>build-packet>header>ipv6 src-ipv6-address)
[Tree] (debug>oam>build-packet>packet>field-override>header>ipv6 src-ipv6-address)
Full Contexts 
configure test-oam build-packet header ipv6 src-ipv6-address
debug oam build-packet packet field-override header ipv6 src-ipv6-address
Description 

This command defines the source IPv6 address to be used in the IPv6 header.

The no form of the removes the source IPv6 address.

Parameters 
ipv6-address—
Specifies the IPv6 source address to be used in the IPv6 header.
Values—

ipv6-address:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x:

0 to FFFF]H

d:

[0 to 255]D

 

23.327. src-mac

src-mac

Syntax 
src-mac ieee-address
no src-mac
Context 
[Tree] (config>redundancy>mc>peer>mcr>ring-node>connect-verify src-mac)
[Tree] (config>redundancy>mc>peer>mc>l3-ring>connectivity-verify src-mac)
Full Contexts 
configure redundancy multi-chassis peer multi-chassis l3-ring connectivity-verify src-mac
configure redundancy multi-chassis peer mc-ring ring-node connectivity-verify src-mac
Description 

This command specifies the source MAC address used for the Ring-Node Connectivity Verification of this ring node.

If all zeros are specified, then the MAC address of the system management processor (CPM) is used.

The no form of this command reverts to the default.

Parameters 
ieee-address —
Specifies the 48-bit MAC address for the static ARP in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee, and ff are hexadecimal numbers. Allowed values are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses.

src-mac

Syntax 
src-mac ieee-address
no src-mac
Context 
[Tree] (config>redundancy>mc>peer>mcr>node>cv src-mac)
Full Contexts 
configure redundancy multi-chassis peer mc-ring ring ring-node connectivity-verify src-mac
Description 

This command specifies the source MAC address used for the Ring-Node Connectivity Verification of this ring node.

A value of all zeros (000000000000 H (0:0:0:0:0:0)) specifies that the MAC address of the system management processor (CPM) is used.

Default 

no src-mac

Parameters 
ieee-address—
Specifies the source MAC address.
Values—
xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx

 

src-mac

Syntax 
src-mac ieee-address [ieee-address-mask]
no src-mac
Context 
[Tree] (config>li>li-filter>li-mac-filter>entry>match src-mac)
Full Contexts 
configure li li-filter li-mac-filter entry match src-mac
Description 

This command configures a source MAC address or range to be used as a MAC filter match criterion.

The no form of this command removes the source mac as the match criteria.

Parameters 
ieee-address—
Specifies the 48-bit IEEE mac address to be used as a match criterion.
Values—
HH:HH:HH:HH:HH:HH or HH-HH-HH-HH-HH-HH where H is a hexadecimal digit

 

ieee-address-mask—
Specifies a 48-bit mask that can be configured using:

Format Style

Format Syntax

Example

Decimal

DDDDDDDDDDDDDD

281474959933440

Hexadecimal

0xHHHHHHHHHHHH

0x0FFFFF000000

Binary

0bBBBBBBB...B

0b11110000...B

To configure so that all packets with a source MAC OUI value of 00-03-FA are subject to a match condition then the entry should be specified as: 003FA000000 0xFFFFFF000000

Default—
0xFFFFFFFFFFFF (exact match)
Values—
0x00000000000000 to 0xFFFFFFFFFFFF

 

src-mac

Syntax 
src-mac ieee-address [ieee-address-mask]
no src-mac
Context 
[Tree] (config>qos>sap-ingress>mac-criteria>entry>match src-mac)
Full Contexts 
configure qos sap-ingress mac-criteria entry match src-mac
Description 

This command configures a source MAC address or range to be used as a service ingress QoS policy match criterion.

The no form of this command removes the source mac as the match criteria.

Default 

no src-mac

Parameters 
ieee-address—
Enter the 48-bit IEEE MAC address to be used as a match criterion.
Values—
HH:HH:HH:HH:HH:HH or HH-HH-HH-HH-HH-HH where H is a hexadecimal digit

 

ieee-address-mask—
This 48-bit mask can be configured using the following formats:

Format Style

Format Syntax

Example

Decimal

DDDDDDDDDDDDDD

281474959933440

Hexadecimal

0xHHHHHHHHHHHH

0x0FFFFF000000

Binary

0bBBBBBBB...B

0b11110000...B

To configure all packets with a source MAC OUI value of 00-03-FA to be subject to a match condition, the entry should be specified as: 003FA000000 0xFFFFFF000000

Values—
0x00000000000000 to 0xFFFFFFFFFFFF (hex)

 

Default—
0xFFFFFFFFFFFF (hex) (exact match)

src-mac

Syntax 
src-mac ieee-address [ieee-address-mask]
no src-mac
Context 
[Tree] (config>filter>ip-filter>entry>match src-mac)
[Tree] (config>filter>ipv6-filter>entry>match src-mac)
[Tree] (config>filter>mac-filter>entry>match src-mac)
Full Contexts 
configure filter ip-filter entry match src-mac
configure filter ipv6-filter entry match src-mac
configure filter mac-filter entry match src-mac
Description 

Configures a source MAC address or range to be used as a MAC filter match criterion.

The no form of the command removes the source mac as the match criteria.

Default 

no src-mac

Parameters 
ieee-address—
Specifies the 48-bit IEEE MAC address to be used as a match criterion.
Values—
HH:HH:HH:HH:HH:HH or HH-HH-HH-HH-HH-HH where H is a hexadecimal digit; both upper and lower case are supported.

 

ieee-address-mask—
Specifies the 48-bit mask to match a range of MAC address values.

To configure so that all packets with a source MAC OUI value of 00:03:FA are subject to a match condition then the entry should be specified as: 00:03:FA:00:00:00 FF:FF:FF:00:00:00

Default—
ff:ff:ff:ff:ff:ff (exact match)
Values—
HH:HH:HH:HH:HH:HH or HH-HH-HH-HH-HH-HH where H is an hexadecimal digit; both upper and lower case are supported.

 

src-mac

Syntax 
src-mac ieee-address [ieee-address-mask]
no src-mac
Context 
[Tree] (config>system>security>mgmt-access-filter>mac-filter>entry>match src-mac)
Full Contexts 
configure system security management-access-filter mac-filter entry match src-mac
Description 

This command configures a source MAC address or range to be used as a MAC filter match criterion.

The no form of this command removes the source mac as the match criteria.

Default 

no src-mac

Parameters 
ieee-address—
Specifies the 48-bit IEEE mac address to be used as a match criterion.
Values—
HH:HH:HH:HH:HH:HH or HH-HH-HH-HH-HH-HH where H is a hexadecimal digit

 

ieee-address-mask—
Specifies a 48-bit mask that can be configured using the formats listed in Table 143:
Table 143:  ieee-address-mask Formats

Format Style

Format Syntax

Example

Decimal

DDDDDDDDDDDDDD

281474959933440

Hexadecimal

0xHHHHHHHHHHHH

0x0FFFFF000000

Binary

0bBBBBBBB...B

0b11110000...B

To configure so that all packets with a source MAC OUI value of 00-03-FA are subject to a match condition then the entry should be specified as: 003FA000000 0xFFFFFF000000

Default—
0xFFFFFFFFFFFF (exact match)
Values—
0x00000000000000 to 0xFFFFFFFFFFFF

 

23.328. src-mac-address

src-mac-address

Syntax 
src-mac-address ieee-address
no src-mac-address
Context 
[Tree] (config>test-oam>build-packet>header>ethernet src-mac-address)
[Tree] (debug>oam>build-packet>packet>field-override>header>ethernet src-mac-address)
Full Contexts 
configure test-oam build-packet header ethernet src-mac-address
debug oam build-packet packet field-override header ethernet src-mac-address
Description 

This command defines the source MAC address for the Ethernet header.

The no form of this command deletes the configured MAC address.

Default 

no override

Parameters 
ieee-address—
Specifies the source Ethernet MAC address to be used in the Ethernet header. Specifies the 48-bit MAC address.
Values—
xx:xx:xx:xx:xx:xx

 

23.329. src-port

src-port

Syntax 
src-port {lt |gt |eq} src-port-number
src-port range start end
no src-port
Context 
[Tree] (config>subscr-mgmt>cat-map>category>exh-lvl>ingr-ip>entry>match src-port)
[Tree] (config>subscr-mgmt>cat-map>category>exh-lvl>ingr-ipv6>entry>match src-port)
[Tree] (config>subscr-mgmt>cat-map>category>exh-lvl>egr-ip>entry>match src-port)
[Tree] (config>subscr-mgmt>cat-map>category>exh-lvl>egr-ipv6>entry>match src-port)
Full Contexts 
configure subscriber-mgmt category-map category exhausted-credit-service-level egress-ip-filter-entries entry match src-port
configure subscriber-mgmt category-map category exhausted-credit-service-level egress-ipv6-filter-entries entry match src-port
configure subscriber-mgmt category-map category exhausted-credit-service-level ingress-ip-filter-entries entry match src-port
configure subscriber-mgmt category-map category exhausted-credit-service-level ingress-ipv6-filter-entries entry match src-port
Description 

This command configures the source port match condition.

The no form of this command reverts to the default.

Parameters 
lt |gt |eq—
Specifies the operators.
src-port-number—
Specifies the source port number as a decimal hex or binary.
Values—
0 to 65535

 

dst-port-number—
Specifies the destination port number as a decimal hex or binary.
Values—
0 to 65535

 

src-port

Syntax 
src-port operator port-number
no src-port
Context 
[Tree] (config>subscr-mgmt>isa-filter>entry>match src-port)
[Tree] (config>subscr-mgmt>isa-filter>ipv6>entry>match src-port)
Full Contexts 
configure subscriber-mgmt isa-filter entry match src-port
configure subscriber-mgmt isa-filter ipv6 entry match src-port
Description 

This command configures the source port match condition.

The no form of this command reverts to the default value.

src-port

Syntax 
src-port {eq |neq} port-num
src-port {eq |neq} port-list port-list-name
src-port {eq |neq} range start-port-num end-port-num
no src-port
Context 
[Tree] (config>app-assure>group>policy>aqp>entry>match src-port)
Full Contexts 
configure application-assurance group policy app-qos-policy entry match src-port
Description 

This command specifies a source IP port, source port list, or source range to use as match criteria.

The no form of this command removes the parameters from the configuration.

Default 

no src-port

Parameters 
eq—
Specifies that a successful match occurs when the flow matches the specified port.
neq —
Specifies that a successful match occurs when the flow does not match the specified port.
port-num—
Specifies the source port number.
Values—
0 to 65535

 

start-port-num end-port-num—
Specifies the start or end source port number.
Values—
0 to 65535

 

port-list-name —
Specifies a named port-list, up to 32 characters, containing a set of ports or ranges of ports.

src-port

Syntax 
src-port {eq |gt |lt} port-num
src-port port-list port-list-name
src-port range start-port-num end-port-num
no src-port
Context 
[Tree] (config>app-assure>group>sess-fltr>entry>match src-port)
Full Contexts 
configure application-assurance group session-filter entry match src-port
Description 

This command specifies a source IP port, source port list, or source range to use as match criteria.

The no form of this command removes the parameters from the configuration.

Default 

no src-port

Parameters 
eq—
Specifies that a successful match occurs when the flow matches the specified port.
gt —
Specifies all port numbers greater than the port-number match.
lt —
Specifies all port numbers less than the port-number match.
port-num—
Specifies the source port number.
Values—
0 to 65535

 

start-port-num end-port-num—
Specifies the start or end source port number.
Values—
0 to 65535

 

port-list-name —
Specifies a named port-list, up to 32 characters, containing a set of ports or ranges of ports.

src-port

Syntax 
src-port {eq |neq} port-num
no src-port
Context 
[Tree] (debug>app-assure>group>traffic-capture>match src-port)
Full Contexts 
debug application-assurance group traffic-capture match src-port
Description 

This command configures debugging on a source port.

src-port

Syntax 
src-port {lt |gt |eq} src-port-number
src-port range src-port-number src-port-number
no src-port
Context 
[Tree] (config>li>li-filter>li-ip-filter>entry>match src-port)
[Tree] (config>li>li-filter>li-ipv6-filter>entry>match src-port)
Full Contexts 
configure li li-filter li-ip-filter entry match src-port
configure li li-filter li-ipv6-filter entry match src-port
Description 

This command configures a source TCP or UDP port number or port range for an IP LI filter match criterion. Note that an entry containing Layer 4 match criteria will not match non-initial (second, third, and so on) fragments of a fragmented packet since only the first fragment contains the Layer 4 information.

The no form of this command removes the source port match criterion.

Parameters 
lt—
Specifies all port numbers less than src-port-number match.
gt—
Specifies all port numbers greater than src-port-number match.
eq—
Specifies that src-port-number must be an exact match.
src-port-number—
Specifies the source port number to be used as a match criteria expressed as a decimal integer.
Values—
[0..65535]D
[0x0..0xFFFF]H
[0b0..0b1111111111111111]B

 

src-port

Syntax 
src-port {lt |gt |eq} src-port-number
src-port range start end
no src-port
Context 
[Tree] (config>qos>sap-ingress>ip-criteria>entry>match src-port)
[Tree] (config>qos>sap-egress>ip-criteria>entry>match src-port)
[Tree] (config>qos>sap-ingress>ipv6-criteria>entry>match src-port)
[Tree] (config>qos>sap-egress>ipv6-criteria>entry>match src-port)
Full Contexts 
configure qos sap-egress ip-criteria entry match src-port
configure qos sap-egress ipv6-criteria entry match src-port
configure qos sap-ingress ip-criteria entry match src-port
configure qos sap-ingress ipv6-criteria entry match src-port
Description 

This command configures a source TCP or UDP port number or port range for a SAP QoS policy match criterion.

The no form of this command removes the source port match criterion.

Default 

no src-port

Parameters 
{lt |gt |eq} src-port-number
The TCP or UDP port numbers to match, specified as less than (lt), greater than (gt), or equal to (eq) to the source port value, specified as a decimal integer.
Values—
1 to 65535 (decimal)

 

range start end
The range of TCP or UDP port values to match, specified as between the start and end source port values inclusive.
Values—
1 to 65535 (decimal)

 

src-port

Syntax 
src-port {lt |gt |eq} src-port-number
src-port port-list port-list-name
src-port range start end
no src-port
Context 
[Tree] (config>qos>network>ingress>ip-criteria>entry>match src-port)
[Tree] (config>qos>network>ingress>ipv6-criteria>entry>match src-port)
[Tree] (config>qos>network>egress>ip-criteria>entry>match src-port)
[Tree] (config>qos>network>egress>ipv6-criteria>entry>match src-port)
Full Contexts 
configure qos network egress ip-criteria entry match src-port
configure qos network egress ipv6-criteria entry match src-port
configure qos network ingress ip-criteria entry match src-port
configure qos network ingress ipv6-criteria entry match src-port
Description 

This command configures a source TCP or UDP port number, port range, or a port list for a network QoS policy match criterion.

The no form of this command removes the source port match criterion.

Default 

no src-port

Parameters 
lt —
Keyword used to specify TCP or UDP port numbers to match that are less than the source port value.
gt —
Keyword used to specify TCP or UDP port numbers to match that are greater than the source port value.
eq —
Keyword used to specify TCP or UDP port numbers to match that are equal to the source port value.
src-port-number
The source port value, specified as a decimal integer.
Values—
1 to 65535

 

port-list-name
Specifies a port list name, up to 32 characters of printable ASCII characters. If special characters are used, the string must be enclosed within double quotes.
start
Specifies the starting range of TCP or UDP source port values to match.
Values—
1 to 65535

 

end
Specifies the end range of TCP or UDP source port values to match.
Values—
1 to 65535

 

src-port

Syntax 
src-port {lt |gt |eq} src-port-number
src-port port-list port-list-name
src-port range src-port-number src-port-number
no src-port
Context 
[Tree] (config>filter>ip-exception>entry>match src-port)
[Tree] (config>filter>ip-filter>entry>match src-port)
[Tree] (config>filter>ipv6-exception>entry>match src-port)
[Tree] (config>filter>ipv6-filter>entry>match src-port)
Full Contexts 
configure filter ip-exception entry match src-port
configure filter ip-filter entry match src-port
configure filter ipv6-exception entry match src-port
configure filter ipv6-filter entry match src-port
Description 

This command configures a source TCP, UDP, or SCTP port number, port range, or port match list for an IP filter or IP exception match criterion. An entry containing Layer 4 non-zero match criteria will not match non-initial (2nd, 3rd, and so on) fragments of a fragmented packet since only the first fragment contains the Layer 4 information. Similarly an entry containing "src-port eq 0" match criterion, may match non-initial fragments when the source port value is not present in a packet fragment and other match criteria are also met.

The no form of the command removes the source port match criterion.

Default 

no src-port

Parameters 
lt |gt |eq—
Specifies the operator to use relative to src-port-number for specifying the port number match criteria.

lt specifies that all port numbers less than src-port-number match.

gt specifies that all port numbers greater than src-port-number match.

eq specifies that src-port-number must be an exact match.

src-port-number—
Specifies the source port number to be used as a match criteria expressed as a decimal integer, and in hexadecimal or binary format. Below shows decimal integer only.
Values—
0 to 65535

 

port-list-name—
Specifies to use a list of ports referred to by port-list-name, which is a string of up to 32 characters of printable ASCII characters. If special characters are used, the string must be enclosed within double quotes.
src-port-number src-port-number
Specifies inclusive port range between two src-port-number values.

src-port

Syntax 
src-port {port-id |cpm |lag lag-id}
no src-port
Context 
[Tree] (config>system>security>mgmt-access-filter>ip-filter>entry src-port)
[Tree] (config>system>security>mgmt-access-filter>ipv6-filter>entry src-port)
Full Contexts 
configure system security management-access-filter ip-filter entry src-port
configure system security management-access-filter ipv6-filter entry src-port
Description 

This command restricts ingress management traffic to either the CPM/CCM Ethernet port or any other logical port (for example LAG) on the device.

When the source interface is configured, only management traffic arriving on those ports satisfy the match criteria.

The no form of this command reverts to the default value.

Default 

no src-port

Parameters 
port-id—
Specifies the port ID in formats shown below.
Values—

slot/mda/port[.channel]

bundle-id

bundle-type-slot/mda.bundle-num

  bundle

keyword

  type

ima, fr, or ppp

  bundle-num

1 to 336

bpgrp-id

bpgrp-type-bpgrp-num

bpgrp

keyword

  type

ima or ppp

  bpgrp-num

1 to 2000

aps-id

aps-group-id[.channel]

  aps

keyword

  group-id

1 to 128

ccag-id

ccag-id. path-id[cc-type]

  ccag

keyword

  id

1 to 8

  path-id

a, b

  cc-type

.sap-net, .net-sap

 

cpm—
Matches any traffic received on any Ethernet port.
lag-id—
Specifies the LAG identifier.
Values—
1 to 800

 

src-port

Syntax 
src-port tcp/udp port-number [mask]
scr-port port-list port-list-name
scr-port range tcp/udp port-number tcp/udp port-number
no scr-port
Context 
[Tree] (config>sys>sec>cpm>ip-filter>entry>match src-port)
[Tree] (config>sys>sec>cpm>ipv6-filter>entry>match src-port)
Full Contexts 
config sys sec cpm ip-filter entry match src-port
config sys sec cpm ipv6-filter entry match src-port
Description 

This command specifies the TCP/UDP port to match the source port of the packet.

Note:

An entry containing Layer 4 match criteria will not match non-initial (2nd, 3rd, etc) fragments of a fragmented packet since only the first fragment contains the Layer 4 information.

Default 

no src-port

Parameters 
tcp/udp port-number—
Specifies the source port number to be used as a match criteria expressed as a decimal integer.
Values—
0 to 65535

 

port-list-name—
Specifies the port list name to be used as a match criteria for the destination port.
mask
Specifies the 16 bit mask to be applied when matching the destination port.
Values—
[0x0000..0xFFFF] | [0..65535] | [0b0000000000000000..0b1111111111111111]

 

23.330. src-prefix

src-prefix

Syntax 
src-prefix ip-address/mask [ip-address/mask]
no src-prefix ip-address/mask
Context 
[Tree] (config>service>vprn>mvpn>red-source-list src-prefix)
Full Contexts 
configure service vprn mvpn red-source-list src-prefix
Description 

This command configures multicast source IPv4 prefixes for preferred source selection. Single or multi-line inputs are allowed.

The no form of this command deletes specified prefix from the list.

Default 

No prefixes are specified.

Parameters 
ip-address/mask—
IPv4 address prefix with mask. Up to 8 maximum.

src-prefix

Syntax 
src-prefix ipv6-ip-address/prefix-length [ipv6-address/prefix-length]
no ipv6-ip-address/prefix-length
Context 
[Tree] (config>service>vprn>mvpn>red-source-list>ipv6 src-prefix)
Full Contexts 
configure service vprn mvpn red-source-list ipv6 src-prefix
Description 

This command configures multicast source IPv6 prefixes for preferred source selection. Single or multi-line inputs are allowed.

The no form of this command deletes specified prefix from the list

Default 

No prefixes are specified.

Parameters 
ipv6-ip-address/mask—
IPv6 address prefix with prefix-length. Up to 8 maximum.

23.331. src-route-option

src-route-option

Syntax 
src-route-option {true |false}
no source-route-option
Context 
[Tree] (config>filter>ip-filter>entry>match src-route-option)
Full Contexts 
configure filter ip-filter entry match src-route-option
Description 

This command enables source route option match conditions. When enabled, this filter should match if a (strict or loose) source route option is present/not present at any location within the IP header, as per the value of this object. The no form of the command removes the criterion from the match entry.

Default 

no src-route-option

Parameters 
true—
Enables source route option match conditions.
false—
Disables source route option match conditions.

23.332. src-tcp-port

src-tcp-port

Syntax 
src-tcp-port tcp-port
no src-tcp-port
Context 
[Tree] (config>test-oam>build-packet>header>tcp src-tcp-port)
Full Contexts 
configure test-oam build-packet header tcp src-tcp-port
Description 

This command defines the source TCP port to be used in the test TCP header.

The no form of this command reverts to the default.

Default 

src-tcp-port 0

Parameters 
tcp-port—
Specifies the source TCP port to be used in the test TCP header.
Values—
0 to 65535

 

src-tcp-port

Syntax 
src-tcp-port tcp-port
no src-tcp-port
Context 
[Tree] (debug>oam>build-packet>packet>field-override>header>tcp src-tcp-port)
Full Contexts 
debug oam build-packet packet field-override header tcp src-tcp-port
Description 

This command defines the source TCP port to be used in the TCP header.

The no form of this command reverts to the default.

Default 

no override

Parameters 
tcp-port—
Specifies the source TCP port to be used in the test TCP header.
Values—
0 to 65535

 

23.333. src-udp-port

src-udp-port

Syntax 
src-udp-port udp-port
no src-udp-port
Context 
[Tree] (config>test-oam>build-packet>header>udp src-udp-port)
Full Contexts 
configure test-oam build-packet header udp src-udp-port
Description 

This command defines the source UDP port to be used in the test UDP header.

The no form of this command reverts to the default.

Default 

src-udp-port 0

Parameters 
udp-port—
Specifies the source UDP port to be used in the test UDP header.
Values—
0 to 65535

 

src-udp-port

Syntax 
src-udp-port udp-port
no src-udp-port
Context 
[Tree] (debug>oam>build-packet>packet>field-override>header>udp src-udp-port)
Full Contexts 
debug oam build-packet packet field-override header udp src-udp-port
Description 

This command defines the source UDP port to be used in the UDP header.

The no form of this command reverts to the default.

Default 

no override

Parameters 
udp-port—
Specifies the source UDP port to be used in the UDP header.
Values—
0 to 65535

 

23.334. srefresh

srefresh

Syntax 
srefresh [detail]
no srefresh
Context 
[Tree] (debug>router>gmpls>packet srefresh)
Full Contexts 
debug router gmpls packet srefresh
Description 

This command enables debugging for GMPLS Srefresh packets.

The no form of the command disables debugging for GMPLS Srefresh packets.

Parameters 
detail—
Keyword to produce debug output in greater detail.

srefresh

Syntax 
srefresh [detail]
no srefresh
Context 
[Tree] (debug>router>rsvp>packet srefresh)
Full Contexts 
debug router rsvp packet srefresh
Description 

This command debugs srefresh packets.

The no form of the command disables the debugging.

Parameters 
detail—
Displays detailed information about srefresh packets.

23.335. srlb

srlb

Syntax 
srlb reserved-label-block-name
no srlb
Context 
[Tree] (config>router>ospf>segm-rtng srlb)
[Tree] (config>router>isis>segm-rtng srlb)
Full Contexts 
configure router isis segment-routing srlb
configure router ospf segment-routing srlb
Description 

This command specifies the reserved label block to use for the Segment Routing Local Block (SRLB) for the specified IS-IS or OSPF instance. The named reserved label block must already have been configured under config>router>mpls>mpls-labels.

The no form of this command removes an SRLB.

Parameters 
reserved-label-block-name—
Specifies the name of the reserved label block, up to 64 characters.

23.336. srlg

srlg

Syntax 
[no] srlg
Context 
[Tree] (config>router>mpls>lsp>secondary srlg)
Full Contexts 
configure router mpls lsp secondary srlg
Description 

This command enables the use of the SRLG constraint in the computation of a secondary path for an LSP at the head-end LER. The command is configurable for both RSVP-TE and SR-TE LSPs.

When SRLG is enabled, CSPF includes the SRLG constraint in the computation of the secondary LSP path if path-computation-method local-cspf is configured on the LSP. CSPF returns the list of SRLG groups along with the ERO during primary path CSPF computation. At a subsequent establishment of a secondary path with the SRLG constraint, the MPLS task again queries CSPF by providing the list of SRLG group numbers to be avoided. CSPF prunes all links with interfaces that belong to the same SRLGs as the interfaces included in the ERO of the primary path. If CSPF finds a path, the secondary path is set up. If a path is not found, MPLS keeps retrying the requests to CSPF.

An SRLG enabled secondary or standby path of the LSP configured with a value of the path-computation-method command other than local-cspf remains operationally down with a failure code of srlgPrimaryCspfDisabled(25).

When an LSP is administratively enabled, the SRLG-enabled secondary path is not tried if the first attempt to bring up the primary path is in progress. The SRLG enabled secondary path is kept down temporarily with failure code srlgPrimaryPathDown(26). After this first attempt, MPLS begins setting up the SRLG-enabled standby paths. If primary path computation fails or primary path was not configured, MPLS requests CSPF to compute the secondary path using an empty primary SRLG list. The SRLG disjoint state field shows True in this scenario.

If the primary path is re-optimized, has undergone MBB, or has come back up after being down, the MPLS task check determines if any SRLG secondary paths should be re-signaled. If MPLS finds that a secondary path is no longer SRLG disjointed, and therefore becomes ineligible, MPLS puts it on a delayed MBB immediately after the expiry of the retry timer. If MBB fails at the first try, the secondary path is torn down and the path is put on retry if not active. If the secondary path is active, then it is only torn down and resignaled when the primary path is activated. The secondary path can remain active even when ineligible while the revert timer to activate the primary path is still running.

If the primary goes down while active, the LSP uses the path of an eligible SRLG secondary path if it is up. If all secondary eligible SRLG paths are down, MPLS uses a non-SRLG secondary path, if configured and up. While the LSP is using a non-SRLG secondary path, if an eligible SRLG secondary path comes back up, MPLS switches the path of the LSP to the eligible SRLG secondary path. As soon as a path for the primary is successfully computed by CSPF, MPLS schedules the delay retry MBB for the secondary path using the new SRLG list.

If the primary path goes down while inactive, for example it is waiting for the revert timer to expire, MPLS resets the SRLG list of the primary to empty and changes the state of all secondary paths, including the currently active one, to the Disjointed state. A delay retry MBB is still performed but results in no change to the active secondary path.

A secondary path that becomes ineligible as a result of an update to the SRLG membership list of the primary path has the ineligibility status removed on any of the following events:

  1. a successful delay retry MBB of the secondary SRLG path that makes it eligible again
  2. the secondary path goes down. MPLS puts the standby on retry at the expiry of the retry timer. If successful, it becomes eligible. If not successful after the retry-timer expires or the number of retries reached the number configured under the retry-limit parameter, it is left down.

Once the primary path of the LSP is set up and is operationally up, any subsequent changes to the SRLG group membership of an interface that the primary path is using is not considered until the next opportunity the primary path is re-signaled. The primary path may be re-signaled due to a failure or to a make-before-break operation. Make-before-break occurs as a result of a global revertive operation, a timer based or manual re-optimization of the LSP path, or an operator change to any of the path constraints.

Once an SRLG secondary path is set up and is operationally up, any subsequent changes to the SRLG group membership of an interface the secondary path is using is not considered until the next opportunity when the secondary path is re-signaled. The secondary path is re-signaled due to a failure, to a re-signaling of the primary path, or to a make before break operation. Make-before-break occurs as a result of a timer based or manual re-optimization of the secondary path, or an operator change to any of the path constraints of the secondary path, except for enabling or disabling the srlg command itself. Enabling or disabling the srlg command on an active secondary or on an active or inactive secondary standby path causes the path to be torn down and re-signaled.

In addition, the user-configured include or exclude admin group statements for a secondary path are also checked together with the SRLG constraints by CSPF.

The following behavior of the feature is specific to the SR-TE LSP.

  1. An SRLG-enabled SR-TE LSP secondary path with SID label hops remains operational with failure code srlgPathWithSidHops(59).
  2. An SR-TE LSP uses IGP advertised link SRLG information in the TE database. It does not support the use of SRLG information in the static user SRLG database (configure router mpls srlg-database).
  3. Delay Retry MBB for making a non-disjointed path a disjointed one is not supported with an SR-TE LSP. Instead, the system performs a break-before-make (that is, teardown and retry) operation. If a non-disjointed path is the active path of the LSP, that path is torn down and retried after the router switches to another path (for example, after revert-timer expires). If the non-disjointed path is not an active path, it is torn down and retried immediately.

The no form of this command reverts to the default value.

Default 

no srlg

23.337. srlg-database

srlg-database

Syntax 
[no] srlg-database
Context 
[Tree] (config>router>mpls srlg-database)
Full Contexts 
configure router mpls srlg-database
Description 

This command provides the context for the user to enter manually the link members of SRLG groups for the entire network at any node that needs to signal LSP paths (for example, a head-end node).

The no form of this command deletes the entire SRLG database. CSPF will assume all interfaces have no SRLG membership association if the database was not disabled with the command config>router>mpls>user-srlg-db disable.

23.338. srlg-enable

srlg-enable

Syntax 
[no] srlg-enable
Context 
[Tree] (config>router>route-next-hop-policy>template srlg-enable)
Full Contexts 
configure router route-next-hop-policy template srlg-enable
Description 

This command configures the SRLG constraint into the route next-hop policy template.

When this command is applied to a prefix, the LFA SPF will attempt to select an LFA next-hop, among the computed ones, which uses an outgoing interface that does not participate in any of the SLRGs of the outgoing interface used by the primary next-hop.

The SRLG criterion is applied before running the LFA next-hop selection algorithm.

The no form deletes the SRLG constraint from the route next-hop policy template.

Default 

no srlg-enable

23.339. srlg-frr

srlg-frr

Syntax 
srlg-frr [strict]
no srlg-frr
Context 
[Tree] (config>router>mpls srlg-frr)
Full Contexts 
configure router mpls srlg-frr
Description 

This command enables the use of the SRLG constraint in the computation of FRR bypass or detour to be associated with any primary LSP path on this system.

When this option is enabled, CSPF includes the SRLG constraint in the computation of a FRR detour or bypass for protecting the primary LSP path.

CSPF prunes all links with interfaces that belong to the same SRLG as the interface that is being protected, that is, the outgoing interface at the PLR the primary path is using. If one or more paths are found, the MPLS task will select one based on best cost and will signal the bypass/detour. If not found and the user has included the strict option, the bypass/detour is not setup and the MPLS task will keep retrying the request to CSPF. Otherwise, if a path exists that meets the other TE constraints, other than the SRLG one, the bypass/detour is setup.

A bypass or a detour LSP path is not intended to be SRLG disjoint from the entire primary path. Only the SRLGs of the outgoing interface at the PLR that the primary path is using are avoided.

When the MPLS task is searching for an SRLG bypass tunnel to associate with the primary path of the protected LSP, it will first check if any configured manual bypass LSP with CSPF enabled satisfies the SRLG constraints. The search skips any non-CSPF manual bypass LSP because there is no ERO returned to check the SRLG constraint. If no path is found, the task will check if an existing dynamic bypass LSP satisfies the SRLG and other primary path constraints. If not found, it will make a request to CSPF.

Once the primary path of the LSP is configured and is operationally up, subsequent changes to the SRLG group membership of an interface the primary path is using are not considered by the MPLS task at the PLR for bypass/detour association until the next opportunity the bypass LSP path or the primary path is resignaled. The path may be resignaled due to a failure or a Make-Before-Break (MBB) operation. MBB occurs as a result of a global revertive operation, a timer based or manual re-optimization of the bypass LSP or LSP primary path, or a user update of the primary path constraints.

Once the bypass or detour path is set up and is operationally up, subsequent changes to the SRLG group membership of an interface the bypass/detour path is using are not considered by the MPLS task at the PLR until the next opportunity when the association with the primary LSP path is rechecked. The association is rechecked if the bypass path is re-optimized using the timer or manual resignal MBB. Detour paths cannot be re-optimized separately from the primary path.

Enabling or disabling srlg-frr command only takes effect when the LSP primary path or the bypass path is resignaled. The user can either wait for the resignal timer to expire or cause the paths to be resignaled immediately by executing, at the ingress LER, the manual resignal command for the LSP primary path or for the bypass LSP path.

A MPLS interface can belong to a maximum of 64 SRLG groups. The SRLG groups are configured using the config>router>if-attribute>srlg-group command. The SRLG groups that an RSVP interface belong to are configured using the srlg-group command in the config>router>mpls>interface context.

The no form of this command reverts to the default value.

Default 

no srlg-frr

Parameters 
strict —
Specifies the name of the SRLG group within a virtual router instance.
Values—
no srlg-frr (default) srlg-frr (non-strict) srlg-frr strict (strict)

 

23.340. srlg-group

srlg-group

Syntax 
[no] srlg-group group-name [group-name]
no srlg-group
Context 
[Tree] (config>router>if>if-attribute srlg-group)
[Tree] (config>service>ies>if>if-attribute srlg-group)
[Tree] (config>service>vprn>if>if-attribute srlg-group)
[Tree] (config>router>mpls>if srlg-group)
Full Contexts 
configure router interface if-attribute srlg-group
configure router mpls interface srlg-group
configure service ies interface if-attribute srlg-group
configure service vprn interface if-attribute srlg-group
Description 

This command configures the SRLG membership of an interface. The user can apply SRLGs to an IES, VPRN, network IP, or MPLS interface.

An interface can belong to up to 64 SRLG groups. However, each single operation of the srlg-group command allows a maximum of five (5) groups to be specified at a time. Once an SRLG group is bound to one or more interface, its value cannot be changed until all bindings are removed.

The configured SRLG membership will be applied in all levels/areas the interface is participating in. The same interface cannot have different memberships in different levels/areas.

Only the SRLGs bound to an MPLS interface are advertised area-wide in TE link TLVs and sub-TLVs when the traffic-engineering option is enabled in IS-IS or OSPF. IES and VPRN interfaces do not have their attributes advertised in TE TLVs.

The no form of this command deletes one or more of the SRLG memberships of an interface. The user can also delete all memberships of an interface by not specifying a group name.

Parameters 
group-name—
Specifies the name of the group, up to 32 characters. The association of group name and value should be unique within an IP/MPLS domain. Each single operation of the srlg-group command allows a maximum of 5 groups to be specified at a time.

srlg-group

Syntax 
srlg-group group-name value group-value [penalty-weight penalty-weight]
no srlg-group group-name
Context 
[Tree] (config>router>if-attribute srlg-group)
Full Contexts 
configure router if-attribute srlg-group
Description 

This command defines a Shared Risk Link Group (SRLG) which can be associated with an IP or MPLS interface.

SRLG is used to tag IP or MPLS interfaces which share a specific fate with the same identifier. For example, an SRLG group identifier could represent all links which use separate fibers but are carried in the same fiber conduit. If the conduit is accidentally cut, all the fiber links are cut which means all interfaces using these fiber links will fail.

The user first configures locally on each router the name and identifier of each SRLG group. A maximum of 1024 SRLGs can be configured per system.

The user then configures the SRLG membership of an interface. The user can apply SRLGs to an IES, VPRN, network IP, or MPLS interface. A maximum of 64 SRLGs can be applied to a given interface.

When SRLGs are applied to MPLS interfaces, CSPF at an LER will exclude the SRLGs of interfaces used by the LSP primary path when computing the path of the secondary path. CSPF at an LER or LSR will also exclude the SRLGs of the outgoing interface of the primary LSP path in the computation of the path of the FRR backup LSP. This provides path disjointness between the primary path and the secondary path or FRR backup path of an LSP.

When SRLGs applied to IES, VPRN, or network IP interfaces, they are evaluated in the route next-hop selection by adding the srlg-enable option in a route next-hop policy template applied to an interface or a set of prefixes. For instance, the user can enable the SRLG constraint to select a LFA next-hop for a prefix which avoids all interfaces that share fate with the primary next-hop.

The following provisioning rules are applied to SRLG configuration. The system will reject the creation of a SRLG if it re-uses the same name but with a different group value than an existing group. The system will also reject the creation of an SRLG if it re-uses the same group value but with a different name than an existing group.

Only the SRLGs bound to an MPLS interface are advertised area-wide in TE link TLVs and sub-TLVs when the traffic-engineering option is enabled in IS-IS or OSPF. IES and VPRN interfaces do not have their attributes advertised in TE TLVs.

A user may specify a penalty weight (penalty-weight) associated with an SRLG. This controls the likelihood of paths with links sharing SRLG values with a primary path being used by a bypass or detour LSP. The higher the penalty weight, the less desirable it is to use the link with a given SRLG.

Parameters 
group-name—
Specifies the name of the group, up to 32 characters. The association of group name and value should be unique within an IP/MPLS domain.
group-value—
Specifies the integer value associated with the group. The association of group name and value should be unique within an IP/MPLS domain.
Values—
0 to 4294967295

 

penalty-weight—
Specifies the integer value of the penalty weight that is assigned to the SRLG group
Values—
0 to 65535

 

Default—
0

23.341. srrp

srrp

Syntax 
srrp srrp-id [create]
no srrp srrp-id
Context 
[Tree] (config>service>ies>sub-if>grp-if srrp)
[Tree] (config>service>vprn>sub-if>grp-if srrp)
Full Contexts 
configure service ies subscriber-interface group-interface srrp
configure service vprn subscriber-interface group-interface srrp
Description 

This command creates a Subscriber Router Redundancy Protocol (SRRP) instance on a group IP interface. An SRRP instance manages all subscriber subnets within the group interfaces subscriber IP interface or other subscriber IP interfaces that are associated through a wholesale/retail relationship. Only one unique SRRP instance can be configured per group interface.

The no form of this command removes an SRRP instance from a group IP interface. Once removed, the group interface ignores ARP requests for the SRRP gateway IP addresses that may exist on subscriber subnets associated with the group IP interface. Then the group interface stops routing using the redundant IP interface associated with the group IP interface and will stop routing with the SRRP gateway MAC address. Ingress packets destined to the SRRP gateway MAC will also be silently discarded. This is the same behavior as a group IP interface that is disabled (shutdown).

The no form of this command removes the SRRP ID from the configuration.

Default 

no srrp

Parameters 
srrp-id—
Specifies a 32 bit instance ID that must be unique to the system. The instance ID must also match the instance ID used by the remote router that is participating in the same SRRP context. SRRP is intended to perform a function similar to VRRP where adjacent IP hosts within local subnets use a default gateway to access IP hosts on other subnets.
Values—
1 to 4294967295

 

srrp

Syntax 
[no] srrp
Context 
[Tree] (debug>router srrp)
Full Contexts 
debug router srrp
Description 

This command enables debugging for SRRP packets.

The no form of this command disables debugging.

srrp

Syntax 
[no] srrp
Context 
[Tree] (config>redundancy>multi-chassis>peer>sync srrp)
Full Contexts 
configure redundancy multi-chassis peer sync srrp
Description 

This command specifies whether subscriber routed redundancy protocol (SRRP) information should be synchronized with the multi-chassis peer.

Default 

no srrp

23.342. srrp-enabled-routing

srrp-enabled-routing

Syntax 
srrp-enabled-routing [hold-time hold-time]
no srrp-enabled-routing
Context 
[Tree] (config>service>ies>sub-if>grp-if srrp-enabled-routing)
[Tree] (config>service>vprn>sub-if>grp-if srrp-enabled-routing)
Full Contexts 
configure service ies subscriber-interface group-interface srrp-enabled-routing
configure service vprn subscriber-interface group-interface srrp-enabled-routing
Description 

This command configures SRRP-enabled routing.

The no form of this command reverts to the default.

Parameters 
hold-time hold-time
Specifies the hold time, in deci-seconds.
Values—
1 to 50

 

23.343. srrp-instance

srrp-instance

Syntax 
[no] srrp-instance srrp-id
Context 
[Tree] (config>redundancy>mc>peer>mc>l3-ring srrp-instance)
Full Contexts 
configure redundancy multi-chassis peer multi-chassis l3-ring srrp-instance
Description 

This command configures an SRRP instance for Layer 3 ring.

The no form of this command reverts to the default.

Parameters 
srrp-id—
Specifies the SRRP ID of this SRRP instance.
Values—
1 to 4294967295

 

23.344. ssap

ssap

Syntax 
ssap ssap-value [ssap-mask]
no ssap
Context 
[Tree] (config>qos>sap-ingress>mac-criteria>entry>match ssap)
Full Contexts 
configure qos sap-ingress mac-criteria entry match ssap
Description 

This command configures an Ethernet 802.2 LLC SSAP value or range for an ingress SAP QoS policy match criterion.

This is a 1-byte field that is part of the 802.2 LLC header of the IEEE 802.3 Ethernet Frame.

The snap-pid field, etype field, ssap, and dsap fields are mutually exclusive and cannot be part of the same match criteria.

The no form of this command removes the ssap match criterion.

Default 

no ssap

Parameters 
ssap-value—
The 8-bit ssap match criteria value in hex.
Values—
0x00 to 0xFF (hex)

 

ssap-mask—
This is optional and can be used when specifying a range of ssap values to use as the match criteria.

This 8-bit mask can be configured using the following formats:

Format Style

Format Syntax

Example

Decimal

DDD

240

Hexadecimal

0xHH

0xF0

Binary

0bBBBBBBBB

0b11110000

Values—
0x00 to 0xFF

 

ssap

Syntax 
ssap ssap-value [ssap-mask]
no ssap
Context 
[Tree] (config>filter>mac-filter>entry>match ssap)
Full Contexts 
configure filter mac-filter entry match ssap
Description 

This command configures an Ethernet 802.2 LLC SSAP value or range for a MAC filter match criterion.

This is a one-byte field that is part of the 802.2 LLC header of the IEEE 802.3 Ethernet Frame.

The snap-pid field, etype field, ssap and dsap fields are mutually exclusive and may not be part of the same match criteria.

The no form of the command removes the ssap match criterion.

Default 

no ssap

Parameters 
ssap-value—
Specifies the 8-bit ssap match criteria value in decimal, hexadecimal or binary.
Values—
0 to 255

 

ssap-mask—
Specifies an optional parameter that may be used when specifying a range of ssap values to use as the match criteria.

This 8 bit mask and the ssap value can be configured as described in Table 144.

Table 144:  8-bit Mask Syntax

Format Style

Format Syntax

Example

Decimal

DDD

240

Hexadecimal

0xHH

0xF0

Binary

0bBBBBBBBB

0b11110000

Values—
0 to 255

 

ssap

Syntax 
ssap ssap-value [ssap-mask]
no ssap
Context 
[Tree] (config>system>security>mgmt-access-filter>mac-filter>entry>match ssap)
Full Contexts 
configure system security management-access-filter mac-filter entry match ssap
Description 

This command configures an Ethernet 802.2 LLC SSAP value or range for a MAC filter match criterion.

This is a one-byte field that is part of the 802.2 LLC header of the IEEE 802.3 Ethernet Frame.

The snap-pid field, etype field, ssap and dsap fields are mutually exclusive and may not be part of the same match criteria. Refer to the 7450 ESS, 7750 SR, 7950 XRS, and VSR Router Configuration Guide for information about MAC Match Criteria Exclusivity Rules fields that are exclusive based on the frame format.

The no form of this command removes the SSAP match criterion.

Default 

no ssap

Parameters 
ssap-value—
Specifies the 8-bit SSAP match criteria value in hex.
Values—
0x00 to 0xFF

 

ssap-mask—
Specifies a range of SSAP values to use as the match criteria.

23.345. ssh

ssh

Syntax 
ssh host [-l username] [-v ssh-version] [{router router-instance |service-name service-name}] [re-exchange-min minutes] [re-exchange-mbyte megabytes]
Context 
[Tree] (global ssh)
Full Contexts 
global ssh
Description 

This command initiates a client SSH session with the remote host and is independent from the administrative or operational state of the SSH server. However, to be the target of an SSH session, the SSH server must be operational. This command also allows the user to initiate a SSH session, with a key re-exchange, based on maximum megabytes or minutes, whichever occurs first. If the re-exchange options are not set, the default behavior will not perform a key re-exchange.

Quitting SSH while in the process of authentication is accomplished by either executing a ctrl-c or "~." (tilde and dot), assuming the “~” is the default escape character for SSH session.

Parameters 
host—
Specifies the remote host for the SSH session.
Values—

host: user@hostname - [up to 255 characters]

user

up to 32 characters

hostname

[dns-name | ipv4-address | ipv6-address]

ipv4-address

a.b.c.d

ipv6-address

x:x:x:x:x:x:x:x[-interface]

x:x:x:x:x:x:d.d.d.d[-interface]

x - [0 to FFFF]H

d - [0 to 255]D

interface: up to 32 characters, mandatory for link local addresses

dns-name

up to128 characters

 

username
Specifies the user name to use when opening the SSH session, up to 32 characters.
router-instance
Specifies the router name or service ID.
Values—

router-instance: router-name or vprn-svc-id

router-name

“Base”, “management”, “vpls-management”

vprn-svc-id

1 to 2147483647

 

Default—
Base
service-name
Specifies the service name, up to 64 characters.
minutes—
Specifies the time interval after which the SSH client will initiate the key-re-exchange.
Values—
1 to 1440 minutes

 

megabytes—
Specifies the number of megabytes, on a SSH session, after which the SSH client will initiate the key re-exchange.
Values—
1 to 64000 megabytes

 

ssh

Syntax 
ssh
Context 
[Tree] (config>system>login-control ssh)
[Tree] (config>system>security ssh)
Full Contexts 
configure system login-control ssh
configure system security ssh
Description 

This command enables the context to configure the SSH parameters.

23.346. ssh-max-sessions

ssh-max-sessions

Syntax 
ssh-max-sessions number-of-sessions
no ssh-max-sessions
Context 
[Tree] (config>system>security>cli-session-group ssh-max-sessions)
[Tree] (config>system>security>profile ssh-max-sessions)
Full Contexts 
configure system security cli-session-group ssh-max-sessions
configure system security profile ssh-max-sessions
Description 

This command is used to limit the number of SSH-based CLI sessions available to all users that are part of a particular profile, or to all users of all profiles that are part of the same cli-session-group.

