15. k Commands

15.1. kb-memory-use-alarm

kb-memory-use-alarm

Syntax 
kb-memory-use-alarm rising-threshold threshold [falling-threshold threshold] interval seconds [rmon-event-type] [startup-alarm alarm-type]
no kb-memory-use-warn
Context 
[Tree] (config>system>thresholds kb-memory-use-alarm)
Full Contexts 
configure system thresholds kb-memory-use-alarm
Supported Platforms 

All

Description 

This command configures memory use, in kilobytes, alarm thresholds.

The no form of the command removes the parameters from the configuration.

Parameters 
rising-threshold threshold
Specifies a threshold for the sampled statistic. When the current sampled value is greater than or equal to this threshold, and the value at the last sampling interval was less than this threshold, a single threshold crossing event will be generated. A single threshold crossing event will also be generated if the first sample taken is greater than or equal to this threshold and the associated startup-alarm is equal to rising or either.

After a rising threshold crossing event is generated, another such event will not be generated until the sampled value falls below this threshold and reaches less than or equal the falling-threshold value.

The threshold value represents units of kilobytes.

Values—
-2147483648 to 2147483647

 

Default—
0
falling-threshold threshold
Specifies a threshold for the sampled statistic. When the current sampled value is less than or equal to this threshold, and the value at the last sampling interval was greater than this threshold, a single threshold crossing event will be generated. A single threshold crossing event will also be generated if the first sample taken is less than or equal to this threshold and the associated startup-alarm is equal to falling or either.

After a falling threshold crossing event is generated, another such event will not be generated until the sampled value rises above this threshold and reaches greater than or equal the rising-threshold value.

The threshold value represents units of kilobytes.

Values—
-2147483648 to 2147483647

 

Default—
0
seconds
Specifies the polling period over which the data is sampled and compared with the rising and falling thresholds.
Values—
1 to 2147483647

 

rmon-event-type
Specifies the type of notification action to be taken when this event occurs.
Values—
log — In the case of log, an entry is made in the RMON-MIB log table for each event occurrence. This does not create an SR OS logger entry. The RMON-MIB log table entries can be viewed using the show>system>thresholds CLI command.
trap — An SR OS logger event is generated. The SR OS logger utility then distributes the notification of this event to its configured log destinations which may be CONSOLE, telnet session, memory log, cflash file, syslog, or SNMP trap destinations logs.
both — Both an entry in the RMON-MIB logTable and an SR OS logger event are generated.
none — No action is taken.

 

Default—
both
startup-alarm alarm-type
Specifies the alarm that may be sent when this alarm is first created. If the first sample is greater than or equal to the rising threshold value and startup-alarm is equal to rising or either, then a single rising threshold crossing event is generated. If the first sample is less than or equal to the falling threshold value and startup-alarm is equal to falling or either, a single falling threshold crossing event is generated.
Values—
rising, falling, either

 

Default—
either

15.2. kb-memory-use-warn

kb-memory-use-warn

Syntax 
kb-memory-use-warn rising-threshold threshold [falling-threshold threshold] interval seconds [rmon-event-type] [startup-alarm alarm-type]
no kb-memory-use-warn
Context 
[Tree] (config>system>thresholds kb-memory-use-warn)
Full Contexts 
configure system thresholds kb-memory-use-warn
Supported Platforms 

All

Description 

This command configures memory usage, in kilobytes, for warning thresholds

Parameters 
rising-threshold threshold
Specifies a threshold for the sampled statistic. When the current sampled value is greater than or equal to this threshold, and the value at the last sampling interval was less than this threshold, a single threshold crossing event will be generated. A single threshold crossing event will also be generated if the first sample taken is greater than or equal to this threshold and the associated startup-alarm is equal to rising or either.

After a rising threshold crossing event is generated, another such event will not be generated until the sampled value falls below this threshold and reaches less than or equal the falling-threshold value.

The threshold value represents units of kilobytes.

Values—
-2147483648 to 2147483647

 

Default—
0
falling-threshold threshold
Specifies a threshold for the sampled statistic. When the current sampled value is less than or equal to this threshold, and the value at the last sampling interval was greater than this threshold, a single threshold crossing event will be generated. A single threshold crossing event will also be generated if the first sample taken is less than or equal to this threshold and the associated startup-alarm is equal to falling or either.

After a falling threshold crossing event is generated, another such event will not be generated until the sampled value rises above this threshold and reaches greater than or equal the rising-threshold value.

The threshold value represents units of kilobytes.

Values—
-2147483648 to 2147483647

 

Default—
0
seconds
Specifies the polling period over which the data is sampled and compared with the rising and falling thresholds.
Values—
1 to 2147483647

 

rmon-event-type
Specifies the type of notification action to be taken when this event occurs.
Values—
log — An entry is made in the RMON-MIB log table for each event occurrence. This does not create an SR OS logger entry. The RMON-MIB log table entries can be viewed using the show>system>thresholds CLI command.
trap — An SR OSS logger event is generated. The SR OS logger utility then distributes the notification of this event to its configured log destinations which may be CONSOLE, telnet session, memory log, cflash file, syslog, or SNMP trap destinations logs.
both — Both an entry in the RMON-MIB logTable and an SR OS logger event are generated.
none — No action is taken.

 

Default—
both
alarm-type
Specifies the alarm that may be sent when this alarm is first created. If the first sample is greater than or equal to the rising threshold value and startup-alarm is equal to rising or either, then a single rising threshold crossing event is generated. If the first sample is less than or equal to the falling threshold value and startup-alarm is equal to falling or either, a single falling threshold crossing event is generated.
Values—
rising, falling, either

 

Default—
either

15.3. keep-alive

keep-alive

Syntax 
keep-alive [interval seconds] [retry-count value] [timeout retry-seconds]
no keep-alive
Context 
[Tree] (config>subscr-mgmt>gtp>peer-profile keep-alive)
Full Contexts 
configure subscriber-mgmt gtp peer-profile keep-alive
Supported Platforms 

7750 SR, 7750 SR-e, 7750 SR-s, VSR

Description 

This command configures Echo-Request messages.

The no form of this command reverts to the default values.

Default 

keep-alive interval 60 retry-count 4 timeout 5

Parameters 
seconds
Specifies, in seconds, the interval between keep-alive Echo-Request messages towards the same peer.
Values—
0, 60 to 180

 

Default—
60
value
Specifies, in seconds, the interval between keep-alive Echo-Request messages towards the same peer.
Values—
1 to 15

 

Default—
4
retry-seconds
Specifies the retry timeout, in seconds.
Values—
1 to 20

 

Default—
5

keep-alive

Syntax 
keep-alive timer
no keep-alive
Context 
[Tree] (config>port>ethernet>dwl keep-alive)
Full Contexts 
configure port ethernet down-when-looped keep-alive
Supported Platforms 

All

Description 

This command configures the time interval between keep-alive PDUs.

Default 

no keep-alive

Parameters 
timer—
Specifies the time interval, in seconds, between keep-alive PDUs.
Values—
1 to 120

 

keep-alive

Syntax 
keep-alive [poll-frequency seconds] [poll-count value] [test-frequency seconds]
no keep-alive
Context 
[Tree] (config>port>sonet-sdh>path>atm>ilmi keep-alive)
Full Contexts 
configure port sonet-sdh path atm ilmi keep-alive
Supported Platforms 

7450 ESS, 7750 SR-7/12/12e, 7750 SR-a, 7750 SR-e, 7950 XRS

Description 

This command configures keepalive parameters to monitor ILMI link connectivity.

The no form of this command resets the default values on an ILMI link.

Parameters 
poll-frequency seconds
Specifies the amount of time, in seconds, between successive transmissions of ILMI messages on this interface for the purpose of detecting the establishment of ILMI connectivity.
Values—
1 to 255

 

value
Specifies the number of consecutive polls on this interface for which no ILMI response message is received before ILMI connectivity is declared lost.
Values—
1 to 255

 

test-frequency seconds
Specifies the frequency for testing for connectivity when the link is establishing before polling begins.
Values—
0 to 255

 

keep-alive

Syntax 
keep-alive seconds
Context 
[Tree] (config>li>x-interfaces>x2>timeouts keep-alive)
[Tree] (config>li>x-interfaces>x3>timeouts keep-alive)
Full Contexts 
configure li x-interfaces x2 timeouts keep-alive
configure li x-interfaces x3 timeouts keep-alive
Supported Platforms 

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS

Description 

This command configures the X2 and X3 keep-alive timeout.