The no form of this command disables the command and the profile/group limit is not applied on the number of sessions.

Default 

no ssh-max-sessions

Parameters 
number-of-sessions
Specifies the maximum number of allowed SSH-based CLI sessions.
Values—
0 to 50

 

23.347. ssh-reply

ssh-reply

Syntax 
[no] ssh-reply
Context 
[Tree] (config>service>ies>if>vrrp ssh-reply)
Full Contexts 
configure service ies interface vrrp ssh-reply
Description 

This command enables the non-owner master to reply to SSH Requests directed at the virtual router instances IP addresses. The SSH request can be received on any routed interface. SSH must not have been disabled at the management security level (either on the parental IP interface or based on the SSH source host address). Proper login and CLI command authentication is still enforced.

When ssh-reply is not enabled, SSH packets to non-owner master virtual IP addresses are silently discarded.

Non-owner backup virtual routers never respond to SSH regardless of the ssh-reply configuration.

The ssh-reply command is only available in non-owner vrrp virtual-router-id nodal context. If the ssh-reply command is not executed, SSH packets to the virtual router instance IP addresses will be silently discarded.

The no form of this command restores the default operation of discarding all SSH packets destined to the non-owner virtual router instance IP addresses.

Default 

no ssh-reply

ssh-reply

Syntax 
[no] ssh-reply
Context 
[Tree] (config>service>vprn>if>vrrp ssh-reply)
Full Contexts 
configure service vprn interface vrrp ssh-reply
Description 

This command enables the non-owner master to reply to SSH Requests directed at the virtual router instance’s IP addresses. The SSH request can be received on any routed interface. SSH must not have been disabled at the management security level (either on the parental IP interface or based on the SSH source host address). Proper login and CLI command authentication is still enforced.

When ssh-reply is not enabled, SSH packets to non-owner master virtual IP addresses are silently discarded. Non-owner backup virtual routers never respond to SSH regardless of the ssh-reply configuration.

The ssh-reply command is only available in non-owner vrrp virtual-router-id nodal context. If the ssh-reply command is not executed, SSH packets to the virtual router instance IP addresses will be silently discarded.

The no form of this command restores the default operation of discarding all SSH packets destined to the non-owner virtual router instance IP addresses.

Default 

no ssh-reply

ssh-reply

Syntax 
[no] ssh-reply
Context 
[Tree] (config>router>if>vrrp ssh-reply)
Full Contexts 
configure router interface vrrp ssh-reply
Description 

This command enables the non-owner master to reply to SSH requests directed at the virtual router instance IP addresses. This command is only applicable to IPv4.

Non-owner virtual router instances are limited by the VRRP specifications to responding to ARP requests destined to the virtual router IP addresses and routing IP packets not addressed to the virtual router IP addresses.

This limitation can be disregarded for certain applications. Ping, Telnet and SSH can be individually enabled or disabled on a per-virtual-router-instance basis.

The ssh-reply command enables the non-owner master to reply to SSH requests directed at the virtual router instances IP addresses. The SSH request can be received on any routed interface. SSH must not have been disabled at the management security level (either on the parental IP interface or based on the SSH source host address). Correct login and CLI command authentication is still enforced.

When ssh-reply is not enabled, SSH requests to non-owner master virtual IP addresses are silently discarded.

Non-owner backup virtual routers never respond to SSH requests regardless of the ssh-reply setting.

The ssh-reply command is only available in non-owner vrrp nodal context.

By default, SSH requests to the virtual router instance IP addresses are silently discarded.

The no form of the command discards all SSH request messages destined to the non-owner virtual router instance IP addresses.

Default 

no ssh-reply — SSH requests to the virtual router instance IP addresses are discarded.

23.348. ssm

ssm

Syntax 
ssm
Context 
[Tree] (config>port>ethernet ssm)
Full Contexts 
configure port ethernet ssm
Description 

This command enables the Ethernet Synchronization Messaging Channel (ESMC) for the Ethernet port. ESMC carries the Synchronization Status Message (SSM) code representing the quality level of the source of frequency of the central clock of the node.

23.349. ssm-assert-compatible-mode

ssm-assert-compatible-mode

Syntax 
ssm-assert-compatible-mode [enable |disable]
Context 
[Tree] (config>service>vprn>pim ssm-assert-compatible-mode)
Full Contexts 
configure service vprn pim ssm-assert-compatible-mode
Description 

This command specifies whether SSM assert is enabled in compatibility mode for this PIM protocol instance. When enabled, for SSM groups, PIM will consider the SPT bit to be implicitly set to compute the value of CouldAssert (S,G,I) as defined in RFC 4601, Protocol Independent Multicast - Sparse Mode (PIM-SM): Protocol Specification (Revised). When disabled, for SSM groups, PIM will not assume the SPT bit to be set. The SPT bit will be set by Update_SPTbit(S,G,iif) macro defined in RFC 4601.

Default 

ssm-assert-compatible-mode disable

Parameters 
enable—
enables SSM assert in compatibility mode for this PIM protocol instance
disable—
disabled SSM assert in compatibility mode for this PIM protocol instance

23.350. ssm-bit

ssm-bit

Syntax 
ssm-bit sa-bit
Context 
[Tree] (config>system>sync-if-timing>bits ssm-bit)
Full Contexts 
configure system sync-if-timing bits ssm-bit
Description 

This command configures which sa-bit to use for conveying SSM information when the interface-type is E1.

Default 

ssm-bit 8

Parameters 
sa-bit—
Specifies the sa-bit value.
Values—
4 to 8

 

23.351. ssm-default-range-disable

ssm-default-range-disable

Syntax 
ssm-default-range-disable ipv4
Context 
[Tree] (config>service>vprn>pim ssm-default-range-disable)
Full Contexts 
configure service vprn pim ssm-default-range-disable
Description 

This command specifies whether to disable the use of default range (232/8) for SSM so that it can be used by ASM to process (*,G). When enabled, the use of default range is disabled for SSM and it can be used by ASM. When disabled, the SSM default range is enabled.

Default 

ssm-default-range-disable

23.352. ssm-groups

ssm-groups

Syntax 
[no] ssm-groups
Context 
[Tree] (config>service>vprn ssm-groups)
Full Contexts 
configure service vprn ssm-groups
Description 

This command enables access to the context to enable a source-specific multicast (SSM) configuration instance.

ssm-groups

Syntax 
[no] ssm-groups
Context 
[Tree] (config>router>pim ssm-groups)
Full Contexts 
configure router pim ssm-groups
Description 

This command enables the context to enable an ssm-group configuration instance.

23.353. ssm-translate

ssm-translate

Syntax 
ssm-translate
Context 
[Tree] (config>service>vprn>igmp ssm-translate)
[Tree] (config>service>vprn>igmp>if ssm-translate)
Full Contexts 
configure service vprn igmp interface ssm-translate
configure service vprn igmp ssm-translate
Description 

This command enters the context to configure group ranges which are translated to SSM (S,G) entries. If the static entry needs to be created, it has to be translated from a IGMPv1 IGMPv2 request to a Source Specific Multicast (SSM) join. An SSM translate source can only be added if the starg command is not enabled. An error message is generated if you try to configure the source command with starg command enabled.

ssm-translate

Syntax 
ssm-translate
Context 
[Tree] (config>service>vprn>mld ssm-translate)
Full Contexts 
configure service vprn mld ssm-translate
Description 

This command enters the context to configure group ranges which are translated to SSM (S,G) entries. If the static entry needs to be created, it has to be translated from a IGMPv1 IGMPv2 request to a Source Specific Multicast (SSM) join. An SSM translate source can only be added if the starg command is not enabled. An error message is generated if you try to configure the source command with starg command enabled.

ssm-translate

Syntax 
ssm-translate
Context 
[Tree] (config>router>igmp ssm-translate)
[Tree] (config>router>igmp>if ssm-translate)
Full Contexts 
configure router igmp interface ssm-translate
configure router igmp ssm-translate
Description 

This command enables the context to configure group ranges which are translated to SSM (S,G) entries. If the static entry needs to be created, it has to be translated from a IGMPv1 IGMPv2 request to a Source Specific Multicast (SSM) join. An SSM translate source can only be added if the starg command is not enabled. An error message is generated if you try to configure the source command with starg command enabled.

ssm-translate

Syntax 
ssm-translate
Context 
[Tree] (config>router>mld ssm-translate)
[Tree] (config>router>mld>if ssm-translate)
Full Contexts 
configure router mld interface ssm-translate
configure router mld ssm-translate
Description 

This command enables the context to configure group ranges which are translated to SSM (S,G) entries. If the static entry needs to be created, it has to be translated from a IGMPv1 IGMPv2 request to a Source Specific Multicast (SSM) join. An SSM translate source can only be added if the starg command is not enabled. An error message is generated if you try to configure the source command with starg command enabled.

23.354. stable-pool-sizing

stable-pool-sizing

Syntax 
[no] stable-pool-sizing
Context 
[Tree] (config>card>fp stable-pool-sizing)
Full Contexts 
configure card fp stable-pool-sizing
Description 

This command provides a stable buffer pool allocation environment for all default port buffer pools on a forwarding plane. This stable environment is provided at the expense of optimal buffer allocation between the various port buffer pools. Normally, port pools are sized according to a ports relative bandwidth with other ports and the ability of a port to use pool buffers. As an example, on a forwarding plane with two potential MDAs and only one equipped, the normal behavior is to provide all available default pool buffers to the ports on the currently equipped MDA. If a second MDA is equipped in the future, buffers are freed from the existing MDA and provided to the ports on the new MDA. Stable pool sizing alters this behavior by reserving buffers for both MDAs whether they are equipped or not thus preventing a resizing event when an MDA is equipped. In addition, existing ports on a module always receive their maximum bandwidth share of buffers independent on any sub-rate condition that may currently exist. This provides a stable amount of buffers to other ports on the module independent of link or configuration events that may occur on the port.

Stable pool sizing preserves the ability to modify the effective bandwidth used to determine a port’s relative share of the available buffers through the use of the ing-percentage-of-rate and egr-percentage-of-rate commands under the port configuration. Changing the values associated with these commands will cause a reevaluation of buffer distribution and thus a possible resizing of pools on each port within the module. These commands have no effect on ports associated with other modules on the forwarding plane.

Stable pool sizing may be enabled or disabled at any time on a forwarding plane. The system will dynamically change the pool sizes according to the stable pool sizing state.

When a port connector breakout is configured, its ports will be included in the stable pool sizing calculation. Consequently, adding or removing a port connector breakout to or from the configuration will cause the buffer pool allocation to be recalculated even when stable pool sizing is enabled.

The no form of this command disables stable pool sizing on a forwarding plane. Existing buffer pools are resized according to normal pool sizing behavior.

23.355. stack

stack

Syntax 
stack [ipv4] [ipv6-slaac]
no stack
Context 
[Tree] (config>subscr-mgmt>pppoe-client-policy stack)
Full Contexts 
configure subscriber-mgmt pppoe-client-policy stack
Description 

This command defines which NCP session is started in the PPPoE client and how addresses are retrieved within that NCP session.

Default 

stack ipv4

Parameters 
ipv4—
Indicates that IPCP should be started and used to retrieve an IPv4 address.
ipv6-slaac—
Indicates that IPv6CP should be started and that SLAAC will be used to retrieve an IPv6 prefix.

23.356. stack-capability-signaling

stack-capability-signaling

Syntax 
[no] stack-capability-signaling
Context 
[Tree] (config>service>ipipe stack-capability-signaling)
Full Contexts 
configure service ipipe stack-capability-signaling
Description 

This command enables stack-capability signaling in the initial label mapping message of the Ipipe PW to indicate that IPv6 is supported.

When enabled, the 7750 SR includes the stack-capability TLV with the IPv6 stack bit set according to the ce-address-discovery ipv6 keyword, and also checks the value of the stack-capability TLV received from the far end.

This command must be blocked if no ce-address-discovery is specified, or the ipv6 keyword is not included with the ce-address-discovery command.

This command if only applicable to the Ipipe service and must be blocked for all other services.

This command has no effect if both SAPs on the Ipipe service are local to the node.

Default 

no stack-capability-signaling

23.357. stale-routes-time

stale-routes-time

Syntax 
[no] stale-routes-time time
Context 
[Tree] (config>service>vprn>bgp>graceful-restart stale-routes-time)
[Tree] (config>service>vprn>bgp>group>graceful-restart stale-routes-time)
[Tree] (config>service>vprn>bgp>group>neighbor>graceful-restart stale-routes-time)
Full Contexts 
configure service vprn bgp graceful-restart stale-routes-time
configure service vprn bgp group graceful-restart stale-routes-time
configure service vprn bgp group neighbor graceful-restart stale-routes-time
Description 

This command configures the time period to keep stale routes before the END-OF-RIB message is received from the restarting router.

Default 

360 seconds

Parameters 
time—
1 to 3600 seconds

stale-routes-time

Syntax 
stale-routes-time time
no stale-routes-time
Context 
[Tree] (config>router>bgp>graceful-restart stale-routes-time)
[Tree] (config>router>bgp>group>graceful-restart stale-routes-time)
[Tree] (config>router>bgp>group>neighbor>graceful-restart stale-routes-time)
Full Contexts 
configure router bgp graceful-restart stale-routes-time
configure router bgp group graceful-restart stale-routes-time
configure router bgp group neighbor graceful-restart stale-routes-time
Description 

This command configures the maximum amount of time in seconds that stale routes should be maintained after a graceful restart is initiated.

The no form of this command resets the stale routes time back to the default of 360 seconds.

Default 

no stale-routes-time

Parameters 
time—
Specifies the amount of time that stale routes should be maintained after a graceful restart is initiated.
Values—
1 to 3600 seconds

 

23.358. stale-time

stale-time

Syntax 
stale-time seconds
no stale-time
Context 
[Tree] (config>service>ies>ipv6 stale-time)
[Tree] (config>service>ies>if>ipv6 stale-time)
[Tree] (config>service>vprn>ipv6 stale-time)
[Tree] (config>service>vprn>if>ipv6 stale-time)
Full Contexts 
configure service ies interface ipv6 stale-time
configure service ies ipv6 stale-time
configure service vprn interface ipv6 stale-time
configure service vprn ipv6 stale-time
Description 

This command configures the time a neighbor discovery cache entry can remain stale before being removed.

The no form of this command removes the stale-time value.

Default 

no stale-time

Parameters 
seconds—
The allowed stale time (in seconds) before a neighbor discovery cache entry is removed.
Values—
60 to 65535

 

stale-time

Syntax 
stale-time seconds
no stale-time
Context 
[Tree] (config>router>ipv6 stale-time)
Full Contexts 
configure router ipv6 stale-time
Description 

This command configures the time a neighbor discovery cache entry can remain stale before being removed.

The no form of this command removes the stale-time value.

Default 

stale-time 14400

Parameters 
seconds—
Specifies the allowed stale time (in seconds) before a neighbor discovery cache entry is removed.
Values—
60 to 65535

 

stale-time

Syntax 
stale-time seconds
no stale-time
Context 
[Tree] (config>router>origin-validation>rpki-session stale-time)
Full Contexts 
configure router origin-validation rpki-session stale-time
Description 

This command configures the maximum length of time that prefix origin validation records learned from the cache server remain usable after the RPKI-Router session goes down. The default stale-time is 3600 seconds (1 hour). When the timer expires all remaining stale entries associated with the session are deleted.

Default 

no stale-time

Parameters 
seconds —
Specifies a time, in seconds.
Values—
60 to 3600

 

stale-time

Syntax 
stale-time seconds
no stale-time
Context 
[Tree] (config>router>if>ipv6 stale-time)
Full Contexts 
configure router interface ipv6 stale-time
Description 

This command configures the time a neighbor discovery cache entry can remain stale before being removed.

The no form of this command removes the stale-time value.

Default 

no stale-time

Parameters 
seconds—
The allowed stale time (in seconds) before a neighbor discovery cache entry is removed.
Values—
60 to 65535

 

23.359. standard-multi-instance

standard-multi-instance

Syntax 
[no] standard-multi-instance
Context 
[Tree] (config>service>vprn>isis standard-multi-instance)
Full Contexts 
configure service vprn isis standard-multi-instance
Description 

This command enables IS-IS multi-instance (MI) as described in draft-ginsberg-isis-mi-bis-01. Multiple instances allow instance-specific adjacencies to be formed that support multiple network topologies on the same physical interfaces. Each instance has an LSDB, and each PDU contains a TLV identifying the instance and the topology to which the PDU belongs. A single topology is supported in each instance, so the instance-specific topology identifier (ITID) is set to 0 and cannot be changed.

The standard-multi-instance (based on draft-ginsberg-isis-mi-bis-01) and iid-tlv-enable (based on draft-ietf-isis-mi-02) commands cannot be configured in the same instance, because the MAC addresses and PDUs from the two standards are incompatible.

The no form of this command removes the standard-multi-instance configuration.

Default 

no standard-multi-instance

standard-multi-instance

Syntax 
[no] standard-multi-instance
Context 
[Tree] (config>router>isis standard-multi-instance)
Full Contexts 
configure router isis standard-multi-instance
Description 

This command enables IS-IS multi-instance (MI) as described in draft-ginsberg-isis-mi-bis-01. Multiple instances allow instance-specific adjacencies to be formed that support multiple network topologies on the same physical interfaces. Each instance has an LSDB, and each PDU contains a TLV identifying the instance and the topology to which the PDU belongs. A single topology is supported in each instance, so the instance-specific topology identifier (ITID) is set to 0 and cannot be changed.

The standard-multi-instance (based on draft-ginsberg-isis-mi-bis-01) and iid-tlv-enable (based on draft-ietf-isis-mi-02) commands cannot be configured in the same instance, because the MAC addresses and PDUs from the two standards are incompatible.

The no form of this command removes the standard-multi-instance configuration.

Default 

no standard-multi-instance

23.360. standby

standby

Syntax 
[no] standby
Context 
[Tree] (config>router>mpls>lsp>secondary standby)
Full Contexts 
configure router mpls lsp secondary standby
Description 

The secondary path LSP is normally signaled once the primary path LSP fails. The standby keyword ensures that the secondary path LSP is signaled and maintained indefinitely in a hot standby state. Standby paths are selected in preference to non-standby secondary paths. When multiple standby secondary paths exist, then the path-preference is used to determine the order in which the paths are selected. If multiple standby secondary paths have the same, lowest, path-preference value then the system will select the path with the lowest up-time. When the primary path is re-established then the traffic is switched back to the primary path LSP.

The no form of this command specifies that the secondary LSP is signaled when the primary path LSP fails.

23.361. standby-forwarding

standby-forwarding

Syntax 
[no] standby-forwarding
Context 
[Tree] (config>service>ies>if>ipv6>vrrp standby-forwarding)
Full Contexts 
configure service ies interface ipv6 vrrp standby-forwarding
Description 

This command allows the forwarding of packets by a standby router.

The no form of this command specifies that a standby router should not forward traffic sent to virtual router's MAC address. However, the standby router should forward traffic sent to the standby router’s real MAC address.

Default 

no standby-forwarding

standby-forwarding

Syntax 
[no] standby-forwarding
Context 
[Tree] (config>service>ies>if>vrrp standby-forwarding)
Full Contexts 
configure service ies interface vrrp standby-forwarding
Description 

This command allows the forwarding of packets by a standby router.

The no form of this command specifies that a standby router should not forward traffic sent to virtual router's MAC address. However, the standby router should forward traffic sent to the standby router’s real MAC address.

Default 

no standby-forwarding

standby-forwarding

Syntax 
[no] standby-forwarding
Context 
[Tree] (config>service>vprn>if>vrrp standby-forwarding)
[Tree] (config>service>vprn>if>ipv6>vrrp standby-forwarding)
Full Contexts 
configure service vprn interface ipv6 vrrp standby-forwarding
configure service vprn interface vrrp standby-forwarding
Description 

This command allows the forwarding of packets by a standby router.

The no form of this command specifies that a standby router should not forward traffic sent to virtual router's MAC address. However, the standby router should forward traffic sent to the standby router’s real MAC address.

Default 

no standby-forwarding

standby-forwarding

Syntax 
[no] standby-forwarding
Context 
[Tree] (config>router>if>vrrp standby-forwarding)
[Tree] (config>router>if>ipv6>vrrp standby-forwarding)
Full Contexts 
configure router interface ipv6 vrrp standby-forwarding
configure router interface vrrp standby-forwarding
Description 

This command specifies whether this VRRP instance allows forwarding packets to a standby router. When disabled, a standby router should not forward traffic sent to virtual router's MAC address. However, the standby router should forward traffic sent to the standby router’s real MAC address. When enabled, a standby router should forward all traffic.

Default 

no standby-forwarding

23.362. standby-ip-lifetime

standby-ip-lifetime

Syntax 
standby-ip-lifetime [days days] [hrs hrs] [min min] [sec sec]
standby-ip-lifetime [seconds]
standby-ip-lifetime
Context 
[Tree] (config>subscr-mgmt>vrgw>brg>brg-profile>dhcp-pool standby-ip-lifetime)
Full Contexts 
configure subscriber-mgmt vrgw brg brg-profile dhcp-pool standby-ip-lifetime
Description 

This command defines how long these addresses will be kept aside when standby addresses are signaled to the pool. During this time these addresses can only be used by devices explicitly requesting the IP (for example, datatrigger or DHCP renew/rebind). When the timer expires the addresses will again become available for dynamic allocation.

Default 

standby-ip-lifetime hrs 6

Parameters 
days—
Specifies the standby IP lifetime in days.
Values—
1 to 3650

 

hrs—
Specifies the standby IP lifetime in hours.
Values—
1 to 23

 

min—
Specifies the standby IP lifetime in minutes.
Values—
1 to 59

 

sec—
Specifies the standby IP lifetime in seconds.
Values—
1 to 59

 

seconds—
Specifies the lifetime of the standby IP addresses
Values—
300 to 315446399

 

seconds—
Specifies the lifetime in seconds.
Values—
300 to 315446399

 

23.363. standby-mep-shutdown

standby-mep-shutdown

Syntax 
[no] standby-mep-shutdown
Context 
[Tree] (config>eth-cfm>redundancy>mc-lag standby-mep-shutdown)
Full Contexts 
configure eth-cfm redundancy mc-lag standby-mep-shutdown
Description 

This system wide command enables MEPs to track the state of MC-LAG. This allows MEPs on the standby MC-LAG to act administratively down.

The no form of command disables the MEP tracking.

Default 

no standby-mep-shutdown

23.364. standby-signaling

standby-signaling

Syntax 
standby-signaling {lacp |power-off}
no standby-signaling
Context 
[Tree] (config>lag standby-signaling)
Full Contexts 
configure lag standby-signaling
Description 

This command specifies how the state of a member port is signaled to the remote side when the status corresponding to this member port has the standby value.

Default 

standby-signaling lacp

23.365. standby-signaling-master

standby-signaling-master

Syntax 
[no] standby-signaling-master
Context 
[Tree] (config>service>epipe>endpoint standby-signaling-master)
[Tree] (config>service>ipipe>endpoint standby-signaling-master)
Full Contexts 
configure service epipe endpoint standby-signaling-master
configure service ipipe endpoint standby-signaling-master
Description 

When this command is enabled, the pseudowire standby bit (value 0x00000020) will be sent to T-LDP peer for each spoke SDP of the endpoint that is selected as a standby.

This command is mutually exclusive with a VLL mate SAP created on a mc-lag/mc-aps or ICB. It is also mutually exclusive with vc-switching.

Default 

standby-signaling-master

23.366. standby-signaling-slave

standby-signaling-slave

Syntax 
[no] standby-signaling-slave
Context 
[Tree] (config>service>epipe>spoke-sdp-fec standby-signaling-slave)
Full Contexts 
configure service epipe spoke-sdp-fec standby-signaling-slave
Description 

This command enables standby-signaling-slave for an Epipe.

standby-signaling-slave

Syntax 
[no] standby-signaling-slave
Context 
[Tree] (config>service>epipe>endpoint standby-signaling-slave)
[Tree] (config>service>epipe>spoke-sdp standby-signaling-slave)
Full Contexts 
configure service epipe endpoint standby-signaling-slave
configure service epipe spoke-sdp standby-signaling-slave
Description 

When this command is enabled, the node will block the transmit forwarding direction of a spoke SDP based on the pseudowire standby bit received from a T-LDP peer.

This command is present at the endpoint level as well as the spoke SDP level. If the spoke SDP is part of an explicit-endpoint, it will not be possible to change this setting at the spoke SDP level. An existing spoke SDP can be made part of the explicit endpoint only if the settings do not conflict. A newly created spoke SDP, which is part of a specific explicit-endpoint, will inherit this setting from the endpoint configuration.

This command is mutually exclusive with an endpoint that is part of an mc-lag, mc-aps or an ICB.

If the command is disabled, the node assumes the existing independent mode of behavior for the forwarding on the spoke SDP.

Default 

no standby-signaling-slave

23.367. starg

starg

Syntax 
[no] starg
Context 
[Tree] (config>subscr-mgmt>igmp-policy>static>group starg)
[Tree] (config>subscr-mgmt>igmp-policy starg)
[Tree] (config>subscr-mgmt>mld-policy>static>group starg)
Full Contexts 
configure subscriber-mgmt igmp-policy starg
configure subscriber-mgmt igmp-policy static group starg
configure subscriber-mgmt mld-policy static group starg
Description 

This command adds a static (*,G) entry. This command can only be enabled if no existing source addresses for this group are specified.

The no form of this command removes the starg entry from the configuration.

starg

Syntax 
[no] starg
Context 
[Tree] (config>service>vpls>sap>igmp-snooping>static>group starg)
[Tree] (config>service>vpls>spoke-sdp>igmp-snooping>static>group starg)
[Tree] (config>service>vpls>mesh-sdp>igmp-snooping>static>group starg)
[Tree] (config>service>vpls>sap>mld-snooping>static>group starg)
[Tree] (config>service>vpls>spoke-sdp>mld-snooping>static>group starg)
[Tree] (config>service>vpls>mesh-sdp>mld-snooping>static>group starg)
Full Contexts 
configure service vpls mesh-sdp igmp-snooping static group starg
configure service vpls mesh-sdp mld-snooping static group starg
configure service vpls sap igmp-snooping static group starg
configure service vpls sap mld-snooping static group starg
configure service vpls spoke-sdp igmp-snooping static group starg
configure service vpls spoke-sdp mld-snooping static group starg
Description 

This command adds a static (*,g) entry to allow multicast traffic for the corresponding multicast group from any source. This command can only be enabled if no existing source addresses for this group are specified.

The no form of this command removes the starg entry from the configuration.

Default 

no starg

starg

Syntax 
starg
Context 
[Tree] (config>service>vprn>igmp>if>static>group starg)
Full Contexts 
configure service vprn igmp interface static group starg
Description 

This command adds a static (*,G) entry. This command can only be enabled if no existing source addresses for this group are specified.

Use the no form of this command to remove the starg entry from the configuration.

starg

Syntax 
[no] starg
Context 
[Tree] (config>service>vprn>mld>if>static>group starg)
Full Contexts 
configure service vprn mld interface static group starg
Description 

This command adds a static (*,G) entry. This command can only be enabled if no existing source addresses for this group are specified.

Use the no form of this command to remove the starg entry from the configuration.

starg

Syntax 
[no] starg
Context 
[Tree] (config>router>igmp>if>static>group starg)
Full Contexts 
configure router igmp interface static group starg
Description 

This command adds a static (*,G) entry. This command can only be enabled if no existing source addresses for this group are specified.

Use the no form of the command to remove the (*,G) entry from the configuration.

starg

Syntax 
[no] starg
Context 
[Tree] (config>router>igmp>tunnel-interface>static>group starg)
Full Contexts 
configure router igmp tunnel-interface static group starg
Description 

This command adds a static (*,G) group entry in a static group join on a tunnel interface associated with a P2MP RSVP LSP.

This command can only be enabled if no existing source addresses for this group are specified.

The no form of the command removes the (*,G) entry from the configuration.

starg

Syntax 
[no] starg
Context 
[Tree] (config>router>mld>if>static>group starg)
Full Contexts 
configure router mld interface static group starg
Description 

This command adds a static (*,G) entry. This command can only be enabled if no existing source addresses for this group are specified.

The no form of this command removes the starg entry from the configuration.

23.368. start

start

Syntax 
start {immediate |on-new-session}
Context 
[Tree] (debug>app-assure>group>traffic-capture>record start)
Full Contexts 
debug application-assurance group traffic-capture record start
Description 

This command records limit conditions.

Parameters 
immediate—
Start recording immediately for new or existing flows or sessions.
on-new-session—
Only start recording record for new flows or sessions.

start

Syntax 
start start-week start-day start-month hours-minutes
Context 
[Tree] (config>system>time>dst-zone start)
Full Contexts 
configure system time dst-zone start
Description 

This command configures start of summer time settings.

Default 

start first sunday january 00:00

Parameters 
start-week—
Specifies the starting week of the month when the summer time takes effect.
Values—
first, second, third, fourth, last

 

Default—
first
start-day—
Specifies the starting day of the week when the summer time takes effect.
Values—
sunday, monday, tuesday, wednesday, thursday, friday, saturday

 

Default—
sunday
start-month—
Specifies the starting month of the year when the summer time takes effect.
Values—
january, february, march, april, may, june, july, august, september, october, november, december

 

Default—
january
hours-minutes—
Specifies the time at which the summer time takes effect, in hh:mm format.
Values—
hours: 00 to 23
minutes: 00 to 59

 

Default—
00:00

23.369. start-avg

start-avg

Syntax 
start-avg percent
no start-avg
Context 
[Tree] (config>qos>slope-policy>exceed-slope start-avg)
[Tree] (config>qos>slope-policy>highplus-slope start-avg)
[Tree] (config>qos>slope-policy>high-slope start-avg)
[Tree] (config>qos>slope-policy>low-slope start-avg)
Full Contexts 
configure qos slope-policy exceed-slope start-avg
configure qos slope-policy high-slope start-avg
configure qos slope-policy highplus-slope start-avg
configure qos slope-policy low-slope start-avg
Description 

This command sets the exceed, low, high, or highplus Random Early Detection (RED) slope position for the shared buffer average utilization value where the packet discard probability starts to increase above zero. The percent parameter is expressed as a percentage of the shared buffer size.

The no form of this command restores the start-avg value to the default setting. If the max-avg setting is smaller than the default, an error will occur and the start-avg setting will not be changed to the default.

Default 

start-avg 85 - Highplus slope default is 85% buffer utilization before discard probability starts to increase above zero.

start-avg 70 — High slope default is 70% buffer utilization before discard probability starts to increase above zero.

start-avg 50 — Low slope default is 50% buffer utilization before discard probability starts to increase above zero.

start-avg 30 — Exceed slope default is 30% buffer utilization before discard probability starts to increase above zero.

Parameters 
percent—
The percentage of the shared buffer space for the buffer pool at which point the drop probability starts to increase above zero. The value entered must be less than or equal to the current setting of max-avg. If the entered value is greater than the current value of max-avg, an error will occur and no change will take place.
Values—
0 to 100

 

23.370. start-depth

start-depth

Syntax 
start-depth percent-of-queue-depth
no start-depth
Context 
[Tree] (config>qos>hsmda-slope-policy>high-slope start-depth)
[Tree] (config>qos>hsmda-slope-policy>low-slope start-depth)
Full Contexts 
configure qos hsmda-slope-policy high-slope start-depth
configure qos hsmda-slope-policy low-slope start-depth
Description 

This command defines the starting point for a slope relative to the maximum depth of the queue-mbs value of the HSMDA slope policy. At the point the slope starts, it rises from a discard probability of zero until it reaches the max-depth and max-prob points defining where the slope rises directly to a discard probability of 100%.

As packets arrive at the queue, a random number is generated that ranges from 0 to 100% discard probability. The packet will be associated with either the high-priority slope or the low-priority slope. The current queue depth plots the position where the slope will be evaluated. If the random number is equal to or greater than the slope’s discard probability at the current depth, the packet is eligible to enter the queue. If the random number is less than the slope discard probability, the packet is discarded.

The defined percent-of-queue-depth value for the start-depth command is defined as a percentage of the queue-mbs value. The value defined for the start depth must be less than or equal to the current percentage value for max-depth. If the defined value is greater than max-depth, the start-depth command will fail with no change to the current value. If the max-depth value is less than the desired start-depth value, first change max-depth to a value equal to or greater than the desired start-depth.

The no form of this command restores the default start point percentage value for the slope. The low and high slopes have different default values. If the default value is greater than the current max-depth value, the no start-depth command will fail.

Parameters 
percent-of-queue-depth—
Specifies the start depth for the high or low slopes.

23.371. start-entry

start-entry

Syntax 
start-entry entry-id count count
no start-entry
Context 
[Tree] (config>li>li-filter-block-reservation>li-reserved-block start-entry)
Full Contexts 
configure li li-filter-block-reservation li-reserved-block start-entry
Description 

This command defines a block of reserved filter entries that are used to insert LI filter entries into a normal filter.

The no form of this command removes the entry ID and count from the configuration.

Parameters 
entry-id—
Specifies an entry identification to start a block of reserved filter entries.
Values—
1 to 65536

 

count—
Specifies the number of entries in the block.
Values—
1 to 8192

 

23.372. start-label

start-label

Syntax 
start-label start-value end-label end-value
no start-label
Context 
[Tree] (config>router>mpls-labels>reserved-label-block start-label)
Full Contexts 
configure router mpls-labels reserved-label-block start-label
Description 

This command configures start and end labels for a reserved label block. This command must be configured for a reserved label block to be created.

Default 

start-label 0, end-label 0

Parameters 
start-value—
Specifies a starting value.
Values—
18432 to 524287 within dynamic label range | 1048575 (FP4 only)

 

end-value—
Specifies an ending value.
Values—
18432 to 524287 within dynamic label range | 1048575 (FP4 only)

 

23.373. startup-wait-time

startup-wait-time

Syntax 
startup-wait-time [min minutes] [sec seconds] [hrs hours]
no startup-wait-time [min minutes] [sec seconds]
Context 
[Tree] (config>router>dhcp>server>failover startup-wait-time)
[Tree] (config>router>dhcp>server>pool>failover startup-wait-time)
[Tree] (config>router>dhcp6>server>failover startup-wait-time)
[Tree] (config>router>dhcp6>server>pool>failover startup-wait-time)
Full Contexts 
configure router dhcp local-dhcp-server failover startup-wait-time
configure router dhcp server pool failover startup-wait-time
configure router dhcp6 local-dhcp-server failover startup-wait-time
configure router dhcp6 server pool failover startup-wait-time
Description 

This command enables the startup wait time during which each peer waits after the initialization process before assuming the active role for the prefix designated as local or access-driven. This is to avoid transient issues during the initialization process.

The startup-wait-time should be configured to an interval in which, after boot, both nodes can set up an MCS TCP link and start MCS. The timer is restarted each time the server downloads a lease from the MCS database and stops when the last state record from the peer is synchronized. The next state is (PRE-)NORMAL, unless the timer times out or is forced to stop via the tools command (tools>perform>router>dhcp or dhcp6>local-dhcp-server server-name>pool/failover>abort-startup-wait), in which case the local DHCP server transitions immediately to the COMMUNICATIONS-INTERRUPTED state.

Default 

startup-wait-time min 2

Parameters 
minutes
Specifies the startup wait time, in minutes.
Values—
1 to 59

 

seconds
Specifies the startup wait time, in seconds.
Values—
1 to 59

 

hours—
Specifies the startup wait time, in hours.
Values—
1

 

23.374. stat-mode

stat-mode

Syntax 
stat-mode stat-mode
no stat mode
Context 
[Tree] (config>subscr-mgmt>sla-prof>ingress>qos>policer stat-mode)
[Tree] (config>subscr-mgmt>sla-prof>ingress>qos>queue stat-mode)
[Tree] (config>subscr-mgmt>sla-prof>egress>qos>policer stat-mode)
[Tree] (config>subscr-mgmt>sla-prof>egress>qos>queue stat-mode)
Full Contexts 
configure subscriber-mgmt sla-profile egress qos policer stat-mode
configure subscriber-mgmt sla-profile egress qos queue stat-mode
configure subscriber-mgmt sla-profile ingress qos policer stat-mode
configure subscriber-mgmt sla-profile ingress qos queue stat-mode
Description 

This command is used to configure the forwarding plane octet and packet counters of a policer or queue to count packets of a specific type or state. For example separate counters for IPv4/IPv6 or separate counters for offered high and low priority policed traffic.

For policers, this command overrides the policer stat-mode configuration as defined in the sap-ingress or sap-egress qos policy. For details on sap-ingress and sap-egress policer stat-mode, refer to the 7450 ESS, 7750 SR, 7950 XRS, and VSR Quality of Service Guide. For use in Enhanced Subscriber Management (ESM) context only, an additional stat-mode enables separate counters for IPv4 and IPv6 packets.

When a policer’s stat-mode is changed while the sla profile is in use, any previous counter values are lost and any new counters are set to zero.

For queues, this command sets the stat-mode. Queue stat-mode is only available for use in Enhanced Subscriber Management (ESM) context to enable separate IPv4/IPv6 counters.

A queue’s stat-mode cannot be changed while the SLA profile is in use.

The no form of this command reverts to the default.

Default 

For policers, the default is no stat-mode override. The sap-ingress or sap-egress stat-mode is used instead.

For queues, the default is to count in-/out-of-profile octets and packets.

Parameters 
stat-mode —
Specifies the stat mode for the policer.

For ingress and egress qos queue stat-mode overrides.

For ingress and egress qos policer stat-mode overrides, refer to the 7450 ESS, 7750 SR, 7950 XRS, and VSR Quality of Service Guide for details on the sap-ingress and sap-egress policer stat-mode parameters.

For use in Enhanced Subscriber Management (ESM) context only:

Values—
no-stats, minimal, offered-profile-no-cir, offered-priority-no-cir, offered-profile-cir, offered-priority-cir, offered-total-cir, offered-limited-profile-cir, offered-profile-capped-cir, offered-limited-capped-cir, v4-v6 (count IPv4 and IPv6 forwarded/dropped octets and packets separately)

 

stat-mode

Syntax 
stat-mode {v4-v6}
no stat-mode
Context 
[Tree] (config>subscr-mgmt>sub-prof>hsmda>ingress-qos>qos>policer stat-mode)
[Tree] (config>subscr-mgmt>sub-prof>hsmda>ingress-qos>qos>queue stat-mode)
[Tree] (config>subscr-mgmt>sub-prof>hsmda>egress-qos>qos>queue stat-mode)
Full Contexts 
configure subscriber-mgmt sub-profile hsmda egress-qos qos queue stat-mode
configure subscriber-mgmt sub-profile hsmda ingress-qos qos policer stat-mode
configure subscriber-mgmt sub-profile hsmda ingress-qos qos queue stat-mode
Description 

This command configures the forwarding plane octet and packet counters of a policer or queue to count packets of a specific type or state. For example separate counters for IPv4/IPv6.

For HSMDA ingress policers, this command overrides the policer stat-mode configuration as defined in the sap-ingress qos policy. For details on sap-ingress and sap-egress policer stat-mode, refer to the 7450 ESS, 7750 SR, 7950 XRS, and VSR Quality of Service Guide. For use in Enhanced Subscriber Management (ESM) context only, an additional stat-mode enables separate counters for IPv4 and IPv6 packets. stat-mode v4-v6 is the only mode that can be configured as an HSMDA ingress policer override.

An HSMDA policer’s stat-mode cannot be changed while the sub profile is in use.

For queues, this command sets the stat-mode. Queue stat-mode is only available for use in ESM context to enable separate IPv4/IPv6 counters.

An HSMDA queue’s stat-mode cannot be changed while the sub profile is in use.

For policers, the default is no-stat-mode override. The sap-ingress stat-mode is used instead.

For queues, the default is to count in and out-of-profile octets and packets.

Default 

no stat-mode

Parameters 
v4-v6 —
Count IPv4 and IPv6 forwarded/dropped octets and packets separately.

stat-mode

Syntax 
stat-mode stat-mode
no stat mode
Context 
[Tree] (config>card>fp>ingress>access>qgrp>policer-over>plcr stat-mode)
[Tree] (config>card>fp>ingress>network>qgrp>policer-over>plcr stat-mode)
Full Contexts 
configure card fp ingress access queue-group policer-override policer stat-mode
configure card fp ingress network queue-group policer-override policer stat-mode
Description 

This command configures the forwarding plane counters that allow offered, output and discard accounting to occur for the policer. An ingress policer has multiple types of offered packets (explicit in-profile, explicit out-of-profile, high priority or low priority) and each of these offered types is interacting with the policer’s metering and profiling functions resulting in colored output packets (green, yellow and red). Due to the large number of policers, it is not economical to allocate counters in the forwarding plane for all possible offered packet types and output conditions. Many policers will not be configured with a CIR profiling rate and not all policers will receive explicitly profiled offered packets. The stat-mode command allows provisioning of the number of counters each policer requires and how the offered packet types and output conditions should be mapped to the counters.

While a no-stats mode is supported which prevents any packet accounting, the use of the policer’s parent command requires at the policer's stat-mode to be set at least to the minimal setting so that offered stats are available for the policer's Fair Information Rate (FIR) to be calculated. Once a policer has been made a child to a parent policer, the stat-mode cannot be changed to no-stats unless the policer parenting is first removed.

Each time the policer’s stat-mode is changed, any previous counter values are lost and any new counters are set to zero.

Each mode uses a certain number of counters per policer instance that are allocated from the forwarding plane’s policer counter resources. You can view the total/allocated/free stats by using the tools dump resource-usage command. If insufficient counters exist to implement a mode on any policer instance, the stat-mode change will fail and the previous mode will continue unaffected for all instances of the policer.

The default stat-mode when a policer is created within the policy is minimal.

The stat-mode setting defined for the policer in the QoS policy may be overridden on an sla-profile or SAP where the policy is applied. If insufficient policer counter resources exist to implement the override, the stat-mode override command will fail. The previous stat-mode setting active for the policer will continue to be used by the policer.

The no form of this command attempts to return the policer’s stat-mode setting to minimal. The command will fail if insufficient policer counter resources exist to implement minimal where the QoS policer is currently applied and has a forwarding class mapping.

Parameters 
See the 7450 ESS, 7750 SR, 7950 XRS, and VSR Quality of Service Guide for details on the policer stat-mode parameters.

stat-mode

Syntax 
stat-mode stat-mode
no stat-mode
Context 
[Tree] (config>service>apipe>sap>egress>policer-over>plcr stat-mode)
[Tree] (config>service>apipe>sap>ingress>policer-over>plcr stat-mode)
[Tree] (config>service>cpipe>sap>egress>policer-over>plcr stat-mode)
[Tree] (config>service>cpipe>sap>ingress>policer-over>plcr stat-mode)
[Tree] (config>service>epipe>sap>egress>policer-over>plcr stat-mode)
[Tree] (config>service>epipe>sap>ingress>policer-over>plcr stat-mode)
[Tree] (config>service>fpipe>sap>egress>policer-over>plcr stat-mode)
[Tree] (config>service>fpipe>sap>ingress>policer-over>plcr stat-mode)
[Tree] (config>service>ipipe>sap>egress>policer-over>plcr stat-mode)
[Tree] (config>service>ipipe>sap>ingress>policer-over>plcr stat-mode)
Full Contexts 
configure service apipe sap egress policer-override policer stat-mode
configure service apipe sap ingress policer-override policer stat-mode
configure service cpipe sap egress policer-override policer stat-mode
configure service cpipe sap ingress policer-override policer stat-mode
configure service epipe sap egress policer-override policer stat-mode
configure service epipe sap ingress policer-override policer stat-mode
configure service fpipe sap egress policer-override policer stat-mode
configure service fpipe sap ingress policer-override policer stat-mode
configure service ipipe sap egress policer-override policer stat-mode
configure service ipipe sap ingress policer-override policer stat-mode
Description 

The SAP QoS policy’s policer stat-mode command is used to configure the forwarding plane counters that allow offered, output, and discard accounting to occur for the policer. A policer has multiple types of offered packets (for example, soft in-profile and out-of-profile from ingress and hard in-profile and out-of-profile due to egress profile overrides) and each of these offered types is interacting with the policers metering and profiling functions resulting in colored output packets (green, yellow, and red). Due to the potentially large number of egress policers, it is not economical to allocate counters in the forwarding plane for all possible offered packet types and output conditions. Many policers will not be configured with a CIR profiling rate and not all policers will receive explicitly re-profiled offered packets. The stat-mode command allows provisioning of the number of counters each policer requires and indicates how the offered packet types and output conditions should be mapped to the counters.

While a no-stats mode is supported that prevents any packet accounting, the use of the policer’s parent command requires that the policer’s stat-mode to be set at least to the minimal setting so that offered statistics are available for the policer’s Fair Information Rate (FIR) to be calculated.

Each time the policer’s stat mode is changed, any previous counter values are lost and any new counters are set to zero.

Each mode uses a certain number of counters per policer instance that are allocated from the forwarding plane’s policer counter resources. The total/allocated/free statistics can be viewed by using the tools dump resource-usage card fp command. If insufficient counters exist to implement a mode on any policer instance, the stat-mode change will fail and the previous mode will continue unaffected for all instances of the policer.

The stat-mode setting defined for the policer in the QoS policy may be overridden on a SAP where the policy is applied. If insufficient policer counter resources exist to implement the override, the stat-mode override command will fail. The current active stat mode setting will continue to be used by the policer.

The command will fail if insufficient policer counter resources exist to implement minimal where the QoS policer is currently applied and has a forwarding class mapping.

The no form of this command attempts to return the policer’s stat-mode setting to minimal.

Refer to the 7450 ESS, 7750 SR, 7950 XRS, and VSR Quality of Service Guide for detailed information about the supported parameters for the policer stat-mode command.

stat-mode

Syntax 
stat-mode stat-mode
no stat-mode
Context 
[Tree] (config>service>vpls>sap>egress>policer-override>plcr stat-mode)
[Tree] (config>service>vpls>sap>ingress>policer-override>plcr stat-mode)
Full Contexts 
configure service vpls sap egress policer-override policer stat-mode
configure service vpls sap ingress policer-override policer stat-mode
Description 

The SAP-egress QoS policy’s policer stat-mode command is used to configure the forwarding plane counters that allow offered, output and discard accounting to occur for the policer. A policer has multiple types of offered packets (for example, soft in-profile and out-of-profile from ingress and hard in-profile and out-of-profile due to egress profile overrides) and each of these offered types is interacting with the policers metering and profiling functions resulting in colored output packets (green, yellow and red). Due to the potential large number of egress policers, it is not economical to allocate counters in the forwarding plane for all possible offered packet types and output conditions. Many policers will not be configured with a CIR profiling rate and not all policers will receive explicitly re-profiled offered packets. The stat-mode command allows provisioning of the number of counters each policer requires and how the offered packet types and output conditions should be mapped to the counters.

While a no-stats mode is supported which prevents any packet accounting, the use of the policer’s parent command requires that the policer’s stat-mode to be set at least to the minimal setting so that offered stats are available for the policer’s Fair Information Rate (FIR) to be calculated.

Each time the policer’s stat-mode is changed, any previous counter values are lost and any new counters are set to zero.

Each mode uses a certain number of counters per policer instance that are allocated from the forwarding plane’s policer counter resources. You can view the total/allocated/free stats by using the tools dump system-resources command. If insufficient counters exist to implement a mode on any policer instance, the stat-mode change will fail and the previous mode will continue unaffected for all instances of the policer.