Parameters 
seconds—
Specifies the maximum time to wait for a LIC reply to a keep alive request. The system retries up to three more times, and if no reply is received, the system declares a connection fault and logs the failure event.
Values—
300 to 600

 

Default—
300

keep-alive

Syntax 
keep-alive
Context 
[Tree] (config>service>sdp keep-alive)
Full Contexts 
configure service sdp keep-alive
Supported Platforms 

All

Description 

This command enables the context to configure SDP connectivity monitoring keepalive messages for the SDP ID.

SDP ID keepalive messages use SDP Echo Request and Reply messages to monitor SDP connectivity. The operating state of the SDP is affected by the keepalive state on the SDP ID. SDP Echo Request messages are only sent when the SDP ID is completely configured and administratively up. If the SDP ID is administratively down, keepalives for that SDP ID are disabled. SDP Echo Requests (when sent for keepalive messages) are always sent with the originator-sdp-id. All SDP ID keepalive SDP Echo Replies are sent using generic IP/GRE OAM encapsulation.

When a keepalive response is received that indicates an error condition, the SDP ID will immediately be brought operationally down. Once a response is received that indicates the error has cleared and the hold-down-time interval has expired, the SDP ID will be eligible to be put into the operationally up state. If no other condition prevents the operational change, the SDP ID will enter the operational state.

A set of event counters track the number of keepalive requests sent, the size of the message sent, non-error replies received and error replies received. A keepalive state value is kept indicating the last response event. A keepalive state timestamp value is kept indicating the time of the last event. With each keepalive event change, a log message is generated indicating the event type and the timestamp value.

Table 69 describes the keepalive interpretation of SDP echo reply response conditions and the effect on the SDP ID operational status.

Table 69:  Keepalive Interpretation and Effect of SDP Echo Reply

Result of Request

Stored Response State

Operational State

keepalive request timeout without reply

Request Timeout

Down

keepalive request not sent due to non-existent orig-sdp-id

(This condition should not occur)

Orig-SDP Non-Existent

Down

keepalive request not sent due to administratively down orig-sdp-id

Orig-SDP Admin-Down

Down

keepalive reply received, invalid origination-id

Far End: Originator-ID Invalid

Down

keepalive reply received, invalid responder-id

Far End: Responder-ID Error

Down

keepalive reply received, No Error

Success

Up

(If no other condition prevents)

15.4. keep-alive-interval

keep-alive-interval

Syntax 
keep-alive-interval interval
no keep-alive-interval
Context 
[Tree] (config>redundancy>multi-chassis>peer>mc-lag keep-alive-interval)
Full Contexts 
configure redundancy multi-chassis peer mc-lag keep-alive-interval
Supported Platforms 

All

Description 

This command sets the interval at which keep-alive messages are exchanged between two systems participating in MC-LAG. These keep-alive messages are used to determine remote-node failure and the interval is set in deciseconds.

The no form of this command sets the interval to default value.

Default 

keep-alive-interval 10

Parameters 
interval—
The time interval expressed in tenths of a second.
Values—
5 to 500

 

keep-alive-interval

Syntax 
keep-alive-interval interval
no keep-alive-interval
Context 
[Tree] (config>service>ies>sub-if>grp-if>srrp keep-alive-interval)
[Tree] (config>service>vprn>sub-if>grp-if>srrp keep-alive-interval)
Full Contexts 
configure service ies subscriber-interface group-interface srrp keep-alive-interval
configure service vprn subscriber-interface group-interface srrp keep-alive-interval
Supported Platforms 

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Description 

This command defines the interval between SRRP advertisement messages sent when operating in the master state. The interval is also the basis for setting the master-down timer used to determine when the master is no longer sending. The system uses three times the keep-alive interval to set the timer. Every time an SRRP advertisement is seen that is better than the local priority, the timer is reset. If the timer expires, the SRRP instance assumes that a master does not exist and initiates the attempt to become master.