The default stat-mode when a policer is created within the policy is minimal.

The stat-mode setting defined for the policer in the QoS policy may be overridden on a SAP where the policy is applied. If insufficient policer counter resources exist to implement the override, the stat-mode override command will fail. The previous stat-mode setting active for the policer will continue to be used by the policer.

The no form of the command returns the policer’s stat-mode setting to minimal.

Refer to the 7450 ESS, 7750 SR, 7950 XRS, and VSR Quality of Service Guide for detailed information about the policer stat-mode command parameters.

stat-mode

Syntax 
stat-mode stat-mode
no stat-mode
Context 
[Tree] (config>service>ies>if>sap>egress>policer-override>plcr stat-mode)
[Tree] (config>service>ies>if>sap>ingress>policer-override>plcr stat-mode)
Full Contexts 
configure service ies interface sap egress policer-override policer stat-mode
configure service ies interface sap ingress policer-override policer stat-mode
Description 

The SAP-egress QoS policy’s policer stat-mode command is used to configure the forwarding plane counters that allow offered, output and discard accounting to occur for the policer. A policer has multiple types of offered packets (for example, soft in-profile and out-of-profile from ingress and hard in-profile and out-of-profile due to egress profile overrides) and each of these offered types is interacting with the policers metering and profiling functions resulting in colored output packets (green, yellow and red). Due to the potential large number of egress policers, it is not economical to allocate counters in the forwarding plane for all possible offered packet types and output conditions. Many policers will not be configured with a CIR profiling rate and not all policers will receive explicitly re-profiled offered packets. The stat-mode command allows provisioning of the number of counters each policer requires and how the offered packet types and output conditions should be mapped to the counters.

While a no-stats mode is supported which prevents any packet accounting, the use of the policer’s parent command requires that the policer’s stat-mode to be set at least to the minimal setting so that offered stats are available for the policer’s Fair Information Rate (FIR) to be calculated.

Each time the policer’s stat-mode is changed, any previous counter values are lost and any new counters are set to zero.

Each mode uses a certain number of counters per policer instance that are allocated from the forwarding plane’s policer counter resources. You can view the total/allocated/free stats by using the tools dump system-resources command. If insufficient counters exist to implement a mode on any policer instance, the stat-mode change will fail and the previous mode will continue unaffected for all instances of the policer.

The default stat-mode when a policer is created within the policy is minimal.

The stat-mode setting defined for the policer in the QoS policy may be overridden on a SAP where the policy is applied. If insufficient policer counter resources exist to implement the override, the stat-mode override command will fail. The previous stat-mode setting active for the policer will continue to be used by the policer.

The no form of this command returns the policer’s stat-mode setting to minimal.

Refer to the 7450 ESS, 7750 SR, 7950 XRS, and VSR Quality of Service Guide for detailed information about the policer stat-mode command parameters.

stat-mode

Syntax 
stat-mode stat-mode
no stat-mode
Context 
[Tree] (config>service>vprn>if>sap>egress>policer-override>plcr stat-mode)
[Tree] (config>service>vprn>if>sap>ingress>policer-override>plcr stat-mode)
Full Contexts 
configure service vprn interface sap egress policer-override policer stat-mode
configure service vprn interface sap ingress policer-override policer stat-mode
Description 

The SAP-egress QoS policy’s policer stat-mode command is used to configure the forwarding plane counters that allow offered, output and discard accounting to occur for the policer. A policer has multiple types of offered packets (for example, soft in-profile and out-of-profile from ingress and hard in-profile and out-of-profile due to egress profile overrides) and each of these offered types is interacting with the policers metering and profiling functions resulting in colored output packets (green, yellow and red). Due to the potential large number of egress policers, it is not economical to allocate counters in the forwarding plane for all possible offered packet types and output conditions. Many policers will not be configured with a CIR profiling rate and not all policers will receive explicitly re-profiled offered packets. The stat-mode command allows provisioning of the number of counters each policer requires and how the offered packet types and output conditions should be mapped to the counters.

While a no-stats mode is supported which prevents any packet accounting, the use of the policer’s parent command requires that the policer’s stat-mode to be set at least to the minimal setting so that offered stats are available for the policer’s Fair Information Rate (FIR) to be calculated.

Each time the policer’s stat-mode is changed, any previous counter values are lost and any new counters are set to zero.

Each mode uses a certain number of counters per policer instance that are allocated from the forwarding plane’s policer counter resources. You can view the total/allocated/free stats by using the tools dump system-resources command. If insufficient counters exist to implement a mode on any policer instance, the stat-mode change will fail and the previous mode will continue unaffected for all instances of the policer.

The default stat-mode when a policer is created within the policy is minimal.

The stat-mode setting defined for the policer in the QoS policy may be overridden on a SAP where the policy is applied. If insufficient policer counter resources exist to implement the override, the stat-mode override command will fail. The previous stat-mode setting active for the policer will continue to be used by the policer.

The no form of this command returns the policer’s stat-mode setting to minimal.

Refer to the 7450 ESS, 7750 SR, 7950 XRS, and VSR Quality of Service Guide for detailed information about the policer stat-mode command parameters.

stat-mode

Syntax 
stat-mode {no-stats |minimal |offered-profile-no-cir |offered-priority-no-cir |offered-profile-cir |offered-priority-cir |offered-total-cir |offered-limited-profile-cir |offered-profile-capped-cir |offered-limited-capped-cir}
no stat mode
Context 
[Tree] (config>qos>sap-ingress>dyn-policer stat-mode)
[Tree] (config>qos>sap-ingress>policer stat-mode)
Full Contexts 
configure qos sap-ingress dynamic-policer stat-mode
configure qos sap-ingress policer stat-mode
Description 

This command is used to configure the forwarding plane counters that allow offered, forwarded, and dropped accounting to occur for the policer. An ingress policer has multiple types of offered packets (explicit in-profile, explicit out-of-profile, uncolored, high-priority, or low priority) and each of these offered types is interacting with the policer’s metering and profiling functions resulting in colored output packets (green, yellow, and red). Due to the large number of policers, it is not economical to allocate counters in the forwarding plane for all possible offered packet types and output conditions. Many policers, for example, will not be configured with a CIR profiling rate and not all policers will receive explicitly profiled offered packets. The stat-mode command allows provisioning of the number of counters each policer requires and how the offered packet types and output conditions should be mapped to the counters.

While a no-stats mode is supported that prevents any packet accounting, the use of the policer’s parent command requires that the policer's stat-mode be set at least to the minimal setting so that offered stats are available for the policer's Fair Information Rate (FIR) to be calculated. When a policer has been made a child to a parent policer, the stat-mode cannot be changed to no-stats unless the policer parenting is first removed.

Each time the policer’s stat-mode is changed, any previous counter values are lost and any new counters are set to zero.

Each mode uses a certain number of counters per policer instance that are allocated from the forwarding plane’s policer counter resources. The total/allocated/free stats can be viewed by using the tools dump resource-usage card fp command. If insufficient counters exist to implement a mode on any policer instance, the stat-mode change will fail and the previous mode will continue unaffected for all instances of the policer.

The ingress policer stat-modes are described in Table 145.

Table 145:  Ingress Policer Stat Mode Summary 

Stat Mode

Stat Resources

Traffic Counters (Packet/Octets)

Comments

Offered

Dropped/Forwarded

no-stats

0

Minimal

1

Single counter entering policer

Single counter for dropped/forwarded exiting policer

offered-profile-no-cir

2

In/out entering policer

In/out entering policer

Intended for when the policer does not change the profile of packets. Includes only in-profile and out-of-profile.

offered-priority-no-cir

2

High/low entering policer

High/low entering policer

Intended for when only packet priority stats are required.

offered-profile-cir

4

In/out/uncolored entering policer

In/out exiting policer

Intended for when the policer can change the profile of packets to in-profile and out-of-profile.

offered-priority-cir

4

High/low entering policer

In/out exiting policer

Intended for when packet priority entering the policer and profile exiting the policer is required.

offered-total-cir

2

Single counter entering policer

In/out exiting policer

offered-limited-profile-cir

3

Out/uncolored entering policer

In/out exiting policer

Intended for when the policer can change the profile of packet to in-profile and out-of-profile. The information is limited compared to offered-profile-capped-cir with the benefit of using one less stat resource.

offered-profile-capped-cir

5

In/out/uncolored entering policer

In/out exiting policer

Intended for when the policer has profile-capped configured.

offered-limited-capped-cir

4

In/uncolored entering policer

In/out exiting policer

Intended for when the policer has profile-capped configured. The information is limited compared to offered-profile-capped-cir with the benefit of using one less stat resource.

The default stat-mode when a policer is created within the policy is minimal.

The stat-mode setting defined for the policer in the QoS policy may be overridden on an sla-profile or SAP where the policy is applied. If insufficient policer counter resources exist to implement the override, the stat-mode override command will fail. The previous stat-mode setting active for the policer will continue to be used by the policer.

The no form of this command attempts to return the policer’s stat-mode setting to minimal. The command will fail if insufficient policer counter resources exist to implement minimal where the QoS policer is currently applied and has a forwarding class mapping.

Parameters 
no-stats—
Counter resource allocation: 0

The policer does not have any forwarding plane counters allocated and cannot provide offered, dropped, and forwarded statistics. A policer using no-stats cannot be a child to a parent policer and the policer’s parent command will fail.

When collect-stats is enabled, no statistics are generated.

minimal—
Counter resource allocation: 1

This stat-mode provides the minimal accounting resource usage and counter information, and includes the total offered, dropped and forwarded packet and octet counters for traffic entering (offered) and exiting (dropped/forwarded) the policer.

The default stat-mode for a policer is minimal. The minimal mode allocates 1 forwarding plane offered counter and one traffic manager discard counter. The forwarding counter is derived by subtracting the discard counter from the offered counter. The counters do not differentiate possible offered types (profile or priority) and do not count in-profile or out-of-profile output. This does not prevent the policer from supporting different offered packet types and does not prevent the policer from supporting a CIR rate.

This counter mode is useful when only the most basic accounting information is required.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 146.

Table 146:  Ingress Accounting Statistics Collected in minimal stat-mode 

Show Output

Accounting Statistics Collected

Field

Field Description

Off. All

apo

AllPacketsOffered

aoo

AllOctetsOffered

Dro. All

apd

AllPacketsDropped

aod

AllOctetsDropped

For. All

apf

AllPacketsForwarded

aof

AllOctetsForwarded

offered-profile-no-cir —
Counter resource allocation: 2

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering the policer.

The offered-profile-no-cir mode allocates two forwarding plane offered counters and two traffic manager discard counters.

The offered-profile-no-cir mode is most useful when the policer is receiving only in-profile and out-of-profile premarked (and trusted) packets. It is expected that, in this instance, a CIR rate will not be defined since all packets are already premarked. This mode does not prevent the policer from receiving untrusted (color undefined) traffic nor does it prevent the policer from being configured with a CIR rate.

This mode is intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 147.

Table 147:  Ingress Accounting Statistics Collected in offered-profile-no-cir stat-mode 

Show Output

Accounting Statistics Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-priority-no-cir —
Counter resource allocation: 2

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the packet priority of traffic entering the policer.

The offered-priority-no-cir mode allocates two forwarding plane offered counters and two traffic manager discard counters.

The offered-priority-no-cir mode is most useful when the policer is receiving only untrusted packets and the ingress priority high and priority low classification options are being used without a CIR profiling rate defined. This mode does not prevent the policer from receiving trusted packets that are premarked in-profile or out-of-profile nor does it prevent the policer from being configured with a CIR rate.

This mode is intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 148.

Table 148:  Ingress Accounting Statistics Collected in offered-priority-no-cir stat-mode 

Show Output

Accounting Statistics Collected

Field

Field Description

Off. HiPrio

hpo

HighPriorityPacketsOffered

hoo

HighPriorityOctetsOffered

Off. LowPrio

lpo

LowPriorityPacketsOffered

loo

LowPriorityOctetsOffered

Dro. HiPrio

hpd

HighPriorityPacketsDropped

hod

HighPriorityOctetsDropped

Dro. LowPrio

lpd

LowPriorityPacketsDropped

lod

LowPriorityOctetsDropped

For. HiPrio

hpf

HighPriorityPacketsForwarded

hof

HighPriorityOctetsForwarded

For. LowPrio

lpf

LowPriorityPacketsForwarded

lof

LowPriorityOctetsForwarded

offered-profile-cir —
Counter resource allocation: 4

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when ingress reclassification is performed so that the traffic entering the policer comprises hard in/out and uncolored traffic. The offered counters cover traffic explicitly profiled to in-profile, traffic explicitly profiled to out-of-profile, and traffic that has not been explicitly profiled at ingress (uncolored).

The offered-profile-cir mode allocates four forwarding plane offered counters and four traffic manager discard counters.

The offered-profile-cir mode is most useful when the policer is receiving trusted out-of-profile and in-profile traffic and is also receiving untrusted packets that are being applied to a defined CIR profiling rate. This mode differs from offered-limited-profile-cir mode in that it expects both trusted in-profile and out-of-profile packets while still performing CIR profiling on packets with untrusted markings. If trusted in-profile packets are not being received, the offered-limited-profile-cir stat-mode could be used instead, which has the benefit of using a reduced number of stat resources.

This mode is intended to be used without profile-capped configured within the policer as this could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 149.

Table 149:  Ingress Accounting Statistics Collected in offered-profile-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Off. Uncolor

ucp

UncoloredPacketsOffered

uco

UncoloredOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-priority-cir —
Counter resource allocation: 4

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the priority of traffic entering the policer and the profile exiting the policer.

The offered-priority-cir mode allocates four forwarding plane offered counters and four traffic manager discard counters.

The offered-priority-cir mode is most useful when the policer is receiving only untrusted packets that are being classified as high priority or low priority and are being applied to a defined CIR profiling rate. This mode differs from offered-profile-cir mode in that it does not expect trusted in-profile and out-of-profile packets but does not exclude the ability of the policer to receive them.

This mode is intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 150.

Table 150:  Ingress Accounting Statistics Collected in offered-priority-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. HiPrio

hpo

HighPriorityPacketsOffered

hoo

HighPriorityOctetsOffered

Off. LowPrio

lpo

LowPriorityPacketsOffered

loo

LowPriorityOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-total-cir—
Counter resource allocation: 2

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer. All offered traffic is provided in a single counter.

The offered-total-cir mode allocates two forwarding plane offered counters and two traffic manager discard counters.

The offered-total-cir mode is most useful when the policer is not receiving trusted in-profile or out-of-profile traffic and both high- and low-priority classifications are not being used on the untrusted packets and the offered packets are being applied to a defined CIR profiling rate. This mode does not prevent the policer from receiving trusted in-profile or out-of-profile packets and does not prevent the use of priority high or low classifications on the untrusted packets.

This mode is intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 151.

Table 151:  Ingress Accounting Statistics Collected in offered-total-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. All

apo

AllPacketsOffered

aoo

AllOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-limited-profile-cir —
Counter resource allocation: 3

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when ingress reclassification is performed so that the traffic entering the policer comprises of hard out and uncolored. The offered counters cover traffic explicitly profiled to out-of-profile and traffic that has not been explicitly profiled at ingress (Uncolor). The traffic explicitly profiled to in-profile is counted with the uncolored traffic.

The offered-limited-profile-cir mode allocates three forwarding plane offered counters and three traffic manager discard counters.

The offered-limited-profile-cir mode is most useful when the policer is receiving trusted out-of-profile (profile out but no profile in) traffic and untrusted packets are being applied to a defined CIR profiling rate. This mode does not prevent the policer from receiving trusted in-profile packets. If trusted in-profile packets are not being received, the offered-limited-profile-cir is preferred over offered-profile-cir because it uses a reduced number of stat resources.

This mode is intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 152.

Table 152:  Ingress Accounting Statistics Collected in offered-limited-profile-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Off. Uncolor

ucp

UncoloredPacketsOffered

uco

UncoloredOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-profile-cir —
Counter resource allocation: 4
offered-profile-capped-cir —
Counter resource allocation: 5

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when ingress reclassification is performed so that the traffic entering the policer comprises of hard in/out and uncolored. The offered counters cover traffic explicitly profiled to in-profile, traffic explicitly profiled to out-of-profile, and traffic that has not been explicitly profiled at ingress (Uncolor).

When offered-profile-capped-cir is defined, the system creates five offered-output counters in the forwarding plane and five discard counters in the traffic manager.

The offered-profile-capped-cir mode is similar to the offered-profile-cir mode except that it includes support for profile in and soft-in-profile that may be output as out-of-profile due to enabling profile-capped mode on the ingress policer.

The impact of using offered-profile-capped-cir stat-mode while profile-capped mode is disabled is that one of the counting resources in the forwarding plane and traffic manager will not be used.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 153.

Table 153:  Ingress Accounting Statistics Collected in offered-profile-capped-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Off. Uncolor

ucp

UncoloredPacketsOffered

uco

UncoloredOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-limited-capped-cir —
Counter resource allocation: 4

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when ingress reclassification is performed resulting in the traffic entering the policer comprising of hard in/out and uncolored. The offered counters cover in-profile traffic and traffic that has not been explicitly profiled at ingress (Uncolor). The traffic explicitly profiled to out-of-profile is counted with the uncolored traffic.

When offered-limited-capped-cir is defined, the system creates four forwarding plane offered-output counters in the network processor and four discard counters in the traffic manager.

The offered-limited-capped-cir mode is similar to the offered-profile-capped-cir mode except that it combines soft in-profile with profile in (InProf) and profile out (OutProf) with soft-out-of-profile (Uncolor) and eliminates the “offered undefined” statistic. If trusted out-of-profile packets are not being received, the offered-limited-capped-cir is preferred over offered-profile-capped-cir because it uses a reduced number of stat resources.

This mode is intended to be used with profile-capped configured within the policer.

The impact of using offered-limited-capped-cir stat-mode while profile-capped mode is disabled is that one of the counting resources in the forwarding plane and traffic manager will not be used.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 154.

Table 154:  Ingress Accounting Statistics Collected in offered-limited-capped-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. Uncolor

ucp

UncoloredPacketsOffered

uco

UncoloredOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

stat-mode

Syntax 
stat-mode {no-stats |minimal |offered-profile-no-cir |offered-profile-cir |offered-total-cir |offered-limited-capped-cir |offered-profile-capped-cir}
no stat mode
Context 
[Tree] (config>qos>sap-egress>dyn-policer stat-mode)
Full Contexts 
configure qos sap-egress dynamic-policer stat-mode
Description 

The sap-egress QoS policy's policer stat-mode command is used to configure the forwarding plane counters that allow offered, forwarded, and dropped accounting to occur for the policer. An egress policer has multiple types of offered packets (soft in-profile and out-of-profile from ingress and hard in-profile, out-of-profile, and exceed-profile due to egress profile overrides) and each of these offered types is interacting with the policer’s metering and profiling functions resulting in colored output packets (green, yellow, and red). Due to the potential large number of egress policers, it is not economical to allocate counters in the forwarding plane for all possible offered packet types and output conditions. Many policers, for example, will not be configured with a CIR profiling rate and not all policers will receive explicitly reprofiled offered packets. The stat-mode command allows provisioning of the number of counters each policer requires and how the offered packet types and output conditions should be mapped to the counters.

While a no-stats mode is supported that prevents any packet accounting, the use of the policer's parent command requires that the policer’s stat-mode be set at least to the minimal setting so that offered stats are available for the policer’s Fair Information Rate (FIR) to be calculated. When a policer has been made a child to a parent policer, the stat-mode cannot be changed to no-stats unless the policer parenting is first removed.

Each time the policer's stat-mode is changed, any previous counter values are lost and any new counters are set to zero.

Each mode uses a certain number of counters per policer instance that are allocated from the forwarding plane's policer counter resources. The total, allocated, and free statistics can be viewed by using the tools dump resource-usage card fp command. If insufficient counters exist to implement a mode on any policer instance, the stat-mode change will fail and the previous mode will continue unaffected for all instances of the policer.

The egress policer stat-modes are described in Table 155.

Table 155:   Egress Policer Stat-mode Summary

Stat Mode

Stat Resources

Traffic Counters (Packet/Octets)

Comments

Offered

Dropped/Forwarded

no-stats

0

minimal

1

Single counter entering policer

Single counter for dropped/forwarded exiting policer

offered-profile-no-cir

2

In or out entering policer

In/out entering policer

Intended for when the policer does not change the profile of packets. Includes only in-profile and out-of-profile.

offered-profile-cir

4

In, out, or uncolored (which corresponds to hard in-profile, hard out-of-profile, or soft in- or out-of-profile) entering policer

In/out exiting policer

Intended for when the policer can change the profile of packets to in-profile and out-of-profile.

offered-total-cir

2

Single counter entering policer

In/out exiting policer

offered-limited-capped-cir

4

In or out entering policer

In/out exiting policer

Intended for when the policer has profile-capped configured. The information is limited compared to offered-profile-capped-cir with the benefit of using one less stat resource.

offered-profile-capped-cir

5

In, out, or uncolored (which corresponds to hard in-profile, hard out-of-profile, or soft in- or out-of-profile) entering policer

In/out exiting policer

Intended for when the policer has profile-capped configured

When a policer is created within the policy, the default setting for stat-mode is minimal.

The stat-mode setting defined for the policer in the QoS policy may be overridden on an sla-profile or SAP where the policy is applied. If insufficient policer counter resources exist to implement the override, the stat-mode override command will fail. The previous stat-mode setting active for the policer will continue to be used by the policer.

The no form of this command attempts to return the policer’s stat-mode setting to minimal. The command will fail if insufficient policer counter resources exist to implement minimal where the QoS policer is currently applied and has a forwarding class mapping.

Parameters 
no-stats—
Counter resource allocation: 0

The policer does not have any forwarding plane counters allocated and cannot provide offered, discard, and forward statistics. A policer using no-stats cannot be a child to a parent policer and the policer’s parent command will fail.

When collect-stats is enabled, no statistics are generated.

minimal—
Counter resource allocation: 1

This stat-mode provides the minimal accounting resource usage and counter information, and includes only the total offered, dropped and forwarded packet and octet counters for traffic entering (offered) and exiting (dropped/forwarded) the policer.

The default stat-mode for a policer is minimal. The minimal mode allocates 1 forwarding plane offered counter and one traffic manager discard counter. The forwarding counter is derived by subtracting the discard counter from the offered counter. The counters do not differentiate possible offered types and do not count different profile output. This does not prevent the policer from supporting different offered packet types and does not prevent the policer from supporting a CIR rate or using exceed PIR.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 156.

Table 156:  Egress Accounting Statistics Collected in minimal stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. All

apo

AllPacketsOffered

aoo

AllOctetsOffered

Dro. All

apd

AllPacketsDropped

aod

AllOctetsDropped

For. All

apf

AllPacketsForwarded

aof

AllOctetsForwarded

offered-profile-no-cir —
Counter resource allocation: 2

This stat-mode provides offered, dropped, and forwarded packet and octet counters corresponding to the profile of traffic entering the policer. inplus-profile traffic is counted with the in-profile counters and exceed-profile traffic is counted with the out-of-profile counters.

The offered-profile-no-cir mode allocates two forwarding plane offered counters and two traffic manager discard counters.

The offered-profile-no-cir mode is most useful when profile-based offered, dropped, and forwarded stats are required from the egress policer, but a CIR or enable-exceed-pir is not being used to recolor the soft in-profile and out-of-profile packets. This mode does not prevent the policer from being configured with a CIR rate or using enable-exceed-pir.

This mode is intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 157.

Table 157:  Egress Accounting Statistics Collected in offered-profile-no-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-profile-cir —
Counter resource allocation: 4

This stat-mode provides offered, dropped, and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when egress reclassification is performed so that the traffic entering the policer is made up of traffic that is inplus-profile, in-profile, out-of-profile, exceed-profile, soft in-profile, and soft out-of-profile. The offered counters cover traffic reclassified to in-profile (which includes traffic reclassified to inplus-profile), traffic reclassified to out-of-profile (which includes traffic reclassified to exceed-profile) and traffic which has not been reclassified at egress (Uncolor). In the dropped and forwarded counters, inplus-profile traffic is counted with the in-profile counter and exceed-profile traffic is counted with the out-of-profile counter.

The offered-profile-cir mode allocates four forwarding plane offered counters and four traffic manager discard counters.

The offered-profile-cir mode is most useful when profile-based offered, dropped and forwarded stats are required from the egress policer and a CIR rate is being used to recolor the soft in-profile and out-of-profile packets.

This mode is intended to be used without profile-capped or enable-exceed-pir configured within the policer as these could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 158.

Table 158:  Egress Accounting Statistics Collected in offered-profile-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Off. Uncolor

ucp

UncoloredPacketsOffered

uco

UncoloredOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-total-cir—
Counter resource allocation: 2

This stat-mode provides offered, dropped, and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer. All offered traffic is provided in a single counter. In the dropped and forwarded counters, inplus-profile traffic is counted with the in-profile counter and exceed-profile traffic is counted with the out-of-profile counter.

The offered-total-cir mode allocates two forwarding plane offered counters and two traffic manager discard counters.

The offered-total-cir mode is most useful when the policer is not receiving trusted in-profile or out-of-profile traffic, and both high- and low- priority classifications are not being used on the untrusted packets, and the offered packets are being applied to a defined CIR profiling rate. This mode does not prevent the policer from receiving trusted in-profile or out-of-profile packets and does not prevent the use of priority high or low classifications on the untrusted packets.

This mode is intended to be used without profile-capped or enable-exceed-pir configured within the policer as these could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 159.

Table 159:  Egress Accounting Statistics Collected in offered-total-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. All

apo

AllPacketsOffered

aoo

AllOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-limited-capped-cir —
Counter resource allocation: 4

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when egress reclassification is performed so that the traffic entering the policer is made up of traffic that is inplus-profile, in-profile, out-of-profile, exceed-profile, soft in-profile, and soft out-of-profile. The offered counters cover in-profile traffic (which includes traffic reclassified to inplus-profile) and out-of-profile traffic (which includes traffic reclassified to exceed-profile). In the dropped and forwarded counters, inplus-profile traffic is counted with the in-profile counter and exceed-profile traffic is counted with the out-of-profile counter.

offered-limited-capped-cir is defined, the system creates four forwarding plane offered-output counters in the network processor and three discard counters in the traffic manager.

The offered-limited-capped-cir mode is similar to the offered-profile-capped-cir mode except that it combines soft in-profile with profile in and soft-out-of-profile with profile out and eliminates the offered-undefined statistic.

The impact of using offered-limited-capped-cir stat-mode while profile-capped mode is disabled is that one of the counting resources in the forwarding plane and traffic manager will not be used and soft-in-profile will be treated as offered-in instead of offered-undefined.

This mode is intended to be used with profile-capped configured within the policer but without enable-exceed-pir configured as this could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 160.

Table 160:  Egress Accounting Statistics Collected in offered-limited-capped-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-profile-capped-cir —
Counter resource allocation: 5

This stat-mode provides offered, dropped, and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when egress reclassification is performed so that the traffic entering the policer is made up of traffic that is inplus-profile, in-profile, out-of-profile, exceed-profile, soft in-profile, and soft out-of-profile. The offered counters cover traffic reclassified to in-profile (which includes traffic reclassified to inplus-profile), traffic reclassified to out-of-profile (which includes traffic reclassified to exceed-profile) and traffic that has not been reclassified at egress (uncolored). In the dropped and forwarded counters, inplus-profile traffic is counted with the in-profile counter and exceed-profile traffic is counted with the out-of-profile counter.

When offered-profile-capped-cir is defined, the system creates five offered-output counters in the forwarding plane and five discard counters in the traffic manager.

The offered-profile-capped-cir mode is similar to the offered-profile-cir mode except that it includes support for profile inplus, profile in and soft-in-profile that may be output as out-of-profile due to enabling profile-capped mode on the ingress policer.

The impact of using offered-profile-capped-cir stat-mode while profile-capped mode is disabled is that one of the counting resources in the forwarding plane and traffic manager will not be used and soft-in-profile will be treated as offered-in (hard in-profile) instead of offered-undefined (uncolored).

This mode is intended to be used with profile-capped configured within the policer but without enable-exceed-pir configured as this could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 161.

Table 161:  Egress Accounting Statistics Collected in offered-profile-capped-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Off. Uncolor

ucp

UncoloredPacketsOffered

uco

UncoloredOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

stat-mode

Syntax 
stat-mode {no-stats |minimal |offered-profile-no-cir |offered-profile-cir |offered-total-cir |offered-limited-capped-cir |offered-profile-capped-cir |offered-total-cir-exceed |offered-four-profile-no-cir |offered-total-cir-four-profile}
no stat mode
Context 
[Tree] (config>qos>sap-egress>policer stat-mode)
Full Contexts 
configure qos sap-egress policer stat-mode
Description 

The sap-egress QoS policy's policer stat-mode command is used to configure the forwarding plane counters that allow offered, forwarded, and dropped accounting to occur for the policer. An egress policer has multiple types of offered packets (soft in-profile and out-of-profile from ingress and hard in-profile, out-of-profile, and exceed-profile due to egress profile overrides) and each of these offered types is interacting with the policer’s metering and profiling functions resulting in colored output packets (green, yellow, and red). Due to the potential large number of egress policers, it is not economical to allocate counters in the forwarding plane for all possible offered packet types and output conditions. Many policers, for example, will not be configured with a CIR profiling rate and not all policers will receive explicitly reprofiled offered packets. The stat-mode command allows provisioning of the number of counters each policer requires and how the offered packet types and output conditions should be mapped to the counters.

While a no-stats mode is supported that prevents any packet accounting, the use of the policer's parent command requires that the policer’s stat-mode be set at least to the minimal setting so that offered stats are available for the policer’s Fair Information Rate (FIR) to be calculated. When a policer has been made a child to a parent policer, the stat-mode cannot be changed to no-stats unless the policer parenting is first removed.

Each time the policer's stat-mode is changed, any previous counter values are lost and any new counters are set to zero.

Each mode uses a certain number of counters per policer instance that are allocated from the forwarding plane's policer counter resources. The total, allocated, and free statistics can be viewed by using the tools dump resource-usage card fp command. If insufficient counters exist to implement a mode on any policer instance, the stat-mode change will fail and the previous mode will continue unaffected for all instances of the policer.

The egress policer stat-modes are described in Table 162.

Table 162:  Egress Policer Stat-mode Summary

Stat Mode

Stat Resources

Traffic Counters (Packet/Octets)

Comments

Offered

Dropped/Forwarded

no-stats

0

minimal

1

Single counter entering policer

Single counter for dropped/forwarded exiting policer

offered-profile-no-cir

2

In or out entering policer

In/out entering policer

Intended for when the policer does not change the profile of packets. Includes only in-profile and out-of-profile.

offered-profile-cir

4

In, out, or uncolored (which corresponds to hard in-profile, hard out-of-profile, or soft in- or out-of-profile) entering policer

In/out exiting policer

Intended for when the policer can change the profile of packets to in-profile and out-of-profile.

offered-total-cir

2

Single counter entering policer

In/out exiting policer

offered-limited-capped-cir

4

In or out entering policer

In/out exiting policer

Intended for when the policer has profile-capped configured. The information is limited compared to offered-profile-capped-cir with the benefit of using one less stat resource.

offered-profile-capped-cir

5

In, out, or uncolored (which corresponds to hard in-profile, hard out-of-profile, or soft in- or out-of-profile) entering policer

In/out exiting policer

Intended for when the policer has profile-capped configured

offered-total-cir-exceed

3

Single counter entering policer

In/out/exceed exiting policer

Intended for when the policer is configured with enable-exceed-pir to forward packets that exceed its configured PIR or when traffic is reclassified at egress to exceed-profile

offered-four-profile-no-cir

4

Inplus, in, out, or exceed entering policer

Inplus/in/out/exceed entering policer

Intended to be used when the policer does not change the profile of the packets and traffic is reclassified at egress to inplus and/or exceed-profile

offered-total-cir-four-profile

4

Single counter entering policer

Inplus, in, out, or exceed exiting policer

Intended to be used when the policer can change the profile of the packet and traffic is reclassified at egress to profile inplus

When a policer is created within the policy, the default setting for stat-mode is minimal.

The stat-mode setting defined for the policer in the QoS policy may be overridden on an sla-profile or SAP where the policy is applied. If insufficient policer counter resources exist to implement the override, the stat-mode override command will fail. The previous stat-mode setting active for the policer will continue to be used by the policer.

The no form of this command attempts to return the policer’s stat-mode setting to minimal. The command will fail if insufficient policer counter resources exist to implement minimal where the QoS policer is currently applied and has a forwarding class mapping.

Parameters 
no-stats—
Counter resource allocation: 0

The policer does not have any forwarding plane counters allocated and cannot provide offered, discard, and forward statistics. A policer using no-stats cannot be a child to a parent policer and the policer’s parent command will fail.

When collect-stats is enabled, no statistics are generated.

minimal—
Counter resource allocation: 1

This stat-mode provides the minimal accounting resource usage and counter information, and includes only the total offered, dropped and forwarded packet and octet counters for traffic entering (offered) and exiting (dropped/forwarded) the policer.

The default stat-mode for a policer is minimal. The minimal mode allocates 1 forwarding plane offered counter and one traffic manager discard counter. The forwarding counter is derived by subtracting the discard counter from the offered counter. The counters do not differentiate possible offered types and do not count different profile output. This does not prevent the policer from supporting different offered packet types and does not prevent the policer from supporting a CIR rate or using exceed PIR.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 163.

Table 163:  Egress Accounting Statistics Collected in minimal stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. All

apo

AllPacketsOffered

aoo

AllOctetsOffered

Dro. All

apd

AllPacketsDropped

aod

AllOctetsDropped

For. All

apf

AllPacketsForwarded

aof

AllOctetsForwarded

offered-profile-no-cir —
Counter resource allocation: 2

This stat-mode provides offered, dropped, and forwarded packet and octet counters corresponding to the profile of traffic entering the policer. inplus-profile traffic is counted with the in-profile counters and exceed-profile traffic is counted with the out-of-profile counters.

The offered-profile-no-cir mode allocates two forwarding plane offered counters and two traffic manager discard counters.

The offered-profile-no-cir mode is most useful when profile-based offered, dropped, and forwarded stats are required from the egress policer, but a CIR or enable-exceed-pir is not being used to recolor the soft in-profile and out-of-profile packets. This mode does not prevent the policer from being configured with a CIR rate or using enable-exceed-pir.

This mode is intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 164.

Table 164:  Egress Accounting Statistics Collected in offered-profile-no-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-profile-cir —
Counter resource allocation: 4

This stat-mode provides offered, dropped, and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when egress reclassification is performed so that the traffic entering the policer is made up of traffic that is inplus-profile, in-profile, out-of-profile, exceed-profile, soft in-profile, and soft out-of-profile. The offered counters cover traffic reclassified to in-profile (which includes traffic reclassified to inplus-profile), traffic reclassified to out-of-profile (which includes traffic reclassified to exceed-profile) and traffic which has not been reclassified at egress (Uncolor). In the dropped and forwarded counters, inplus-profile traffic is counted with the in-profile counter and exceed-profile traffic is counted with the out-of-profile counter.

The offered-profile-cir mode allocates four forwarding plane offered counters and four traffic manager discard counters.

The offered-profile-cir mode is most useful when profile-based offered, dropped and forwarded stats are required from the egress policer and a CIR rate is being used to recolor the soft in-profile and out-of-profile packets.

This mode is intended to be used without profile-capped or enable-exceed-pir configured within the policer as these could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 165.

Table 165:  Egress Accounting Statistics Collected in offered-profile-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Off. Uncolor

ucp

UncoloredPacketsOffered

uco

UncoloredOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-total-cir—
Counter resource allocation: 2

This stat-mode provides offered, dropped, and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer. All offered traffic is provided in a single counter. In the dropped and forwarded counters, inplus-profile traffic is counted with the in-profile counter and exceed-profile traffic is counted with the out-of-profile counter.

The offered-total-cir mode allocates two forwarding plane offered counters and two traffic manager discard counters.

The offered-total-cir mode is most useful when the policer is not receiving trusted in-profile or out-of-profile traffic, and both high- and low- priority classifications are not being used on the untrusted packets, and the offered packets are being applied to a defined CIR profiling rate. This mode does not prevent the policer from receiving trusted in-profile or out-of-profile packets and does not prevent the use of priority high or low classifications on the untrusted packets.

This mode is intended to be used without profile-capped or enable-exceed-pir configured within the policer as these could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 166.

Table 166:  Egress Accounting Statistics Collected in offered-total-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. All

apo

AllPacketsOffered

aoo

AllOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-limited-capped-cir —
Counter resource allocation: 4

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when egress reclassification is performed so that the traffic entering the policer is made up of traffic that is inplus-profile, in-profile, out-of-profile, exceed-profile, soft in-profile, and soft out-of-profile. The offered counters cover in-profile traffic (which includes traffic reclassified to inplus-profile) and out-of-profile traffic (which includes traffic reclassified to exceed-profile). In the dropped and forwarded counters, inplus-profile traffic is counted with the in-profile counter and exceed-profile traffic is counted with the out-of-profile counter.

offered-limited-capped-cir is defined, the system creates four forwarding plane offered-output counters in the network processor and three discard counters in the traffic manager.

The offered-limited-capped-cir mode is similar to the offered-profile-capped-cir mode except that it combines soft in-profile with profile in and soft-out-of-profile with profile out and eliminates the offered-undefined statistic.

The impact of using offered-limited-capped-cir stat-mode while profile-capped mode is disabled is that one of the counting resources in the forwarding plane and traffic manager will not be used and soft-in-profile will be treated as offered-in instead of offered-undefined.

This mode is intended to be used with profile-capped configured within the policer but without enable-exceed-pir configured as this could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 167.

Table 167:  Egress Accounting Statistics Collected in offered-limited-capped-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-profile-capped-cir —
Counter resource allocation: 5

This stat-mode provides offered, dropped, and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when egress reclassification is performed so that the traffic entering the policer is made up of traffic that is inplus-profile, in-profile, out-of-profile, exceed-profile, soft in-profile, and soft out-of-profile. The offered counters cover traffic reclassified to in-profile (which includes traffic reclassified to inplus-profile), traffic reclassified to out-of-profile (which includes traffic reclassified to exceed-profile) and traffic that has not been reclassified at egress (uncolored). In the dropped and forwarded counters, inplus-profile traffic is counted with the in-profile counter and exceed-profile traffic is counted with the out-of-profile counter.

When offered-profile-capped-cir is defined, the system creates five offered-output counters in the forwarding plane and five discard counters in the traffic manager.

The offered-profile-capped-cir mode is similar to the offered-profile-cir mode except that it includes support for profile inplus, profile in and soft-in-profile that may be output as out-of-profile due to enabling profile-capped mode on the ingress policer.

The impact of using offered-profile-capped-cir stat-mode while profile-capped mode is disabled is that one of the counting resources in the forwarding plane and traffic manager will not be used and soft-in-profile will be treated as offered-in (hard in-profile) instead of offered-undefined (uncolored).

This mode is intended to be used with profile-capped configured within the policer but without enable-exceed-pir configured as this could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 168.

Table 168:  Egress Accounting Statistics Collected in offered-profile-capped-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Off. Uncolor

ucp

UncoloredPacketsOffered

uco

UncoloredOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-total-cir-exceed —
Counter resource allocation: 3

This stat-mode provides offered, dropped, and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer. All offered traffic is provided in a single counter. In the dropped and forwarded counters, inplus-profile traffic is counted with the in-profile counter. The offered-total-cir-exceed mode allocates three forwarding plane offered counters and three traffic manager discard counters.

The offered-total-cir-exceed mode is similar to the offered-total-cir mode except that it includes support for forwarded and dropped counters for profile exceed.

This mode is intended to be used when the policer is configured with enable-exceed-pir to forward packets that exceed its configured PIR or when traffic is egress reclassified to profile exceed. The mode gives the forwarded and dropped counters per profile (in, out, exceed). It is also intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer. This stat-mode is not supported for dynamic policers.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 169.

Table 169:  Egress Accounting Statistics Collected in offered-total-cir-exceed stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. All

apo

AllPacketsOffered

aoo

AllOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

Dro. ExcProf

xpd

ExceedProfilePktsDropped

xod

ExceedProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

For. ExcProf

xpf

ExceedProfilePktsForwarded

xof

ExceedProfileOctetsForwarded

offered-four-profile-no-cir —
Counter resource allocation: 4

This stat-mode provides offered, dropped, and forwarded packet and octet counters corresponding to the profile of traffic entering the policer. Offered, dropped, and forwarded counters are provided for inplus, in, out and exceed-profile traffic.

The offered-four-profile-no-cir mode allocates four forwarding plane offered counters and four traffic manager discard counters.

The offered-four-profile-no-cir mode is similar to the offered-profile-no-cir mode except that it includes support for offered, dropped, and forwarded counters for both inplus-profile and exceed-profile.

This mode is intended to be used when traffic is egress reclassified to inplus and/or exceed-profile. It is also intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer. This stat-mode is not supported for dynamic policers.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 170.

Table 170:  Egress Accounting Statistics Collected in offered-four-profile-no-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Off. ExcProf

xpo

ExceedProfilePacketsOffered

xoo

ExceedProfileOctetsOffered

Off. InplusProf

ppo

InplusProfilePacketsOffered

poo

InplusProfileOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

Dro. ExcProf

xpd

ExceedProfilePktsDropped

xod

ExceedProfileOctetsDropped

Dro. InprofProf

ppd

InplusProfilePktsDropped

pod

InplusProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

For. ExcProf

xpf

ExceedProfilePktsForwarded

xof

ExceedProfileOctetsForwarded

For. InplusProf

ppf

InplusProfilePktsForwarded

pof

InplusProfileOctetsForwarded

offered-total-cir-four-profile —
Counter resource allocation: 4

This stat-mode provides offered, dropped, and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer. All offered traffic is provided in a single counter. There is a separate dropped and forwarded counter for inplus, in, out and exceed-profile traffic.

The offered-total-cir-four-profile mode allocates four forwarding plane offered counters and four traffic manager discard counters.

The offered-total-cir-four-profile mode is similar to the offered-total-cir except that it includes support for forwarded and dropped counters for both profile inplus and profile exceed.

This mode is intended to be used when traffic is reclassified at egress to inplus-profile. It is also intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer. This stat-mode is not supported for dynamic policers.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 171.

Table 171:  Egress Accounting Statistics Collected in offered-total-cir-four-profile stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. All

apo

AllPacketsOffered

aoo

AllOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

Dro. ExcProf

xpd

ExceedProfilePktsDropped

xod

ExceedProfileOctetsDropped

Dro. InprofProf

ppd

InplusProfilePktsDropped

pod

InplusProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

For. ExcProf

xpf

ExceedProfilePktsForwarded

xof

ExceedProfileOctetsForwarded

For. InplusProf

ppf

InplusProfilePktsForwarded

pof

InplusProfileOctetsForwarded

stat-mode

Syntax 
stat-mode {no-stats |minimal |offered-profile-no-cir |offered-priority-no-cir |offered-profile-cir |offered-priority-cir |offered-total-cir |offered-limited-profile-cir |offered-profile-capped-cir |offered-limited-capped-cir}
no stat mode
Context 
[Tree] (config>qos>qgrps>ing>qgrp>policer stat-mode)
Full Contexts 
configure qos queue-group-templates ingress queue-group policer stat-mode
Description 

This command is used to configure the forwarding plane counters that allow offered, forwarded, and dropped accounting to occur for the policer. An ingress policer has multiple types of offered packets (explicit in-profile, explicit out-of-profile, uncolored, high-priority or low-priority) and each of these offered types is interacting with the policer’s metering and profiling functions resulting in colored output packets (green, yellow, and red). Due to the large number of policers, it is not economical to allocate counters in the forwarding plane for all possible offered packet types and output conditions. Many policers, for example, will not be configured with a CIR profiling rate and not all policers will receive explicitly profiled offered packets. The stat-mode command allows provisioning of the number of counters each policer requires and how the offered packet types and output conditions should be mapped to the counters.

While a no-stats mode is supported that prevents any packet accounting, the use of the policer’s parent command requires that the policer's stat-mode be set at least to the minimal setting so that offered stats are available for the policer's Fair Information Rate (FIR) to be calculated. When a policer has been made a child to a parent policer, the stat-mode cannot be changed to no-stats unless the policer parenting is first removed.

Each time the policer’s stat-mode is changed, any previous counter values are lost and any new counters are set to zero.

Each mode uses a certain number of counters per policer instance that are allocated from the forwarding plane’s policer counter resources. The total/allocated/free stats can be viewed by using the tools dump resource-usage card fp command. If insufficient counters exist to implement a mode on any policer instance, the stat-mode change will fail and the previous mode will continue unaffected for all instances of the policer.

The stat-modes are described in Table 172.

Table 172:   Stat Mode Descriptions

Stat Mode

Stat Resources

Traffic Counters (Packet/Octets)

Comments

Offered

Dropped/Forwarded

no-stats

0

None

None

Minimal

1

Single counter entering policer

Single counter for dropped/forwarded exiting policer

offered-profile-no-cir

2

In/out entering policer

In/out entering policer

Intended for when the policer does not change the profile of packets. Includes only in- and out-of-profile.

offered-priority-no-cir

2

High/low entering policer

High/low entering policer

Intended for when only packet priority stats are required.

offered-profile-cir

4

In/out/uncolored entering policer

In/out exiting policer

Intended for when the policer can change the profile of packets to in- and out-of-profile.

offered-priority-cir

4

High/low entering policer

In/out exiting policer

Intended for when packet priority entering the policer and profile exiting the policer is required.

offered-total-cir

2

Single counter entering policer

In/out exiting policer

offered-limited-profile-cir

3

Out/uncolored entering policer

In/out exiting policer

Intended for when the policer can change the profile of packet to in- and out-of-profile. The information is limited compared to offered-profile-capped-cir with the benefit of using one less stat resource.

offered-profile-capped-cir

5

In/out/uncolored entering policer

In/out exiting policer

Intended for when the policer has profile-capped configured.

offered-limited-capped-cir

4

In/uncolored entering policer

In/out exiting policer

Intended for when the policer has profile-capped configured. The information is limited compared to offered-profile-capped-cir with the benefit of using one less stat resource.

The default stat-mode when a policer is created within the policy is minimal.

The stat-mode setting defined for the policer in the QoS policy may be overridden on an sla-profile or SAP where the policy is applied. If insufficient policer counter resources exist to implement the override, the stat-mode override command will fail. The previous stat-mode setting active for the policer will continue to be used by the policer.

The no form of this command attempts to return the policer’s stat-mode setting to minimal. The command will fail if insufficient policer counter resources exist to implement minimal where the QoS policer is currently applied and has a forwarding class mapping.

Parameters 
no-stats—
Counter resource allocation: 0

The policer does not have any forwarding plane counters allocated and cannot provide offered, dropped and forwarded statistics. A policer using no-stats cannot be a child to a parent policer and the policer’s parent command will fail.

When collect-stats is enabled, no statistics are generated.

minimal—
Counter resource allocation: 1

This stat-mode provides the minimal accounting resource usage and counter information, and includes the total offered, dropped and forwarded packet and octet counters for traffic entering (offered) and exiting (dropped/forwarded) the policer.

The default stat-mode for a policer is minimal. The minimal mode allocates 1 forwarding plane offered counter and one traffic manager discard counter. The forwarding counter is derived by subtracting the discard counter from the offered counter. The counters do not differentiate possible offered types (profile or priority) and do not count in-profile or out-of-profile output. This does not prevent the policer from supporting different offered packet types and does not prevent the policer from supporting a CIR rate.

This counter mode is useful when only the most basic accounting information is required.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 173.

Table 173:  Ingress Accounting Statistics Collected in minimal stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. All

apo

AllPacketsOffered

aoo

AllOctetsOffered

Dro. All

apd

AllPacketsDropped

aod

AllOctetsDropped

For. All

apf

AllPacketsForwarded

aof

AllOctetsForwarded

offered-profile-no-cir —
Counter resource allocation: 2

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering the policer.

The offered-profile-no-cir mode allocates two forwarding plane offered counters and two traffic manager discard counters.

The offered-profile-no-cir mode is most useful when the policer is receiving only in-profile and out-of-profile premarked (and trusted) packets. It is expected that, in this instance, a CIR rate will not be defined since all packets are already premarked. This mode does not prevent the policer from receiving untrusted (color undefined) nor does it prevent the policer from being configured with a CIR rate.

This mode is intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 174.

Table 174:  Ingress Accounting Statistics Collected in offered-profile-no-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-priority-no-cir —
Counter resource allocation: 2

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the packet priority of traffic entering the policer.

The offered-priority-no-cir mode allocates two forwarding plane offered counters and two traffic manager discard counters.

The offered-priority-no-cir mode is most useful when the policer is receiving only untrusted packets and the ingress priority high and priority low classification options are being used without a CIR profiling rate defined. This mode does not prevent the policer from receiving trusted packets that are premarked in-profile or out-of-profile nor does it prevent the policer from being configured with a CIR rate.

This mode is intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 175.

Table 175:  Ingress Accounting Statistics Collected in offered-priority-no-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. HiPrio

hpo

HighPriorityPacketsOffered

hoo

HighPriorityOctetsOffered

Off. LowPrio

lpo

LowPriorityPacketsOffered

loo

LowPriorityOctetsOffered

Dro. HiPrio

hpd

HighPriorityPacketsDropped

hod

HighPriorityOctetsDropped

Dro. LowPrio

lpd

LowPriorityPacketsDropped

lod

LowPriorityOctetsDropped

For. HiPrio

hpf

HighPriorityPacketsForwarded

hof

HighPriorityOctetsForwarded

For. LowPrio

lpf

LowPriorityPacketsForwarded

lof

LowPriorityOctetsForwarded

offered-profile-cir —
Counter resource allocation: 4

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when ingress reclassification is performed so that the traffic entering the policer comprises of hard in/out and uncolored. The offered counters cover traffic explicitly profiled to in-profile, traffic explicitly profiled to out-of-profile, and traffic that has not been explicitly profiled at ingress (uncolored).

The offered-profile-cir mode allocates four forwarding plane offered counters and four traffic manager discard counters.

The offered-profile-cir mode is most useful when the policer is receiving trusted out-of-profile and in-profile traffic and is also receiving untrusted packets that are being applied to a defined CIR profiling rate. This mode differs from offered-limited-profile-cir mode in that it expects both trusted in-profile and out-of-profile packets while still performing CIR profiling on packets with untrusted markings. If trusted in-profile packets are not being received, the offered-limited-profile-cir stat-mode could be used instead, which has the benefit of using a reduced number of stat resources.

This mode is intended to be used without profile-capped configured within the policer as this could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 176.

Table 176:  Ingress Accounting Statistics Collected in offered-profile-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Off. Uncolor

ucp

UncoloredPacketsOffered

uco

UncoloredOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-priority-cir —
Counter resource allocation: 4

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the priority of traffic entering the policer and the profile exiting the policer.

The offered-priority-cir mode allocates four forwarding plane offered counters and four traffic manager discard counters.

The offered-priority-cir mode is most useful when the policer is receiving only untrusted packets that are being classified as high priority or low priority and are being applied to a defined CIR profiling rate. This mode differs from offered-profile-cir mode in that it does not expect trusted in-profile and out-of-profile packets but does not exclude the ability of the policer to receive them.

This mode is intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 177.

Table 177:  Ingress Accounting Statistics Collected in offered-priority-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. HiPrio

hpo

HighPriorityPacketsOffered

hoo

HighPriorityOctetsOffered

Off. LowPrio

lpo

LowPriorityPacketsOffered

loo

LowPriorityOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-total-cir—
Counter resource allocation: 2

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer. All offered traffic is provided in a single counter.

The offered-total-cir mode allocates two forwarding plane offered counters and two traffic manager discard counters.

The offered-total-cir mode is most useful when the policer is not receiving trusted in-profile or out-of-profile traffic and both high- and low-priority classifications are not being used on the untrusted packets and the offered packets are being applied to a defined CIR profiling rate. This mode does not prevent the policer from receiving trusted in-profile or out-of-profile packets and does not prevent the use of priority high or low classifications on the untrusted packets.

This mode is intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 178.

Table 178:  Ingress Accounting Statistics collected in offered-total-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. All

apo

AllPacketsOffered

aoo

AllOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-limited-profile-cir —
Counter resource allocation: 3

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when ingress reclassification is performed so that the traffic entering the policer comprises of hard out and uncolored. The offered counters cover traffic explicitly profiled to out-of-profile and traffic that has not been explicitly profiled at ingress (uncolored). The traffic explicitly profiled to in-profile is counted with the uncolored traffic.

The offered-limited-profile-cir mode allocates three forwarding plane offered counters and three traffic manager discard counters.

The offered-limited-profile-cir mode is most useful when the policer is receiving trusted out-of-profile (profile out but no profile in) traffic and untrusted packets are being applied to a defined CIR profiling rate. This mode does not prevent the policer from receiving trusted in-profile packets. If trusted in-profile packets are not being received, the offered-limited-profile-cir is preferred over offered-profile-cir because it uses a reduced number of stat resources.

This mode is intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 179.

Table 179:  Ingress Accounting Statistics Collected in offered-limited-profile-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Off. Uncolor

ucp

UncoloredPacketsOffered

uco

UncoloredOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-profile-capped-cir —
Counter resource allocation: 5

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when ingress reclassification is performed so that the traffic entering the policer comprises of hard in/out and uncolored. The offered counters cover traffic explicitly profiled to in-profile, traffic explicitly profiled to out-of-profile, and traffic that has not been explicitly profiled at ingress (uncolored).

When offered-profile-capped-cir is defined, the system creates five offered-output counters in the forwarding plane and five discard counters in the traffic manager.

The offered-profile-capped-cir mode is similar to the offered-profile-cir mode except that it includes support for profile in and soft-in-profile that may be output as ‘out-of-profile’ due to enabling profile-capped mode on the ingress policer.

The impact of using offered-profile-capped-cir stat-mode while profile-capped mode is disabled is that one of the counting resources in the forwarding plane and traffic manager will not be used.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 180.

Table 180:  Ingress Accounting Statistics Collected in offered-profile-capped-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Off. Uncolor

ucp

UncoloredPacketsOffered

uco

UncoloredOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-limited-capped-cir —
Counter resource allocation: 4

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when ingress reclassification is performed resulting in the traffic entering the policer comprising of hard in/out and uncolored. The offered counters cover in-profile traffic and traffic that has not been explicitly profiled at ingress (uncolored). The traffic explicitly profiled to out-of-profile is counted with the uncolored traffic.

offered-limited-capped-cir is defined, the system creates four forwarding plane offered-output counters in the network processor and four discard counters in the traffic manager.

The offered-limited-capped-cir mode is similar to the offered-profile-capped-cir mode except that it combines soft in-profile with profile in (InProf) and profile out (OutProf) with soft-out-of-profile (Uncolor) and eliminates the 'offered undefined' statistic. If trusted out-of-profile packets are not being received, the offered-limited-capped-cir is preferred over offered-profile-capped-cir because it uses a reduced number of stat resources.

This mode is intended to be used with profile-capped configured within the policer.

The impact of using offered-limited-capped-cir stat-mode while profile-capped mode is disabled is that one of the counting resources in the forwarding plane and traffic manager will not be used.

The counters displayed in the show output and those collected when collect-stats is enabled (the actual fields collected depends on the record configured in the applied accounting policy) are described in Table 181.

Table 181:  Ingress Accounting Statistics Collected in offered-limited-capped-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. Uncolor

ucp

UncoloredPacketsOffered

uco

UncoloredOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

stat-mode

Syntax 
stat-mode {no-stats |minimal |offered-profile-no-cir |offered-profile-cir |offered-total-cir |offered-limited-capped-cir |offered-profile-capped-cir |offered-total-cir-exceed |offered-four-profile-no-cir |offered-total-cir-four-profile}
no stat mode
Context 
[Tree] (cfg>qos>qgrps>egr>qgrp>policer stat-mode)
Full Contexts 
configure qos queue-group-templates egress queue-group policer stat-mode
Description 

The sap-egress QoS policy's policer stat-mode command is used to configure the forwarding plane counters that allow offered, forwarded, and dropped accounting to occur for the policer. An egress policer has multiple types of offered packets (soft in-profile and out-of-profile from ingress and hard in-profile, out-of-profile, and exceed-profile due to egress profile overrides) and each of these offered types is interacting with the policer’s metering and profiling functions resulting in colored output packets (green, yellow, and red). Due to the potential large number of egress policers, it is not economical to allocate counters in the forwarding plane for all possible offered packet types and output conditions. Many policers, for example, will not be configured with a CIR profiling rate and not all policers will receive explicitly reprofiled offered packets. The stat-mode command allows provisioning of the number of counters each policer requires and how the offered packet types and output conditions should be mapped to the counters.

While a no-stats mode is supported that prevents any packet accounting, the use of the policer's parent command requires that the policer’s stat-mode to be set at least to the minimal setting so that offered stats are available for the policer’s Fair Information Rate (FIR) to be calculated. When a policer has been made a child to a parent policer, the stat-mode cannot be changed to no-stats unless the policer parenting is first removed.

Each time the policer's stat-mode is changed, any previous counter values are lost and any new counters are set to zero.

Each mode uses a certain number of counters per policer instance that are allocated from the forwarding plane's policer counter resources. The total/allocated/free stats can be viewed by using the tools dump resource-usage card fp command. If insufficient counters exist to implement a mode on any policer instance, the stat-mode change will fail and the previous mode will continue unaffected for all instances of the policer.

The ingress policer stat-modes are described in Table 182.

Table 182:   Egress Policer Stat Mode Summary

Stat Mode

Stat Resources

Traffic Counters (Packet/Octets)

Comments

Offered

Dropped/Forwarded

no-stats

0

None

None

Minimal

1

Single counter entering policer

Single counter for dropped/forwarded exiting policer

offered-profile-no-cir

2

In/out entering policer

In/out entering policer

Intended for when the policer does not change the profile of packets. Includes only in- and out-of-profile.

offered-profile-cir

4

In/out/uncolored (that corresponds to in- or out-of-profile from the ingress processing) entering policer

In/out exiting policer

Intended for when the policer can change the profile of packets to in- and out-of-profile.

offered-total-cir

2

Single counter entering policer

In/out exiting policer

offered-limited-capped-cir

4

In/out entering policer

In/out exiting policer

Intended for when the policer has profile-capped configured. The information is limited compared to offered-profile-capped-cir with the benefit of using one less stat resource.

offered-profile-capped-cir

5

In/out/uncolored (that corresponds to in- or out-of-profile from the ingress processing) entering policer

In/out exiting policer

Intended for when the policer has profile-capped configured.

offered-total-cir-exceed

3

Single counter entering policer

In/out/exceed exiting policer

Intended for when the policer is configured with enable-exceed-pir to forward packets that exceed its configured PIR or when traffic is egress reclassified to profile exceed.

offered-four-profile-no-cir

4

Inplus/in/out/exceed entering policer

Inplus/in/out/exceed entering policer

Intended to be used when the policer does not change the profile of the packets and traffic is egress reclassified to profile inplus and/or exceed.

offered-total-cir-four-profile

4

Single counter entering policer

Inplus/in/out/exceed exiting

policer

Intended to be used when the policer can change the profile of the packet and traffic is egress reclassified to profile inplus.

The default stat-mode when a policer is created within the policy is minimal.

The stat-mode setting defined for the policer in the QoS policy may be overridden on an sla-profile or SAP where the policy is applied. If insufficient policer counter resources exist to implement the override, the stat-mode override command will fail. The previous stat-mode setting active for the policer will continue to be used by the policer.

The no form of this command attempts to return the policer’s stat-mode setting to minimal. The command will fail if insufficient policer counter resources exist to implement minimal where the QoS policer is currently applied and has a forwarding class mapping.

Parameters 
no-stats—
Counter resource allocation: 0

The policer does not have any forwarding plane counters allocated and cannot provide offered, discard, and forward statistics. A policer using no-stats cannot be a child to a parent policer and the policer’s parent command will fail.

When collect-stats is enabled, no statistics are generated.

minimal—
Counter resource allocation: 1

This stat-mode provides the minimal accounting resource usage and counter information, and includes only the total offered, dropped and forwarded packet and octet counters for traffic entering (offered) and exiting (dropped/forwarded) the policer.

The default stat-mode for a policer is minimal. The minimal mode allocates one forwarding plane offered counter and one traffic manager discard counter. The forwarding counter is derived by subtracting the discard counter from the offered counter. The counters do not differentiate possible offered types and do not count different profile output. This does not prevent the policer from supporting different offered packet types and does not prevent the policer from supporting a CIR rate or using exceed PIR.

The counters displayed in the show output and those collected when collect-stats is enabled are described in Table 183 (the actual fields collected depends on the record configured in the applied accounting policy).

Table 183:  Egress Accounting Statistics Collected in minimal stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. All

apo

AllPacketsOffered

aoo

AllOctetsOffered

Dro. All

apd

AllPacketsDropped

aod

AllOctetsDropped

For. All

apf

AllPacketsForwarded

aof

AllOctetsForwarded

offered-profile-no-cir —
Counter resource allocation: 2

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering the policer. inplus-profile traffic is counted with the in-profile counters and exceed-profile traffic is counted with the out-of-of profile counters.

The offered-profile-no-cir mode allocates two forwarding plane offered counters and two traffic manager discard counters.

The offered-profile-no-cir mode is most useful when profile-based offered, dropped and forwarded statistics are required from the egress policer, but a CIR or enable-exceed-pir is not being used to recolor the soft in-profile and out-of-profile packets. This mode does not prevent the policer from being configured with a CIR rate or using enable-exceed-pir.

This mode is intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer.

The counters displayed in the show output and those collected when collect-stats is enabled are described in Table 184 (the actual fields collected depends on the record configured in the applied accounting policy).

Table 184:  Egress Accounting Statistics Collected in offered-profile-no-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-profile-cir —
Counter resource allocation: 4

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when egress reclassification is performed so that the traffic entering the policer comprises of hard inplus/in/out/exceed and soft in/out. The offered counters cover traffic reclassified to in-profile (that includes traffic reclassified to inplus-profile), traffic reclassified to out-of-profile (that includes traffic reclassified to exceed-profile), and traffic that has not been reclassified at egress (Uncolor). In the dropped and forwarded counters, inplus-profile traffic is counted with the in-profile counter and exceed-profile traffic is counted with the out-of-profile counter.

The offered-profile-cir mode allocates four forwarding plane offered counters and four traffic manager discard counters.

The offered-profile-cir mode is most useful when profile-based offered, dropped and forwarded stats are required from the egress policer and a CIR rate is being used to recolor the soft in-profile and out-of-profile packets.

This mode is intended to be used without profile-capped or enable-exceed-pir configured within the policer as these could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled are described in Table 185 (the actual fields collected depends on the record configured in the applied accounting policy).

Table 185:  Egress Accounting Statistics Collected in offered-profile-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Off. Uncolor

ucp

UncoloredPacketsOffered

uco

UncoloredOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-total-cir—
Counter resource allocation: 2

This stat-mode provides offered, dropped, and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer. All offered traffic is provided in a single counter. In the dropped and forwarded counters, inplus-profile traffic is counted with the in-profile counter and exceed-profile traffic is counted with the out-of-profile counter.

The offered-total-cir mode allocates two forwarding plane offered counters and two traffic manager discard counters.

The offered-total-cir mode is most useful when the policer is not receiving trusted in-profile or out-of-profile traffic and both high- and low-priority classifications are not being used on the untrusted packets and the offered packets are being applied to a defined CIR profiling rate. This mode does not prevent the policer from receiving trusted in-profile or out-of-profile packets and does not prevent the use of priority high or low classifications on the untrusted packets.

This mode is intended to be used without profile-capped or enable-exceed-pir configured within the policer as these could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled are described in Table 186 (the actual fields collected depends on the record configured in the applied accounting policy).

Table 186:  Egress Accounting Statistics Collected in offered-total-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. All

apo

AllPacketsOffered

aoo

AllOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-limited-capped-cir —
Counter resource allocation: 4

This stat-mode provides offered, dropped and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when egress reclassification is performed so that the traffic entering the policer comprises of hard inplus/in/out/exceed and soft in/out. The offered counters cover in-profile traffic (that includes traffic reclassified to inplus-profile) and out-of-profile traffic (that includes traffic reclassified to exceed-profile). In the dropped and forwarded counters, inplus-profile traffic is counted with the in-profile counter and exceed-profile traffic is counted with the out-of-profile counter.

When offered-limited-capped-cir is defined, the system creates four forwarding plane offered-output counters in the network processor and three discard counters in the traffic manager.

The offered-limited-capped-cir mode is similar to the offered-profile-capped-cir mode except that it combines soft-in-profile with profile in and soft-out-of-profile with profile out and eliminates the offered-undefined statistic.

The impact of using offered-limited-capped-cir stat-mode while profile-capped mode is disabled is that one of the counting resources in the forwarding plane and traffic manager will not be used and soft-in-profile will be treated as offered-in instead of offered-undefined.

This mode is intended to be used with profile-capped configured within the policer but without enable-exceed-pir configured as this could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled are described in Table 187 (the actual fields collected depends on the record configured in the applied accounting policy).

Table 187:  Egress Accounting Statistics Collected in offered-limited-capped-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-profile-capped-cir —
Counter resource allocation: 5

This stat-mode provides offered, dropped, and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer when egress reclassification is performed so that the traffic entering the policer is comprised of hard inplus, hard in, hard out, and hard exceed, as well as soft in and soft out. The offered counters cover traffic reclassified to in-profile (that includes traffic reclassified to inplus-profile), traffic reclassified to out-of-profile (that includes traffic reclassified to exceed-profile), and traffic that has not been reclassified at egress (uncolor). In the dropped and forwarded counters, inplus-profile traffic is counted with the in-profile counter and exceed-profile traffic is counted with the out-of-profile counter.

When offered-profile-capped-cir is defined, the system creates five offered-output counters in the forwarding plane and five discard counters in the traffic manager.

The offered-profile-capped-cir mode is similar to the offered-profile-cir mode except that it includes support for profile inplus, profile in, and soft-in-profile that may be output as out-of-profile due to enabling profile-capped mode on the ingress policer.

The impact of using offered-profile-capped-cir stat-mode while profile-capped mode is disabled is that one of the counting resources in the forwarding plane and traffic manager will not be used and soft-in-profile will be treated as offered-in (hard in-profile) instead of offered-undefined (uncolored).

This mode is intended to be used with profile-capped configured within the policer but without enable-exceed-pir configured as this could cause the traffic profile to be modified by the policer in a way that is not accounted for in the statistics.

The counters displayed in the show output and those collected when collect-stats is enabled are described in Table 188 (the actual fields collected depends on the record configured in the applied accounting policy).

Table 188:  Egress Accounting Statistics Collected in offered-profile-capped-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Off. Uncolor

ucp

UncoloredPacketsOffered

uco

UncoloredOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

offered-total-cir-exceed —
Counter resource allocation: 3

This stat-mode provides offered, dropped, and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer. All offered traffic is provided in a single counter. In the dropped and forwarded counters, inplus-profile traffic is counted with the in-profile counter. The offered-total-cir-exceed mode allocates three forwarding plane offered counters and three traffic manager discard counters.

The offered-total-cir-exceed mode is similar to the offered-total-cir mode except that it includes support for forwarded and dropped counters for profile exceed.

This mode is intended to be used when the policer is configured with enable-exceed-pir to forward packets that exceed its configured PIR or when traffic is egress reclassified to profile exceed. The mode gives the forwarded and dropped counters per profile (in, out, exceed). It is also intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer. This stat-mode is not supported for dynamic policers.

The counters displayed in the show output and those collected when collect-stats is enabled are described in Table 189 (the actual fields collected depends on the record configured in the applied accounting policy).

Table 189:  Egress Accounting Statistics Collected in offered-total-cir-exceed stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. All

apo

AllPacketsOffered

aoo

AllOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

Dro. ExcProf

xpd

ExceedProfilePktsDropped

xod

ExceedProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

For. ExcProf

xpf

ExceedProfilePktsForwarded

xof

ExceedProfileOctetsForwarded

offered-four-profile-no-cir —
Counter resource allocation: 4

This stat-mode provides offered, dropped, and forwarded packet and octet counters corresponding to the profile of traffic entering the policer. Offered, dropped, and forwarded counters are provided for inplus-profile, in-profile, out-of-profile, and exceed-profile traffic.

The offered-four-profile-no-cir mode allocates four forwarding plane offered counters and four traffic manager discard counters.

The offered-four-profile-no-cir mode is similar to the offered-profile-no-cir mode except that it includes support for offered, dropped and forwarded counters for both profile inplus and profile exceed.

This mode is intended to be used when traffic is egress reclassified to profile inplus and/or exceed. It is also intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer. This stat-mode is not supported for dynamic policers.

The counters displayed in the show output and those collected when collect-stats is enabled are described in Table 190 (the actual fields collected depends on the record configured in the applied accounting policy).

Table 190:  Egress Accounting Statistics Collected in offered-four-profile-no-cir stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. InProf

ipo

InProfilePacketsOffered

ioo

InProfileOctetsOffered

Off. OutProf

opo

OutOfProfilePacketsOffered

ooo

OutOfProfileOctetsOffered

Off. ExcProf

xpo

ExceedProfilePacketsOffered

xoo

ExceedProfileOctetsOffered

Off. InplusProf

ppo

InplusProfilePacketsOffered

poo

InplusProfileOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

Dro. ExcProf

xpd

ExceedProfilePktsDropped

xod

ExceedProfileOctetsDropped

Dro. InplusProf

ppd

InplusProfilePktsDropped

pod

InplusProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

For. ExcProf

xpf

ExceedProfilePktsForwarded

xof

ExceedProfileOctetsForwarded

For. InplusProf

ppf

InplusProfilePktsForwarded

pof

InplusProfileOctetsForwarded

offered-total-cir-four-profile —
Counter resource allocation: 4

This stat-mode provides offered, dropped, and forwarded packet and octet counters corresponding to the profile of traffic entering (offered) and exiting (dropped/forwarded) the policer. All offered traffic is provided in a single counter. There is a separate dropped and forwarded counter for inplus, in, out, and exceed-profile traffic.

The offered-total-cir-four-profile mode allocates four forwarding plane offered counters and four traffic manager discard counters.

The offered-total-cir-four-profile mode is similar to the offered-total-cir except that it includes support for forwarded and dropped counters for both inplus-profile and exceed-profile.

This mode is intended to be used when traffic is egress reclassified to inplus-profile. It is also intended to be used without profile-capped configured within the policer as it could cause the traffic profile to be modified by the policer. This stat-mode is not supported for dynamic policers.

The counters displayed in the show output and those collected when collect-stats is enabled are described in Table 191 (the actual fields collected depends on the record configured in the applied accounting policy).

Table 191:  Egress Accounting Statistics Collected in offered-total-cir-four-profile stat-mode 

Show Output

Accounting Stats Collected

Field

Field Description

Off. All

apo

AllPacketsOffered

aoo

AllOctetsOffered

Dro. InProf

ipd

InProfilePacketsDropped

iod

InProfileOctetsDropped

Dro. OutProf

opd

OutOfProfilePacketsDropped

ood

OutOfProfileOctetsDropped

Dro. ExcProf

xpd

ExceedProfilePktsDropped

xod

ExceedProfileOctetsDropped

Dro. InprofProf

ppd

InplusProfilePktsDropped

pod

InplusProfileOctetsDropped

For. InProf

ipf

InProfilePacketsForwarded

iof

InProfileOctetsForwarded

For. OutProf

opf

OutOfProfilePacketsForwarded

oof

OutOfProfileOctetsForwarded

For. ExcProf

xpf

ExceedProfilePktsForwarded

xof

ExceedProfileOctetsForwarded

For. InplusProf

ppf

InplusProfilePktsForwarded

pof

InplusProfileOctetsForwarded

23.375. state

state

Syntax 
[no] state
Context 
[Tree] (config>subscr-mgmt>wlan-gw>ue-query state)
Full Contexts 
configure subscriber-mgmt wlan-gw ue-query state
Description 

This command enables matching on a specific UE state. Multiple states can be provisioned.

The no form of this command disables matching on the specified UE state (all UEs match).

state

Syntax 
state state
no state
Context 
[Tree] (config>router>policy-options>policy-statement>entry>from state)
Full Contexts 
configure router policy-options policy-statement entry from state
Description 

This command configures a match criteria on the state attribute. The state attribute carries the state of an SRRP instance and it can be applied to:

  1. subscriber-interface routes
  2. subscriber-management routes (/32 IPv4 and IPv6 PD wan-host)
  3. managed-routes (applicable only to IPv4).

Based on the state attribute of the route we can manipulate the route advertisement into the network.

We can enable or disable (in case there is no SRRP running) tracking of SRRP state by routes.

This is done on a per subscriber-interface route basis, where a subscriber-interface route is tracking a single SRRP instance state (SRRP instance might be in a Fate Sharing Group).

For subscriber-management and managed-routes, tracking is enabled per group interface under which SRRP is enabled.

Default 

no state

Parameters 
state—
The state attribute.
Values—
srrp-master, srrp-non-master, ipsec-master-with-peer, ipsec-non-master, ipsec-master-without-peer

srrp-master

Track routes with the state attribute carrying srrp-master state

srrp-non-master

Track routes with the state attribute carrying srrp-non-master state.

ipsec-master-with-peer

Track routes with the state attribute carrying ipsec-master-with-peer state.

ipsec-non-master

Track routes with the state attribute carrying ipsec-non-master state.

ipsec-master-without-peer

Track routes with the state attribute carrying ipsec-master-without-peer state.

 

23.376. state-change

state-change

Syntax 
[no] state-change
Context 
[Tree] (debug>dynsvc>scripts>event state-change)
[Tree] (debug>dynsvc>scripts>inst>event state-change)
[Tree] (debug>dynsvc>scripts>script>event state-change)
Full Contexts 
debug dynamic-services scripts event state-change
debug dynamic-services scripts instance event state-change
debug dynamic-services scripts script event state-change
Description 

This command enables/disables the generation of a specific dynamic data service script debugging event output: state-change.

state-change

Syntax 
[no] state-change
Context 
[Tree] (debug>vsd>scripts>event state-change)
[Tree] (debug>vsd>scripts>instance state-change)
Full Contexts 
debug vsd scripts event state-change
debug vsd scripts instance state-change
Description 

This command enables/disables the generation of a specific script debugging event output: state-change.

23.377. state-timer

state-timer

Syntax 
state-timer seconds [action action]
no state-timer
Context 
[Tree] (config>router>pcep>pcc state-timer)
Full Contexts 
configure router pcep pcc state-timer
Description 

This command configures the state timer for PCE-initiated LSPs. The state timer must be set to a value greater than the redelegation timer.

The no form of the command sets this value to the default.

Default 

state-timer 180 action remove

Parameters 
seconds—
Specifies the number of seconds before the state timer expires.
Values—
1 to 3600

 

action—
Specifies the actions that are taken on undelegated LSPs upon the state timer expiration.
Values—
remove, none

 

Default—
remove

23.378. stateful

stateful

Syntax 
[no] stateful
Context 
[Tree] (config>subscr-mgmt>rtr-adv-plcy>pfx-opt stateful)
Full Contexts 
configure subscriber-mgmt router-advertisement-policy prefix-options stateful
Description 

This command enables the configuration of RA options for stateful DHCP prefixes used by the subscriber host.

The no form of this command reverts to the default.

23.379. stateless

stateless

Syntax 
[no] stateless
Context 
[Tree] (config>subscr-mgmt>rtr-adv-plcy>pfx-opt stateless)
Full Contexts 
configure subscriber-mgmt router-advertisement-policy prefix-options stateless
Description 

This command enables the configuration of RA options for stateless SLAAC prefixes used by the subscriber host.

The no form of this command reverts to the default.

23.380. stateless-aps-switchover

stateless-aps-switchover

Syntax 
[no] stateless-aps-switchover
Context 
[Tree] (config>port>ml-bundle>mlppp stateless-aps-switchover)
Full Contexts 
configure port multilink-bundle mlppp stateless-aps-switchover
Description 

This command specifies whether the bundle will perform a stateful or a stateless APS switchover.

The value can be changed for APS bundle protection groups of type MLPPP.

A stateless switchover implies that PPP is re-negotiated on each member link after the switchover. PPP negotiations may take a few seconds to complete.

A stateful switchover implies that after an APS switchover the PPP state of the bundle will be restored based on the bpgrp bundle state before the switchover.

The state cannot be changed for normal MLPPP bundles (only applicable for bpgrps).

The no form of this command disables stateless APS switchover.

Default 

no stateless-aps-switchover

23.381. static

static

Syntax 
static
Context 
[Tree] (config>service>vpls>sap>igmp-snooping static)
[Tree] (config>service>vpls>spoke-sdp>igmp-snooping static)
[Tree] (config>service>vpls>mesh-sdp>igmp-snooping static)
[Tree] (config>service>vpls>sap>mld-snooping static)
[Tree] (config>service>vpls>spoke-sdp>mld-snooping static)
[Tree] (config>service>vpls>mesh-sdp>mld-snooping static)
Full Contexts 
configure service vpls mesh-sdp igmp-snooping static
configure service vpls mesh-sdp mld-snooping static
configure service vpls sap igmp-snooping static
configure service vpls sap mld-snooping static
configure service vpls spoke-sdp igmp-snooping static
configure service vpls spoke-sdp mld-snooping static
Description 

This command enables the context to configure static group addresses. Static group addresses can be configured on a SAP or SDP. When present, either as a (*, g) or a (s,g) entry, multicast packets matching the configuration are forwarded even if no join message was registered for the specific group.

static

Syntax 
static
Context 
[Tree] (config>subscr-mgmt>igmp-policy static)
[Tree] (config>subscr-mgmt>mld-policy static)
Full Contexts 
configure subscriber-mgmt igmp-policy static
configure subscriber-mgmt mld-policy static
Description 

This command enables the context to configure MLD static group membership parameters.

static

Syntax 
static ip-address ieee-address
no static ip-address
Context 
[Tree] (config>service>vpls>proxy-arp static)
Full Contexts 
configure service vpls proxy-arp static
Description 

This command configures static entries to be added to the table. A static MAC-IP entry requires the addition of the MAC address to the FDB as either learned or CStatic (conditional static MAC) in order to become active.

Parameters 
ip-address
Specifies the IPv4 address for the static entry.
ieee-address—
Specifies a 48-bit MAC address in the form xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx, where xx represents a hexadecimal number.

static

Syntax 
static ipv6-address ieee-address {host |router}
no static ipv6-address
Context 
[Tree] (config>service>vpls>proxy-nd static)
Full Contexts 
configure service vpls proxy-nd static
Description 

This command configures static entries to be added to the table. A static MAC-IP entry requires the addition of the MAC address to the FDB as either dynamic or CStatic (Conditional Static MAC) in order to become active. Along with the IPv6 and MAC, the entry must also be configured as either host or router. This will determine if the received NS for the entry will be replied with the R flag set to 1 (router) or 0 (host).

Parameters 
ipv6-address
Specifies the IPv6 address for the static entry.
ieee-address—
Specifies a 48-bit MAC address in the form xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx, where xx represents a hexadecimal number.
host—
Specifies that the entry is type “host”.
router—
Specifies that the entry is type “router”.

static

Syntax 
static
Context 
[Tree] (config>service>vprn>igmp>if static)
Full Contexts 
configure service vprn igmp interface static
Description 

This command tests forwarding on an interface without a receiver host. When enabled, data is forwarded to an interface without receiving membership reports from host members.

static

Syntax 
static
Context 
[Tree] (config>service>vprn>mld>if static)
Full Contexts 
configure service vprn mld interface static
Description 

This command tests multicast forwarding on an interface without a receiver host. When enabled, data is forwarded to an interface without receiving membership reports from host members.

static

Syntax 
static
Context 
[Tree] (config>service>vprn>pim>rp static)
Full Contexts 
configure service vprn pim rp static
Description 

This command enables access to the context to configure a static rendezvous point (RP) of a PIM-SM protocol instance.

static

Syntax 
static
Context 
[Tree] (config>router>igmp>if static)
Full Contexts 
configure router igmp interface static
Description 

This command tests multicast forwarding on an interface without a receiver host. When enabled, data is forwarded to an interface without receiving membership reports from host members.

static

Syntax 
static
Context 
[Tree] (config>router>igmp>tunnel-interface static)
Full Contexts 
configure router igmp tunnel-interface static
Description 

This command provides the context to configure static multicast receiver hosts on a tunnel interface associated with an RSVP P2MP LSP.

When enabled, data is forwarded to an interface without receiving membership reports from host members.

static

Syntax 
static
Context 
[Tree] (config>router>mld>if static)
Full Contexts 
configure router mld interface static
Description 

This command tests multicast forwarding on an interface without a receiver host. When enabled, data is forwarded to an interface without receiving membership reports from host members.

static

Syntax 
static
Context 
[Tree] (config>router>pim>rp static)
[Tree] (config>router>pim>rp>ipv6 static)
Full Contexts 
configure router pim rp ipv6 static
configure router pim rp static
Description 

This command enables the context to configure static Rendezvous Point (RP) addresses for a multicast group range.

Entries can be created or destroyed. If no IP addresses are configured in the config>router>pim>rp>static>address context, then the multicast group to RP mapping is derived from the RP-set messages received from the Bootstrap Router.

static

Syntax 
static microseconds
no static
Context 
[Tree] (config>router>if>if-attribute>delay static)
Full Contexts 
configure router interface if-attribute delay static
Description 

This command configures the unidirectional link delay. By default there is no configured delay, the link delay metric TLV is pruned in the IGP.

The no form of this command removes the configured unidirectional link delay.

Default 

no static

Parameters 
microseconds—
Specifies the unidirectional link delay in microseconds.
Values—
1 to 16777214

 

23.382. static-aa-sub

static-aa-sub

Syntax 
static-aa-sub transit-aasub-name
static-aa-sub transit-aasub-name app-profile app-profile-name [create]
no static-aa-sub transit-aasub-name
Context 
[Tree] (config>app-assure>group>transit-ip-policy static-aa-sub)
Full Contexts 
configure application-assurance group transit-ip-policy static-aa-sub
Description 

This command configures static transit aa-subs with a name and an app-profile. A new transit sub with both a name and an app-profile is configured with the create command. Static transit aa-sub must have an explicitly assigned app-profile. An existing transit sub can optionally be assigned a different app-profile, or this command can be used to enter the static-aa-sub context.

The no form of this command deletes the named static transit aa-sub from the configuration.

Parameters 
transit-aasub-name —
Specifies the name of a transit subscriber up to 32 characters in length.
app-profile-name—
Specifies the name of an existing application profile up to 32 characters in length.
create —
Keyword used to create a new app-profile entry.

static-aa-sub

Syntax 
static-aa-sub transit-aasub-name
static-aa-sub transit-aasub-name app-profile app-profile-name [create]
no static-aa-sub transit-aasub-name
Context 
[Tree] (config>app-assure>group>transit-prefix-policy static-aa-sub)
[Tree] (config>app-assure>group>transit-ip-policy>static static-aa-sub)
Full Contexts 
configure application-assurance group transit-ip-policy static static-aa-sub
configure application-assurance group transit-prefix-policy static-aa-sub
Description 

This command configures a static transit aa-sub with a name and an app-profile. A new transit sub with both a name and an app-profile is configured with the create command. Static transit aa-sub must have an explicitly assigned app-profile. An existing transit sub can optionally be assigned a different app-profile, or this command can be used to enter the static-aa-sub context.

The no form of this command deletes the named static transit aa-sub from the configuration.

Parameters 
transit-aasub-name—
Specifies a transit aasub-name up to 32 characters.
app-profile-name —
Specifies the name of an existing application profile up to 32 characters.
create —
Keyword used to create a new app-profile entry

23.383. static-address

static-address

Syntax 
[no] static-address {ip-address |ipv6-address}
Context 
[Tree] (config>app-assure>group>dns-ip-cache>ip-cache static-address)
Full Contexts 
configure application-assurance group dns-ip-cache ip-cache static-address
Description 

This command configures a static address in the cache.

Parameters 
ip-address |ipv6-address—
Specifies a character string up to 64 characters.

23.384. static-arp

static-arp

Syntax 
static-arp ieee-mac-address unnumbered
static-arp ip-address ieee-mac-address
no static-arp [ieee-mac-address] unnumbered
no static-arp ip-address [ieee-mac-address]
Context 
[Tree] (config>service>ies>if static-arp)
[Tree] (config>service>vprn>if static-arp)
Full Contexts 
configure service ies interface static-arp
configure service vprn interface static-arp
Description 

This command configures a static address resolution protocol (ARP) entry associating a subscriber IP address with a MAC address for the core router instance. This static ARP appears in the core routing ARP table. A static ARP can only be configured if it exists on the network attached to the IP interface.

If an entry for a particular IP address already exists and a new MAC address is configured for the IP address, the existing MAC address will be replaced with the new MAC address.

The no form of this command removes a static ARP entry.

Parameters 
ip-address—
Specifies the IP address for the static ARP in IP address dotted decimal notation.
ieee-mac-address —
Specifies the 48-bit MAC address for the static ARP in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff, where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses.
unnumbered
Specifies the static ARP MAC for an unnumbered interface. Unnumbered interfaces support dynamic ARP. Once this command is configured, it overrides any dynamic ARP.

static-arp

Syntax 
static-arp ieee-mac-address unnumbered
static-arp ip-address ieee-mac-address
no static-arp [ieee-mac-address] unnumbered
no static-arp ip-address [ieee-mac-address]
Context 
[Tree] (config>service>vprn>if static-arp)
Full Contexts 
configure service vprn interface static-arp
Description 

This command configures a static address resolution protocol (ARP) entry associating a subscriber IP address with a MAC address for the core router instance. This static ARP will appear in the core routing ARP table. A static ARP can only be configured if it exists on the network attached to the IP interface. If an entry for a particular IP address already exists and a new MAC address is configured for the IP address, the existing MAC address will be replaced with the new MAC address.

The no form of this command removes a static ARP entry.

Parameters 
ip-address—
Specifies the IP address for the static ARP in IP address dotted decimal notation.
ieee-mac-address—
Specifies the 48-bit MAC address for the static ARP in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses.
unnumbered
Specifies the static ARP MAC for an unnumbered interface. Unnumbered interfaces support dynamic ARP. Once this command is configured, it overrides any dynamic ARP.

static-arp

Syntax 
static-arp ieee-mac-addr unnumbered
static-arp ip-address ieee-mac-address
no static-arp [ieee-mac-addr] unnumbered
no static-arp ip-address [ieee-mac-address]
Context 
[Tree] (config>service>vpls>interface static-arp)
Full Contexts 
configure service vpls interface static-arp
Description 

This command configures a static address resolution protocol (ARP) entry associating a subscriber IP address with a MAC address for the core router instance. A static ARP can only be configured if it exists on the network attached to the IP interface.

If an entry for a particular IP address already exists and a new MAC address is configured for the IP address, the existing MAC address will be replaced with the new MAC address.

The no form of this command removes a static ARP entry.

Parameters 
ip-address—
Specifies the IP address for the static ARP in dotted decimal notation
ieee-mac-address —
Specifies the 48-bit MAC address for the static ARP in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses.
unnumbered
Specifies the static ARP MAC for an unnumbered interface. Unnumbered interfaces support dynamic ARP. Once this command is configured, it overrides any dynamic ARP.

static-arp

Syntax 
static-arp ip-address ieee-mac-address
no static-arp ip-address
Context 
[Tree] (config>service>vprn>nw-if static-arp)
Full Contexts 
configure service vprn network-interface static-arp
Description 

This command configures a static address resolution protocol (ARP) entry associating a subscriber IP address with a MAC address for the core router instance. This static ARP will appear in the core routing ARP table. A static ARP can only be configured if it exists on the network attached to the IP interface. If an entry for a particular IP address already exists and a new MAC address is configured for the IP address, the existing MAC address will be replaced with the new MAC address.

The no form of this command removes a static ARP entry.

Parameters 
ip-address—
Specifies the IP address for the static ARP in IP address dotted decimal notation.
ieee-mac-address—
Specifies the 48-bit MAC address for the static ARP in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses.

static-arp

Syntax 
static-arp ip-address ieee-address
no static-arp ip-address
static-arp ieee-address unnumbered
no static-arp unnumbered
Context 
[Tree] (config>router>if static-arp)
Full Contexts 
configure router interface static-arp
Description 

This command configures a static Address Resolution Protocol (ARP) entry associating an IP address with a MAC address for the core router instance. This static ARP appears in the core routing ARP table. A static ARP can only be configured if it exists on the network attached to the IP interface.

If an entry for a specific IP address already exists and a new MAC address is configured for the IP address, the existing MAC address is replaced by the new MAC address.

The number of static-arp entries that can be configured on a single node is limited to 1000.

Static ARP is used when a router needs to know about a device on an interface that cannot or does not respond to ARP requests. Therefore, the router configuration can state that if it has a packet that has a certain IP address to send it to the corresponding ARP address. Use proxy ARP so the router responds to ARP requests on behalf of another device.

The no form of this command removes a static ARP entry.

Parameters 
ieee-address—
Specifies the 48-bit MAC address for the static ARP in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff, where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses.
unnumbered—
Specifies the static ARP MAC for an unnumbered interface. Unnumbered interfaces support dynamic ARP. Once this command is configured, it overrides any dynamic ARP.

23.385. static-cak

static-cak

Syntax 
[no] static-cak
Context 
[Tree] (config>macsec>connectivity-association static-cak)
Full Contexts 
configure macsec connectivity-association static-cak
Description 

This command allows the configuration of a Connectivity Association Key (CAK). The CAK is responsible for managing the MKA.

23.386. static-entry

static-entry

Syntax 
static-entry ip-prefix/ip-prefix-length upto prefix-length2 origin-as as-number [{valid |invalid}]
no static-entry ip-prefix/ip-prefix-length upto prefix-length2 origin-as as-number
Context 
[Tree] (config>router>origin-validation static-entry)
Full Contexts 
configure router origin-validation static-entry
Description 

This command configures a static VRP entry indicating that a specific origin AS is either valid or invalid for a specific IP prefix range. Static VRP entries are stored along with dynamic VRP entries (learned from local cache servers using the RPKI-Router protocol) in the origin validation database of the router. This database is used for determining the origin-validation state of IPv4 and/or IPv6 BGP routes received over sessions with the enable-origin-validation command configured.

Static entries can only be configured under the config>router>origin-validation context of the base router.

Parameters 
ip-prefix/ip-prefix-length —
Specifies an IPv4 or IPv6 address with a minimum prefix length value.
Values—
60 to 3600

 

prefix-length2 —
Specifies the maximum prefix length.
Values—
1 to 128

 

as-number —
Specifies as-number.
Values—
0 to 4294967295

 

valid —
Specifies a keyword meaning the static entry expresses a valid combination of origin AS and prefix range.
invalid —
Specifies a keyword meaning the static entry expresses an invalid combination of origin AS and prefix range.

23.387. static-host

static-host

Syntax 
static-host ip ip-prefix[/prefix-length] [mac ieee-address] [create]
no static-host ip ip-prefix[/prefix-length] [mac ieee-address]
no static-host all [force]
no static-host ip ip-prefix[/prefix-length]
Context 
[Tree] (config>service>ies>sub-if>grp-if>sap static-host)
[Tree] (config>service>vprn>sub-if>grp-if>sap static-host)
Full Contexts 
configure service ies subscriber-interface group-interface sap static-host
configure service vprn subscriber-interface group-interface sap static-host
Description 

This command creates a static subscriber host for the SAP. Static subscriber hosts may be used by the system for various purposes. Applications within the system that make use of static host entries include anti-spoof, ARP reply agent and source MAC population into the VPLS forwarding database.

Multiple static hosts may be defined on the SAP. Each host is identified by either a source IP address, a source MAC address or both a source IP and source MAC address. Every static host definition must have at least one address defined, IP or MAC.

Static hosts can exist on the SAP even with anti-spoof and ARP reply agent features disabled. When enabled, each feature has different requirements for static hosts.

The no form of this command removes a static entry from the system. The specified ip-address and mac-address must match the host’s exact IP and MAC addresses as defined when it was created. When a static host is removed from the SAP, the corresponding anti-spoof filter entry and/or FDB entry is also removed.

Parameters 
ip-prefix[/prefix-length
Specifies information for the specified IP address and mask.
mac-address
Specifies a MAC address. The MAC address must be specified for anti-spoof mac, and anti-spoof ip-mac and arp-reply-agent (arp-reply-agent is supported by the 7450 ESS only). Multiple static hosts may be configured with the same MAC address given that each definition is distinguished by a unique IP address.

Every static host definition must have at least one address defined, IP or MAC.

force—
Specifies the forced removal of the static host addresses.
create—
Keyword used to create the static host instance. The create keyword requirement can be enabled or disabled in the environment>create context.

static-host

Syntax 
static-host ip ip-address [mac ieee-address] [create]
static-host mac ieee-address [create]
no static-host ip ip-address mac ieee-address
no static-host all [force]
no static-host ip ip-address
Context 
[Tree] (config>service>ies>if>sap static-host)
[Tree] (config>service>vpls>sap static-host)
[Tree] (config>service>vprn>if>sap static-host)
Full Contexts 
configure service ies interface sap static-host
configure service vpls sap static-host
configure service vprn interface sap static-host
Description 

This command creates a static subscriber host for the SAP. Static subscriber hosts may be used by the system for various purposes. Applications within the system that make use of static host entries include anti-spoof, ARP reply agent and source MAC population into the VPLS forwarding database.

Multiple static hosts may be defined on the SAP. Each host is identified by either a source IP address, a source MAC address or both a source IP and source MAC address. Every static host definition must have at least one address defined, IP or MAC.

Static hosts can exist on the SAP even with anti-spoof and ARP reply agent features disabled. When enabled, each feature has different requirements for static hosts.

The no form of this command removes a static entry from the system. The specified ip-address and mac-address must match the host’s exact IP and MAC addresses as defined when it was created. When a static host is removed from the SAP, the corresponding anti-spoof filter entry and/or FDB entry is also removed.

Parameters 
ip-address
Specify this optional parameter when defining a static host. The IP address must be specified for anti-spoof ip, anti-spoof ip-mac and arp-reply-agent (arp-reply-agent is supported by the 7450 ESS only). Only one static host may be configured on the SAP with a given IP address.
mac-address
Specify this optional parameter when defining a static host. The MAC address must be specified for anti-spoof mac, and anti-spoof ip-mac and arp-reply-agent (arp-reply-agent is supported by the 7450 ESS only). Multiple static hosts may be configured with the same MAC address given that each definition is distinguished by a unique IP address.