When in backup state, the SRRP instance takes the keep-alive interval of the master as represented in the masters SRRP advertisement message. Once in master state, the SRRP instance uses its own configured keep-alive interval.

The keep-alive-interval may be changed at any time, but will have no effect until the SRRP instance is in the master state.

The no form of this command restores the default interval.

Default 

keep-alive-interval 10

Parameters 
interval—
Specifies the interval, in deciseconds, between SRRP advertisement messages sent when operating in the master state.
Values—
1 to 100

 

keep-alive-interval

Syntax 
keep-alive-interval interval
no keep-alive-interval
Context 
[Tree] (config>redundancy>multi-chassis>peer>mc-ep keep-alive-interval)
Full Contexts 
configure redundancy multi-chassis peer mc-endpoint keep-alive-interval
Supported Platforms 

All

Description 

This command sets the interval at which keep-alive messages are exchanged between two systems participating in MC-EP when bfd is not enabled or is down. These fast keep-alive messages are used to determine remote-node failure and the interval is set in deciseconds.

The no form of this command sets the interval to default value

Default 

no keep-alive-interval

Parameters 
interval—
The time interval expressed in tenths of a second.
Values—
5 to 500

 

keep-alive-interval

Syntax 
keep-alive-interval interval
no keep-alive-interval
Context 
[Tree] (config>redundancy>multi-chassis>peer>mc-ipsec keep-alive-interval)
Full Contexts 
configure redundancy multi-chassis peer mc-ipsec keep-alive-interval
Supported Platforms 

7450 ESS, 7750 SR, 7750 SR-1s, 7750 SR-2s, 7750 SR-e, VSR

Description 

This command specifies the time interval of the mastership election protocol sending keep-alive packet.

The no form of this command reverts to the default.

Default 

keep-alive-interval 10

Parameters 
interval—
Specifies the keep alive interval in tenths of seconds.
Values—
5 to 500

 

15.5. keep-count

keep-count

Syntax 
keep-count count
no keep-count
Context 
[Tree] (config>bmp>station>connection>tcp-keepalive keep-count)
Full Contexts 
configure bmp station connection tcp-keepalive keep-count
Supported Platforms 

All

Description 

This command configures the number of missed keepalives before the TCP connection is declared down.

The no form of this command reverts to the default.

Default 

keep-count 4

Parameters 
count—
Specifies the number of missed keepalives before the TCP connection is declared down.
Values—
3 to 100

 

15.6. keep-idle

keep-idle

Syntax 
keep-idle idle
no keep-idle
Context 
[Tree] (config>bmp>station>connection>tcp-keepalive keep-idle)
Full Contexts 
configure bmp station connection tcp-keepalive keep-idle
Supported Platforms 

All

Description 

This command configures the time until the first TCP keepalive probe is sent.

The no form of this command reverts to the default.

Default 

keep-idle 600

Parameters 
idle—
Specifies the time, in seconds, until the first TCP keepalive probe is sent.
Values—
1 to 100000

 

15.7. keep-interval

keep-interval

Syntax 
keep-interval interval
no keep-interval
Context 
[Tree] (config>bmp>station>connection>tcp-keepalive keep-interval)
Full Contexts 
configure bmp station connection tcp-keepalive keep-interval
Supported Platforms 

All

Description 

This command configures the time between two TCP keepalives probes.

The no form of this command reverts to the default.

Default 

keep-interval 15

Parameters 
interval—
Specifies the time, in seconds, between two TCP keepalives probes.
Values—
1 to 100000

 

15.8. keep-multiplier

keep-multiplier

Syntax 
keep-multiplier number
no keep-multiplier
Context 
[Tree] (config>router>gmpls keep-multiplier)
Full Contexts 
configure router gmpls keep-multiplier
Supported Platforms 

7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS

Description 

This command configures the integer used by RSVP to declare that a reservation is down or the neighbor is down.

The no form of this command resets the configuration to the default value.