Every static host definition must have at least one address defined, IP or MAC.

force—
Specifies the forced removal of the static host addresses.
create—
Keyword used to create the static host instance. The create keyword requirement can be enabled or disabled in the environment>create context.

static-host

Syntax 
static-host ip ip-address [mac ieee-address] [create]
static-host mac ieee-address [create]
no static-host [ip ip-address>] mac ieee-address>
no static-host all [force]
no static-host ip ip-address
Context 
[Tree] (config>service>vprn>if>sap static-host)
Full Contexts 
configure service vprn interface sap static-host
Description 

This command configures a static host on this SAP.

Parameters 
ip ip-address
Specifies the IPv4 unicast address.
mac ieee-address —
Specifies this optional parameter when defining a static host. Every static host definition must have at least one address defined, IP or MAC.
force—
Specifies the forced removal of the static host addresses.

sla-profile sla-profile-name

This optional parameter is used to specify an existing SLA profile name to be associated with the static subscriber host. The SLA profile is configured in the config>subscr-mgmt>sla-profile context.

23.388. static-host-mgmt

static-host-mgmt

Syntax 
static-host-mgmt
Context 
[Tree] (config>service>ies>sub-if>grp-if>sap static-host-mgmt)
[Tree] (config>service>vprn>sub-if>grp-if>sap static-host-mgmt)
Full Contexts 
configure service ies subscriber-interface group-interface sap static-host-mgmt
configure service vprn subscriber-interface group-interface sap static-host-mgmt
Description 

This command enables the context to configure common parameters for static hosts.

23.389. static-isid

static-isid

Syntax 
static-isid
Context 
[Tree] (config>service>vpls>sap static-isid)
[Tree] (config>service>vpls>spoke-sdp static-isid)
Full Contexts 
configure service vpls sap static-isid
configure service vpls spoke-sdp static-isid
Description 

This command configures the static-isid context.

23.390. static-label-range

static-label-range

Syntax 
static-label-range static-range
no static-label-range
Context 
[Tree] (config>router>mpls-labels static-label-range)
Full Contexts 
configure router mpls-labels static-label-range
Description 

This command configures the range of MPLS static label values shared among static LSP, MPLS-TP LSP, and static service VC label. Once this range is configured, it is reserved and cannot be used by other protocols such as RSVP, LDP, BGP, or Segment Routing to assign a label dynamically.

Default 

static-label-range 18400

Parameters 
static-range—
Specifies the size of the static label range in number of labels. The minimum label value in the range is 32. The maximum label value is therefore computed as {32+ static-range-1}.
Values—
0 to 262112

 

Default—
18400

23.391. static-lsp

static-lsp

Syntax 
[no] static-lsp lsp-name
Context 
[Tree] (config>router>mpls static-lsp)
Full Contexts 
configure router mpls static-lsp
Description 

This command is used to configure a static LSP on the ingress router. The static LSP is a manually set up LSP where the nexthop IP address and the outgoing label (push) must be specified.

The no form of this command deletes this static LSP and associated information.

The LSP must be shutdown first in order to delete it. If the LSP is not shut down, the no static-lsp lsp-name command does nothing except generate a warning message on the console indicating that the LSP is administratively up.

Parameters 
lsp-name—
Specifies the name that identifies the LSP.
Values—
Up to 32 alphanumeric characters.

 

23.392. static-lsp-fast-retry

static-lsp-fast-retry

Syntax 
static-lsp-fast-retry seconds
no static-lsp-fast-retry
Context 
[Tree] (config>router>mpls static-lsp-fast-retry)
Full Contexts 
configure router mpls static-lsp-fast-retry
Description 

This command specifies the value used as the fast retry timer for a static LSP.

When a static LSP is trying to come up, the MPLS request for the ARP entry of the LSP next-hop may fail when it is made while the next-hop is still down or unavailable. In that case, MPLS starts a retry timer before making the next request. This enhancement allows the user to configure the retry timer, so that the LSP comes up as soon as the next-hop is up.

The no form of this command reverts to the default.

Default 

no static-lsp-fast-retry

Parameters 
seconds—
Specifies the value (in s), used as the fast retry timer for a static LSP.
Values—
1 to 30

 

23.393. static-mac

static-mac

Syntax 
static-mac ieee-mac-address [create]
no static-mac ieee-mac-address
Context 
[Tree] (config>service>vpls>sap static-mac)
[Tree] (config>service>vpls>mesh-sdp static-mac)
[Tree] (config>service>vpls>spoke-sdp static-mac)
Full Contexts 
configure service vpls mesh-sdp static-mac
configure service vpls sap static-mac
configure service vpls spoke-sdp static-mac
Description 

This command creates a remote static MAC entry in the Virtual Private LAN Service (VPLS) forwarding database (FDB) associated with the Service Distribution Point (SDP).

In a VPLS service, MAC addresses are associated with a Service Access Point (SAP) or with a Service Distribution Point (SDP). MACs associated with a SAP are classified as local MACs, and MACs associated with an SDP are remote MACs.

Local and remote static MAC entries create a permanent MAC address to SDP association in the forwarding database for the VPLS instance so that MAC address is not learned on the edge device.

Note:

Static MAC definitions on one edge device are not propagated to other edge devices participating in the VPLS instance, that is, each edge device has an independent forwarding database for the VPLS.

Only one static MAC entry (local or remote) can be defined per MAC address per VPLS instance.

By default, no static MAC address entries are defined for the SDP.

The no form of this command deletes the static MAC entry with the specified MAC address associated with the SDP from the VPLS forwarding database.

Parameters 
ieee-mac-address—
Specifies the 48-bit MAC address for the static ARP in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses.
create—
Keyword used to create the static MAC instance. The create keyword requirement can be enabled or disabled in the environment>create context.

static-mac

Syntax 
static-mac
Context 
[Tree] (config>service>vpls static-mac)
Full Contexts 
configure service vpls static-mac
Description 

A set of conditional static MAC addresses can be created within a VPLS supporting BGP-EVPN. Conditional Static Macs are also supported in B-VPLS with SPBs. Unless they are configured as black-hole, conditional Static Macs are dependent on the SAP/SDP state.

This command allows the assignment of a set of conditional Static MAC addresses to a SAP/ spoke-SDP or black-hole. In the FDB, the static MAC is then associated with the active SAP or spoke-SDP.

When configured in conjunction with SPBM services, Static MACs are used for PBB Epipe and I-VPLS services that may terminate external to SPBM. If this is configured under a Control B-VPLS the interface referenced will not use IS-IS for this neighbor. This may also be configured under a User B-VPLS where the corresponding interface is not supported under the Control B-VPLS.

Static MACs configured in a BGP-EVPN service are advertised as protected (EVPN will signal the MAC as protected).

static-mac

Syntax 
static-mac
Context 
[Tree] (config>service>vpls>interface static-mac)
Full Contexts 
configure service vpls interface static-mac
Description 

A set of conditional static MAC addresses can be created within a VPLS supporting bgp-evpn. Conditional static macs are also supported in B-VPLS with SPBM. Conditional Static MACs are dependent on the SAP/SDP state.

This command allows assignment of a set of conditional static MAC addresses to a SAP/ spoke-SDP. In the FDB, the static MAC is then associated with the active SAP or spoke-SDP.

Static MACs are used for PBB Epipe and I-VPLS services that may terminate external to SPBM. If this is configured under a Control B-VPLS the interface referenced will not use IS-IS for this neighbor. This may also be configured under a User B-VPLS where the corresponding interface is not supported under the Control B-VPLS.

Static MACs configured in a bgp-evpn service are advertised as protected (EVPN will signal the mac as protected).

static-mac

Syntax 
static-mac ieee-address [create]
no static-mac ieee-address
Context 
[Tree] (config>service>vpls>endpoint static-mac)
Full Contexts 
configure service vpls endpoint static-mac
Description 

This command assigns a static MAC address to the endpoint. In the FDB, the static MAC is then associated with the active spoke-SDP.

Parameters 
ieee-address—
Specifies the static MAC address to the endpoint
Values—
6-byte mac-address (xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx) Cannot be all zeros

 

create—
This keyword is mandatory while creating a static MAC

23.394. static-policer

static-policer

Syntax 
[no] static-policer policer-name [create]
Context 
[Tree] (config>sys>security>dist-cpu-protection>policy static-policer)
Full Contexts 
configure system security dist-cpu-protection policy static-policer
Description 

Configures a static enforcement policer that can be referenced by one or more protocols in the policy. Once this policer-name is referenced by a protocol, then this policer will be instantiated for each object (for example, a SAP or network interface) that is created and references this policy. If there is no policer resource available on the associated card or fp then the object is be blocked from being created. Multiple protocols can use the same static-policer.

Parameters 
policy-name—
Specifies the name of the policy, up to 32 characters.

23.395. static-policy

static-policy

Syntax 
[no] static-policy policy-name
Context 
[Tree] (config>service>vprn>mvpn>pt>inclusive>p2mp-sr static-policy)
[Tree] (config>service>vprn>mvpn>pt>selective>multistream-spmsi static-policy)
[Tree] (config>service>vprn>mvpn>pt>selective>p2mp-sr static-policy)
Full Contexts 
configure service vprn mvpn provider-tunnel inclusive p2mp-sr static-policy
configure service vprn mvpn provider-tunnel selective multistream-spmsi static-policy
configure service vprn mvpn provider-tunnel selective p2mp-sr static-policy
Description 

This command assigns the specified static policy to the MVPN tunnel.

The no form of this command removes the static policy from the MVPN tunnel.

Default 

no static-policy

Parameters 
policy-name—
Specifies the policy name, up to 32 characters.

static-policy

Syntax 
static-policy name [create]
no static-policy name
Context 
[Tree] (config>router>segment-routing>sr-policies static-policy)
Full Contexts 
configure router segment-routing sr-policies static-policy
Description 

This command creates a context to configure a segment routing policy. The resulting segment routing policy is targeted for local installation or propagation by BGP to another router.

The no form of this command deletes the statically defined segment routing policy.

Default 

no static-policy

Parameters 
name—
Specifies the name assigned to the statically defined segment routing policy, up to 64 characters.
create
Keyword used to create the policy.

23.396. static-remote-aa-sub

static-remote-aa-sub

Syntax 
static-remote-aa-sub transit-aasub-name
static-remote-aa-sub transit-aasub-name app-profile app-profile-name [create]
no static-remote-aa-sub transit-aasub-name
Context 
[Tree] (config>app-assure>group>transit-prefix-policy static-remote-aa-sub)
Full Contexts 
configure application-assurance group transit-prefix-policy static-remote-aa-sub
Description 

This command configures static remote transit aa-subs with a name and an app-profile. Remote transit subscribers are configured for sites on the opposite side of the system as the parent SAP/spoke- SDP. A new remote transit sub with both a name and an app-profile is configured with the create command. Static remote transit aa-subs must have an explicitly assigned app-profile. An existing remote transit sub can optionally be assigned a different app-profile.

The no form of this command removes the name from the transit prefix policy.

Parameters 
transit-aasub-name—
Specifies a transit aasub-name up to 32 characters.
app-profile-name —
Specifies the name of an existing application profile up to 32 characters.
create —
Keyword used to create a new app-profile entry.

23.397. static-route

static-route

Syntax 
[no] static-route route-name
Context 
[Tree] (config>service>pw-routing static-route)
Full Contexts 
configure service pw-routing static-route
Description 

This command configures a static route to a next hop S-PE or T-PE. Static routes may be configured on either S-PEs or T-PEs.

A default static route is entered as follows:

static-route 0:0:next_hop_ip_addresss

or

static-route 0:0.0.0.0:next_hop_ip_address

The no form of this command removes a previously configured static route.

Parameters 
route-name—
Specifies the static pseudowire route.
Values—

route-name

<global-id>:<prefix>:<next-hop-ip_addr>

global-id

0 to 4294967295

prefix

a.b.c.d | 0 to 4294967295

next-hop-ip_addr

a.b.c.d

 

static-route

Syntax 
[no] static-route ip-prefix/ip-prefix-length next-hop ip-address
Context 
[Tree] (bof static-route)
Full Contexts 
bof static-route
Description 

This command creates a static route entry for the CPM management Ethernet port in the running configuration and the Boot Option File (BOF).

This command allows manual configuration of static routing table entries. These static routes are only used by traffic generated by the CPM Ethernet port. To reduce configuration, manual address aggregation should be applied where possible.

A maximum of 10 static routes can be configured on the CPM port.

The no form of this command deletes the static route.

Default 

no static-route

Parameters 
ip-prefix/ip-prefix-length—
Specifies the destination address of the static route in dotted decimal notation.
Values—

ip-prefix/ip-prefix-length

ipv4-prefix

a.b.c.d (host bits must be 0)

ipv4-prefix-le

0 to 32

ipv6-prefix

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 to FFFF]H

d: [0to 255]D

ipv6-prefix-le

0 to128

ip-address

ipv4-address

a.b.c.d

ipv6-address

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 to FFFF]H

d: [0 to 255]D

Note:

IPv6 is applicable to the 7750 SR and 7950 XRS only.

 

mask—
Specifies the subnet mask, expressed as an integer or in dotted decimal notation.
Values—
1 to 32 (mask length), 128.0.0.0 to255.255.255.255 (dotted decimal)

 

ip-address
Specifies the next hop IP address used to reach the destination.

23.398. static-route-entry

static-route-entry

Syntax 
static-route-entry ip-prefix/prefix-length [mcast]
no static-route-entry ip-prefix/prefix-length [mcast]
Context 
[Tree] (config>service>vprn static-route-entry)
Full Contexts 
configure service vprn static-route-entry
Description 

This command creates a static route entry for both the network and access routes. A prefix and netmask must be specified.

Once the static route context for the specified prefix and netmask has been created, additional parameters associated with the static route(s) may be specified through the inclusion of additional static-route parameter commands.

The no form of this command deletes the static route entry. If a static route needs to be removed when multiple static routes exist to the same destination, then as many parameters to uniquely identify the static route must be entered.

IPv6 static routes are not supported on the 7450 ESS except in mixed mode.

Default 

No static routes are defined.

Parameters 
ip-prefix/prefix-length—
The destination address of the static route.
Values—
The following values apply to the 7750 SR and 7950 XRS:

ipv4-prefix

a.b.c.d (host bits must be 0)

ipv4-prefix-length

0 to 32

ipv6-prefix

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 to FFFF]H

d: [0 to 255]D

ipv6-prefix-length

0 to 128

 

Values—
The following values apply to the 7450 ESS:

ipv4-prefix

a.b.c.d (host bits must be 0)

ipv4-prefix-length

0 to 32

 

mcast—
Specifies that the associated static route should be populated in the associated VPRN multicast route table.

static-route-entry

Syntax 
no static-route-entry ip-prefix/prefix-length [mcast]
Context 
[Tree] (config>router static-route-entry)
Full Contexts 
configure router static-route-entry
Description 

This command creates a static route entry for both the network and access routes. A prefix and netmask must be specified.

Once the static route context for the specified prefix and netmask has been created, additional parameters associated with the static routes may be specified through the inclusion of additional static route parameter commands

The no form of this command deletes the static route entry. If a static route needs to be removed when multiple static routes exist to the same destination, then as many parameters to uniquely identify the static route must be entered

Default 

No static routes are defined.

Parameters 
ip-prefix/prefix-length—
Specifies the destination address of the static route.
Values—
The following values apply to the 7750 SR and 7950 XRS:

ipv4-prefix

a.b.c.d (host bits must be 0)

ipv4-prefix-length

0 to 32

ipv6-prefix

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x

[0 to FFFF]H

d

[0 to 255]D

ipv6-prefix-length

0 to 128

 

Values—
The following values apply to the 7450 ESS:

ipv4-prefix

a.b.c.d (host bits must be 0)

ipv4-prefix-length

0 to 32

 

ip-address—
Specifies the IP address of the IP interface. The ip-addr portion of the address command specifies the IP host address that will be used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted decimal notation.
Values—
The following values apply to the 7750 SR and 7950 XRS:

ipv4-address

a.b.c.d (host bits must be 0)

ipv6-address

x:x:x:x:x:x:x:x[-interface]

x:x:x:x:x:x:d.d.d.d[-interface]

x: [0..FFFF]H

d: [0..255]D

interface: 32 characters maximum, mandatory for link local addresses

 

Values—
The following value applies to the 7450 ESS:

ipv4-address

a.b.c.d (host bits must be 0)

 

mcast—
Indicates that static route being configured is used for multicast table only.

23.399. static-route-hold-down

static-route-hold-down

Syntax 
static-route-hold-down initial initial multiplier multiplier max-value max-value
no static-route-hold-down
Context 
[Tree] (config>router static-route-hold-down)
Full Contexts 
configure router static-route-hold-down
Description 

This command enables the hold down time feature globally for static routes in the system.

The no form of this command disables the hold down time feature globally for static routes in the system.

Default 

no static-route-hold-down

Parameters 
initial—
Specifies the initial value of the hold down time feature globally for static routes in the system.
Values—
1 to 65535

 

multiplier—
Specifies the multiplier value of the hold down time feature globally for static routes in the system.
Values—
1 to 10

 

max-value—
Specifies the maximum value of the hold down time feature globally for static routes in the system.
Values—
1 to 65535

 

23.400. static-sa

static-sa

Syntax 
static-sa sa-name [create]
no static-sa sa-name
Context 
[Tree] (config>ipsec static-sa)
Full Contexts 
configure ipsec static-sa
Description 

This command configures an IPsec static SA.

23.401. static-string

static-string

Syntax 
static-string static-string
no static-string
Context 
[Tree] (config>app-assure>group>http-enrich>field static-string)
Full Contexts 
configure application-assurance group http-enrich field static-string
Description 

This command configures an HTTP header enrichment template field static string.

The no form of this command removes the template field static string.

Default 

no static-string

Parameters 
static-string—
Specifies a static string.

23.402. static-tunnel-redundant-next-hop

static-tunnel-redundant-next-hop

Syntax 
static-tunnel-redundant-next-hop ip-address
no static-tunnel-redundant-next-hop
Context 
[Tree] (config>service>ies>if static-tunnel-redundant-next-hop)
[Tree] (config>service>vprn>if static-tunnel-redundant-next-hop)
Full Contexts 
configure service ies interface static-tunnel-redundant-next-hop
configure service vprn interface static-tunnel-redundant-next-hop
Description 

This command specifies redundant next-hop address on public or private IPsec interface (with public or private tunnel-sap) for static IPsec tunnel. The specified next-hop address will be used by standby node to shunt traffic to master in case of it receives them. Refer to the 7450 ESS, 7750 SR, and VSR Multiservice Integrated Service Adapter and Extended Services Appliance Guide for information about IPsec commands and descriptions.

The next-hop address will be resolved in routing table of corresponding service.

The no form of this command removes the address from the interface configuration.

Parameters 
ip-address—
Specifies the static ISA tunnel redundant next-hop address.

23.403. station

station

Syntax 
station station-name [create]
no station station-name
Context 
[Tree] (config>bmp station)
Full Contexts 
configure bmp station
Description 

The command configures the BMP monitoring station name.

The no form of this command removes the station name from the configuration.

Parameters 
station-name—
Specifies the station name of the BMP monitoring station up to 32 characters.
create—
Keyword used to create the station name. The create keyword requirement can be enabled or disabled in the environment>create context.

station

Syntax 
station all
station name [name]
no station
Context 
[Tree] (config>router>bgp>group>monitor station)
[Tree] (config>router>bgp>group>neighbor>monitor station)
[Tree] (config>router>bgp>monitor station)
[Tree] (config>service>vprn>bgp>group>monitor station)
[Tree] (config>service>vprn>bgp>group>neighbor>monitor station)
Full Contexts 
configure router bgp group monitor station
configure router bgp group neighbor monitor station
configure router bgp monitor station
configure service vprn bgp group monitor station
configure service vprn bgp group neighbor monitor station
Description 

This command configures the set of BMP monitoring stations for which BMP messages are to be sent, at the global BGP instance level, per group or for a particular neighbor.

Whatever value is configured for the station parameter at the most specific BGP hierarchy level is used.

  1. If a station list or the no station command is configured at a neighbor context, then that value is used.
  2. If no station command is configured at the neighbor context, the group value is used.
  3. If a station list or the no station command is configured at a group context, then that value is used.
  4. If no station command is configured at the group context, the global value is used.
  5. If a station list or the no station command is configured at the global context, then that value is used.
  6. If no station command is configured at the global context, then a no station is assumed.

The no form of this command disables sending BMP messages to BMP monitoring stations.

Parameters 
name—
Specifies up to eight station names up to 32 characters. Allowed values are any string up to 32 characters long composed of printable,7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
all—
Specifies all configured stations.

23.404. station-address

station-address

Syntax 
station-address ip-address |ipv6-address port port
no station-address
Context 
[Tree] (config>bmp>station>connection station-address)
Full Contexts 
configure bmp station connection station-address
Description 

This command configures the IP address and TCP port number of the remote BMP monitoring station. This is a mandatory parameter and must be configured before the associated station can transitioned out of the shut down state.

The no form of this command removes the configured station IP address and port number for the BMP session. The no station-address command cannot be accepted unless the BMP or station instance is shut down.

Parameters 
ip-address—
Specifies the station address expressed in dotted decimal notation. Allowed value is a valid routable IP address on the router, either an interface or system IP address.
Values—
ipv4-address:
  1. a.b.c.d (host bits must be 0)

 

ipv6-address—
Specifies the station address expressed in dotted decimal notation. Allowed value is a valid routable IPv6 address on the router, either an interface or system IPv6 address.
Values—
ipv6-address:
  1. x:x:x:x:x:x:x:x (eight 16-bit pieces)
  2. x:x:x:x:x:x:d.d.d.d
  3. x: [0 to FFFF]H
  4. d: [0 to 255]D

 

port—
Specifies the TCP (destination) port number to be used when establishing the connection to the associated BMP station.
Values—
1 to 65535

 

23.405. statistic

statistic

Syntax 
statistic type type name name
no statistic
Context 
[Tree] (debug>wlan-gw>group statistic)
Full Contexts 
debug wlan-gw group statistic
Description 

This command enables debugging of the specified statistic. The first packet that causes an increase of the specified statistic is shown in debug output. After the first packet, debugging of the counter is stopped.

Parameters 
type—
Displays the type of statistic to be debugged; for example, DHCP or RADIUS.
Values—
packet-errors, host-errors, bd-errors, forwarding, reassembly, aa, radius, arp, dhcp, dhcp6, icmp, icmp6

 

name
Specifies the name, up to 256 characters, of the statistic within that group. For a complete list, see the command show isa wlan-gw-group wlan-gw-group-id member member-id statistics.

23.406. statistics

statistics

Syntax 
statistics
Context 
[Tree] (config>app-assure>group statistics)
Full Contexts 
configure application-assurance group statistics
Description 

This command enables the context to configure accounting and billing statistics for this AA ISA group.

statistics

Syntax 
statistics
Context 
[Tree] (config>isa>aa-grp statistics)
Full Contexts 
configure isa application-assurance-group statistics
Description 

This command enables the context to configure statistics generation.

statistics

Syntax 
statistics [interval seconds] [repeat repeat] [absolute |rate]
Context 
[Tree] (monitor>router>isis statistics)
Full Contexts 
monitor router isis statistics
Description 

This command displays statistical IS-IS traffic information at the configured interval until the configured count is reached.

The first screen displays the current statistics related to the specified router statistics. The subsequent statistical information listed for each interval is displayed as a delta to the previous display. When the keyword rate is specified, the rate-per-second for each statistic is displayed instead of the delta.

Monitor commands are similar to show commands but only statistical information displays. Monitor commands display the selected statistics according to the configured number of times at the interval specified.

Parameters 
seconds
Configures the interval for each display in seconds.
Values—
3 to 60

 

Default—
10 seconds
repeat—
Configures how many times the command is repeated.
Values—
1 to 999

 

Default—
10
absolute—
Displays raw statistics, without processing. No calculations are performed on the delta or rate statistics.
rate—
Displays rate-per-second for each statistic instead of the delta.
Output 

The following output is an example of ISIS statistics.

Sample Output
A:ALA-12>monitor>router>isis# statistics interval 3 repeat 2 absolute
===============================================================================
ISIS Statistics
===============================================================================
At time t = 0 sec (Base Statistics)
-------------------------------------------------------------------------------
ISIS Instance     : 1                       SPF Runs       : 2
Purge Initiated   : 0                       LSP Regens.    : 11
 
CSPF Statistics
 
Requests          : 0                       Request Drops  : 0
Paths Found       : 0                       Paths Not Found: 0
-------------------------------------------------------------------------------
PDU Type   Received   Processed  Dropped    Sent       Retransmitted
-------------------------------------------------------------------------------
LSP        0          0          0          0          0
IIH        0          0          0          74         0
CSNP       0          0          0          0          0
PSNP       0          0          0          0          0
Unknown    0          0          0          0          0
-------------------------------------------------------------------------------
At time t = 3 sec (Mode: Absolute)
-------------------------------------------------------------------------------
ISIS Instance     : 1                       SPF Runs       : 2
Purge Initiated   : 0                       LSP Regens.    : 11
 
CSPF Statistics
 
Requests          : 0                       Request Drops  : 0
Paths Found       : 0                       Paths Not Found: 0
-------------------------------------------------------------------------------
PDU Type   Received   Processed  Dropped    Sent       Retransmitted
-------------------------------------------------------------------------------
LSP        0          0          0          0          0
IIH        0          0          0          74         0
CSNP       0          0          0          0          0
PSNP       0          0          0          0          0
Unknown    0          0          0          0          0
-------------------------------------------------------------------------------
At time t = 6 sec (Mode: Absolute)
-------------------------------------------------------------------------------
ISIS Instance     : 1                       SPF Runs       : 2
Purge Initiated   : 0                       LSP Regens.    : 11
 
CSPF Statistics
 
Requests          : 0                       Request Drops  : 0
Paths Found       : 0                       Paths Not Found: 0
-------------------------------------------------------------------------------
PDU Type   Received   Processed  Dropped    Sent       Retransmitted
-------------------------------------------------------------------------------
LSP        0          0          0          0          0
IIH        0          0          0          74         0
CSNP       0          0          0          0          0
PSNP       0          0          0          0          0
Unknown    0          0          0          0          0
===============================================================================
 
 
A:ALA-12>monitor>router>isis# statistics interval 3 repeat 2 rate
===============================================================================
ISIS Statistics
===============================================================================
At time t = 0 sec (Base Statistics)
-------------------------------------------------------------------------------
ISIS Instance     : 1                       SPF Runs       : 2
Purge Initiated   : 0                       LSP Regens.    : 11
 
CSPF Statistics
 
Requests          : 0                       Request Drops  : 0
Paths Found       : 0                       Paths Not Found: 0
-------------------------------------------------------------------------------
PDU Type   Received   Processed  Dropped    Sent       Retransmitted
-------------------------------------------------------------------------------
LSP        0          0          0          0          0
IIH        0          0          0          76         0
CSNP       0          0          0          0          0
PSNP       0          0          0          0          0
Unknown    0          0          0          0          0
-------------------------------------------------------------------------------
At time t = 3 sec (Mode: Rate)
-------------------------------------------------------------------------------
ISIS Instance     : 1                       SPF Runs       : 0
Purge Initiated   : 0                       LSP Regens.    : 0
 
CSPF Statistics
 
Requests          : 0                       Request Drops  : 0
Paths Found       : 0                       Paths Not Found: 0
-------------------------------------------------------------------------------
PDU Type   Received   Processed  Dropped    Sent       Retransmitted
-------------------------------------------------------------------------------
LSP        0          0          0          0          0
IIH        0          0          0          0          0
CSNP       0          0          0          0          0
PSNP       0          0          0          0          0
Unknown    0          0          0          0          0
-------------------------------------------------------------------------------
At time t = 6 sec (Mode: Rate)
-------------------------------------------------------------------------------
ISIS Instance     : 1                       SPF Runs       : 0
Purge Initiated   : 0                       LSP Regens.    : 0
 
CSPF Statistics
 
Requests          : 0                       Request Drops  : 0
Paths Found       : 0                       Paths Not Found: 0
-------------------------------------------------------------------------------
PDU Type   Received   Processed  Dropped    Sent       Retransmitted
-------------------------------------------------------------------------------
LSP        0          0          0          0          0
IIH        0          0          0          1          0
CSNP       0          0          0          0          0
PSNP       0          0          0          0          0
Unknown    0          0          0          0          0
===============================================================================
A:ALA-12>monitor>router>isis#

statistics

Syntax 
statistics [interval seconds] [repeat repeat] [absolute |rate]
Context 
[Tree] (monitor>router>ldp statistics)
Full Contexts 
monitor router ldp statistics
Description 

Monitor statistics for LDP instance at the configured interval until the configured count is reached.

The first screen displays the current statistics related to the LDP statistics. The subsequent statistical information listed for each interval is displayed as a delta to the previous display. When the keyword rate is specified, the rate-per-second for each statistic is displayed instead of the delta.

Monitor commands are similar to show commands but only statistical information displays. Monitor commands display the selected statistics according to the configured number of times at the interval specified.

Parameters 
seconds
Configures the interval for each display in seconds.
Values—
3 to 60

 

Default—
10 seconds
repeat—
Configures how many times the command is repeated.
Values—
1 to 999

 

Default—
10
absolute—
Displays raw statistics, without processing. No calculations are performed on the delta or rate statistics.
rate—
Displays rate-per-second for each statistic instead of the delta.
Output 

The following output is an example of LDP statistics information.

Sample Output
A:ALA-12>monitor>router>ldp# statistics interval 3 repeat 3 absolute
===============================================================================
Monitor statistics for LDP instance
===============================================================================
At time t = 0 sec (Base Statistics)
-------------------------------------------------------------------------------
Addr FECs Sent    : 0                    Addr FECs Recv     : 0
Serv FECs Sent    : 1                    Serv FECs Recv     : 2
-------------------------------------------------------------------------------
At time t = 3 sec (Mode: Absolute)
-------------------------------------------------------------------------------
Addr FECs Sent    : 0                    Addr FECs Recv     : 0
Serv FECs Sent    : 1                    Serv FECs Recv     : 2
-------------------------------------------------------------------------------
At time t = 6 sec (Mode: Absolute)
-------------------------------------------------------------------------------
Addr FECs Sent    : 0                    Addr FECs Recv     : 0
Serv FECs Sent    : 1                    Serv FECs Recv     : 2
-------------------------------------------------------------------------------
At time t = 9 sec (Mode: Absolute)
-------------------------------------------------------------------------------
Addr FECs Sent    : 0                    Addr FECs Recv     : 0
Serv FECs Sent    : 1                    Serv FECs Recv     : 2
===============================================================================
A:ALA-12>monitor>router>ldp#
 
 
A:ALA-12>monitor>router>ldp# statistics interval 3 repeat 3 rate
===============================================================================
Monitor statistics for LDP instance
===============================================================================
At time t = 0 sec (Base Statistics)
-------------------------------------------------------------------------------
Addr FECs Sent    : 0                    Addr FECs Recv     : 0
Serv FECs Sent    : 1                    Serv FECs Recv     : 2
-------------------------------------------------------------------------------
At time t = 3 sec (Mode: Rate)
-------------------------------------------------------------------------------
Addr FECs Sent    : 0                    Addr FECs Recv     : 0
Serv FECs Sent    : 0                    Serv FECs Recv     : 0
-------------------------------------------------------------------------------
At time t = 6 sec (Mode: Rate)
-------------------------------------------------------------------------------
Addr FECs Sent    : 0                    Addr FECs Recv     : 0
Serv FECs Sent    : 0                    Serv FECs Recv     : 0
-------------------------------------------------------------------------------
At time t = 9 sec (Mode: Rate)
-------------------------------------------------------------------------------
Addr FECs Sent    : 0                    Addr FECs Recv     : 0
Serv FECs Sent    : 0                    Serv FECs Recv     : 0
===============================================================================
A:ALA-12>monitor>router>ldp#

23.407. stats-collection

stats-collection

Syntax 
stats-collection
Context 
[Tree] (config>isa>tunnel-grp stats-collection)
Full Contexts 
configure isa tunnel-group stats-collection
Description 

This command enables the context to configure ISA statistics collection parameters.

23.408. stats-report-interval

stats-report-interval

Syntax 
stats-report-interval [seconds]
no stats-report-interval
Context 
[Tree] (config>bmp>station stats-report-interval)
Full Contexts 
configure bmp station stats-report-interval
Description 

This command configures the frequency of sending statistics reporting messages to the BMP monitoring station.

The no form of this command removes the interval from the configuration.

Parameters 
seconds—
Specifies the frequency of sending statistics reporting messages, in seconds, to the BMP monitoring station.
Values—
15 to 65535

 

23.409. stats-type

stats-type

Syntax 
stats-type {time |volume-time}
no stats-type
Context 
[Tree] (config>service>dynsvc>acct-1 stats-type)
[Tree] (config>service>dynsvc>acct-2 stats-type)
Full Contexts 
configure service dynamic-services dynamic-services-policy accounting-1
configure service dynamic-services dynamic-services-policy accounting-2 stats-type
Description 

This command configures the type of statistics to be reported in dynamic data services RADIUS accounting. A RADIUS specified Stats Type overrides the CLI configured value.

The no form of this command resets the default value.

Default 

stats-type volume-time

Parameters 
time
Only report Session-Time in the RADIUS Accounting Interim-Update and Stop message.
volume-time
Report both Session-Time and Volume counter attributes in the RADIUS. Accounting Interim-Update and Stop messages.

stats-type

Syntax 
stats-type {volume-time |time}
no stats-type
Context 
[Tree] (config>service>dynsvc>ladb>user>idx>acct stats-type)
Full Contexts 
configure service dynamic-services local-auth-db user-name index accounting stats-type
Description 

This command specifies whether dynamic service accounting should be enabled or disabled for this destination. RADIUS accounting is enabled by specifying the stats type: volume and time or time only. This command overrides the local configured value in the dynamic services policy.

The no form of this command disables RADIUS accounting (stats-type off).

Parameters 
volume-time |time —
Enables RADIUS accounting for this dynamic service and specifies if volume counters should be included (volume-time) or time only (time) in the RADIUS accounting messages.

23.410. status-verify

status-verify

Syntax 
status-verify
Context 
[Tree] (config>service>ies>if>ipsec>ipsec-tunnel>dyn>cert status-verify)
[Tree] (config>service>vprn>if>ipsec>ipsec-tunnel>dyn>cert status-verify)
[Tree] (config>service>ies>if>sap>ipsec-gw>cert status-verify)
[Tree] (config>service>vprn>if>sap>ipsec-gw>cert status-verify)
[Tree] (config>service>vprn>if>sap>ipsec-tun>dyn>cert status-verify)
[Tree] (config>router>if>ipsec>ipsec-tun>dyn>cert status-verify)
Full Contexts 
configure router interface ipsec ipsec-tunnel dynamic-keying cert status-verify
configure service ies interface ipsec ipsec-tunnel dynamic-keying cert status-verify
configure service ies interface sap ipsec-gw cert status-verify
configure service vprn interface ipsec ipsec-tunnel dynamic-keying cert status-verify
configure service vprn interface sap ipsec-gw cert status-verify
configure service vprn interface sap ipsec-tunnel dynamic-keying cert status-verify
Description 

This command enables the context to configure certificate revocation status verification parameters.

23.411. std-acct-attributes

std-acct-attributes

Syntax 
[no] std-acct-attributes
Context 
[Tree] (config>subscr-mgmt>acct-plcy>include-radius-attribute std-acct-attributes)
Full Contexts 
configure subscriber-mgmt radius-accounting-policy include-radius-attribute std-acct-attributes
Description 

This command enables reporting of aggregated forwarded IPv4 and IPv6 octet, packet and gigaword counters using standard RADIUS attributes. This attribute is by default. It can be enabled simultaneously with detailed per queue or policer counters (detailed-acct-attributes).

The no form of this command reverts to the default.

23.412. std-port-class-pools

std-port-class-pools

Syntax 
std-port-class-pools
Context 
[Tree] (config>qos>hs-port-pool-policy std-port-class-pools)
Full Contexts 
configure qos hs-port-pool-policy std-port-class-pools
Description 

This command enables the context to configure standard port-class pools parameters. Within this context, the corresponding port-class pools can be associated with a mid-pool, explicitly sized as a percentage of the mid-pool size, dynamically-sized based on relative port bandwidth, or have a slope policy applied.

23.413. steering-profile

steering-profile

Syntax 
steering-profile steering-profile-name
no steering-profile
Context 
[Tree] (config>subscr-mgmt>loc-user-db>ppp>host steering-profile)
Full Contexts 
configure subscriber-mgmt local-user-db ppp host steering-profile
Description 

This command configures the steering profile for the specific host.

The no form of this command removes the steering profile for the host.

Parameters 
steering-profile-name —
Specifies the name of the steering profile, up to 32 characters.

steering-profile

Syntax 
steering-profile steering-profile-name [create]
no steering-profile steering-profile-name
Context 
[Tree] (config>subscr-mgmt steering-profile)
Full Contexts 
configure subscriber-mgmt steering-profile
Description 

This command configures a steering profile mapping. A steering profile can be applied to each L2TP LAC subscriber host that requires traffic steering.

The no form of this command removes the specified steering profile.

Parameters 
steering-profile-name —
Specifies the name of the steering profile, up to 32 characters.

steering-profile

Syntax 
[no] steering-profile
Context 
[Tree] (config>subscr-mgmt>acct-plcy>include-radius-attribute steering-profile)
Full Contexts 
configure subscriber-mgmt radius-accounting-policy include-radius-attribute steering-profile
Description 

This command enables including the Alc-Steering-Profile RADIUS attribute.

The no form of the command disables including the Alc-Steering-Profile RADIUS attribute.

23.414. steering-route

steering-route

Syntax 
steering-route ip-prefix/length
no steering-route
Context 
[Tree] (config>service>vprn>nat>inside>redundancy steering-route)
Full Contexts 
configure service vprn nat inside redundancy steering-route
Description 

This command configures specifies the IP address and prefix length of the steering route. The steering route is used in the realm of this virtual router instance as an indirect next-hop for all the traffic that must be routed to the large scale NAT function.

steering-route

Syntax 
steering-route ip-prefix/length
no steering-route
Context 
[Tree] (config>router>nat>inside>redundancy steering-route)
Full Contexts 
configure router nat inside redundancy steering-route
Description 

This command is optionally used in LSN44 multi-chassis redundancy when filters are used on the inside to send traffic destined for the LSN44 function to MS-ISA, where NAT is performed.

If configured, the steering-route is advertised only from the active LSN44 node: the purpose is to bring the LSN44 node activity awareness to downstream routers. In this fashion, downstream routers can make a more intelligent decision when forwarding traffic in the upstream direction. Based on the steering-route, traffic can be sent directly towards the active LSN44 node. This route avoids an extra forwarding hop which would ensue in the case without LSN44 activity awareness, where the upstream traffic can be forwarded to the standby LSN44 node and then to the active LSN44 node.

LSN44 node activity (active/standby) is evaluated per isa-group based on monitoring routes advertised on the outside.

The no form of the command removes the ip-prefix/length from the configuration.

Default 

none

Parameters 
ip-prefix/length—
Specifies the IP address and length of the steering route.
Values—

ip-prefix:

a.b.c.d

ip-prefix-length:

0 to 32

 

23.415. sticky-dest

sticky-dest

Syntax 
sticky-dest hold-time-up
sticky-dest no-hold-time-up
no sticky-dest
Context 
[Tree] (config>filter>ip-filter>entry sticky-dest)
[Tree] (config>filter>ipv6-filter>entry sticky-dest)
[Tree] (config>filter>mac-filter>entry sticky-dest)
[Tree] (config>filter>redirect-policy sticky-dest)
Full Contexts 
configure filter ip-filter entry sticky-dest
configure filter ipv6-filter entry sticky-dest
configure filter mac-filter entry sticky-dest
configure filter redirect-policy sticky-dest
Description 

This command configures sticky destination behavior for redundant PBR/PBF actions. Configuring sticky destination has an effect on PBR/PBF actions whether a secondary action is configured.

The hold-time-up parameter allows the operator to delay programming of a PBR/PBF action for a specified amount of time. The timer is only started when transitioning from all configured targets being down (that is, the primary target if no secondary target is configured, or both the primary and secondary targets when both are configured) to at least one target being up.

When the timer expires, the primary PBR/PBF action is programmed if its target is up. If the primary PBR/PBF target is down and a secondary PBR/PBF action has been configured and its target is up, then this secondary PBR/PBF action is programmed. In all other cases, no specific programming occurs when the timer expires.

When sticky destination is configured and the secondary PBR/PBF target is up and its associated action is programmed, it is not automatically replaced by the primary PBR/PBF action when its target transitions from down to up. In this situation, programming the primary PBR/PBF action can be forced using the activate-primary-action tools command.

Changing the value of the timer while the timer is running takes effect immediately (that is, the timer is restarted immediately using the new value).

The no form of the command disables sticky destination behavior.

Default 

no sticky-dest

Parameters 
hold-time-up
Specifies the initial delay in seconds. Zero is equivalent to no-hold-time-up (no delay).
Values—
0 to 65535 seconds

 

23.416. sticky-dr

sticky-dr

Syntax 
sticky-dr [priority dr-priority]
no sticky-dr
Context 
[Tree] (config>service>vprn>pim>if sticky-dr)
Full Contexts 
configure service vprn pim interface sticky-dr
Description 

This command enables sticky-dr operation on this interface. When enabled, the priority in PIM hellos sent on this interface when elected as the designated router (DR) is modified to the value configured in dr-priority. This is done to avoid the delays in forwarding caused by DR recovery, when switching back to the old DR on a LAN when it comes back up.

By enabling sticky-dr on this interface, it will continue to act as the DR for the LAN even after the old DR comes back up.

The no form of this command disables sticky-dr operation on this interface.

Default 

no sticky-dr

Parameters 
priority dr-priority
Sets the DR priority to be sent in PIM Hello messages following the election of that interface as the DR, when sticky-dr operation is enabled.
Values—
1 to 4294967295

 

sticky-dr

Syntax 
sticky-dr [priority dr-priority]
no sticky-dr
Context 
[Tree] (config>router>pim>interface sticky-dr)
Full Contexts 
configure router pim interface sticky-dr
Description 

This command enables sticky-dr operation on this interface. When enabled, the priority in PIM hellos sent on this interface when elected as the designated router (DR) will be modified to the value configured in dr-priority. This is done to avoid the delays in forwarding caused by DR recovery, when switching back to the old DR on a LAN when it comes back up.

By enabling sticky-dr on this interface, it will continue to act as the DR for the LAN even after the old DR comes back up.

The no form of this command disables sticky-dr operation on this interface.

Default 

no sticky-dr

Parameters 
priority dr-priority
Sets the DR priority to be sent in PIM Hello messages following the election of that interface as the DR, when sticky-dr operation is enabled.
Values—
1 to 4294967295

 

23.417. sticky-ecmp

sticky-ecmp

Syntax 
sticky-ecmp
no sticky-ecmp
Context 
[Tree] (config>router>policy-options>policy-statement>entry>action sticky-ecmp)
[Tree] (config>router>policy-options>policy-statement>default-action sticky-ecmp)
Full Contexts 
configure router policy-options policy-statement default-action sticky-ecmp
configure router policy-options policy-statement entry action sticky-ecmp
Description 

This command specifies that BGP routes matching an entry or default-action of a route policy should be tagged internally as requiring sticky ECMP behavior. When a BGP route with multiple equal-cost BGP next-hops is programmed for sticky ECMP the failure of one or more of its BGP next-hops causes only the affected traffic flows to be re-distributed to the remaining next-hops; by default (without sticky-ECMP) all flows are potentially affected, even those using a next-hop that did not fail.

Default 

no sticky-ecmp

23.418. sticky-msaps

sticky-msaps

Syntax 
sticky-msaps [idle-timeout seconds]
no sticky-msaps
Context 
[Tree] (config>subscr-mgmt>msap-policy sticky-msaps)
Full Contexts 
configure subscriber-mgmt msap-policy sticky-msaps
Description 

This command prevents MSAPs associated with the specified MSAP policy from being deleted unless a manual clear command is issued. If this command is not enabled, an MSAP is deleted when a host creation fails or when a subscriber is no longer associated with the MSAP, for example, when a subscriber ends the session. This feature is useful for an operator who wants to keep historical statistics on MSAPs. It can also speed up host creation on an MSAP since the MSAP is already created. The idle-timeout parameter allows the removal of MSAPs that are idle for longer than the specified time.

The no form of this command allows an MSAP to be deleted when a host creation fails or when a subscriber is no longer associated with the MSAP.

Default 

no sticky-msaps

Parameters 
seconds—
Specifies the idle timeout, in seconds.
Values—
5 to 604800

 

23.419. stp

stp

Syntax 
[no] stp
Context 
[Tree] (config>service>vpls>pbb>backbone-vpls stp)
Full Contexts 
configure service vpls pbb backbone-vpls stp
Description 

This command enables or disable STP through B-VPLS service.

stp

Syntax 
[no] stp
Context 
[Tree] (config>service>vpls>backbone-vpls stp)
Full Contexts 
configure service vpls backbone-vpls stp
Description 

This command enables STP on the backbone VPLS service.

The no form of this command disables STP on the backbone VPLS service.

stp

Syntax 
stp
Context 
[Tree] (config>service>vpls stp)
[Tree] (config>service>vpls>sap stp)
[Tree] (config>service>vpls>spoke-sdp stp)
[Tree] (config>service>template>vpls-sap-template stp)
[Tree] (config>service>template>vpls-template stp)
Full Contexts 
configure service template vpls-sap-template stp
configure service template vpls-template stp
configure service vpls sap stp
configure service vpls spoke-sdp stp
configure service vpls stp
Description 

This command enters the context to configure the Spanning Tree Protocol (STP) parameters. Nokia’s STP is simply the Spanning Tree Protocol (STP) with a few modifications to better suit the operational characteristics of VPLS services. The most evident change is to the root bridge election. Since the core network operating between Nokia’s service routers should not be blocked, the root path is calculated from the core perspective.

stp

Syntax 
[no] stp
Context 
[Tree] (debug>service>id stp)
Full Contexts 
debug service id stp
Description 

This command enables the context for debugging STP.

The no form of the command disables debugging.

stp

Syntax 
stp
Context 
[Tree] (config>service>pw-template stp)
Full Contexts 
configure service pw-template stp
Description 

This command enables the context to configure the Spanning Tree Protocol (STP) parameters. The STP is simply the Spanning Tree Protocol (STP) with a few modifications to better suit the operational characteristics of VPLS services. The most evident change is to the root bridge election. Since the core network operating between service routers should not be blocked, the root path is calculated from the core perspective.

23.420. stream-selection

stream-selection

Syntax 
[no] stream-selection
Context 
[Tree] (config>isa>video-group stream-selection)
Full Contexts 
configure isa video-group stream-selection
Description 

This command specifies whether or not stream selection is enabled on this video group.

The no form of the command disables stream-selection for the group.

Default 

no stream-selection

23.421. streaming

streaming

Syntax 
streaming
Context 
[Tree] (config>oam-pm streaming)
Full Contexts 
configure oam-pm streaming
Description 

This command specifies the context to configure the OAM-PM streaming template and its associated parameters.

streaming

Syntax 
streaming
Context 
[Tree] (config>system>snmp streaming)
Full Contexts 
configure system snmp streaming
Description 

This command enables the proprietary SNMP request/response bundling and TCP-based transport mechanism for optimizing network management of the router nodes. In higher latency networks, synchronizing router MIBs from network management via streaming takes less time than synchronizing via classic SNMP UDP requests. Streaming operates on TCP port 1491 and runs over IPv4 or IPv6.