Default 

keep-multiplier 3

Parameters 
number—
Specifies the keep multiplier value.
Values—
1 to 255

 

keep-multiplier

Syntax 
[no] keep-multiplier number
no keep-multiplier
Context 
[Tree] (config>router>rsvp keep-multiplier)
Full Contexts 
configure router rsvp keep-multiplier
Supported Platforms 

All

Description 

The keep-multiplier number is an integer used by RSVP to declare that a reservation is down or the neighbor is down.

The no form of this command reverts to the default value.

Default 

keep-multiplier 3

Parameters 
number—
Specifies the keep-multiplier value.
Values—
1 to 255

 

15.9. keepalive

keepalive

Syntax 
keepalive seconds [hold-up-multiplier multiplier]
no keepalive
Context 
[Tree] (config>router>l2tp>group>ppp keepalive)
[Tree] (config>router>l2tp>group>tunnel>ppp keepalive)
[Tree] (config>service>vprn>l2tp>group>ppp keepalive)
[Tree] (config>service>vprn>l2tp>group>tunnel>ppp keepalive)
Full Contexts 
configure router l2tp group ppp keepalive
configure router l2tp group tunnel ppp keepalive
configure service vprn l2tp group ppp keepalive
configure service vprn l2tp group tunnel ppp keepalive
Supported Platforms 

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Description 

This command configures the PPP keepalive interval and multiplier.

Default 

keepalive 30 hold-up-multiplier 3

Parameters 
seconds—
Specifies in seconds the interval.
Values—
10 to 300

 

multiplier—
Specifies the multiplier.
Values—
1 to 5

 

keepalive

Syntax 
keepalive seconds [hold-up-multiplier multiplier]
no keepalive
Context 
[Tree] (config>subscr-mgmt>ppp-policy keepalive)
Full Contexts 
configure subscriber-mgmt ppp-policy keepalive
Supported Platforms 

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Description 

This command defines the keepalive interval and the number of keepalives that can be missed before the session is declared down for this PPP policy.

The no form of this command reverts to the default value.

Default 

keepalive 30 hold-up-multiplier 3

Parameters 
seconds—
Specifies the keepalive interval in seconds.
Values—
4 to 300

 

hold-up-multiplier multiplier
Specifies the number of keepalives that can be missed.
Values—
1 to 5

 

keepalive

Syntax 
keepalive seconds
no keepalive
Context 
[Tree] (config>subscr-mgmt>bgp-prng-plcy keepalive)
Full Contexts 
configure subscriber-mgmt bgp-peering-policy keepalive
Supported Platforms 

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Description 

This command configures the BGP keepalive timer. A keepalive message is sent every time this timer expires.

The keepalive value is generally one-third of the hold-time interval. Even though the OS implementation allows the keepalive value and the hold-time interval to be independently set, under the following circumstances, the configured keepalive value is overridden by the hold-time value:

If the specified keepalive value is greater than the configured hold-time, then the specified value is ignored, and the keepalive is set to one third of the current hold-time value.

If the specified hold-time interval is less than the configured keepalive value, then the keepalive value is reset to one third of the specified hold-time interval.

If the hold-time interval is set to zero, then the configured value of the keepalive value is ignored. This means that the connection with the peer is up permanently and no keepalive packets are sent to the peer.

The no form of this command used at the global level reverts to the default value.

Default 

keepalive 30

Parameters 
seconds—
Specifies the keepalive timer in seconds, expressed as a decimal integer.
Values—
0 to 21845

 

keepalive

Syntax 
keepalive seconds
no keepalive
Context 
[Tree] (config>service>vpls>gsmp>group keepalive)
[Tree] (config>service>vprn>gsmp>group keepalive)
Full Contexts 
configure service vpls gsmp group keepalive
configure service vprn gsmp group keepalive
Supported Platforms 

All

Description 

This command configures keepalive values for the GSMP connections in this group.

The no form of this command reverts to the default.

Default 

no keepalive

Parameters 
seconds—
Specifies the GSMP keepalive timer value in seconds.
Values—
1 to 25

 

keepalive

Syntax 
keepalive seconds [hold-up-multiplier multiplier]
no keepalive
Context 
[Tree] (config>subscr-mgmt>pppoe-client-policy keepalive)
Full Contexts 
configure subscriber-mgmt pppoe-client-policy keepalive
Supported Platforms 

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Description 

This command defines the keepalive interval and the number of times the keepalive can be missed before the session is declared down for this PPPoE client policy.