23.422. strict

strict

Syntax 
[no] strict
Context 
[Tree] (config>app-assure>group>tcp-validate strict)
Full Contexts 
configure application-assurance group tcp-validate strict
Description 

This command specifies whether enforcement of TCP sequence and acknowledgment numbers is applied. If a packet does not meet the expected sequence or acknowledgment number, it is dropped.

This command should only be enabled if the expected bit error rate or packet loss is low. For example, if acknowledgments are lost before being detected by AA, the server timeouts are triggered and retransmissions occur. If strict is enabled, these retransmissions would resemble a reply attack and would be dropped by AA.

The no form of this command removes TCP sequence and acknowledgment number enforcement.

Default 

no strict

23.423. strict-adjacency-check

strict-adjacency-check

Syntax 
[no] strict-adjacency-check
Context 
[Tree] (config>service>vprn>isis strict-adjacency-check)
Full Contexts 
configure service vprn isis strict-adjacency-check
Description 

This command enables strict checking of address families (IPv4 and IPv6) for IS-IS adjacencies. When enabled, adjacencies do not come up unless both routers have exactly the same address families configured. If there is an existing adjacency with unmatched address families, it is torn down.

This command is used to prevent black-holing traffic when IPv4 and IPv6 topologies are different. When disabled (no strict-adjacency-check) a BFD session failure for either IPv4 or IPv6 will cause the routes for the other address family to be removed as well.

When disabled (no strict-adjacency-check), both routers only need to have one common address family to establish the adjacency.

Default 

no strict-adjacency-check

strict-adjacency-check

Syntax 
[no] strict-adjacency-check
Context 
[Tree] (config>router>isis strict-adjacency-check)
Full Contexts 
configure router isis strict-adjacency-check
Description 

This command enables strict checking of address families (IPv4 and IPv6) for IS-IS adjacencies. When enabled, adjacencies will not come up unless both routers have exactly the same address families configured. If there is an existing adjacency with unmatched address families, it will be torn down. This command is used to prevent black-holing traffic when IPv4 and IPv6 topologies are different. When disabled (no strict-adjacency-check) a BFD session failure for either IPv4 or Ipv6 will cause the routes for the other address family to be removed as well.

When disabled (no strict-adjacency-check), both routers only need to have one common address family to establish the adjacency.

23.424. strict-lsa-checking

strict-lsa-checking

Syntax 
[no] strict-lsa-checking
Context 
[Tree] (config>service>vprn>ospf>graceful-restart strict-lsa-checking)
[Tree] (config>service>vprn>ospf3>graceful-restart strict-lsa-checking)
Full Contexts 
configure service vprn ospf graceful-restart strict-lsa-checking
configure service vprn ospf3 graceful-restart strict-lsa-checking
Description 

This command indicates whether an OSPF restart helper should terminate graceful restart when there is a change to an LSA that would be flooded to the restarting router during the restart process.

The default OSPF behavior is to terminate a graceful restart if an LSA changes, which causes the OSPF neighbor to go down.

The no strict-lsa-checking command disables strict LSA checking.

Default 

strict-lsa-checking

strict-lsa-checking

Syntax 
[no] strict-lsa-checking
Context 
[Tree] (config>router>ospf>graceful-restart strict-lsa-checking)
[Tree] (config>router>ospf3>graceful-restart strict-lsa-checking)
Full Contexts 
configure router ospf graceful-restart strict-lsa-checking
configure router ospf3 graceful-restart strict-lsa-checking
Description 

This command indicates whether an OSPF restart helper should terminate graceful restart when there is a change to an LSA that would be flooded to the restarting router during the restart process.

The default OSPF behavior is to terminate a graceful restart if an LSA changes, which causes the OSPF neighbor to go down.

The no form of this command disables strict LSA checking.

Default 

strict-lsa-checking

23.425. strict-mode

strict-mode

Syntax 
[no] strict-mode
Context 
[Tree] (config>service>upnp>upnp-policy strict-mode)
Full Contexts 
configure service upnp upnp-policy strict-mode
Description 

This command enable UPnP strict mode. With strict-mode, system only allows changes to existing UPnP mapping if the request comes from same UPnP client.

Default 

no strict-mode

23.426. string

string

Syntax 
string string
no string
Context 
[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host>host-ident string)
Full Contexts 
configure subscriber-mgmt local-user-db ipoe host host-identification string
Description 

This command specifies the string from the Nokia vendor-specific sub-option (VSO) in Option 82 to match.

The no form of this command returns to the default.

Parameters 
string—
Specifies the VSO string of this host, up to 255 characters.

string

Syntax 
[no] string text
Context 
[Tree] (config>service>vpls>sap>dhcp>option>vendor string)
[Tree] (config>service>vprn>if>dhcp>option>vendor string)
[Tree] (config>service>vprn>sub-if>grp-if>dhcp>option>vendor string)
[Tree] (config>service>ies>sub-if>grp-if>dhcp>option>vendor string)
[Tree] (config>subscr-mgmt>msap-policy>vpls-only>dhcp>option>vendor string)
Full Contexts 
configure service ies subscriber-interface group-interface dhcp option vendor-specific-option string
configure service vpls sap dhcp option vendor-specific-option string
configure service vprn interface dhcp option vendor-specific-option string
configure service vprn subscriber-interface group-interface dhcp option vendor-specific-option string
configure subscriber-mgmt msap-policy vpls-only-sap-parameters dhcp option vendor-specific-option string
Description 

This command specifies the string in the Nokia vendor-specific sub-option of the DHCP relay packet.

The no form of this command reverts to the default.

Parameters 
text—
Specifies a string that can be any combination of ASCII characters, up to 32 characters. If spaces are used in the string, enclose the entire string in quotation marks (“ “).

string

Syntax 
[no] string text
Context 
[Tree] (config>router>if>dhcp>option>vendor-specific-option string)
Full Contexts 
configure router interface dhcp option vendor-specific-option string
Description 

This command specifies the vendor specific suboption string of the DHCP relay packet.

The no form of this command returns the default value.

Default 

no string

Parameters 
text—
Specifies a string that can be any combination of ASCII characters, up to 32 characters in length. If spaces are used in the string, enclose the entire string in quotation marks (“ ”).

23.427. strings-from-option

strings-from-option

Syntax 
strings-from-option dhcp-option-number
no strings-from-option
Context 
[Tree] (config>subscr-mgmt>sub-ident-pol strings-from-option)
Full Contexts 
configure subscriber-mgmt sub-ident-policy strings-from-option
Description 

This command enables DHCPv4 option processing on DHCP ACK for subscriber host identification.

The parameter dhcp-option-number specifies the DHCPv4 option number containing subscriber host identification strings such as subscriber ID, sub-profile, sla-profile strings, and so on. The identification strings can be inserted by an SR OS based DHCPv4 server via a local user database lookup.

Applicable to DHCPv4 hosts and PPP hosts that use the internal DHCP client to get an IPv4 address from an SR OS based DHCPv4 server.

The no form of this command reverts to the default.

Default 

no strings-from-option

Parameters 
dhcp-option-number—
Specifies the DHCPv4 option number containing subscriber host identification strings.
Values—
1 to 254

 

23.428. strip-label

strip-label

Syntax 
[no] strip-label
Context 
[Tree] (config>router>if strip-label)
Full Contexts 
configure router interface strip-label
Description 

This command forces packets to be stripped of all (max 5) MPLS labels before the packets are handed over for possible filter (PBR) processing.

If the packets do not have an IP header immediately following the MPLS label stack after the strip, they are discarded. Only MPLS encapsulated IP, IGP shortcuts and VPRN over MPLS packets will be processed. However, IPv4 and IPv6 packets that arrive without any labels are supported on an interface with strip-label enabled.

This command operates in promiscuous mode. This means that the router does not filter on the destination MAC address of the Ethernet frames. In some network designs, multiple ports may be tapped and combined into interface toward the router. Promiscuous mode allows all of these flows to be processed without requiring the destination MAC address to be updated to match the router address.

This command is supported on:

  1. Optical ports for the 7750 SR and 7450 ESS
  2. IOM3-XP cards for the 7750 SR and 7450 ESS
  3. Null/Dot1q encaps
  4. Network ports
  5. IPv4
  6. IPv6

In order to associate an interface that is configured with the strip-label parameter with a port, the port must be configured as single-fiber for the command to be valid.

Packets that are subject to the strip-label action and are mirrored (using mirrors or lawful interception) will contain the original MPLS labels (and other L2 encapsulation) in the mirrored copy of the packet, as they appeared on the wire, when the mirror-dest type is the default type “ether”. If the mirror-dest type is “ip-only”, then the mirrored copy of the packet will not contain the original L2 encapsulation or the stripped MPLS labels.

The no form of this command removes the strip-label command.

Default 

no strip-label

23.429. stub

stub

Syntax 
[no] stub
Context 
[Tree] (config>service>vprn>ospf>area stub)
[Tree] (config>service>vprn>ospf3>area stub)
Full Contexts 
configure service vprn ospf area stub
configure service vprn ospf3 area stub
Description 

This command enables access to the context to configure an OSPF stub area and adds/removes the stub designation from the area. External routing information is not flooded into stub areas. All routers in the stub area must be configured with the stub command. An OSPF area cannot be both an NSSA and a stub area. Existing virtual links of a non STUB or NSSA area will be removed when its designation is changed to NSSA or STUB.

By default, an area is not a stub area.

The no form of this command removes the stub designation and configuration context from the area.

Default 

no stub — The area is not configured as a stub area.

stub

Syntax 
[no] stub
Context 
[Tree] (config>router>ospf>area stub)
[Tree] (config>router>ospf3>area stub)
Full Contexts 
configure router ospf area stub
configure router ospf3 area stub
Description 

This command enables access to the context to configure an OSPF or OSPF3 stub area and adds/removes the stub designation from the area.

External routing information is not flooded into stub areas. All routers in the stub area must be configured with the stub command. An OSPF or OSPF3 area cannot be both an NSSA and a stub area.

Existing virtual links of a non STUB or NSSA area will be removed when its designation is changed to NSSA or STUB.

By default, an area is not a stub area.

The no form of this command removes the stub designation and configuration context from the area.

Default 

no stub

23.430. sub-domain

sub-domain

Syntax 
sub-domain sub-domain
no sub-domain
Context 
[Tree] (config>service>vprn>mvpn>provider-tunnel>inclusive>bier sub-domain)
[Tree] (config>service>vprn>mvpn>provider-tunnel>selective>bier sub-domain)
Full Contexts 
configure service vprn mvpn provider-tunnel inclusive bier sub-domain
configure service vprn mvpn provider-tunnel selective bier sub-domain
Description 

This command sets the sub-domain used to attach the BIER provider tunnel. Both PMSI within the MVPN need to have the same sub-domain.

The no form of this command removes the sub-domain.

Parameters 
sub-domain—
The identifier of the sub-domain.
Values—
0 to 255

 

sub-domain

Syntax 
[no] sub-domain sub-domain
[no] sub-domain start sub-domain end sub-domain
Context 
[Tree] (config>router>bier>template sub-domain)
Full Contexts 
configure router bier template sub-domain
Description 

This command creates a BIER sub-domain or range of sub-domains. For example, for IS-IS each sub-domain is associated with a single IS-IS topology, which may be any of the topologies supported by IS-IS.

The no form of this command removes a sub-domain.

Default 

sub-domain 0

Parameters 
sub-domain—
The ID of the sub-domain to be created or removed.
Values—
0 to 255

 

23.431. sub-host-trk

sub-host-trk

Syntax 
[no] sub-host-trk
Context 
[Tree] (config>redundancy>multi-chassis>peer>sync sub-host-trk)
Full Contexts 
configure redundancy multi-chassis peer sync sub-host-trk
Description 

This command specifies whether subscriber host tracking information should be synchronized with the multi-chassis peer.

Default 

no sub-host-trk

23.432. sub-hosts-only

sub-hosts-only

Syntax 
[no] sub-hosts-only
Context 
[Tree] (config>service>vprn>igmp>grp-if sub-hosts-only)
Full Contexts 
configure service vprn igmp group-interface sub-hosts-only
Description 

This command enables the IGMP traffic from known hosts only.

The no form of this command disable the IGMP traffic from known hosts only

sub-hosts-only

Syntax 
[no] sub-hosts-only
Context 
[Tree] (config>router>igmp>group-interface sub-hosts-only)
Full Contexts 
configure router igmp group-interface sub-hosts-only
Description 

This command disables the processing of IGMP messages outside of the subscriber-host context. No other hosts outside of the subscriber-hosts can create IGMP states.

Disabling this command allows the creation of the IGMP states that correspond to the AN that operate in IGMP proxy mode. In this mode, the AN will hide source IP addresses of IGMP messages and will source IGMP messages with its own IP address. In this case, an IGMP state can be created under the sap context. This IGMP state creation under the SAP is controlled via the import policy under the group-interface.

The IGMP state processing for regular subscriber-hosts is unaffected by this command.

The no form of the command disables the command.

Default 

sub-hosts-only

sub-hosts-only

Syntax 
[no] sub-hosts-only
Context 
[Tree] (config>router>mld>group-interface sub-hosts-only)
Full Contexts 
configure router mld group-interface sub-hosts-only
Description 

This command processes the handling of MLD joins received from hosts that are not known in subscriber management or on which no MLD policy is applied.

Disabling this command allows the creation of the MLD states that correspond to the AN that operate in MLD proxy mode. In this mode, the AN will hide source IP addresses of MLD messages and will source MLD messages with its own IP address. In this case, an MLD state can be created under the sap context. This MLD state creation under the SAP is controlled via the import policy under the group-interface.

The MLD state processing for regular subscriber-hosts is unaffected by this command.

The no form of the command enables the command.

Default 

sub-hosts-only

23.433. sub-id

sub-id

Syntax 
[no] sub-id
Context 
[Tree] (config>service>nat>syslog>syslog-export-policy>include sub-id)
Full Contexts 
configure service nat syslog syslog-export-policy include sub-id
Description 

This command includes the sub-id string in the flow log. The sub-id is applicable only in subscriber-aware NAT. If subscriber-aware NAT is not enabled, the sub-id string is set to ‘-‘.

The no form of the command disables the feature.

23.434. sub-ident-policy

sub-ident-policy

Syntax 
[no] sub-ident-policy sub-ident-policy-name
Context 
[Tree] (config>subscr-mgmt sub-ident-policy)
Full Contexts 
configure subscriber-mgmt sub-ident-policy
Description 

This command configures a subscriber identification policy. Each subscriber identification policy can have a default subscriber profile defined. The subscriber identification policy default subscriber profile overrides the system default and the subscriber SAP default subscriber profiles. Defining a subscriber identification policy default subscriber profile is optional.

The subscriber identification policy default subscriber profile cannot be defined with the subscriber profile name default.

Defining a subscriber profile as a subscriber identification policy default subscriber profile will cause all active subscribers currently associated with a subscriber SAP using the policy and associated with a subscriber policy through the system default or subscriber SAP default subscriber profiles to be reassigned to the subscriber policy defined as default on the subscriber identification policy.

Attempting to delete a subscriber profile that is currently defined as a default for a subscriber identification policy will fail.

When attempting to remove a subscriber identification policy default subscriber profile definition, the system will evaluate each active subscriber on all subscriber SAPs the subscriber identification policy is currently associated with that are using the default definition to determine whether the active subscriber can be either reassigned to a subscriber SAP default or the system default subscriber profile. If all active subscribers cannot be reassigned, the removal attempt will fail.

The no form of this command reverts to the default.

Parameters 
sub-ident-policy-name—
Specifies the name of the subscriber identification policy, up to 32 characters.

sub-ident-policy

Syntax 
sub-ident-policy sub-ident-policy-name
Context 
[Tree] (config>service>ies>sub-if>grp-if>sap>sub-sla-mgmt sub-ident-policy)
[Tree] (config>service>ies>sub-if>grp-if>sap-param>sub-sla-mgmt sub-ident-policy)
[Tree] (config>subscr-mgmt>msap-policy>sub-sla-mgmt sub-ident-policy)
[Tree] (config>service>vpls>sap>sub-sla-mgmt sub-ident-policy)
[Tree] (config>service>vprn>sub-if>grp-if>sap>sub-sla-mgmt sub-ident-policy)
[Tree] (config>service>vprn>sub-if>grp-if>sap-param>sub-sla-mgmt sub-ident-policy)
Full Contexts 
configure service ies subscriber-interface group-interface sap sub-sla-mgmt sub-ident-policy
configure service ies subscriber-interface group-interface sap-param sub-sla-mgmt sub-ident-policy
configure service vpls sap sub-sla-mgmt sub-ident-policy
configure service vprn subscriber-interface group-interface sap sub-sla-mgmt sub-ident-policy
configure service vprn subscriber-interface group-interface sap-param sub-sla-mgmt sub-ident-policy
configure subscriber-mgmt msap-policy sub-sla-mgmt sub-ident-policy
Description 

This command associates a subscriber identification policy to this SAP. The subscriber identification policy must be defined prior to associating the profile with a SAP in the config>subscr-mgmt>sub-ident-policy context.

Subscribers are managed by the system through the use of subscriber identification strings such as a subscriber identifier, an sla-profile string, a sub-profile string and an app-profile string.

The subscriber identification policy performs following functions for subscriber hosts and sessions associated with the SAP or MSAP:

  1. mapping of sla-profile, sub-profile and app-profile strings obtained from authentication (for example, LUDB, RADIUS, Diameter, or Python) into profile names that are configured on the router
  2. for IPoE DHCPv4 hosts, the subscriber identification strings can be derived from the DHCP ACK message sent to the subscriber host using a Python script referenced in the sub-ident-policy
  3. for PPPoE hosts that get an IPv4 address via the PPPoE DHCPv4 client and for IPoE DHCPv4 hosts, an SR OS DHCPv4 server in combination with an LUDB returns the identification strings in a DHCPv4 option. The strings-from-option command in the sub-ident-policy tells the system from which option to extract the identification strings.

The no form of this command removes the default subscriber identification policy from the SAP configuration.

Parameters 
sub-ident-policy-name—
Specifies a subscriber identification policy for this SAP.

sub-ident-policy

Syntax 
[no] sub-ident-policy policy-name
Context 
[Tree] (debug>subscr-mgmt sub-ident-policy)
Full Contexts 
debug subscriber-mgmt sub-ident-policy
Description 

This command debugs subscriber identification policies.

The no form of this command disables debugging.

Parameters 
policy-name—
Specifies the subscriber identification policy to debug.

sub-ident-policy

Syntax 
sub-ident-policy sub-ident-policy-name
Context 
[Tree] (config>service>ies>sub-if>grp-if>sap-parameters>sub-sla-mgmt sub-ident-policy)
Full Contexts 
configure service ies subscriber-interface group-interface sap-parameters sub-sla-mgmt sub-ident-policy
Description 

This command associates a subscriber identification policy. The subscriber identification policy must be defined in the config>subscr-mgmt>sub-ident-policy context.

Subscribers are managed by the system through the use of subscriber identification strings. A subscriber identification string uniquely identifies a subscriber. For static hosts, the subscriber identification string is explicitly defined with each static subscriber host.

For dynamic hosts, the subscriber identification string must be derived from the DHCP ACK message sent to the subscriber host. The default value for the string is the content of Option 82 CIRCUIT-ID and REMOTE-ID fields interpreted as an octet string. As an option, the DHCP ACK message may be processed by a subscriber identification policy which has the capability to parse the message into an alternative ASCII or octet string value.

When multiple hosts on the same port are associated with the same subscriber identification string they are considered to be host members of the same subscriber.

The no form of this command removes the default subscriber identification policy from the configuration.

Parameters 
sub-ident-policy-name—
Specifies a subscriber identification policy for this SAP. The subscriber profile must be defined prior to associating the profile with a SAP in the config>subscr-mgmt>sub-ident-policy context.

sub-ident-policy

Syntax 
sub-ident-policy sub-ident-policy-name
no sub-ident-policy
Context 
[Tree] (config>app-assure>group>transit-ip-policy sub-ident-policy)
Full Contexts 
configure application-assurance group transit-ip-policy sub-ident-policy
Description 

This command associates a subscriber identification policy to this SAP. The subscriber identification policy must be defined prior to associating the profile with a SAP in the config>subscribermgmt>sub-ident-policy context.

Subscribers are managed by the system through the use of subscriber identification strings. A subscriber identification string uniquely identifies a subscriber. For static hosts, the subscriber identification string is explicitly defined with each static subscriber host.

For dynamic hosts, the subscriber identification string must be derived from the DHCP ACK message sent to the subscriber host. The default value for the string is the content of Option 82 CIRCUIT-ID and REMOTE-ID fields interpreted as an octet string. As an option, the DHCP ACK message may be processed by a subscriber identification policy which has the capability to parse the message into an alternative ASCII or octet string value.

When multiple hosts on the same port are associated with the same subscriber identification string they are considered to be host members of the same subscriber.

A sub-ident-policy can also be used for identifying dynamic transit subscriber names.

The no form of this command removes the default subscriber identification policy from the SAP configuration.

Default 

no sub-ident-policy

Parameters 
sub-ident-policy-name—
Specifies the subscriber identification policy name, up to 32 characters.

23.435. sub-insert-credit-control

sub-insert-credit-control

Syntax 
sub-insert-credit-control start-entry entry-id count count
no sub-insert-credit-control
Context 
[Tree] (config>filter>ip-filter sub-insert-credit-control)
[Tree] (config>filter>ipv6-filter sub-insert-credit-control)
Full Contexts 
configure filter ip-filter sub-insert-credit-control
configure filter ipv6-filter sub-insert-credit-control
Description 

This command inserts point information for credit control for the filter.

The no form of the command reverts to the default.

Default 

no sub-insert-credit-control

Parameters 
entry-id
Identifies a filter on this system.
Values—
1 to 2097151

 

count—
Specifies the count
Values—
1 to 65535

 

23.436. sub-insert-radius

sub-insert-radius

Syntax 
sub-insert-radius start-entry entry-id count count
no sub-insert-radius
Context 
[Tree] (config>filter>ip-filter sub-insert-radius)
[Tree] (config>filter>ipv6-filter sub-insert-radius)
Full Contexts 
configure filter ip-filter sub-insert-radius
configure filter ipv6-filter sub-insert-radius
Description 

This command inserts point information for RADIUS for the filter.

The no form of the command reverts to the default.

Default 

no sub-insert-radius

Parameters 
entry-id
Specifies at what place the filter entries received from RADIUS will be inserted in the filter.
Values—
1 to 2097151

 

count
Specifies the count.
Values—
1 to 65535

 

23.437. sub-insert-shared-pccrule

sub-insert-shared-pccrule

Syntax 
sub-insert-shared-pccrule start-entry entry-id count count
no sub-insert-shared-pccrule
Context 
[Tree] (config>qos>sap-egress sub-insert-shared-pccrule)
[Tree] (config>qos>sap-ingress sub-insert-shared-pccrule)
Full Contexts 
configure qos sap-egress sub-insert-shared-pccrule
configure qos sap-ingress sub-insert-shared-pccrule
Description 

This command defines the range of filter and QoS policy entries that are reserved for shared entries received in Flow-Information AVP via Gx interface (PCC rules – Policy and Charging Control).

The no form of this command disables the insertion, which will result in a failure of PCC rule installation.

Default 

no sub-insert-shared-pccrule

Parameters 
entry-id—
Specifies the lowest entry in the range.
Values—
1 to 65535

 

count—
Specifies the number of entries in the range.
Values—
1 to 65535

 

sub-insert-shared-pccrule

Syntax 
sub-insert-shared-pccrule start-entry entry-id count count
no sub-insert-shared-pccrule
Context 
[Tree] (config>filter>ip-filter sub-insert-shared-pccrule)
[Tree] (config>filter>ipv6-filter sub-insert-shared-pccrule)
Full Contexts 
configure filter ip-filter sub-insert-shared-pccrule
configure filter ipv6-filter sub-insert-shared-pccrule
Description 

This command defines the range of filter and QoS policy entries that are reserved for shared entries received in Flow-Information AVP via Gx interface (PCC rules – Policy and Charging Control). The no form of this command disables the insertion, which will result in a failure of PCC rule installation.

Default 

no sub-insert-shared-pccrule

Parameters 
entry-id
Specifies the lowest entry in the range.
Values—
1 to 2097151

 

count
Specifies the number of entries in the range.
Values—
1 to 65535

 

23.438. sub-insert-shared-radius

sub-insert-shared-radius

Syntax 
sub-insert-shared-radius start-entry entry-id count count
no sub-insert-shared-radius
Context 
[Tree] (config>filter>ip-filter sub-insert-shared-radius)
[Tree] (config>filter>ipv6-filter sub-insert-shared-radius)
Full Contexts 
configure filter ip-filter sub-insert-shared-radius
configure filter ipv6-filter sub-insert-shared-radius
Description 

This command configures the insert point for shared host rules from RADIUS.

Default 

no sub-insert-shared-radius

Parameters 
entry-id
Identifies a filter on this system.
Values—
1 to 2097151

 

count
Specifies the count.
Values—
1 to 65535

 

23.439. sub-insert-wmark

sub-insert-wmark

Syntax 
sub-insert-wmark low low-watermark high high-watermark
no sub-insert-wmark
Context 
[Tree] (config>filter>ip-filter sub-insert-wmark)
[Tree] (config>filter>ipv6-filter sub-insert-wmark)
Full Contexts 
configure filter ip-filter sub-insert-wmark
configure filter ipv6-filter sub-insert-wmark
Description 

This command configures the low and high watermark percentage for inserted filter entry usage reporting.

The no form of the command reverts to the default.

Default 

sub-insert-wmark low 90 high 95

Parameters 
low-watermark—
Specifies the utilization of the filter ranges for filter entry insertion, at which a table full alarm will be cleared by the agent.
Values—
0 to 100

 

high-watermark
Specifies the utilization of the filter ranges for filter entry insertion, at which a table full alarm will be raised by the agent.
Values—
0 to 100

 

23.440. sub-mcac-policy

sub-mcac-policy

Syntax 
sub-mcac-policy policy-name
no sub-mcac-policy
Context 
[Tree] (config>subscr-mgmt>sub-profile sub-mcac-policy)
Full Contexts 
configure subscriber-mgmt sub-profile sub-mcac-policy
Description 

This command enables the context to configure sub MCAC policy parameters. The policy template in which the MCAC bandwidth limits are defined. MCAC for the subscriber is effectively enabled with this command when the sub-profile is applied to the subscriber. The bandwidth of the channels is defined in a different policy (under the config>router>mcac context) and this policy is applied on the interface level as follows:

  1. for regular interfaces in the config>service/router>igmp>interface>mcac context
  1. for HQoS adjustment, it is mandatory that the sub-mcac-policy be created and applied to the subscriber. The sub-mac-policy does not have to contain any bandwidth constrains, but it has to be in a no shutdown state in order for HQoS Adjustment to work.
Parameters 
policy-name—
Specifies the policy name up to 32 characters.

sub-mcac-policy

Syntax 
sub-mcac-policy sub-mcac-policy-name [create]
no sub-mcac-policy b
Context 
[Tree] (config>subscr-mgmt sub-mcac-policy)
Full Contexts 
configure subscriber-mgmt sub-mcac-policy
Description 

This command creates a policy template with MCAC bandwidth limits that are applied to the subscriber.

Per interface mcac bandwidth limits are set directly under the interface (regular interface or group-interface) and no such policy templates are needed.

The need for a separate policy template for subscribers is due to the fact that groups of subscribers under the same group-interface can share certain settings that can be configured via this template.

To summarize, the MCAC bandwidth constraints for subscribers are defined in the sub-mcac-policy while the mcac bandwidth constraints for the interface are configured directly under the igmp>interface>mcac or igmp>grp-if>mcac context without the need for policy templates.

Note:

The sub-mcac-policy only deals with the mcac bandwidth limits and not the channel bandwidth definitions. Channels bandwidth is defined in a different policy (in the config>router>mcac context) and that policy is applied on the interface level as follows:

  1. For group-interface: under the config>service>vprn>igmp>grp-if>mcac context
  2. For regular interface: under the config>service/router>igmp>interface>mcac context.

In case of HQoS Adjustment, it is mandatory that the sub-mcac-policy be created and applied to the subscriber. The sub-mac-policy does not have to contain any bandwidth constrains, but it has to be in a no shutdown state in order for HQoS Adjustment to work.

The no form of this command reverts to the default.

Parameters 
policy-name —
Specifies the name of the policy up to 32 characters.

sub-mcac-policy

Syntax 
sub-mcac-policy policy-name
no sub-mcac-policy
Context 
[Tree] (config>subscr-mgmt>sub-prof sub-mcac-policy)
Full Contexts 
configure subscriber-mgmt sub-profile sub-mcac-policy
Description 

This command references the policy template in which the mcac bandwidth limits are defined. Mcac for the subscriber is effectively enabled with this command when the sub-profile is applied to the subscriber. The bandwidth of the channels is defined in a different policy (under the config>router>mcac context) and this policy is applied on the interface level as follows:

  1. For group-interfaces under the config>service>vprn>igmp>grp-if>mcac context
  2. For regular interfaces under the config>service/router>igmp>interface>mcac context

In case of HQoS Adjustment, it is mandatory that the sub-mcac-policy be created and applied to the subscriber. The sub-mac-policy does not have to contain any bandwidth constrains, but it has to be in a no shutdown state in order for HQoS Adjustment to work.

The no form of this command removes the policy from the configuration.

Parameters 
policy-name—
Specifies the policy name configured in the config>subscr-mgmt>sub-mcac-policy context.

23.441. sub-mgmt

sub-mgmt

Syntax 
sub-mgmt [ipoe] [pppoe]
no sub-mgmt
Context 
[Tree] (config>redundancy>multi-chassis>peer>sync sub-mgmt)
Full Contexts 
configure redundancy multi-chassis peer sync sub-mgmt
Description 

This command specifies whether subscriber management information should be synchronized with the multi-chassis peer.

Default 

no sub-mgmt

Parameters 
ipoe—
Specifies to synchronize IPoE subscribers. The use of the keyword must match on both nodes, otherwise the subscriber synchronization fails.
pppoe—
Specifies to synchronize PPPoE subscribers. The use of the keyword must match on both nodes, otherwise the subscriber synchronization fails.

23.442. sub-mgmt-extensions

sub-mgmt-extensions

Syntax 
[no] sub-mgmt-extensions
Context 
[Tree] (config>fwd-path-ext>fpe sub-mgmt-extensions)
Full Contexts 
configure fwd-path-ext fpe sub-mgmt-extensions
Description 

This command configures FPE for subscriber management extensions. The FPE cannot be used for other applications but can be used for multiple subscriber management applications.

The no version of this command disables FPE for subscriber management extensions.

Default 

no sub-mgmt-extensions

23.443. sub-port

sub-port

Syntax 
sub-port port-id [create]
no sub-port port-id
Context 
[Tree] (config>port>ethernet>dot1x>macsec sub-port)
Full Contexts 
configure port ethernet dot1x macsec sub-port
Description 

This command creates a MACsec instance on a physical port, targeting the specific subset of traffic defined by the encap-match command.

The no form of this command removes the MACsec instance.

Parameters 
port-id—
Specifies the sub-port id index.
Values—
1 to 1023

 

create—
Creates a new sub-port.

23.444. sub-profile

sub-profile

Syntax 
[no] sub-profile
Context 
[Tree] (config>subscr-mgmt>acct-plcy>include-radius-attribute sub-profile)
Full Contexts 
configure subscriber-mgmt radius-accounting-policy include-radius-attribute sub-profile
Description 

This command specifies that subscriber profile attributes should be included into RADIUS accounting messages.

The no form of this command excludes subscriber profile attributes into RADIUS accounting messages.

sub-profile

Syntax 
sub-profile sub-profile-name
no sub-profile
Context 
[Tree] (config>service>ies>if>sap>static-host sub-profile)
[Tree] (config>service>vpls>sap>static-host sub-profile)
[Tree] (config>service>ies>sub-if>grp-if>sap>static-host sub-profile)
[Tree] (config>service>vprn>if>sap>static-host sub-profile)
[Tree] (config>service>vprn>sub-if>grp-if>sap>static-host sub-profile)
Full Contexts 
configure service ies interface sap static-host sub-profile
configure service ies subscriber-interface group-interface sap static-host sub-profile
configure service vpls sap static-host sub-profile
configure service vprn interface sap static-host sub-profile
configure service vprn subscriber-interface group-interface sap static-host sub-profile
Description 

This command specifies an existing subscriber profile name to be associated with the static subscriber host.

The no form of this command reverts to the default.

Parameters 
sub-profile-name—
Specifies the sub-profile name.

sub-profile

Syntax 
[no] sub-profile subscriber-profile-name
Context 
[Tree] (config>subscr-mgmt sub-profile)
Full Contexts 
configure subscriber-mgmt sub-profile
Description 

This command enables the context to configure a subscriber profile. A subscriber profile is a template used to define the aggregate QoS for all hosts within a subscriber context. This is done through the definition of the egress and ingress scheduler policies that govern the aggregate SLA for subscribers using the subscriber profile. Subscriber profiles also allow for specific SLA profile definitions when the default definitions from the subscriber identification policy must be overridden.

Subscribers are either explicitly mapped to a subscriber profile template or are dynamically associated by one of various non-provisioned subscriber profile definitions.

A subscriber host can be associated with a subscriber profile in the following ways, listed from lowest to highest precedence:

  1. The subscriber profile named default.
  2. The subscriber profile defined as the subscriber SAP default.
  3. The subscriber profile found by the subscriber identification policy sub-profile-map.
  4. The subscriber profile found by the subscriber identification policy explicit map.

In the event that no defaults are defined and the subscriber identification string is not explicitly provisioned to map to a subscriber profile, either the static subscriber host creation will fail or the dynamic subscriber host DHCP ACK is discarded.

Default Subscriber profile:

When a subscriber profile is created with the subscriber-profile-name default, it is used when no other subscriber profile is associated with the subscriber host by the system. Creating a subscriber profile with the subscriber-profile-name default is optional. If a default subscriber profile is not created, all subscriber hosts subscriber identification strings must match either a non-provisioned default or be provisioned as an explicit match to a subscriber profile.

The default profile has no effect on existing active subscriber on the system as they exist due to higher precedence mappings.

Attempting to delete any subscriber profile (including the profile named default) while in use by existing active subscribers will fail.

The no form of this command reverts to the default.

Parameters 
subscriber-profile-name—
Specifies the name of the subscriber profile, up to 32 characters.
create—
Keyword used to create the subscriber profile.

23.445. sub-profile-map

sub-profile-map

Syntax 
sub-profile-map
Context 
[Tree] (config>subscr-mgmt>sub-ident-pol sub-profile-map)
Full Contexts 
configure subscriber-mgmt sub-ident-policy sub-profile-map
Description 

This command enables the context to configure subscriber profile mapping parameters.

23.446. sub-profile-string

sub-profile-string

Syntax 
sub-profile-string sub-profile-string
no sub-profile-string
Context 
[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host>ident-strings sub-profile-string)
[Tree] (config>subscr-mgmt>loc-user-db>ppp>host>ident-strings sub-profile-string)
Full Contexts 
configure subscriber-mgmt local-user-db ipoe host identification-strings sub-profile-string
configure subscriber-mgmt local-user-db ppp host identification-strings sub-profile-string
Description 

This command specifies the subscriber profile string which is encoded in the identification strings.

The no form of this command returns to the default.

Parameters 
sub-profile-string—
Specifies the subscriber profile string, up to 32 characters.

sub-profile-string

Syntax 
sub-profile-string string
no sub-profile-string
Context 
[Tree] (config>subscr-mgmt>vrgw>brg>brg-profile sub-profile-string)
Full Contexts 
configure subscriber-mgmt vrgw brg brg-profile sub-profile-string
Description 

This string will be used as a default for subscriber-profile lookup. This string can be overridden during BRG or host authentication. The no form of the command removes the string from the configuration.

Default 

no sub-profile-string

Parameters 
string—
Specifies the string used to look up the subscriber profile.

23.447. sub-ring

sub-ring

Syntax 
[no] sub-ring {virtual-link |non-virtual-link}
Context 
[Tree] (config>eth-ring sub-ring)
Full Contexts 
configure eth-ring sub-ring
Description 

This command specifies this ring-id to be sub-ring as defined in G.80312. By declaring this ring as a sub-ring object, this ring will only have one valid path and the sub-ring will be connected to a major ring or a VPLS instance.

The virtual-link keyword declares that a sub-ring is connected to another ring and control messages can be sent over the attached ring to the other side of the sub-ring.

The non-virtual-link channel parameter declares that a sub-ring may be connected to another ring or to a VPLS instance but no control messages from the sub-ring use the attached ring or VPLS instance. The non-virtual channel behavior is standard G.8032 capability.

The no form of this command deletes the sub-ring and its virtual channel associations.

Default 

no sub-ring

Parameters 
virtual-link—
Specifies that the interconnection is to a ring and a virtual link will be used.
non-virtual-link—
Specifies that the interconnection is to a ring or a VPLS instance and a virtual link will not be used.

23.448. sub-sla-mgmt

sub-sla-mgmt

Syntax 
[no] sub-sla-mgmt
Context 
[Tree] (config>service>vpls>sap sub-sla-mgmt)
[Tree] (config>service>ies>if>sap sub-sla-mgmt)
[Tree] (config>service>ies>sub-if>grp-if>sap sub-sla-mgmt)
[Tree] (config>service>ies>sub-if>grp-if>sap-parameters sub-sla-mgmt)
[Tree] (config>service>vprn>if>sap sub-sla-mgmt)
[Tree] (config>service>vprn>sub-if>grp-if>sap sub-sla-mgmt)
[Tree] (config>subscr-mgmt>msap-policy sub-sla-mgmt)
Full Contexts 
configure service ies interface sap sub-sla-mgmt
configure service ies subscriber-interface group-interface sap sub-sla-mgmt
configure service ies subscriber-interface group-interface sap-parameters sub-sla-mgmt
configure service vpls sap sub-sla-mgmt
configure service vprn interface sap sub-sla-mgmt
configure service vprn subscriber-interface group-interface sap sub-sla-mgmt
configure subscriber-mgmt msap-policy sub-sla-mgmt
Description 

This command enables the context to configure subscriber management parameters for this SAP.

The no form of this command reverts to the default.

sub-sla-mgmt

Syntax 
[no] sub-sla-mgmt
Context 
[Tree] (config>service>ies>sub-if>grp-if>sap-parameters sub-sla-mgmt)
[Tree] (config>service>vprn>sub-if>grp-if>sap-parameters sub-sla-mgmt)
Full Contexts 
configure service ies subscriber-interface group-interface sap-parameters sub-sla-mgmt
configure service vprn subscriber-interface group-interface sap-parameters sub-sla-mgmt
Description 

This command enables the context to configure subscriber management parameters.

The no form of this command removes the parameters from the configuration.

Default 

sub-sla-mgmt

23.449. subject

subject

Syntax 
subject {eq |neq} subject [regexp]
no subject
Context 
[Tree] (config>service>vprn>log>filter>entry>match subject)
Full Contexts 
configure service vprn log filter entry match subject
Description 

This command adds an event subject as a match criterion.

The subject is the entity for which the event is reported, such as a port. In this case the port-id string would be the subject. Only one subject command can be entered per event filter entry. The latest subject command overwrites the previous command.

The no form of this command removes the subject match criterion.

Default 

no subject

Parameters 
eq |neq—
This operator specifies the type of match. Valid operators are listed below.
Values—

Operator

Notes

eq

equal to

neq

not equal to

 

subject—
A string used as the subject match criterion.
regexp—
Specifies the type of string comparison to use to determine if the log event matches the value of subject command parameters. When the regexp keyword is specified, the string in the subject command is a regular expression string that will be matched against the subject string in the log event being filtered.

When regexp keyword is not specified, the subject command string is matched exactly by the event filter.

subject

Syntax 
subject {eq |neq} subject [regexp]
no subject
Context 
[Tree] (config>log>filter>entry>match subject)
Full Contexts 
configure log filter entry match subject
Description 

This command adds an event subject as a match criterion.

The subject is the entity for which the event is reported, such as a port. In this case the port-id string would be the subject. Only one subject command can be entered per event filter entry. The latest subject command overwrites the previous command.

The no form of this command removes the subject match criterion.

Parameters 
eq |neq—
Specifies the match type. Valid operators are listed in Table 192.
Table 192:  Valid Operators

Operator

Notes

eq

equal to

neg

not equal to

subject—
Specifies a string up to 32 characters, used as the subject match criterion.
regexp—
Specifies the type of string comparison to use to determine if the log event matches the value of subject command parameters. When the regexp keyword is specified, the string in the subject command is a regular expression string that will be matched against the subject string in the log event being filtered. When the regexp keyword is not specified, the subject command string is matched exactly by the event filter.

23.450. subnet

subnet

Syntax 
subnet {ip-address/mask |ip-address netmask} [create]
no subnet {ip-address/mask |ip-address netmask}
Context 
[Tree] (config>router>dhcp>server>pool subnet)
[Tree] (config>service>vprn>dhcp>server>pool subnet)
Full Contexts 
configure router dhcp local-dhcp-server pool subnet
configure service vprn dhcp local-dhcp-server pool subnet
Description 

This command creates a subnet of IP addresses to be served from the pool. The subnet cannot include any addresses that were assigned to subscribers without those addresses specifically excluded. When the subnet is created, no IP addresses are made available until a range is defined.

The no form of the removes the subnet parameters from the configuration.

Parameters 
ip-prefix/mask—
Specifies the address prefix and mask. A mask of 255.255.255.255 is reserved for system IP addresses.
Values—
ip-prefix: a.b.c.d
mask: 8 to 32

 

netmask—
Specifies a string of 0s and 1s that mask or screen out the network part of an IP address so that only the host computer part of the address remains.
Values—
a.b.c.d, any mask expressed as dotted quad

 

create—
Keyword used to create the subnet. The create keyword requirement can be enabled or disabled in the environment>create context.

subnet

Syntax 
subnet ip-prefix/prefix-length start ip-address end ip-address
Context 
[Tree] (config>subscr-mgmt>vrgw>brg>brg-profile>dhcp-pool subnet)
Full Contexts 
configure subscriber-mgmt vrgw brg brg-profile dhcp-pool subnet
Description 

This command configures the subnet that will be used for the L2aware-subscriber. This subnet is only locally significant and can overlap with other subscribers. The subnet is derived by ignoring the host bits of the IP address. The IP address specifies the default gateway that will be signaled in DHCP along with the netmask derived from the prefix length.

The start and end addresses specify the range of addresses that are suitable for allocation within the given subnet. If the subnet address (host bits 0), broadcast address (host bits 1) or default-gw address fall in this range, they will not be considered for allocation.

Changing the subnet will only affect new subscribers. New and existing hosts for existing subscribers will keep allocating from the original subnet.

Default 

subnet 192.168.0.1/24 start 192.168.0.2 end 192.168.0.254

Parameters 
ip-prefix/prefix-length—
Specifies the IP prefix and prefix length.
start ip-address
Specifies the starting IP address.
end ip-address
Specifies the ending IP address.

subnet

Syntax 
subnet ip-prefix/prefix-length start ip-address end ip-address
Context 
[Tree] (config>subscr-mgmt>vrgw>brg>brg-profile>dhcp-pool subnet)
Full Contexts 
configure subscriber-mgmt vrgw brg brg-profile dhcp-pool subnet
Description 

This command configures the subnet that will be used for the l2aware-subscriber. This subnet is only locally significant and can overlap with other subscribers. The subnet is derived by ignoring the host-bits of the ip-address. The ip address specifies the default gateway that will be signaled in DHCP along with the netmask derived from the prefix-length.

The start and end addresses specify the addresses that are suitable for allocation within the given subnet, the start and end address included. If the subnet address (host-bits 0), broadcast address (host-bits 1) or default-gw address fall in this range, they will not be considered for allocation.

Changing the subnet will only have effect for new subscribers. New and existing hosts for existing subscribers will keep allocating from the original subnet.

The no form of this command removes the subnet configuration. New l2-aware subscribers will no longer use this pool and fall back to a pool from radius. Existing subscribers will keep using the original subnet.

Default 

no subnet

Parameters 
ip-prefix/prefix-length—
Specifies the IP prefix and prefix length.
start ip-address
Specifies the starting IP address.
end ip-address
Specifies the ending IP address.

23.451. subnet-check

subnet-check

Syntax 
[no] subnet-check
Context 
[Tree] (config>service>vprn>igmp>grp-if subnet-check)
[Tree] (config>service>vprn>igmp>if subnet-check)
Full Contexts 
configure service vprn igmp group-interface subnet-check
configure service vprn igmp interface subnet-check
Description 

This command enables subnet checking for IGMP messages received on this interface. All IGMP packets with a source address that is not in the local subnet are dropped.

The no form of this command disables local subnet checking for IGMP.

subnet-check

Syntax 
[no] subnet-check
Context 
[Tree] (config>router>igmp>group-interface subnet-check)
[Tree] (config>router>igmp>if subnet-check)
Full Contexts 
configure router igmp group-interface subnet-check
configure router igmp interface subnet-check
Description 

This command enables subnet checking for IGMP messages received on this interface. All IGMP packets with a source address that is not in the local subnet are dropped.

Default 

subnet-check

subnet-check

Syntax 
[no] subnet-check
Context 
[Tree] (config>router>mld>group-interface subnet-check)
Full Contexts 
configure router mld group-interface subnet-check
Description 

This command enables subnet checking for MLD messages received on this interface. All MLD packets with a source address that is not in the local subnet are dropped.

Default 

subnet-check

23.452. subnet-mask

subnet-mask

Syntax 
subnet-mask ip-address
no subnet-mask
Context 
[Tree] (config>router>dhcp>server>pool>subnet>options subnet-mask)
[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host>options subnet-mask)
Full Contexts 
configure router dhcp local-dhcp-server pool subnet options subnet-mask
configure subscriber-mgmt local-user-db ipoe host options subnet-mask
Description 

This command specifies the subnet-mask option to the client. The mask can either be defined (for supernetting) or taken from the pool address.

The no form of this command removes the address from the configuration.

Parameters 
ip-address—
Specifies the IP address of the subnet mask. This address must be unique within the subnet and specified in dotted decimal notation. Allowed values are IP addresses in the range 1.0.0.0 – 223.255.255.255 (with support of /31 subnets).
Values—
a.b.c.d

 

23.453. subrate

subrate

Syntax 
subrate {digital-link |larscom} rate-step
no subrate
Context 
[Tree] (config>port>tdm>ds3 subrate)
Full Contexts 
configure port tdm ds3 subrate
Description 

This command configures the channel service unit (CSU) compatibility mode to interoperate with existing DS-3 subrate standards.

This configuration applies only for non-channelized DS-3s on ASAP TDM MDAs.

The no form of this command remove the subrate functionality.

Default 

no subrate

Parameters 
digital-link—
Enables the Digital-Link (Quick Eagle) CSU compatibility mode.
larscom—
Enables the Larscom CSU compatibility mode.
rate-step—
Specifies the subrate value for the associated DS-3.
Values—
1 to 147 (digital-link) 1 to 14 (larscom)

 

23.454. subscriber

subscriber

Syntax 
subscriber sub-ident
no subscriber
Context 
[Tree] (config>service>ies>if>sap>static-host subscriber)
[Tree] (config>service>vpls>sap>static-host subscriber)
[Tree] (config>service>ies>sub-if>grp-if>sap>static-host subscriber)
[Tree] (config>service>vprn>if>sap>static-host subscriber)
[Tree] (config>service>vprn>sub-if>grp-if>sap>static-host subscriber)
Full Contexts 
configure service ies interface sap static-host subscriber
configure service ies subscriber-interface group-interface sap static-host subscriber
configure service vpls sap static-host subscriber
configure service vprn interface sap static-host subscriber
configure service vprn subscriber-interface group-interface sap static-host subscriber
Description 

This command specifies an existing subscriber identification profile to be associated with the static subscriber host.

Parameters 
sub-ident—
Specifies the subscriber identification.

subscriber

Syntax 
subscriber sub-ident-string sap sap-id sla-profile sla-profile-name [repeat repeat] [absolute |rate] [base]
subscriber sub-ident-string sap sap-id sla-profile sla-profile-name [repeat repeat] [absolute |rate] egress-policer-id egress-policer-id
subscriber sub-ident-string sap sap-id sla-profile sla-profile-name [repeat repeat] [absolute |rate] egress-queue-id egress-queue-id
subscriber sub-ident-string sap sap-id sla-profile sla-profile-name [repeat repeat] [absolute |rate] ingress-policer-id ingress-policer-id
subscriber sub-ident-string sap sap-id sla-profile sla-profile-name [repeat repeat] [absolute |rate] ingress-queue-id ingress-queue-id
Context 
[Tree] (monitor>service subscriber)
Full Contexts 
monitor service subscriber
Description 

This command monitors statistics for a subscriber.

Parameters 
sub-ident-string—
Specifies an existing subscriber identification profile to monitor, up to 32 characters.
sap-id
Specifies the physical port identifier portion of the SAP definition.
Values—

:null

port-id | bundle-id | bpgrp-id | lag-id | aps-id

dot1q

port-id | bundle-id | bpgrp-id | lag-id | aps-id | pw-id:[qtag1|cp-conn-prof-id]

qinq

port-id | bundle-id | bpgrp-id | lag-id | pw-id:[qtag1 cp-conn-prof-id].[qtag2 | cp-conn-prof-id]

cp

keyword

conn-prof-id

1 to 8000

atm

port-id | aps-id [:vpi/vci | vpi | vpi1.vpi2 | cp.conn-prof-id]

cp

keyword

conn-prof-id

1 to 8000

frame

port-id | aps-id:dlci

cisco-hdlc

slot/mda/port.channel

cem

slot/mda/port.channel

ima-grp

bundle-id [:vpi/vci | vpi | vpi1.vpi2 | cp.conn-prof-id]

cp

keyword

conn-prof-id

1 to 8000

port-id

slot/mda/port[.channel]

esat-id/slot/port

pxc-id.sub-port

bundle-id

bundle-type-slot/mda.-bundle-nu

bundle

keyword

type

ima | fr | ppp

bundle-num

1 to 336

bpgrp-id

bpgrp-type-bpgrp-num

bgrp

keyword

type

ima | ppp

bgrp-num

1 to 2000

aps-id

aps-group-id[.channel]

aps

keyword

group-id

1 to 128

ccag-id

ccag-id.path-id[cc-type]:cc-id

ccag

keyword

id

1 to 8

path-id

a | b

cc-type

.sap-net | .net-sap

cc-id

1 to 4094

eth-tunnel

eth-tunnel-id[:eth-tun-sap-id]

id

1 to 1024

eth-tun-sap-id

0 to 4094

lag-id

lag-id

lag

keyword

id

1 to 800

pw-id

pw-id

pw

keyword

id

1 to 10239

qtag1

* | 0 to 4094

qtag2

* | null | 0 to 4094

vpi

0 to 4095 (NNI)

0 to 255 (UNI)

vci

1 | 2 | 5 to 65535

dlci

16 to 1022

tunnel-id

tunnel-id.private | public:tag

tunnel

keyword

id

1 to 16

tag

0 to 4094

 

sla-profile-name
Specifies an existing SLA profile. The name can be a maximum of 32 characters long.
seconds
Configures the interval for each display, in seconds.
Values—
11 to 60

 

Default—
11
repeat
Configures how many times the command is repeated.
Values—
1 to 999

 

Default—
10
absolute—
Displays raw statistics, without processing. No calculations are performed on the delta or rate statistics.
Default—
mode delta
rate—
Displays rate-per-second for each statistic instead of the delta.
base—
Monitor base statistics.
egress-policer-id—
Monitors statistics for the policer.
Values—
1 to 63

 

egress-queue-id
Monitors statistics for this queue.
Values—
1 to 8

 

ingress-policer-id—
Monitors statistics for this policer.
Values—
1 to 63

 

ingress-queue-id
Monitors statistics for this queue.
Values—
1 to 32

 

Output 

The following output is an example of subscriber-information.

Sample Output
A:Dut-A# monitor service subscriber nokia_100 sap 1/2/1:101 sla-profile sla_
default
===============================================================================
Monitor statistics for Subscriber nokia_100
===============================================================================
At time t = 0 sec (Base Statistics)
-------------------------------------------------------------------------------
SLA Profile Instance statistics
-------------------------------------------------------------------------------
                        Packets                 Octets
Off. HiPrio           : 0                       0
Off. LowPrio          : 94531                   30704535
Off. Uncolor          : 0                       0
 
Queueing Stats (Ingress QoS Policy 1000)
Dro. HiPrio           : 0                       0
Dro. LowPrio          : 7332                    2510859
For. InProf           : 0                       0
For. OutProf          : 87067                   28152288
 
Queueing Stats (Egress QoS Policy 1000)
Dro. InProf           : 880                     127660
Dro. OutProf          : 0                       0
For. InProf           : 90862                   12995616
For. OutProf          : 0                       0
-------------------------------------------------------------------------------
SLA Profile Instance per Queue statistics
-------------------------------------------------------------------------------
                        Packets                 Octets
Ingress Queue 1 (Unicast) (Priority)
Off. HiPrio           : 0                       0
Off. LowPrio          : 0                       0
Off. Uncolor          : 0                       0
Dro. HiPrio           : 0                       0
Dro. LowPrio          : 0                       0
For. InProf           : 0                       0
For. OutProf          : 0                       0
 
Ingress Queue 2 (Unicast) (Priority)
Off. HiPrio           : 0                       0
Off. LowPrio          : 94531                   30704535
Off. Uncolor          : 0                       0
Dro. HiPrio           : 0                       0
Dro. LowPrio          : 7332                    2510859
For. InProf           : 0                       0
For. OutProf          : 87067                   28152288
 
Ingress Queue 3 (Unicast) (Priority)
Off. HiPrio           : 0                       0
Off. LowPrio          : 0                       0
Off. Uncolor          : 0                       0
Dro. HiPrio           : 0                       0
Dro. LowPrio          : 0                       0
For. InProf           : 0                       0
For. OutProf          : 0                       0
 
Ingress Queue 11 (Multipoint) (Priority)
Off. HiPrio           : 0                       0
Off. LowPrio          : 0                       0
Off. Uncolor          : 0                       0
Dro. HiPrio           : 0                       0
Dro. LowPrio          : 0                       0
For. InProf           : 0                       0
For. OutProf          : 0                       0
 
Egress Queue 1
Dro. InProf           : 880                     127660
Dro. OutProf          : 0                       0
For. InProf           : 90862                   12995616
For. OutProf          : 0                       0
 
Egress Queue 2
Dro. InProf           : 0                       0
Dro. OutProf          : 0                       0
For. InProf           : 0                       0
For. OutProf          : 0                       0
 
Egress Queue 3
Dro. InProf           : 0                       0
Dro. OutProf          : 0                       0
For. InProf           : 0                       0
For. OutProf          : 0                       0
===============================================================================
A:Dut-A#
 
 
A:Dut-A# monitor service subscriber nokia_100 sap 1/2/1:101 sla-
profile  sla_default base rate
===============================================================================
Monitor statistics for Subscriber nokia_100
===============================================================================
At time t = 0 sec (Base Statistics)
-------------------------------------------------------------------------------
SLA Profile Instance statistics
-------------------------------------------------------------------------------
                        Packets                 Octets
Off. HiPrio           : 0                       0
Off. LowPrio          : 109099                  35427060
Off. Uncolor          : 0                       0
Queueing Stats (Ingress QoS Policy 1000)
Dro. HiPrio           : 0                       0
Dro. LowPrio          : 8449                    2894798
For. InProf           : 0                       0
For. OutProf          : 100523                  32489663
Queueing Stats (Egress QoS Policy 1000)
Dro. InProf           : 880                     127660
Dro. OutProf          : 0                       0
For. InProf           : 105578                  15104553
For. OutProf          : 0                       0
-------------------------------------------------------------------------------
At time t = 11 sec (Mode: Rate)
-------------------------------------------------------------------------------
SLA Profile Instance statistics
-------------------------------------------------------------------------------
                        Packets                 Octets                  % Port
                                                                        Util.
Off. HiPrio           : 0                       0                       0.00
Off. LowPrio          : 1469                    477795                  0.38
Off. Uncolor          : 0                       0                       0.00
Queueing Stats (Ingress QoS Policy 1000)
Dro. HiPrio           : 0                       0                       0.00
Dro. LowPrio          : 119                     40691                   0.03
For. InProf           : 0                       0                       0.00
For. OutProf          : 1349                    437350                  0.34
Queueing Stats (Egress QoS Policy 1000)
Dro. InProf           : 0                       0                       0.00
Dro. OutProf          : 0                       0                       0.00
For. InProf           : 1469                    209129                  0.16
For. OutProf          : 0                       0                       0.00
===============================================================================
A:Dut-A#

A:Dut-A# monitor service subscriber nokia_100 sap 1/2/1:101 sla-
profile sla_ default ingress-queue-id 1
===============================================================================
Monitor statistics for Subscriber nokia_100
===============================================================================
At time t = 0 sec (Base Statistics)
-------------------------------------------------------------------------------
                        Packets                 Octets
Ingress Queue 1 (Unicast) (Priority)
Off. HiPrio           : 0                       0
Off. LowPrio          : 0                       0
Off. Uncolor          : 0                       0
Dro. HiPrio           : 0                       0
Dro. LowPrio          : 0                       0
For. InProf           : 0                       0
For. OutProf          : 0                       0
===============================================================================
A:Dut-A#
 
 
A:Dut-A# monitor service subscriber nokia_100 sap 1/2/1:101 sla-profile 
sla_default egress-queue-id 1
===============================================================================
Monitor statistics for Subscriber nokia_100
-------------------------------------------------------------------------------
At time t = 0 sec (Base Statistics)
-------------------------------------------------------------------------------
                        Packets                 Octets
Egress Queue 1
Dro. InProf           : 880                     127660
Dro. OutProf          : 0                       0
For. InProf           : 164366                  23506178
For. OutProf          : 0                       0
===============================================================================
A:Dut-A#

subscriber

Syntax 
subscriber sub-ident-string [sap sap-id] [ip ip-address] [{[mac ieee-address] |sla-profile sla-profile-name}] [fc {[be] [l2] [af] [l1] [h2] [ef] [h1] [nc]}] {[ingress] [egress]} [host-type host-type] [family family]
no subscriber sub-ident-string
Context 
[Tree] (config>mirror>mirror-source subscriber)
Full Contexts 
configure mirror mirror-source subscriber
Description 

This command adds hosts of a subscriber to mirroring service.

Parameters 
sub-ident-string—
Specifies the name of the subscriber identification policy.
sap-id—
Specifies the physical port identifier portion of the SAP definition.
ip-address—
Specifies the service IP address (system IP address) of the remote device sending LI traffic. If 0.0.0.0 is specified, any remote router is allowed to send to this service.
Values—
1.0.0.1 to 223.255.255.254

 

ieee-address
Specify this optional parameter when defining a static host. The MAC address must be specified for anti-spoof ip-mac and arp-populate. Multiple static hosts may be configured with the same MAC address given that each definition is distinguished by a unique IP address.
sla-profile-name—
Each host of a subscriber can use a different sla-profile. This option allows interception of only the hosts using the specified sla-profile. In some deployments sla-profiles are assigned per type of traffic. There can be, for example, a specific sla-profile for voice traffic (which could be used for all SIP-hosts). The name can have up to 32 characters.
fc—
Specifies the name of the forwarding class with which to associate traffic. The forwarding class name must already be defined within the system. If the fc-name does not exist, an error will be returned and the fc command will have no effect. If the fc-name does exist, the forwarding class associated with fc-name will override the default forwarding class.
Values—
be, l2, af, l1, h2, ef, h1, nc

 

egress—
Specifies that packets egressing the SAP should be mirrored. Egress packets are mirrored to the mirror destination after egress packet modification.
ingress—
Specifies that packets ingressing the SAP should be mirrored. Ingress packets are mirrored to the mirror destination prior to ingress packet modification.
host-type—
Specifies the host type for mirroring. The anti-spoof filter on the SAP must be configured as ip-mac.
Values—
any, ipoe, ppp

 

family—
Specifies the IP family for mirroring. The anti-spoof filter on the SAP must be configured as ip-mac.
Values—
any, ipv4, ipv6

 

subscriber

Syntax 
subscriber sub-ident-string [sap sap-id [ip ip-address] [mac ieee-address] |sla-profile sla-profile-name] [fc {[be] [l2] [af] [l1] [h2] [ef] [h1] [nc]}] [intercept-id intercept-id] [session-id session-id] {[ingress] [egress]} [host-type host-type] [family ip-family]
no subscriber sub-ident-string
Context 
[Tree] (config>li>li-source subscriber)
Full Contexts 
configure li li-source subscriber
Description 

This command adds hosts of a subscriber to mirroring service.

Parameters 
sub-ident-string—
Specifies the name of the subscriber identification policy.
sap-id—
Specifies the physical port identifier portion of the SAP definition.
ip-address—
Specifies the service IP address (system IP address) of the remote device sending LI traffic. If 0.0.0.0 is specified, any remote router is allowed to send to this service.
Values—
1.0.0.1 to 223.255.255.254

 

ieee-address
Specifies a MAC address when defining a static host. The MAC address must be specified for anti-spoof ip-mac and arp-populate. Multiple static hosts may be configured with the same MAC address given that each definition is distinguished by a unique IP address.
sla-profile-name—
Specifies an SLA profile name, up to 32 characters. Each host of a subscriber can use a different sla-profile. This option allows interception of only the hosts using the specified sla-profile. In some deployments sla-profiles are assigned per type of traffic. There can be, for example, a specific sla-profile for voice traffic (which could be used for all SIP-hosts).
fc—
The name of the forwarding class with which to associate LI traffic. The forwarding class name must already be defined within the system. If the fc-name does not exist, an error will be returned and the fc command will have no effect. If the fc-name does exist, the forwarding class associated with fc-name will override the default forwarding class.
Values—
be, l2, af, l1, h2, ef, h1, nc

 

intercept-id
Specifies the intercept-id that is inserted into the packet header for all mirrored packets of the associated li-source entry. This intercept-id can be used (for example by a downstream LI Gateway) to identify the particular LI session to which the packet belongs.

For all types of li-source entries (filter, nat, sap, or subscriber), when the mirror service is configured with ip-udp-shim routable encap, an intercept-id field (as part of the routable encap) is always present in the mirrored packets. If there is no intercept-id configured for an li-source entry, then the default value will be inserted. When the mirror service is configured with ip-gre routable encap, no intercept-id is inserted and none should be specified against the li-source entries.

Values—
1 to 4294967295 (32b) For nat li-source entries that are using a mirror service that is not configured with routable encap

 

Values—
1 to 1,073,741,824 (30b) For all types of li-source entries that are using a mirror service with routable ip-udp-shim encapsulation and no direction-bit.

 

Values—
1 to 536,870,912 (29b) For all types of li-source entries that are using a mirror service with routable ip-udp-shim encapsulation and with the direction-bit enabled.

 

session-id —
Specifies the session-id that is inserted into the packet header for all mirrored packets of the associated li-source entry. This session-id can be used (for example by a downstream LI gateway) to identify the particular LI session to which the packet belongs. The session-id is only valid and used for mirror services that are configured with ip-udp-shim routable encapsulation (config>mirror>mirror-dest>encap>ip-udp-shim).

For all types of li-source entries (filter, nat, sap, or subscriber), when the mirror service is configured with ip-udp-shim routable encap, a session-id field (as part of the routable encapsulation) is always present in the mirrored packets. If there is no session-id configured for an li-source entry, then the default value will be inserted. When a mirror service is configured with ip-gre routable encap, no session-id is inserted and none should be specified against the li-source entries.

Values—
1 to 4,294,967,295 (32b)

 

ingress—
Specifies information for the ingress policy.
egress—
Specifies information for the egress policy.
host-type—
Specifies the host type for lawful intercept. The anti-spoof filter on the SAP must be configured as ip-mac.
Values—
any, ipoe, ppp

 

ip-family—
Specifies the IP family for lawful intercept. The anti-spoof filter on the SAP must be configured as ip-mac.
Values—
any, ipv4, ipv6

 

subscriber

Syntax 
subscriber sub-ident-string [sap sap-id] [ip ip-address] [{mac ieee-address] |sla-profile sla-profile-name}] [fc {[be] [l2] [af] [l1] [h2] [ef] [h1] [nc]}] {[ingress] [egress]}
no subscriber sub-ident-string
Context 
[Tree] (debug>mirroring-source subscriber)
Full Contexts 
debug mirroring-source subscriber
Description 

This command adds hosts of a subscriber to mirroring service.

Parameters 
sub-ident-string—
Specifies the name of the subscriber identification policy.
sap-id—
Specifies the physical port identifier portion of the SAP definition.
ip-address—
The service IP address (system IP address) of the remote 7750 SR or 7450 ESS device sending LI traffic.
Values—
1.0.0.1 to 223.255.255.254

 

ieee-address—
Specify this optional parameter when defining a static host. The MAC address must be specified for anti-spoof ip-mac and arp-populate. Multiple static hosts may be configured with the same MAC address given that each definition is distinguished by a unique IP address.
sla-profile-name—
Specifies the SLA profile name, up to 32 characters.
fc—
Specifies name of the forwarding class with which to associate LI traffic.
Values—
be, l2, af, l1, h2, ef, h1, nc

 

ingress—
Specifies information for the ingress policy.
egress—
Specifies information for the egress policy.

subscriber

Syntax 
subscriber sub-ident-string [arbiter {root |name}] [ingress |egress] [interval seconds] [repeat repeat] [absolute |rate]
Context 
[Tree] (monitor>qos>arbiter-stats subscriber)
Full Contexts 
monitor qos arbiter-stats subscriber
Description 

This command monitors arbiter statistics for a subscriber.

Parameters 
sub-ident-string—
Specifies an existing subscriber identification policy name, up to 32 characters.
name—
Specifies the name of the policer control policy arbiter.
root—
Specifies the arbiter to which this queue would be feeding.
ingress—
Displays arbiter name statistics applied on the ingress SAP.
egress—
Displays arbiter name statistics applied on the egress SAP.
seconds
Configures the interval for each display in seconds.
Values—
11 to 60

 

Default—
11 seconds
repeat—
Configures how many times the command is repeated.
Values—
1 to 999

 

Default—
10
absolute—
Displays raw statistics, without processing. No calculations are performed on the delta or rate statistics.
rate—
Displays rate-per-second for each statistic instead of the delta.

subscriber

Syntax 
subscriber sub-ident-string [scheduler scheduler-name] [ingress |egress] [interval seconds] [repeat repeat] [absolute |rate]
subscriber sub-ident-string [interval seconds] [repeat repeat] [absolute |rate] sap sap-id sla-profile sla-profile-name
Context 
[Tree] (monitor>qos>scheduler-stats subscriber)
Full Contexts 
monitor qos scheduler-stats subscriber
Description 

This command monitors scheduler statistics for a subscriber.

Parameters 
sub-ident-string—
Specifies an existing subscriber identification policy name, up to 32 characters.
scheduler-name
Specifies an existing QoS scheduler policy name, up to 32 characters. Scheduler names are configured in the config>qos>scheduler-policy>tier level context.
ingress—
Displays scheduler-name statistics applied on the ingress SAP.
egress—
Displays scheduler-name statistics applied on the egress SAP.
seconds
Configures the interval for each display in seconds.
Values—
11 to 60

 

Default—
11 seconds
repeat
Configures how many times the command is repeated.
Values—
1 to 999

 

Default—
10
absolute—
Displays raw statistics, without processing. No calculations are performed on the delta or rate statistics.
rate—
Displays rate-per-second for each statistic instead of the delta.
sap-id—
Specifies the physical port identifier portion of the SAP definition.
sla-profile-name—
Specifies the SLA profile belonging to the subscriber host, up to 32 characters.

23.455. subscriber-bw-limit

subscriber-bw-limit

Syntax 
subscriber-bw-limit bandwidth
no subscriber-bw-limit
Context 
[Tree] (config>mcast-mgmt>mcast-info-plcy>video-policy>video-if subscriber-bw-limit)
Full Contexts 
configure mcast-management multicast-info-policy video-policy video-interface subscriber-bw-limit
Description 

This command configures of an egress per-subscriber bandwidth limit for the combined retransmission and Fast Channel Change (FCC) replies for requests received directed to the IP address. If the bandwidth for a request will exceed the bandwidth limit, the request is logged and dropped.

The no form of the command disables enforcement of an egress bandwidth limit.

Default 

no subscriber-bw-limit

Parameters 
bandwidth—
The per-subscriber egress bandwidth limit for retransmission and FCC packets in kilobits per second expressed as an integer indicates infinity or no limit.
Values—
1 to 4294967295 kb/s

 

23.456. subscriber-data

subscriber-data

Syntax 
[no] subscriber-data
Context 
[Tree] (config>aaa>isa-radius-plcy>acct-include-attributes subscriber-data)
Full Contexts 
configure aaa isa-radius-policy acct-include-attributes subscriber-data
Description 

This command enables the inclusion of subscriber data attributes.

The no form of the command excludes subscriber data attributes.

Default 

no subscriber-data

23.457. subscriber-id

subscriber-id

Syntax 
subscriber-id sub-ident-string
no subscriber-id
Context 
[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host>ident-strings subscriber-id)
[Tree] (config>subscr-mgmt>loc-user-db>ppp>host>ident-strings subscriber-id)
Full Contexts 
configure subscriber-mgmt local-user-db ipoe host identification-strings subscriber-id
configure subscriber-mgmt local-user-db ppp host identification-strings subscriber-id
Description 

This command specifies the subscriber ID which is encoded in the identification strings.

The no form of this command returns to the default.

Parameters 
sub-ident-string—
Specifies the subscriber ID string, up to 32 characters.

subscriber-id

Syntax 
[no] subscriber-id
Context 
[Tree] (config>subscr-mgmt>acct-plcy>include-radius-attribute subscriber-id)
Full Contexts 
configure subscriber-mgmt radius-accounting-policy include-radius-attribute subscriber-id
Description 

This command specifies that subscriber ID attributes should be included into RADIUS accounting messages.

The no form of this command excludes subscriber ID attributes into RADIUS accounting messages.

subscriber-id

Syntax 
[no] subscriber-id
Context 
[Tree] (config>aaa>isa-radius-plcy>acct-include-attributes subscriber-id)
Full Contexts 
configure aaa isa-radius-policy acct-include-attributes subscriber-id
Description 

This command specifies that subscriber ID attributes should be included into RADIUS accounting messages.

Default 

no subscriber-id

23.458. subscriber-identification

subscriber-identification

Syntax 
subscriber-identification
Context 
[Tree] (config>router>nat>inside subscriber-identification)
Full Contexts 
configure router nat inside subscriber-identification
Description 

This command enables the context to configure subscriber identification for Large Scale NAT.

23.459. subscriber-interface

subscriber-interface

Syntax 
subscriber-interface ip-int-name [create] [wan-mode mode]
subscriber-interface ip-int-name [create] fwd-service service-id fwd-subscriber-interface fwd-int-name [wan-mode mode]
no subscriber-interface ip-int-name
Context 
[Tree] (config>service>ies subscriber-interface)
[Tree] (config>service>vprn subscriber-interface)
Full Contexts 
configure service ies subscriber-interface
configure service vprn subscriber-interface
Description 

This command allows the operator to create special subscriber-based interfaces. It is used to contain multiple group interfaces. Multiple subnets associated with the subscriber interface can be applied to any of the contained group interfaces in any combination. The subscriber interface allows subnet sharing between group interfaces.

The no form of this command reverts to the default.

Parameters 
ip-int-name—
Specifies the interface name of a subscriber interface, up to 32 characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
create—
Keyword used to create the subscriber interface.
fwd-service service-id
Specifies the wholesale service ID or service name.
Values—
service-id: 1 to 214748364
svc-name: A string up to 64 characters

 

ip-int-name
Specifies the wholesale subscriber interface.
wan-mode mode
Specifies the WAN mode as 64-bit or 128-bit. To change the WAN mode after creation, the interface must first be removed then recreated.
Values—
mode64, mode128

 

Default—
mode64

23.460. subscriber-limit

subscriber-limit

Syntax 
subscriber-limit limit
no subscriber-limit
Context 
[Tree] (config>service>vprn>nat>outside>pool subscriber-limit)
Full Contexts 
configure service vprn nat outside pool subscriber-limit
Description 

This command configures the maximum number of subscribers per outside IP address.

If multiple port blocks per subscriber are used, the block size is typically small; all blocks assigned to a given subscriber belong to the same IP address; the subscriber limit guarantees that any subscriber can get a minimum number of ports.

Parameters 
limit—
Specifies the maximum number of subscribers per outside IP address.
Values—
1 to 65535

 

subscriber-limit

Syntax 
subscriber-limit limit
no subscriber-limit
Context 
[Tree] (config>service>vprn>nat>outside subscriber-limit)
[Tree] (config>router>nat>outside>pool subscriber-limit)
Full Contexts 
configure router nat outside pool subscriber-limit
configure service vprn nat outside subscriber-limit
Description 

This command configures the maximum number of subscribers per outside IP address. In case multiple port blocks per subscriber are used, the block size is typically small; all blocks assigned to a given subscriber belong to the same IP address; the subscriber limit guarantees that any subscriber can get a minimum number of ports.

Default 

subscriber-limit 65535

Parameters 
limit—
Specify the maximum number of subscribers per IP address.
Values—
1 to 65535

 

23.461. subscriber-mgmt

subscriber-mgmt

Syntax 
subscriber-mgmt
Context 
[Tree] (config subscriber-mgmt)
Full Contexts 
configure subscriber-mgmt
Description 

This command enables the context to configure subscriber management entities. A subscriber is uniquely identified by a subscriber identification string. Each subscriber can have several DHCP sessions active at any time. Each session is referred to as a subscriber host and is identified by its IP address and MAC address.

All subscriber hosts belonging to the same subscriber are subject to the same hierarchical QoS (HQoS) processing. The HQoS processing is defined in the sub-profile (the subscriber profile). A sub-profile refers to an existing scheduler policy (configured in the config>qos>scheduler-policy context) and offers the possibility to overrule the rate of individual schedulers within this policy.

Because all subscriber hosts use the same scheduler policy instance, they must all reside on the same complex.

subscriber-mgmt

Syntax 
subscriber-mgmt
Context 
[Tree] (config>system>persistence subscriber-mgmt)
Full Contexts 
configure system persistence subscriber-mgmt
Description 

This command configures subscriber management persistence parameters.

23.462. subscriber-prefix-length

subscriber-prefix-length

Syntax 
subscriber-prefix-length prefix-length
no subscriber-prefix-length
Context 
[Tree] (config>service>vprn>nat>inside>dslite subscriber-prefix-length)
Full Contexts 
configure service vprn nat inside dual-stack-lite subscriber-prefix-length
Description 

This command configures the IPv6 prefix length of the DS-Lite subscribers.

The no form of this command reverts the default.

Default 

subscriber-prefix-length 128

Parameters 
prefix-length prefix-length
Specifies the IPv6 prefix length of the DS-Lite subscriber.
Values—
32 to 64, 128

 

Default—
128

subscriber-prefix-length

Syntax 
subscriber-prefix-length prefix-length
no subscriber-prefix-length
Context 
[Tree] (config>router>nat>inside>dual-stack-lite subscriber-prefix-length)
Full Contexts 
configure router nat inside dual-stack-lite subscriber-prefix-length
Description 

This command sets the value for the number of high order bits of the source IPv6 address that will be considered as DS-Lite subscriber. The remaining bits of the source IPv6 address will be masked off, effectively aggregation all IPv6 source addresses under the configured prefix length into a single DS-Lite subscriber. Source IPv4 addresses/ports of the traffic carried within the DS-Lite subscriber will be translated into a single outside IPv4 address and the corresponding deterministic port-block (port-blocks can be extended).

The range of values for subscriber-prefix-length in non-deterministic DS-Lite is limited from 32 to 64 (a prefix will be considered as a DS-Lite subscriber) or it can be set to a value of 128 (the source IPv6 address is considered as a DS-Lite subscriber).

In cases where deterministic DS-Lite is enabled in a giver inside routing context, the range of values of the subscriber-prefix-length depends on the value of dslite-max-subscriber-limit parameter as follows:

subscriber-prefix-length – n = [32..64,128]

where n = log2(dslite-max-subscriber-limit)

[or in an alternate form: dslite-max-subscriber-limit = 2^n.]

In other words the largest prefix length for the deterministic DS-Lite subscriber will be 32+n, where n = log2(dslite-max-subscriber-limit). The subscriber prefix length can extend up to 64 bits. Beyond 64 bits for the subscriber prefix length, there only one value is allowed: 128. In the case n must be 0, which means that the mapping between B4 elements (or IPv6 address) and the IPv4 outside addresses is in 1:1 ratio (no sharing of outside IPv4 addresses).

This parameter can be changed only when there are no deterministic prefixes configured in the same routing context.

The no form of the command reverts to the default.

Default 

128

Parameters 
prefix-length—
In non-deterministic DS-Lite this value can be [32..64,128], assuming that the deterministic DS-Lite is not concurrently enabled in the same inside routing context. In case that deterministic DS-Lite is enabled, this value can be within the range [(32+n)..64,128] where n = log2(dslite-max-subscriber-limit). The value of 128 is allowed only when n=0 (each subscriber is mapped to a single outside IPv4 IP address).
Values—
32 to 64

 

subscriber-prefix-length

Syntax 
subscriber-prefix-length prefix-length
no subscriber-prefix-length
Context 
[Tree] (config>service>vprn>nat>inside>nat64 subscriber-prefix-length)
[Tree] (config>router>nat>inside>nat64 subscriber-prefix-length)
Full Contexts 
configure router nat inside nat64 subscriber-prefix-length
configure service vprn nat inside nat64 subscriber-prefix-length
Description 

This command specifies the IPv6 address prefix length to be used for the NAT64 subscribers in this virtual router instance.

Default 

subscriber-prefix-length128

Parameters 
prefix-length—
Specifies the subscriber identification for Large Scale NAT.
Values—
32 to 64, 128

 

23.463. subscriber-prefixes

subscriber-prefixes

Syntax 
subscriber-prefixes
Context 
[Tree] (config>service>ies>sub-if>ipv6 subscriber-prefixes)
[Tree] (config>service>vprn>sub-if>ipv6 subscriber-prefixes)
Full Contexts 
configure service ies subscriber-interface ipv6 subscriber-prefixes
configure service vprn subscriber-interface ipv6 subscriber-prefixes
Description 

This command enables the context to configure aggregate off-link subscriber prefixes associated with this subscriber interface. Individual prefixes are specified under the prefix context list aggregate routes in which the next hop is indirect via the subscriber interface.

23.464. subscriber-retention

subscriber-retention

Syntax 
subscriber-retention [hrs hours] [min minutes]
no subscriber-retention
Context 
[Tree] (config>service>nat>nat-policy>timeouts subscriber-retention)
[Tree] (config>service>nat>up-nat-policy>timeouts subscriber-retention)
Full Contexts 
configure service nat nat-policy timeouts subscriber-retention
configure service nat up-nat-policy timeouts subscriber-retention
Description 

This command specifies the subscriber retention timeout, which is the time a NAT subscriber and its associated IP address are kept after all hosts and associated port blocks have expired. If a NAT subscriber host appears before the retention timeout has elapsed, it is given the same outside IP address.

Default 

no subscriber-retention

Parameters 
hrs hours
Specifies the hours a subscriber’s IP address is kept after all hosts and port blocks have expired.
Values—
1 to 24

 

min minutes
Specifies the minutes a subscriber’s IP address is kept after all hosts and port blocks have expired.
Values—
1 to 59

 

23.465. subscriber-sap-id

subscriber-sap-id

Syntax 
[no] subscriber-sap-id
Context 
[Tree] (config>service>ies>if>sap>static-host subscriber-sap-id)
[Tree] (config>service>ies>sub-if>grp-if>sap>static-host subscriber-sap-id)
[Tree] (config>service>vpls>sap>static-host subscriber-sap-id)
[Tree] (config>service>vprn>if>sap>static-host subscriber-sap-id)
[Tree] (config>service>vprn>sub-if>grp-if>sap>static-host subscriber-sap-id)
Full Contexts 
configure service ies interface sap static-host subscriber-sap-id
configure service ies subscriber-interface group-interface sap static-host subscriber-sap-id
configure service vpls sap static-host subscriber-sap-id
configure service vprn interface sap static-host subscriber-sap-id
configure service vprn subscriber-interface group-interface sap static-host subscriber-sap-id
Description 

This command enables using the SAP ID as the subscriber ID.

Parameters 
subscriber-sap-id—
Specifies to use the sap-id as the subscriber-id.

23.466. subscription

subscription

Syntax 
subscription percentage
no subscription
Context 
[Tree] (config>router>rsvp>interface subscription)
Full Contexts 
configure router rsvp interface subscription
Description 

This command configures the percentage of the link bandwidth that RSVP can use for reservation and sets a limit for the amount of over-subscription or under-subscription allowed on the interface.

When the subscription is set to zero, no new sessions are permitted on this interface. If the percentage is exceeded, the reservation is rejected and a log message is generated.

The no form of this command reverts the percentage to the default value.

Default 

subscription 100

Parameters 
percentage—
Specifies the percentage of the interface's bandwidth that RSVP allows to be used for reservations.
Values—
0 to 1000

 

subscription

Syntax 
subscription subscription-id cancel
Context 
[Tree] (admin>system>telemetry>grpc subscription)
Full Contexts 
admin system telemetry grpc subscription
Description 

This command cancels an active telemetry subscription.

Parameters 
subscription-id—
Specifies the ID of the Telemetry subscription to cancel.
Values—
0 to 4294967295

 

subscription

Syntax 
subscription name [create]
no subscription name
Context 
[Tree] (config>system>telemetry>persistent-subscriptions subscription)
Full Contexts 
configure system telemetry persistent-subscriptions subscription
Description 

This command enables the context to configure persistent subscription commands.

The no form of this command removes the configuration.

Parameters 
name—
Specifies the subscription name, up to 32 characters.
create
Keyword used to create the subscription.

23.467. subscription cancel-all

subscription cancel-all

Syntax 
subscription cancel-all
Context 
[Tree] (admin>system>telemetry>grpc subscription cancel-all)
Full Contexts 
admin system telemetry grpc subscription cancel-all
Description 

This command cancels all active Telemetry subscriptions.

23.468. subtype

subtype

Syntax 
[no] subtype tls extension subtype
Context 
[Tree] (config>app-assure>group>http-enrich>tls-extension subtype)
Full Contexts 
configure application-assurance group http-enrich tls-extension subtype
Description 

This command configures a TLS subtype.

The no form of this command removes the TLS subtype from the configuration.

Parameters 
tls extension subtype—
Specifies a TLS subtype, up to 32 characters

23.469. suggest-internal-objects

suggest-internal-objects

Syntax 
[no] suggest-internal-objects
Context 
[Tree] (environment suggest-internal-objects)
Full Contexts 
environment suggest-internal-objects
Description 

This command enables suggesting of internally created objects while auto completing.

The no form of the command disables the command.

23.470. summaries

summaries

Syntax 
[no] summaries
Context 
[Tree] (config>service>vprn>ospf>area>nssa summaries)
[Tree] (config>service>vprn>ospf>area>stub summaries)
[Tree] (config>service>vprn>ospf3>area>nssa summaries)
Full Contexts 
configure service vprn ospf area nssa summaries
configure service vprn ospf area stub summaries
configure service vprn ospf3 area nssa summaries
Description 

This command enables sending summary (type 3) advertisements into a stub area or Not So Stubby Area (NSSA) on an Area Border Router (ABR). This parameter is particularly useful to reduce the size of the routing and Link State Database (LSDB) tables within the stub or nssa area. By default, summary route advertisements are sent into the stub area or NSSA.

The no form of this command disables sending summary route advertisements and, for stub areas, only the default route is advertised by the ABR.

Default 

summaries — Summary routes are advertised by the ABR into the stub area or NSSA.

summaries

Syntax 
[no] summaries
Context 
[Tree] (config>router>ospf>area>nssa summaries)
[Tree] (config>router>ospf>area>stub summaries)
[Tree] (config>router>ospf3>area>nssa summaries)
[Tree] (config>router>ospf3>area>stub summaries)
Full Contexts 
configure router ospf area nssa summaries
configure router ospf area stub summaries
configure router ospf3 area nssa summaries
configure router ospf3 area stub summaries
Description 

This command enables sending summary (type 3) advertisements into a stub area or Not So Stubby Area (NSSA) on an Area Border Router (ABR).

This parameter is particularly useful to reduce the size of the routing and Link State Database (LSDB) tables within the stub or NSSA area (default: summary).

By default, summary route advertisements are sent into the stub area or NSSA.

The no form of this command disables sending summary route advertisements and, for stub areas; only the default route is advertised by the ABR.

Default 

summaries

23.471. summary

summary

Syntax 
summary
Context 
[Tree] (config>filter>log summary)
Full Contexts 
configure filter log summary
Description 

This command enables the context to configure log summarization. These settings will only be taken into account when syslog is the log destination.

summary

Syntax 
summary [ip-address]
no summary
Context 
[Tree] (debug>router>isis summary)
Full Contexts 
debug router isis summary
Description 

This command enables debugging for ISIS summary addresses.

The no form of the command disables the debugging.

Parameters 
ip-address—
When specified, only packets with the specified address are debugged.

23.472. summary-address

summary-address

Syntax 
summary-address {ip-prefix/mask |ip-prefix [netmask]} [level] [tag tag]
no summary-address {ip-prefix/mask |ip-prefix [netmask]}
Context 
[Tree] (config>service>vprn>isis summary-address)
Full Contexts 
configure service vprn isis summary-address
Description 

This command creates summary-addresses for the specified router or VPRN instance.

Parameters 
ip-prefix/mask—
Specifies information for the specified IP prefix and mask length.
Values—

ip-prefix

a.b.c.d (host bits must be 0)

ipv4-prefix-length

0 to 32

ipv6-prefix

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 to FFFF]H

d: [0 to 255]D

ipv6-prefix-length

0 to 128

 

netmask—
The subnet mask in dotted decimal notation.
Values—
0.0.0.0 to 255.255.255.255 (network bits all 1 and host bits all 0)

 

level—
Specifies IS-IS level area attributes. If no level parameter is specified, the default is level-1/2.
Values—
level-1, level-2, level-1/2

 

tag tag
Assigns a route tag to the summary address.
Values—
1 to 4294967295

 

summary-address

Syntax 
summary-address {ip-prefix/mask |ip-prefix netmask} [level] [tag tag]
no summary-address {ip-prefix/ip-prefix-length |ip-prefix netmask}
Context 
[Tree] (config>router>isis summary-address)
Full Contexts 
configure router isis summary-address
Description 

This command creates summary-addresses.

Parameters 
ip-prefix/mask—
Specifies information for the specified IP prefix and mask length.
Values—
ipv4-prefix:
  1. a.b.c.d (host bits must be 0)
ipv4-prefix-length: [0 to 32]
ipv6-prefix:
  1. x:x:x:x:x:x:x:x (eight 16-bit pieces)
  2. x:x:x:x:x:x:d.d.d.d
  3. x: [0 to FFFF]H
  4. d: [0 to 255]D
ipv6-prefix-length: [0 to 128]

 

netmask—
Specifies the subnet mask in dotted decimal notation.
Values—
0.0.0.0 to 255.255.255.255 (network bits all 1 and host bits all 0)

 

level—
Specifies IS-IS level area attributes. If no level parameter is specified, the default is level-1/2.
Values—
level-1, level-2, level-1/2

 

tag—
Assigns a route tag to the summary address.
Values—
1 to 4294967295

 

23.473. summary-crit

summary-crit

Syntax 
summary-crit dst-addr
summary-crit src-addr
no summary-crit
Context 
[Tree] (config>filter>log>summary summary-crit)
Full Contexts 
configure filter log summary summary-crit
Description 

This command defines the key of the index of the mini-table. If key information is changed while summary is administratively enabled (no shutdown), the filter summary mini-table is flushed and recreated with different key information. Log packets received during the reconfiguration time will be handled as if summary was not active.

The no form of the command reverts to the default parameter.

Default 

summary-crit src-addr

Parameters 
dst-addr—
Specifies that received log packets are summarized based on the destination IPv4, IPv6, or MAC address.
src-addr—
Specifies that received log packets are summarized based on the source IPv4, IPv6 or MAC address.

23.474. super-backbone

super-backbone

Syntax 
[no] super-backbone
Context 
[Tree] (config>service>vprn>ospf super-backbone)
Full Contexts 
configure service vprn ospf super-backbone
Description 

This command specifies whether CE-PE functionality is required or not. The OSPF super backbone indicates the type of the LSA generated as a result of routes redistributed into OSPF. When enabled, the redistributed routes are injected as summary, external or NSSA LSAs. When disabled, the redistributed routes are injected as either external or NSSA LSAs only.

Default 

no super-backbone

23.475. supplicant-timeout

supplicant-timeout

Syntax 
supplicant-timeout seconds
no supplicant-timeout
Context 
[Tree] (config>port>ethernet>dot1x supplicant-timeout)
Full Contexts 
configure port ethernet dot1x supplicant-timeout
Description 

This command configures the period during which the router waits for a client to respond to its EAPOL messages. When the supplicant-timeout expires, the 802.1x authentication session is considered to have failed.

The no form of this command returns the value to the default.

Default 

supplicant-timeout 30

Parameters 
seconds—
Specifies the server timeout period in seconds.
Values—
1 to 300

 

23.476. supported-features

supported-features

Syntax 
[no] supported-features
Context 
[Tree] (config>subscr-mgmt>diam-appl-plcy>gx>include-avp supported-features)
Full Contexts 
configure subscriber-mgmt diameter-application-policy gx include-avp supported-features
Description 

This command includes the supported-features in CCR messages.

The no form of this command resets the command to the default setting.

23.477. suppress

suppress

Syntax 
suppress integer
no suppress
Context 
[Tree] (config>router>policy-options>damping suppress)
Full Contexts 
configure router policy-options damping suppress
Description 

This command configures the suppression parameter for the route policy damping profile.

A route is suppressed when it has flapped frequently enough to increase the Figure of Merit (FoM) value to exceed the suppress threshold limit. When the FoM value exceeds the suppress threshold limit, the route is removed from the route table or inclusion in advertisements.

The no form of this command removes the suppress parameter from the damping profile.

Default 

no suppress

Parameters 
integer—
Specifies the suppress value expressed as a decimal integer.
Values—
1 to 20000

 

23.478. suppress-attached-bit

suppress-attached-bit

Syntax 
[no] suppress-attached-bit
Context 
[Tree] (config>service>vprn>isis suppress-attached-bit)
Full Contexts 
configure service vprn isis suppress-attached-bit
Description 

This command configures IS-IS to suppress setting the attached bit on originated Level 1 LSPs to prevent all L1 routers in the area from installing a default route to it.

suppress-attached-bit

Syntax 
[no] suppress-attached-bit
Context 
[Tree] (config>router>isis suppress-attached-bit)
Full Contexts 
configure router isis suppress-attached-bit
Description 

This command configures IS-IS to suppress setting the attached bit on originated Level 1 LSPs to prevent all L1 routers in the area from installing a default route to it.

Default 

no suppress-attached-bit

23.479. suppress-dn-bit

suppress-dn-bit

Syntax 
[no] suppress-dn-bit
Context 
[Tree] (config>service>vprn>ospf suppress-dn-bit)
[Tree] (config>service>vprn>ospf3 suppress-dn-bit)
Full Contexts 
configure service vprn ospf suppress-dn-bit
configure service vprn ospf3 suppress-dn-bit
Description 

This command specifies whether to suppress the setting of the DN bit for OSPF LSA packets generated by this instance of OSPF on the router. When enabled, the DN bit for OSPF LSA packets generated by this instance of the OSPF router will not be set. When disabled, this instance of the OSPF router will follow the normal procedure to determine whether to set the DN bit.

Default 

no suppress-dn-bit

23.480. suppress-lo-alarm

suppress-lo-alarm

Syntax 
[no] suppress-lo-alarm
Context 
[Tree] (config>port>sonet-sdh suppress-lo-alarm)
Full Contexts 
configure port sonet-sdh suppress-lo-alarm
Description 

This command enables the suppression of lower order alarms on SONET/SDH port such as MLPPP bundle alarms, DS1/E1 links alarms and 336 APS channel groups alarms.

The no form of this command disables the suppression of lower order alarms on SONET/SDH port.

23.481. suppress-lsn-events

suppress-lsn-events

Syntax 
[no] suppress-lsn-events
Context 
[Tree] (configure>isa>wlan-gw-group>nat suppress-lsn-events)
Full Contexts 
configure isa wlan-gw-group nat suppress-lsn-events
Description 

This command suppresses the generation of Large Scale NAT (LSN) events when RADIUS accounting is enabled.

By default, only one logging facility for tracking subscribers in LSN44, DS-Lite, and NAT64 can be enabled at the time, either the SR OS event logging facility or the RADIUS logging facility. Note that SR OS event logs can be sent to multiple destinations, such as the console session, a telnet or SSH session, memory logs, file destinations, SNMP trap groups, and syslog destinations.

If RADIUS logging is enabled, the NAT logs are sent to the RADIUS destination and the NAT logs are suppressed in the SR OS event logging facility, for example, NAT logs are not sent to the syslog server.

If RADIUS logging is disabled, the NAT logs are sent to the SR OS event logging facility, for example, syslog, assuming that the events are enabled via the SR OS event-control (config> log>event-control nat event generate).

The no form of this command, the NAT logs can be sent to both logging facilities simultaneously, the SR OS event logging facility and RADIUS logging facility.

Default 

suppress-lsn-events

suppress-lsn-events

Syntax 
[no] suppress-lsn-events
Context 
[Tree] (config>isa>nat-group suppress-lsn-events)
Full Contexts 
configure isa nat-group suppress-lsn-events
Description 

This command suppresses the generation of Large Scale NAT (LSN) events when RADIUS accounting is enabled.

By default, only one logging facility for tracking subscribers in LSN44, DS-Lite, and NAT64 can be enabled at the time: either the SR OS event logging facility or the RADIUS logging facility. SR OS event logs can be sent to multiple destinations, such as the console session, a telnet or SSH session, memory logs, file destinations, SNMP trap groups, and syslog destinations.

If RADIUS logging is enabled, the NAT logs are sent to the RADIUS destination and the NAT logs are suppressed in the SR OS event logging facility, for example, NAT logs are not sent to the syslog server.

If RADIUS logging is disabled, the NAT logs are sent to the SR OS event logging facility; for example, syslog, assuming that the events are enabled via the event-control command (config> log>event-control nat event generate).

By explicitly disabling this command (no suppress-lsn-events), the NAT logs can be sent to both logging facilities simultaneously, the SR OS event logging facility, and the RADIUS logging facility.