The no form of this command reverts to the default.

Default 

keepalive 30 hold-up-multiplier 3

Parameters 
seconds—
Specifies the keepalive interval in seconds.
Values—
10 to 300

 

multiplier—
Specifies the number times keepalive can be missed.
Values—
1 to 5

 

keepalive

Syntax 
keepalive time-interval [dropcount drop-count]
no keepalive
Context 
[Tree] (config>port>sonet-sdh>path>ppp keepalive)
[Tree] (config>port>tdm>ds1>channel-group>cisco-hdlc keepalive)
[Tree] (config>port>tdm>ds1>channel-group>ppp keepalive)
[Tree] (config>port>tdm>ds3>ppp keepalive)
[Tree] (config>port>tdm>e1>channel-group>ppp keepalive)
[Tree] (config>port>tdm>e3>ppp keepalive)
Full Contexts 
configure port sonet-sdh path ppp keepalive
configure port tdm ds1 channel-group cisco-hdlc keepalive
configure port tdm ds1 channel-group ppp keepalive
configure port tdm ds3 ppp keepalive
configure port tdm e1 channel-group ppp keepalive
configure port tdm e3 ppp keepalive
Supported Platforms 

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS

  1. configure port sonet-sdh path ppp keepalive

7450 ESS, 7750 SR-7/12/12e, 7750 SR-a, 7750 SR-e

  1. configure port tdm ds1 channel-group ppp keepalive
  2. configure port tdm ds3 ppp keepalive
  3. configure port tdm e3 ppp keepalive
  4. configure port tdm ds1 channel-group cisco-hdlc keepalive
  5. configure port tdm e1 channel-group ppp keepalive
Description 

This command sets the keepalive interval.

The no form of this command returns the interval to the default value.

Default 

keepalive 10

Parameters 
time-interval—
Specifies the time, in seconds, between keepalive messages, expressed as a decimal integer.
Values—
1 to 60

 

drop-count—
Specifies the number of consecutive keepalive failed request attempts or remote replies that can be missed after which the port is operationally downed.
Values—
1 to 255

 

keepalive

Syntax 
keepalive time-interval
no keepalive
Context 
[Tree] (config>port>sonet-sdh>path>cisco-hdlc keepalive)
[Tree] (config>port>tdm>ds1>channel-group>cisco-hdlc keepalive)
[Tree] (config>port>tdm>ds3>cisco-hdlc keepalive)
[Tree] (config>port>tdm>e1>channel-group>cisco-hdlc keepalive)
[Tree] (config>port>tdm>e3>cisco-hdlc keepalive)
Full Contexts 
configure port sonet-sdh path cisco-hdlc keepalive
configure port tdm ds1 channel-group cisco-hdlc keepalive
configure port tdm ds3 cisco-hdlc keepalive
configure port tdm e1 channel-group cisco-hdlc keepalive
configure port tdm e3 cisco-hdlc keepalive
Supported Platforms 

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS

  1. configure port sonet-sdh path cisco-hdlc keepalive

7450 ESS, 7750 SR-7/12/12e, 7750 SR-a, 7750 SR-e

  1. configure port tdm ds3 cisco-hdlc keepalive
  2. configure port tdm ds1 channel-group cisco-hdlc keepalive
  3. configure port tdm e1 channel-group cisco-hdlc keepalive
  4. configure port tdm e3 cisco-hdlc keepalive
Description 

This command specifies the interval, in seconds, used to send periodic keepalive packets. The receiver process expects to receive a keepalive packet every “keepalive interval”. The link is declared down if the receiver process does not receive a keepalive within the “timeout interval”. The link is declared up once the number of continual keepalive packets received equals to the up-count. The nodes at the two endpoints of the cHDLC link should be provisioned with the same values. A keepalive value of 0 means no keepalive packets are sent.

Default 

keepalive 10

Parameters 
time-interval—
Specifies the interval used to send periodic keepalive packets.
Values—
0 to 300

 

keepalive

Syntax 
keepalive seconds
no keepalive
Context 
[Tree] (config>service>vprn>bgp keepalive)
[Tree] (config>service>vprn>bgp>group keepalive)
[Tree] (config>service>vprn>bgp>group>neighbor keepalive)
Full Contexts 
configure service vprn bgp group keepalive
configure service vprn bgp group neighbor keepalive
configure service vprn bgp keepalive
Supported Platforms 

All

Description 

This command configures the BGP keepalive timer. A keepalive message is sent every time this timer expires. The seconds parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.

The keepalive value is generally one-third of the hold-time interval. Even though the OS implementation allows the keepalive value and the hold-time interval to be independently set, under the following circumstances, the configured keepalive value is overridden by the hold-time value:

If the specified keepalive value is greater than the configured hold-time, then the specified value is ignored, and the keepalive is set to one third of the current hold-time value.

If the specified hold-time interval is less than the configured hold-time value, then the keepalive value is reset to one third of the specified hold-time interval.

If the hold-time interval is set to zero, then the configured value of the keepalive value is ignored. This means that the connection with the peer is up permanently and no keepalive packets are sent to the peer.

The no form of this command used at the global level reverts to the default value.

The no form of this command used at the group level reverts to the value defined at the global level.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default 

keepalive 30

Parameters 
seconds—
The keepalive timer in seconds, expressed as a decimal integer.
Values—
0 to 21845

 

keepalive

Syntax 
keepalive timeout factor
no keepalive
Context 
[Tree] (config>router>ldp>if-params>if>ipv4 keepalive)
[Tree] (config>router>ldp>if-params>if>ipv6 keepalive)
[Tree] (config>router>ldp>if-params>ipv4 keepalive)
[Tree] (config>router>ldp>if-params>ipv6 keepalive)
[Tree] (config>router>ldp>targ-session>ipv4 keepalive)
[Tree] (config>router>ldp>targ-session>ipv6 keepalive)
[Tree] (config>router>ldp>targ-session>peer keepalive)
[Tree] (config>router>ldp>targ-session>peer-template keepalive)
Full Contexts 
configure router ldp interface-parameters interface ipv4 keepalive
configure router ldp interface-parameters interface ipv6 keepalive
configure router ldp interface-parameters ipv4 keepalive
configure router ldp interface-parameters ipv6 keepalive
configure router ldp targeted-session ipv4 keepalive
configure router ldp targeted-session ipv6 keepalive
configure router ldp targeted-session peer keepalive
configure router ldp targeted-session peer-template keepalive
Supported Platforms 

All

Description 

This command configures the time interval (in s), that LDP waits before tearing down the session. The factor parameter derives the keepalive interval.

The config>router>ldp>if-params>ipv6>keepalive and config>router>ldp>targ-session>ipv6>keepalive commands are not supported on the 7450 ESS.

If no LDP messages are exchanged for the configured time interval, the LDP session is torn down. Keepalive timeout is usually three times the keepalive interval. To maintain the session permanently, regardless of the activity, set the value to zero.

When LDP session is being set up, the keepalive timeout is negotiated to the lower of the two peers. Once an operational value is agreed upon, the keepalive factor is used to derive the value of the keepalive interval.

The no form of the command at the interface-parameters and targeted-session levels sets the keepalive timeout and the keepalive factor to the default value.

The no form of this command, at the interface level, sets the keepalive timeout and the keepalive factor to the value defined under the interface-parameters level.

The no form of this command, at the peer level, sets the keepalive timeout and the keepalive factor to the value defined under the targeted-session level.

The session must be flapped for the new settings to operate.

Default 

Table 70 lists the default values.

Table 70:  Timeout Factor Defaults

Context

Timeout

Factor

config>router>ldp>if-params

30

3

config>router>ldp>targ-session

40

4

config>router>ldp>if-params>if

Inherits values from interface-parameters context.

config>router>ldp>targ-session>peer

Inherits values from targeted-session context.