Default 

suppress-lsn-events

23.482. suppress-lsn-sub-blks-free

suppress-lsn-sub-blks-free

Syntax 
[no] suppress-lsn-sub-blks-free
Context 
[Tree] (configure>isa>wlan-gw-group>nat suppress-lsn-sub-blks-free)
Full Contexts 
configure isa wlan-gw-group nat suppress-lsn-sub-blks-free
Description 

This command suppresses the tmnxNatLsnSubBlksFree summary notification and use the tmnxNatPlBlockAllocationLsn notifications. When the SR OS node is in a state of excessive logging, the queue associated with the transmission of logs on the MS-ISA can become congested. This event further delays the generation of logs, and with this, further allocations and deallocations of NAT resources (port-blocks) is stalled until the queue is relieved of congestion. For example, an excessive logging state in the system can be caused by issuing a command to clear a large number of NAT subscribers where a large number of resources (port-blocks) are released at once.

The suppress-lsn-sub-blks-free command enables the generation of individual logs carried in event-id 2012 for every released port block regardless of the state of the transmission queue (whether congested or not). If NAT subscribers have a large number of allocated port blocks (this could be hundreds of port blocks per subscriber), generating individual logs per port-block release contributes to the congestion.

To alleviate transmission queue congestion, this behavior can be changed by disabling this command (no suppress-lsn-sub-blks-free). This causes the suppression of logs related to the release of individual port blocks of a NAT subscriber when the transmission queue is congested. As a result, only a summarized release log via event-id 2021 for the subscriber is generated. The purpose of this new log is to inform the operator in a single message that all ports blocks for the subscriber are released. For example, the log message for LSN is “LSN subscriber all blocks freed”. The benefit of such summarization (or log aggregation) is to alleviate the congestion of the transmission queue and consequently accelerate resource releases. An effect is the decreased granularity of information.

If summarization is enabled (no suppress-lsn-sub-blks-free) while there is no logging congestion in the system, the port block releases continue to be logged individually via the event-id 2012 (assuming that this is enabled in the event control), except for the last port block of the subscriber. When the last port block is released, the log with event-id 2021 is generated indicating that all port blocks for the subscriber are now released without carrying the specific information about this last port block that is released.

suppress-lsn-sub-blks-free

Syntax 
[no] suppress-lsn-sub-blks-free
Context 
[Tree] (config>isa>nat-group suppress-lsn-sub-blks-free)
Full Contexts 
configure isa nat-group suppress-lsn-sub-blks-free
Description 

This command suppresses the tmnxNatLsnSubBlksFree summary notification and use the tmnxNatPlBlockAllocationLsn notifications. When the SR OS node is in a state of excessive logging, the queue associated with the transmission of logs on the MS-ISA can become congested. This event further delays the generation of logs, and with this, further allocations and deallocations of NAT resources (port-blocks) will be stalled until the queue is relieved of congestion. For example, an excessive logging state in the system can be caused by issuing a command to clear a large number of NAT subscribers where a large number of resources (port-blocks) are released at once.

The suppress-lsn-sub-blks-free command enables the generation of individual logs carried in event-id 2012 for every released port block regardless of the state of the transmission queue (whether congested or not). If NAT subscribers have a large number of allocated port blocks (this could be hundreds of port blocks per subscriber), generating individual logs per port-block release contributes to the congestion.

To alleviate transmission queue congestion, this behavior can be changed by disabling this command (no suppress-lsn-sub-blks-free). This causes the suppression of logs related to the release of individual port blocks of a NAT subscriber when the transmission queue is congested. As a result, only a summarized release log via event-id 2021 for the subscriber is generated. The purpose of this new log is to inform the operator in a single message that all ports blocks for the subscriber are released. For example, the log message for LSN will be “LSN subscriber all blocks freed”. The benefit of such summarization (or log aggregation) is to alleviate the congestion of the transmission queue and consequently accelerate resource releases. An effect is the decreased granularity of information.

If summarization is enabled (no suppress-lsn-sub-blks-free) while there is no logging congestion in the system, the port block releases continue to be logged individually via the event-id 2012 (assuming that this is enabled in the event control), except for the last port block of the subscriber. When the last port block is released, the log with event-id 2021 is generated indicating that all port blocks for the subscriber are now released without carrying the specific information about this last port block that is released.

Default 

no suppress-lsn-sub-blks-free

23.483. suppress-standby-signaling

suppress-standby-signaling

Syntax 
[no] suppress-standby-signaling
Context 
[Tree] (config>service>vpls>endpoint suppress-standby-signaling)
Full Contexts 
configure service vpls endpoint suppress-standby-signaling
Description 

When this command is enabled, the pseudowire standby bit (value 0x00000020) will not be sent to T-LDP peer when the specified spoke is selected as a standby. This allows faster switchover as the traffic will be sent over this SDP and discarded at the blocking side of the connection. This is particularly applicable to multicast traffic.

Default 

suppress-standby-signaling

23.484. suppress-threshold

suppress-threshold

Syntax 
suppress-threshold suppress-penalties reuse-threshold reuse-penalties
Context 
[Tree] (config>port>ethernet>dampening suppress-threshold)
Full Contexts 
configure port ethernet dampening suppress-threshold
Description 

This command configures the penalties thresholds at which the port state events to the upper layer are to be dampened (suppress threshold) and then permitted (reuse threshold).

Parameters 
suppress-penalties—
Specifies the threshold at which the port-up state is suppressed until the accumulated penalties drop below the reuse threshold again.
Values—
1 to 20000

 

Default—
2000
reuse-penalties—
Specifies the threshold at which the port-up state is no longer suppressed, after the port has been in a suppressed state and the accumulated penalties decay drops below this threshold. The reuse threshold value must be less than the suppress threshold value.
Values—
1 to 20000

 

Default—
1000

23.485. svc-id

svc-id

Syntax 
svc-id service-id
no svc-id
Context 
[Tree] (config>system>security>mgmt-access-filter>mac-filter>entry>match svc-id)
Full Contexts 
configure system security management-access-filter mac-filter entry match svc-id
Description 

This command specifies an existing svc-id to use as a match condition.

Parameters 
service-id—
Specifies a service-id to match.
Values—
service-id: 1 to 2147483647svc-name: 64 characters maximum

 

23.486. svc-path

svc-path

Syntax 
svc-path path-id svc-index service-index
no svc-path
Context 
[Tree] (config>subscr-mgmt>isa-svc-chain>vas-filter>entry>action>insert-nsh svc-path)
Full Contexts 
configure subscriber-mgmt isa-service-chaining vas-filter entry action insert-nsh svc-path
Description 

This command configures the service path identifier and service index to be inserted in NSH in the steered traffic if the forward action indicates NSH insertion.

The no form of this command removes the parameters from the configuration.

Parameters 
path-id—
Specifies the 24-bit path ID in the base part of NSH.
Values—
0 to 16777215

 

service-index—
Specifies the 8-bit service index inserted in the base part of NSH.
Values—
0 to 255

 

23.487. svc-ping

svc-ping

Syntax 
svc-ping ip-address [service service-id] [local-sdp] [remote-sdp]
Context 
[Tree] (oam svc-ping)
Full Contexts 
oam svc-ping
Description 

This command tests a service ID for correct and consistent provisioning between two service end points.

The svc-ping command accepts a far-end IP address and a service ID for local and remote service testing. The following information can be determined from svc-ping:

Local and remote service existence

  1. Local and remote service state
  2. Local and remote service type correlation
  3. Local and remote customer association
  4. Local and remote service-to-SDP bindings and state
  5. Local and remote ingress and egress service label association

Unlike sdp-ping, only a single message is sent per command; no count nor interval parameter is supported and round trip time is not calculated. A time out value of 10 seconds is used before failing the request. The forwarding class is assumed to be Best-Effort Out-of-Profile.

If no request is sent or a reply is not received, all remote information is shown as N/A.

To terminate a svc-ping in progress, use the CLI break sequence <Ctrl-C>.

Upon request time out, message response, request termination, or request error the following local and remote information is displayed. See Table 193. Local and remote information is dependent upon service existence and reception of reply.

Table 193:  Svc-ping

Field

Description

Values

Request Result

The result of the svc-ping request message.

Sent - Request Timeout

Sent - Request Terminated

Sent - Reply Received

Not Sent - Non-Existent Service-ID

Not Sent - Non-Existent SDP for Service

Not Sent - SDP For Service Down

Not Sent - Non-existent Service Egress Label

Service-ID

The ID of the service being tested.

service-id

Local Service Type

The type of service being tested. If service-id does not exist locally, N/A is displayed.

Epipe, Ipipe, Fpipe, Apipe

TLS

IES

Mirror-Dest

Local Service Admin State

The local administrative state of service-id. If the service does not exist locally, the administrative state is Non-Existent.

Admin-Up

Admin-Down

Non-Existent

Local Service Oper State

The local operational state of service-id. If the service does not exist locally, the state is N/A.

Oper-Up

Oper-Down

Remote Service Type

The remote type of service being tested. If service-id does not exist remotely, N/A is displayed.

Epipe, Ipipe, Fpipe, Apipe

TLS

IES

Mirror-Dest

Remote Service Admin State

The remote administrative state of service-id. If the service does not exist remotely, the administrative state is Non-Existent.

Up

Down

Non-Existent

Local Service MTU

The local service-mtu for service-id. If the service does not exist, N/A is displayed.

service-mtu

Remote Service MTU

The remote service-mtu for service-id. If the service does not exist remotely, N/A is displayed.

remote-service-mtu

Local Customer ID

The local customer-id associated with service-id. If the service does not exist locally, N/A is displayed.

customer-id

Remote Customer ID

The remote customer-id associated with service-id. If the service does not exist remotely, N/A is displayed.

customer-id

Local Service IP Address

The local system IP address used to terminate remotely configured SDP-ID (as the far-end address). If an IP interface has not been configured to be the system IP address, N/A is displayed.

system-ip-address

Local Service IP Interface Name

The name of the local system IP interface. If the local system IP interface has not been created, N/A is displayed.

system-interface-name

Local Service IP Interface State

The state of the local system IP interface. If the local system IP interface has not been created, Non-Existent is displayed.

Up

Down

Non-Existent

Expected Far-end Address

The expected IP address for the remote system IP interface. This must be the far-end address entered for the svc-ping command.

orig-sdp-far-end-addr

dest-ip-addr

Actual Far-end Address

The returned remote IP address. If a response is not received, the displayed value is N/A. If the far-end service IP interface is down or non-existent, a message reply is not expected. sdp-ping should also fail.

resp-ip-addr

Responders Expected Far-end Address

The expected source of the originator’s sdp-id from the perspective of the remote router terminating the sdp-id. If the far-end cannot detect the expected source of the ingress sdp-id or the request is transmitted outside the sdp-id, N/A is displayed.

resp-rec-tunnel-far-end-address

Originating SDP-ID

The sdp-id used to reach the far-end IP address if sdp-path is defined. The originating sdp-id must be bound to the service-id and terminate on the far-end IP address. If an appropriate originating sdp-id is not found, Non-Existent is displayed.

orig-sdp-id

Non-Existent

Originating SDP-ID Path Used

Whether the Originating router used the originating sdp-id to send the svc-ping request. If a valid originating sdp-id is found, operational and has a valid egress service label, the originating router should use the sdp-id as the requesting path if sdp-path has been defined. If the originating router uses the originating sdp-id as the request path, Yes is displayed. If the originating router does not use the originating sdp-id as the request path, No is displayed. If the originating sdp-id is non-existent, N/A is displayed.

Yes

No

Originating SDP-ID Administrative State

The local administrative state of the originating sdp-id. If the sdp-id has been shutdown, Admin-Down is displayed. If the originating sdp-id is in the no shutdown state, Admin-Up is displayed. If an originating sdp-id is not found, N/A is displayed.

Admin-Up

Admin-Up

Originating SDP-ID Operating State

The local operational state of the originating sdp-id. If an originating sdp-id is not found, N/A is displayed.

Oper-Up

Oper-Down

Originating SDP-ID Binding Admin State

The local administrative state of the originating sdp-ids binding to service-id. If an sdp-id is not bound to the service, N/A is displayed.

Admin-Up

Admin-Up

Originating SDP-ID Binding Oper State

The local operational state of the originating sdp-ids binding to service-id. If an sdp-id is not bound to the service, N/A is displayed.

Oper-Up

Oper-Down

Responding SDP-ID

The sdp-id used by the far end to respond to the svc-ping request. If the request was received without the sdp-path parameter, the responding router does not use an sdp-id as the return path, but the appropriate responding sdp-id is displayed. If a valid sdp-id return path is not found to the originating router that is bound to the service-id, Non-Existent is displayed.

resp-sdp-id

Non-Existent

Responding SDP-ID Path Used

Whether the responding router used the responding sdp-id to respond to the svc-ping request. If the request was received via the originating sdp-id and a valid return sdp-id is found, operational and has a valid egress service label, the far-end router should use the sdp-id as the return sdp-id. If the far end uses the responding sdp-id as the return path, Yes is displayed. If the far end does not use the responding sdp-id as the return path, No is displayed. If the responding sdp-id is non-existent, N/A is displayed.

Yes

No

Responding SDP-ID Administrative State

The administrative state of the far-end sdp-id associated with the return path for service-id. When a return path is administratively down, Admin-Down is displayed. If the return sdp-id is administratively up, Admin-Up is displayed. If the responding sdp-id is non-existent, N/A is displayed.

Admin-Up

Admin-Up

N/A

Responding SDP-ID Operational State

The operational state of the far-end sdp-id associated with the return path for service-id. When a return path is operationally down, Oper-Down is displayed. If the return sdp-id is operationally up, Oper-Up is displayed. If the responding sdp-id is non-existent, N/A is displayed.

Oper-Up

Oper-Down

Responding SDP-ID Binding Admin State

The local administrative state of the responder’s sdp-id binding to service-id. If an sdp-id is not bound to the service, N/A is displayed.

Admin-Up

Admin-Down

Responding SDP-ID Binding Oper State

The local operational state of the responder’s sdp-id binding to service-id. If an sdp-id is not bound to the service, N/A is displayed.

Oper-Up

Oper-Down

Originating VC-ID

The originator’s VC-ID associated with the sdp-id to the far-end address that is bound to service-id. If the sdp-id signaling is off, originator-vc-id is 0. If the originator-vc-id does not exist, N/A is displayed.

originator-vc-id

Responding VC-ID

The responder’s VC-ID associated with the sdp-id to originator-id that is bound to service-id. If the sdp-id signaling is off or the service binding to sdp-id does not exist, responder-vc-id is 0. If a response is not received, N/A is displayed.

responder-vc-id

Originating Egress Service Label

The originating service label (VC-Label) associated with the service-id for the originating sdp-id. If service-id does not exist locally, N/A is displayed. If service-id exists, but the egress service label has not been assigned, Non-Existent is displayed.

egress-vc-label

Non-Existent

Originating Egress Service Label Source

The originating egress service label source. If the displayed egress service label is manually defined, Manual is displayed. If the egress service label is dynamically signaled, Signaled is displayed. If the service-id does not exist or the egress service label is non-existent, N/A is displayed.

Manual

Signaled

Originating Egress Service Label State

The originating egress service label state. If the originating router considers the displayed egress service label operational, Up is displayed. If the originating router considers the egress service label inoperative, Down is displayed. If the service-id does not exist or the egress service label is non-existent, N/A is displayed.

Up

Down

Responding Service Label

The actual responding service label in use by the far-end router for this service-id to the originating router. If service-id does not exist in the remote router, N/A is displayed. If service-id does exist remotely but the remote egress service label has not been assigned, Non-Existent is displayed.

rec-vc-label

Non-Existent

Responding Egress Service Label Source

The responder’s egress service label source. If the responder’s egress service label is manually defined, Manual is displayed. If the responder’s egress service label is dynamically signaled, Signaled is displayed. If the service-id does not exist on the responder or the responder’s egress service label is non-existent, N/A is displayed.

Manual

Signaled

Responding Service Label State

The responding egress service label state. If the responding router considers its egress service label operational, Up is displayed. If the responding router considers its egress service label inoperative, Down is displayed. If the service-id does not exist or the responder’s egress service label is non-existent, N/A is displayed.

Up

Down

Expected Ingress Service Label

The locally assigned ingress service label. This is the service label that the far-end is expected to use for service-id when sending to the originating router. If service-id does not exist locally, N/A is displayed. If service-id exists but an ingress service label has not been assigned, Non-Existent is displayed.

ingress-vc-label

Non-Existent

Expected Ingress Label Source

The originator’s ingress service label source. If the originator’s ingress service label is manually defined, Manual is displayed. If the originator’s ingress service label is dynamically signaled, Signaled is displayed. If the service-id does not exist on the originator or the originators ingress service label has not been assigned, N/A is displayed.

Manual

Signaled

Expected Ingress Service Label State

The originator’s ingress service label state. If the originating router considers its ingress service label operational, Up is displayed. If the originating router considers its ingress service label inoperative, Down is displayed. If the service-id does not exist locally, N/A is displayed.

Up

Down

Responders Ingress Service Label

The assigned ingress service label on the remote router. This is the service label that the far end is expecting to receive for service-id when sending to the originating router. If service-id does not exist in the remote router, N/A is displayed. If service-id exists, but an ingress service label has not been assigned in the remote router, Non-Existent is displayed.

resp-ingress-vc-label

Non-Existent

Responders Ingress Label Source

The assigned ingress service label source on the remote router. If the ingress service label is manually defined on the remote router, Manual is displayed. If the ingress service label is dynamically signaled on the remote router, Signaled is displayed. If the service-id does not exist on the remote router, N/A is displayed.

Manual

Signaled

Responders Ingress Service Label State

The assigned ingress service label state on the remote router. If the remote router considers its ingress service label operational, Up is displayed. If the remote router considers its ingress service label inoperative, Down is displayed. If the service-id does not exist on the remote router or the ingress service label has not been assigned on the remote router, N/A is displayed.

Up

Down

Parameters 
ip-address—
Specifies the far-end IP address to which to send the svc-ping request message in dotted decimal notation.
Values—
a.b.c.d

 

service-id—
Specifies the service ID of the service being tested must be indicated with this parameter. The service ID need not exist on the local router to receive a reply message.
Values—
1 to 2147483647, service-name: up to 64 characters

 

local-sdp—
Specifies the svc-ping request message should be sent using the same service tunnel encapsulation labeling as service traffic. If local-sdp is specified, the command attempts to use an egress sdp-id bound to the service with the specified far-end IP address with the VC-Label for the service. The far-end address of the specified sdp-id is the expected responder-id within the reply received. The sdp-id defines the encapsulation of the SDP tunnel encapsulation used to reach the far end; this can be IP/GRE or MPLS. On originator egress, the service-ID must have an associated VC-Label to reach the far-end address of the sdp-id and the sdp-id must be operational for the message to be sent.

If local-sdp is not specified, the svc-ping request message is sent with GRE encapsulation with the OAM label.

Table 194 indicates whether a message is sent and how the message is encapsulated based on the state of the service ID.

Table 194:  Message Encapsulation

Local Service State

local-sdp Not Specified

local-sdp Specified

Message Sent

Message Encapsulation

Message Sent

Message Encapsulation

Invalid Local Service

Yes

Generic IP/GRE OAM (PLP)

No

None

No Valid SDP-ID Bound

Yes

Generic IP/GRE OAM (PLP)

No

None

SDP-ID Valid But Down

Yes

Generic IP/GRE OAM (PLP)

No

None

SDP-ID Valid and Up, But No Service Label

Yes

Generic IP/GRE OAM (PLP)

No

None

SDP-ID Valid, Up and Egress Service Label

Yes

Generic IP/GRE OAM (PLP)

Yes

SDP Encapsulation with Egress Service Label (SLP)

remote-sdp—
Specifies svc-ping reply message from the far-end should be sent using the same service tunnel encapsulation labeling as service traffic.

If remote-sdp is specified, the far-end responder attempts to use an egress sdp-id bound to the service with the message originator as the destination IP address with the VC-Label for the service. The sdp-id defines the encapsulation of the SDP tunnel encapsulation used to reply to the originator; this can be IP/GRE or MPLS. On responder egress, the service-ID must have an associated VC-Label to reach the originator address of the sdp-id and the sdp-id must be operational for the message to be sent.

If remote-sdp is not specified, the svc-ping request message is sent with GRE encapsulation with the OAM label.

Table 195 indicates how the message response is encapsulated based on the state of the remote service ID.

Table 195:  Message Response Encapsulation

Remote Service State

Message Encapsulation

remote-sdp

Not Specified

remote-sdp

Specified

Invalid Ingress Service Label

Generic IP/GRE OAM (PLP)

Generic IP/GRE OAM (PLP)

Invalid Service-ID

Generic IP/GRE OAM (PLP)

Generic IP/GRE OAM (PLP)

No Valid SDP-ID Bound on Service-ID

Generic IP/GRE OAM (PLP)

Generic IP/GRE OAM (PLP)

SDP-ID Valid But Down

Generic IP/GRE OAM (PLP)

Generic IP/GRE OAM (PLP)

SDP-ID Valid and Up, but No Service Label

Generic IP/GRE OAM (PLP)

Generic IP/GRE OAM (PLP)

SDP-ID Valid and Up, Egress Service Label, but VC-ID Mismatch

Generic IP/GRE OAM (PLP)

Generic IP/GRE OAM (PLP)

SDP-ID Valid and Up, Egress Service Label, but VC-ID Match

Generic IP/GRE OAM (PLP)

SDP Encapsulation with Egress Service Label (SLP)

Output 

Sample Output
*A:router1> svc-ping far-end 10.10.10.10 service 101 local-sdp remote-sdp
Request Result: Sent – Reply Received
 
Service-ID: 101
 
Err       Basic Info              Local     Remote
---       -----------------       ------    ------
__        Type:                   TLS       TLS
__        Admin State:            Up        Up
__        Oper State:             Up        Up
__        Service-MTU:            1514      1514
__        Customer ID:            1001      1001
 
Err       System IP Interface Info
---       -------------------------------------------------------------
Local Interface Name: “7750 SR-System-IP-Interface (Up to 32 chars)…”
__        Local IP Interface State:         Up
__        Local IP Address:                 10.10.10.11
__        IP Address Expected By Remote:    10.10.10.11
__        Expected Remote IP Address:       10.10.10.10
__        Actual Remote IP Address:         10.10.10.10
 
Err       SDP-ID Info             Local     Remote
---       -----------------       ------    ------
__        Path Used:              Yes       Yes
__        SDP-ID:                 123       325
__        Administrative State:   Up        Up
__        Operative State:        Up        Up
__        Binding Admin State:    Up        Up
__        Binding Oper State:     Up        Up
__        Binding VC-ID:          101       101
 
Err       Service Label Information   Label     Source        State
---       -------------------------   -----     -----------   -----
__        Local Egress Label:         45        Signaled      Up
__        Remote Expected Ingress:    45        Signaled      Up
__        Remote Egress:              34        Signaled      Up
__        Local Expected Ingress:     34        Signaled      Up

23.488. svlan-statistics

svlan-statistics

Syntax 
svlan-statistics
Context 
[Tree] (config>subscr-mgmt svlan-statistics)
Full Contexts 
configure subscriber-mgmt svlan-statistics
Description 

This command enables the context to enable subscriber VLAN statistics collection.

23.489. swap

swap

Syntax 
swap {out-label |implicit-null-label} nexthop ip-address
no swap
Context 
[Tree] (config>router>mpls>if>label-map swap)
Full Contexts 
configure router mpls interface label-map swap
Description 

This command swaps the incoming label and specifies the outgoing label and next hop IP address on an LSR for a static LSP.

The no form of this command removes the swap action associated with the in-label.

Parameters 
implicit-null-label —
Specifies the use of the implicit label value for the outgoing label of the swap operation.
out-label—
Specifies the label value to be swapped with the in-label. Label values 16 through 1,048,575 are defined as follows:
  1. label values 16 through 31 are reserved
  2. label values 32 through 1,023 are available for static assignment
  3. label values 1,024 through 2,047 are reserved for future use
  4. label values 2,048 through 18,431 are statically assigned for services
  5. label values 28,672 through 131,071 are dynamically assigned for both MPLS and services
  6. label values 131,072 through 1,048,575 are reserved for future use
Values—
16 to 1048575

 

nexthop ip-address
Specifies the IP address to forward to. If an ARP entry for the next hop exists, then the static LSP will be marked operational. If ARP entry does not exist, software will set the operational status of the static LSP to down and continue to ARP for the configured nexthop. Software will continuously try to ARP for the configured nexthop at a fixed interval.

23.490. sweep

sweep

Syntax 
sweep start dispersion-start end dispersion-end
Context 
[Tree] (config>port>dwdm>coherent sweep)
Full Contexts 
configure port dwdm coherent sweep
Description 

This command allows users to configure the dispersion sweep ‘start’ and ‘end’ values for the automatic mode of coherent control. If the user knows the approximate or theoretical residual dispersion of the link, this command can be used to limit the range of sweeping for the automatic control mode and thus achieve faster link up.

Parameters 
dispersion-start—
Specifies the lower range limit for the dispersion compensation.
Values—
-50000 to 50000

 

Default—
-25500
dispersion-end—
Specifies the upper range limit for the dispersion compensation.
Values—
-50000 to 50000

 

Default—
2000

23.491. switch-defined-cookie

switch-defined-cookie

Syntax 
[no] switch-defined-cookie
Context 
[Tree] (config>open-flow>of-switch>flowtable switch-defined-cookie)
Full Contexts 
configure open-flow of-switch flowtable switch-defined-cookie
Description 

This command enables OpenFlow switch-defined Flow Table cookie encoding for flowtable 0 that allows multi-service operation.

The no form of the command disables the above function.

Default 

no switch-defined-cookie

23.492. switch-fabric

switch-fabric

Syntax 
switch-fabric
Context 
[Tree] (config>system switch-fabric)
Full Contexts 
configure system switch-fabric
Description 

This command enables the context to configure switch fabric parameters.

23.493. switching-mode

switching-mode

Syntax 
switching-mode {bi-directional |uni-directional}
Context 
[Tree] (config>port>aps switching-mode)
Full Contexts 
configure port aps switching-mode
Description 

This command configures the switching mode for the APS group.

Parameters 
bi-directional—
Configures the group to operate in Bidirectional 1+1 Signaling APS mode.
uni-directional—
Configures the group to operate in Unidirectional 1+1 Signaling APS mode.

23.494. switching-type

switching-type

Syntax 
switching-type switching-type
no switching-type
Context 
[Tree] (config>router>gmpls>lsp switching-type)
Full Contexts 
configure router gmpls lsp switching-type
Description 

This command configures the type of switching required for the gLSP. As defined in RFC 3471. The default CLI value is dcsc, which indicates that Digital Channel Switch Capable (DCSC) should be signaled.

Default 

switching-type dcsc

Parameters 
switching-type—
Specifies the required type of switching.
Values—
dcsc

 

23.495. switchover-exec

switchover-exec

Syntax 
switchover-exec file-url
no switchover-exec
Context 
[Tree] (config>system switchover-exec)
Full Contexts 
configure system switchover-exec
Description 

This command specifies the location and name of the CLI script file executed following a redundancy switchover from the previously active CPM card. A switchover can happen because of a fatal failure or by manual action.

The CLI script file can contain commands for environment settings, debug (excluding mirroring settings), and other commands not maintained by the configuration redundancy.

The following commands are not supported in the switchover-exec file: clear, configure, candidate, oam, tools, oam, ping, traceroute, mstat, mtrace and mrinfo.

When the file-url parameter is not specified, no CLI script file is executed.

Default 

no switch-over-exec

Parameters 
file-url—
Specifies the location and name of the CLI script file.
Values—

local-url | remote-url

local-url

[cflash-id/][file-path] 200 chars max, including cflash-id

directory length 99 chars max each

remote-url

[{ftp:// | tftp://}login:pswd@remote-locn/][file-path]

243 chars max

directory length 99 chars max each

remote-locn

[hostname | ipv4-address | ipv6-address]

ipv4-address

a.b.c.d

ipv6-address

x:x:x:x:x:x:x:x[-interface]

x:x:x:x:x:x:d.d.d.d[-interface]

x - [0 to FFFF]H

d - [0 to 255]D

interface - 32 chars max, for link local addresses

cflash-id

cf1:, cf1-A:, cf1-B:, cf2:, cf2-A:, cf2-B:, cf3:, cf3-A:, cf3-B:

 

23.496. symbol-monitor

symbol-monitor

Syntax 
symbol-monitor
Context 
[Tree] (config>port>ethernet symbol-monitor)
Full Contexts 
configure port ethernet symbol-monitor
Description 

This command configures Ethernet Symbol Monitoring parameters. Support for symbol monitoring is hardware dependent. An error message indicating that the port setting cannot be modified will be presented when attempting to enable the feature or configure the individual parameters on unsupported hardware.

23.497. sync

sync

Syntax 
[no] sync
Context 
[Tree] (config>redundancy>multi-chassis>peer sync)
Full Contexts 
configure redundancy multi-chassis peer sync
Description 

This command enables the context to configure synchronization parameters.

Default 

no sync

23.498. sync-boot-env

sync-boot-env

Syntax 
sync-boot-env
Context 
[Tree] (admin>satellite>eth-sat sync-boot-env)
Full Contexts 
admin satellite eth-sat sync-boot-env
Description 

The command forces the specified Ethernet-satellite chassis to synchronize the boot image.

23.499. sync-e

sync-e

Syntax 
[no] sync-e
Context 
[Tree] (config>card>mda sync-e)
[Tree] (config>card>xiom>mda sync-e)
Full Contexts 
configure card mda sync-e
configure card xiom mda sync-e
Description 

This command enables synchronous Ethernet on the MDA. Then any port on the MDA can be used as a source port in the sync-if-timing configuration.

The no form of this command disables synchronous Ethernet on the MDA.

sync-e

Syntax 
[no] sync-e
Context 
[Tree] (config>system>satellite>eth-sat sync-e)
Full Contexts 
configure system satellite eth-sat sync-e
Description 

This command enables the Ethernet satellite for synchronous Ethernet operation so that the transmit timing of the satellite access ports use the frequency of the host router’s central clock.

To enable this functionality, both host ports on the router that connect to the U1 and U2 ports of the satellite must be synchronous Ethernet-capable ports.

When the Ethernet satellite is configured for synchronous Ethernet, ESMC frames are enabled on the host ports. The SSM code-type used between the host and the satellite should be manually configured on the host ports to match the code-type desired on the satellite client ports. The code-type setting on the host ports does not restrict the code-type used on the satellite client ports, as those may be configured on an individual port basis.

23.500. sync-if-timing

sync-if-timing

Syntax 
sync-if-timing
Context 
[Tree] (config>system sync-if-timing)
Full Contexts 
configure system sync-if-timing
Description 

This command creates or edits the context to create or modify timing reference parameters.

sync-if-timing

Syntax 
sync-if-timing
Context 
[Tree] (debug sync-if-timing)
Full Contexts 
debug sync-if-timing
Description 

The context to debug synchronous interface timing references.

23.501. synce

synce

Syntax 
synce
Context 
[Tree] (config>system>sync-if-timing synce)
Full Contexts 
configure system sync-if-timing synce
Description 

This command enters the context for attributes related to the CPM/CCM SyncE/1588 ports.

23.502. synchronize

synchronize

Syntax 
synchronize {boot-env |config}
Context 
[Tree] (config>redundancy synchronize)
Full Contexts 
configure redundancy synchronize
Description 

This command performs a synchronization of the standby CPMs images and/or config files to the active CPM. Either the boot-env or config parameter must be specified. In the config>redundancy context, this command performs an automatically triggered standby CPM synchronization. When the standby CPM takes over operation following a failure or reset of the active CPM, it is important to ensure that the active and standby CPMs have identical operational parameters. This includes the saved configuration, CPM, XCM, and IOM images.

The active CPM ensures that the active configuration is maintained on the standby CPM. However, to ensure smooth operation under all circumstances, runtime images and system initialization configurations must also be automatically synchronized between the active and standby CPM.

If synchronization fails, alarms and log messages that indicate the type of error that caused the failure of the synchronization operation are generated. When the error condition ceases to exist, the alarm is cleared.

Only files stored on the router are synchronized. If a configuration file or image is stored in a location other than on a local compact flash, the file is not synchronized (for example, storing a configuration file on an FTP server).

Default 

no synchronize

Parameters 
boot-env—
Synchronizes all files required for the boot process (loader, BOF, images, and config).
config—
Synchronizes only the primary, secondary, and tertiary configuration files.
Default—
config

synchronize

Syntax 
synchronize cert
synchronize {boot-env |config}
Context 
[Tree] (admin>redundancy synchronize)
Full Contexts 
admin redundancy synchronize
Description 

This command performs a synchronization of the standby CPM’s images and/or configuration files to the active CPM. Either the boot-env or config parameter must be specified.

In the admin>redundancy context, this command performs a manually triggered standby CPM synchronization. When the standby CPM takes over operation following a failure or reset of the active CPM, it is important to ensure that the active and standby CPM have identical operational parameters. This includes the saved configuration, CPM, XCM, and IOM images.

The active CPM ensures that the active configuration is maintained on the standby CPM. However, to ensure smooth operation under all circumstances, runtime images and system initialization configurations must also be automatically synchronized between the active and standby CPM. If synchronization fails, alarms and log messages that indicate the type of error that caused the failure of the synchronization operation are generated. When the error condition ceases to exist, the alarm is cleared.

Only files stored on the router are synchronized. If a configuration file or image is stored in a location other than on a local compact flash, the file is not synchronized (for example, storing a configuration file on an FTP server).

The no form of the command removes the parameter from the configuration.

Default 

no synchronize

Parameters 
cert—
Synchronizes the imported certificate/key/CRL files to the standby CPM.
boot-env—
Synchronizes all files required for the boot process (loader, BOF, images, and config).
config—
Synchronizes only the primary, secondary, and tertiary configuration files.

23.503. syslog

syslog

Syntax 
syslog script name
no syslog
Context 
[Tree] (config>python>py-policy syslog)
Full Contexts 
configure python python-policy syslog
Description 

This command enables Python script to process syslog related messages and events.

The no form of this command disables the Python script to process syslog related messages and events.

Parameters 
name—
Specifies the name of the Python script, up to 32 characters, that is used to handle the specified message.

syslog

Syntax 
[no] syslog syslog-id
Context 
[Tree] (config>service>vprn>log syslog)
Full Contexts 
configure service vprn log syslog
Description 

This command creates the context to configure a syslog target host that is capable of receiving selected syslog messages from this network element.

A valid syslog-id must have the target syslog host address configured.

A maximum of 10 syslog-ids can be configured.

No log events are sent to a syslog target address until the syslog-id has been configured as the log destination (to) in the log-id node.

The syslog ID configured in the configure/service/vprn context has a local VPRN scope and only needs to be unique within the specific VPRN instance. The same ID can be reused under a different VPRN service or in the global log context under config>log.

Default 

No syslog IDs are defined.

Parameters 
syslog-id—
Specifies the syslog ID number for the syslog destination, expressed as a decimal integer.
Values—
1 to 10

 

syslog

Syntax 
syslog
Context 
[Tree] (config>app-assure>group>evt-log syslog)
Full Contexts 
configure application-assurance group event-log syslog
Description 

This command enables the context for configuring the target syslog server.

syslog

Syntax 
syslog
Context 
[Tree] (config>service>nat syslog)
Full Contexts 
configure service nat syslog
Description 

This command enables the context to configure syslog reporting of NAT flow parameters.

syslog

Syntax 
[no] syslog syslog-id
Context 
[Tree] (config>log syslog)
Full Contexts 
configure log syslog
Description 

This command creates the context to configure a syslog target host that is capable of receiving selected syslog messages from this network element.

A valid syslog-id must have the target syslog host address configured.

A maximum of 10 syslog-id’s can be configured.

No log events are sent to a syslog target address until the syslog-id has been configured as the log destination (to) in the log-id node.

The syslog ID configured in the config>service>vprn context has a local VPRN scope and only needs to be unique within the specific VPRN instance. The same ID can be reused under a different VPRN service or in the global log context under config>log.

The no form of this command removes the syslog configuration.

Parameters 
syslog-id—
The syslog ID number for the syslog destination, expressed as a decimal integer.
Values—
1 to 10

 

23.504. syslog-export-policy

syslog-export-policy

Syntax 
syslog-export-policy policy-name
no syslog-export-policy
Context 
[Tree] (config>service>nat>nat-policy syslog-export-policy)
Full Contexts 
configure service nat nat-policy syslog-export-policy
Description 

This command creates a syslog export policy with a set of transport parameters that will be used to transmit NAT flow records in syslog format to an external collector node. This policy name is then referenced from the nat-policy applied to an inside routing context.

Default 

no syslog-export-policy

Parameters 
policy-name—
Specifies the name of the syslog export policy.

syslog-export-policy

Syntax 
syslog-export-policy name [create]
no syslog-export-policy name
Context 
[Tree] (config>service>nat>syslog syslog-export-policy)
Full Contexts 
configure service nat syslog syslog-export-policy
Description 

This command creates a syslog export policy with a set of transport parameters that are used to transmit NAT flow records in syslog format to an external collector node. This policy name is then referenced from the NAT policy applied to an inside routing context.

The no form of the command removes the policy name from the configuration.

Parameters 
name—
Specifies the syslog export policy name, up to 32 characters.
create—
Keyword used to create the syslog export policy.

23.505. system

system

Syntax 
system
Context 
[Tree] (config>eth-cfm system)
Full Contexts 
configure eth-cfm system
Description 

This command enables the context to configure Connectivity Fault Management General System parameters.

system

Syntax 
[no] system
Context 
[Tree] (debug system)
Full Contexts 
debug system
Description 

This command displays system debug information.

23.506. system-base-mac

system-base-mac

Syntax 
system-base-mac mac-address
no system-base-mac
Context 
[Tree] (bof system-base-mac)
Full Contexts 
bof system-base-mac
Description 

This command is used to specify the base MAC address for a VSR-based system. The specified MAC address is used as the first MAC address by the system to assign MAC addresses to individual interfaces.

It is strongly recommended that a unique base MAC address is assigned to each VSR instance with a minimum gap of 1024 between base addresses to avoid a MAC address overlap.

The no form of this command removes the configured system base MAC address.

Default 

no system-base-mac

Parameters 
mac-address—
Specifies the MAC address.
Values—
xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx

 

23.507. system-filter

system-filter

Syntax 
system-filter
Context 
[Tree] (config>filter system-filter)
Full Contexts 
configure filter system-filter
Description 

This command enables the context to activate system filter policies.

23.508. system-id

system-id

Syntax 
system-id system-id
no system-id
Context 
[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host>host-ident system-id)
Full Contexts 
configure subscriber-mgmt local-user-db ipoe host host-identification system-id
Description 

This command specifies the system ID from the Nokia vendor-specific sub-option in Option 82 to match.

The no form of this command returns to the default.

Parameters 
system-id—
Specifies the system ID, up to 255 characters

system-id

Syntax 
[no] system-id
Context 
[Tree] (config>service>vpls>sap>dhcp>option>vendor system-id)
[Tree] (config>service>vprn>if>dhcp>option>vendor system-id)
[Tree] (config>service>vprn>sub-if>grp-if>dhcp>option>vendor system-id)
[Tree] (config>service>ies>sub-if>grp-if>dhcp>option>vendor system-id)
[Tree] (config>subscr-mgmt>msap-policy>vpls-only>dhcp>option>vendor system-id)
Full Contexts 
configure service ies subscriber-interface group-interface dhcp option vendor-specific-option system-id
configure service vpls sap dhcp option vendor-specific-option system-id
configure service vprn interface dhcp option vendor-specific-option system-id
configure service vprn subscriber-interface group-interface dhcp option vendor-specific-option system-id
configure subscriber-mgmt msap-policy vpls-only-sap-parameters dhcp option vendor-specific-option system-id
Description 

This command specifies whether the system-id is encoded in the Nokia vendor-specific sub-option of Option 82.

The no form of this command reverts to the default.

system-id

Syntax 
system-id name
no system-id
Context 
[Tree] (config>system>vsd system-id)
Full Contexts 
configure system vsd system-id
Description 

This command configures the DC GW system-id that is used for the configuration from VSD. VSD will identify the DC GW based on this identifier, hence it must be unique per VSD.

Parameters 
name —
Specifies the name of the DC GW.

system-id

Syntax 
system-id isis-system-id
no system-id
Context 
[Tree] (config>service>vprn>isis system-id)
Full Contexts 
configure service vprn isis system-id
Description 

This command configures the IS-IS system ID. The system ID has a fixed length of 6 octets; it is determined using the following preference order:

  1. config>service>vprn>isis>system-id
  2. config>service>vprn>isis>router-id
  3. config>service>vprn>router-id
  4. config>service>vprn>if>address
  5. The default system ID 2550.0000.0000, based on the default router ID 255.0.0.0

The system ID is integral to IS-IS; therefore, for the system-id command to take effect, a shutdown and then no shutdown must be performed on the IS-IS instance. This will ensure that the configured and operational system ID are always the same.

The no form of this command removes the system ID from the configuration. The router ID is used when no system ID is specified.

Default 

no system-id

Parameters 
isis-system-id—
12 hexadecimal characters in dotted-quad notation.
Values—
aaaa.bbbb.cccc, where aaaa, bbbb, and cccc are hexadecimal numbers

 

system-id

Syntax 
[no] system-id
Context 
[Tree] (config>router>if>dhcp>option>vendor-specific-option system-id)
Full Contexts 
configure router interface dhcp option vendor-specific-option system-id
Description 

This command specifies whether the system-id is encoded in the Nokia vendor specific sub-option of Option 82.

Default 

no system-id

system-id

Syntax 
system-id isis-system-id
no system-id
Context 
[Tree] (config>router>isis system-id)
Full Contexts 
configure router isis system-id
Description 

This command configures the IS-IS system ID. The system ID has a fixed length of 6 octets; it is determined using the following preference:

  1. config>router>isis>system-id
  2. config>router>isis>router-id
  3. config>router>router-id
  4. config>router>interface>system>address
  5. The default system ID 2550.0000.0000, based on the default router ID 255.0.0.0

The system ID is integral to IS-IS; therefore, for the system-id command to take effect, the IS-IS instance must be shutdown and then no shutdown. This will ensure that the configured and operational system ID are always the same.

The no form of this command removes the system ID from the configuration. The router ID is used when no system ID is specified.

Parameters 
isis-system-id—
Specifies 12 hexadecimal characters in dotted-quad notation.
Values—
aaaa.bbbb.cccc, where aaaa, bbbb, and cccc are hexadecimal numbers

 

23.509. system-ip-load-balancing

system-ip-load-balancing

Syntax 
[no] system-ip-load-balancing
Context 
[Tree] (config>system>load-balancing system-ip-load-balancing)
Full Contexts 
configure system load-balancing system-ip-load-balancing
Description 

This command enables the use of the system IP address in the ECMP hash algorithm to add a per system variable. This can help guard against cases where multiple routers, in series, will end up hashing traffic to the same ECMP/LAG path.

This command is set at a system wide basis, however if certain IOMs do not support the new load-balancing algorithm, they will continue to use the default algorithm. By default, the IPv4 system IP address is used in the hash algorithm. When no IPv4 system IP address is configured, the IPv6 system IP address, when configured, is used in the hash algorithm.

The no form of the command resets the system wide algorithm to default.

Default 

no system-ip-load-balancing

23.510. system-mac

system-mac

Syntax 
system-mac mac-address
no system-mac
Context 
[Tree] (config>system>ned>profile system-mac)
Full Contexts 
configure system network-element-discovery profile system-mac
Description 

This command configures the MAC address to be advertised.

The no form of this command removes any explicitly defined MAC address and chassis MAC address will be advertised.

Default 

no system-mac

Parameters 
mac-address—
Specifies the MAC address to be associated with the profile in xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx format.

23.511. system-priority

system-priority

Syntax 
system-priority value
no system-priority
Context 
[Tree] (config>redundancy>multi-chassis>peer>mc-ep system-priority)
Full Contexts 
configure redundancy multi-chassis peer mc-endpoint system-priority
Description 

This command allows the operator to set the system priority. The peer configured with the lowest value is chosen to be the master. If system-priority are equal then the one with the highest system-id (chassis MAC address) is chosen as the master.

The no form of this command sets the system priority to default.

Default 

no system-priority

Parameters 
value—
Specifies the priority assigned to the local MC-EP peer.
Values—
1 to 255

 

23.512. system-profile

system-profile

Syntax 
system-profile {profile-a |profile-b}
no system-profile
Context 
[Tree] (bof system-profile)
Full Contexts 
bof system-profile
Description 

This command configures the system profile in the BOF.

System profile none represents the existing system capabilities and allows FP3- and FP4-based hardware to co-exist within a system. This is indicated by the omission of the system-profile parameter in the BOF, except on 7750 SR-1 systems.

System profile profile-a is primarily targeted at subscriber services and layer 2 and 3 VPN business services.

System profile profile-b is primarily targeted at infrastructure routing, core, peering, and DC-GW applications.

System profile profile-a and profile-b are supported on 7950 XRS-20/20e, 7750 SR-1 and 7750 SR-12e systems, and support only FP4-based line cards.

The system profile on 7750 SR-1 systems should be set to profile-a. It is set by default to profile-a when the system-profile parameter is omitted from the BOF, or configured to an invalid value.

On 7950 XRS-20/20e and 7750 SR-12e systems, default system profile is none.

On all other systems, the system-profile parameter must not be configured in the BOF which sets the system profile to none.

The no form of this command removes the system-profile parameter from the BOF.

Default 

none

Parameters 
profile-a—
Specifies that the system profile is for subscriber services and Layer 2 and 3 VPN business services.
profile-b—
Specifies that the system profile is primarily targeted at infrastructure routing, core, peering, and DC-GW applications.

23.513. system-reserve

system-reserve

Syntax 
system-reserve percentage-of-buffers
no system-reserve
Context 
[Tree] (config>qos>hsmda-pool-policy system-reserve)
Full Contexts 
configure qos hsmda-pool-policy system-reserve
Description 

This command defines the amount of HSMDA buffers that will be set aside for internal system use. By default, 10% of the total buffer space is reserved for system internal queues. The command is provided for the case where the reserved buffer space is either insufficient or excessive. Use care when modifying this value. When the system reserve value is changed, all the provisioned port class, class, and root pool sizes will be reevaluated and possibly changed.

The no form of this command restores the default system reserve value.

Parameters 
percentage-of-buffers—
Specifies the system reserve value.
Values—
1.00 to 30.00

 

Default—
10.00

system-reserve

Syntax 
system-reserve percent-of-buffers
no system-reserve
Context 
[Tree] (config>qos>hs-pool-policy system-reserve)
Full Contexts 
configure qos hs-pool-policy system-reserve
Description 

This command defines the amount of HSQ IOM buffers that is set aside for internal system use. By default, 5% of the total buffer space is reserved for system internal queues. The command is provided for the case where the reserved buffer space is either insufficient or excessive. Exercise care when modifying this value.

When the system reserve value is changed, all the provisioned port-class, mid-tier, and root pool sizes are reevaluated and possibly changed.

Use the show hs-pools card-slot-number fp forwarding-plane egress command to display the current buffer allocation and buffer usage conditions on an HSQ IOM.

The no form of the command reverts to the default system reserve value.

Default 

system-reserve 5.0

Parameters 
percent-of-buffers—
Specifies the percentage of HS buffers that are reserved for internal system use. This parameter is required when executing the system-reserve command. The parameter accepts a percent value with two decimal places (100th of a percent).
Values—
1.00 to 30.00