Parameters 
timeout—
Configures the time interval, in seconds, that LDP waits before tearing down the session.
Values—
1 to 65535

 

factor—
Specifies the number of keepalive messages, expressed as a decimal integer, that should be sent on an idle LDP session in the keepalive timeout interval.
Values—
1 to 255

 

keepalive

Syntax 
[no] keepalive
Context 
[Tree] (debug>router>ldp>peer>packet keepalive)
Full Contexts 
debug router ldp peer packet keepalive
Supported Platforms 

All

Description 

This command enables debugging for LDP Keepalive packets.

The no form of the command disables the debugging output.

keepalive

Syntax 
keepalive seconds
no keepalive
Context 
[Tree] (config>router>pcep>pcc keepalive)
[Tree] (config>router>pcep>pce keepalive)
Full Contexts 
configure router pcep pcc keepalive
configure router pcep pce keepalive
Supported Platforms 

All

Description 

This command configures the PCEP session keep-alive value. A PCEP speaker (PCC or PCE) must send a keep-alive message if no other PCEP message is sent to the peer at the expiry of this timer. This timer is restarted every time a PCEP message or keep-alive message is sent.

The keep-alive mechanism is asymmetric, meaning that each peer can use a different keep-alive timer value at its end.

The no form of the command returns the keep-alive timer to the default value.

Default 

keepalive 30

Parameters 
seconds—
the keep-alive value, in seconds
Values—
1 to 255

 

keepalive

Syntax 
keepalive deciseconds dropcount count
Context 
[Tree] (config>isa>nat-group>inter-chassis-redundancy keepalive)
Full Contexts 
configure isa nat-group inter-chassis-redundancy keepalive
Supported Platforms 

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Description 

This command configures keepalives between the CPMs residing on different chassis. The keepalives are used to detect the presence of the peering node. If the redundant peer connectivity is lost beyond the limit defined by keepalives, then each node in the redundant pair transitions into a standalone mode. Keepalives use UDP transport.

Default 

keepalive 30 dropcount 2

Parameters 
deciseconds—
Specifies the number of keepalives that are transported periodically at intervals defined by this parameter.
Values—
2 to 250

 

count—
Specifies the drop count. If the number of consecutive keepalives defined by this parameter is lost, then the peer is considered unreachable and the node transitions into a standalone mode of operation.
Values—
2 to 20

 

keepalive

Syntax 
keepalive seconds
no keepalive
Context 
[Tree] (config>router>bgp keepalive)
[Tree] (config>router>bgp>group keepalive)
[Tree] (config>router>bgp>group>neighbor keepalive)
Full Contexts 
configure router bgp group keepalive
configure router bgp group neighbor keepalive
configure router bgp keepalive
Supported Platforms 

All

Description 

This command configures the BGP keepalive timer. A keepalive message is sent every time this timer expires.

The keepalive parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.

The keepalive value is generally one-third of the hold-time interval. Even though the implementation allows the keepalive value and the hold-time interval to be independently set, under the following circumstances, the configured keepalive value is overridden by the hold-time value:

  1. If the specified keepalive value is greater than the configured hold-time, then the specified value is ignored and the keepalive is set to one third of the current hold-time value.
  2. If the specified hold-time interval is less than the configured keepalive value, then the keepalive value is reset to one third of the specified hold-time interval.
  3. If the hold-time interval is set to zero, then the configured value of the keepalive value is ignored. This means that the connection with the peer is up permanently and no keepalive packets are sent to the peer.

The no form of this command used at the global level reverts to the default value.

The no form of this command used at the group level reverts to the value defined at the global level.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default 

keepalive 30

Parameters 
seconds—
Specifies the keepalive timer, in seconds, expressed as a decimal integer.
Values—
0 to 21845

 

keepalive

Syntax 
keepalive [neighbor ip-addr | group name]
no keepalive
Context 
[Tree] (debug>router>bgp keepalive)
Full Contexts 
debug router bgp keepalive
Supported Platforms 

All

Description 

This command decodes and logs all sent and received keepalive messages in the debug log.

The no form of this command disables the debugging.

Parameters 
neighbor ip-address
Debugs only events affecting the specified BGP neighbor.
Values—
ipv4-address:
  1. a.b.c.d (host bits must be 0)
ipv6-address:
  1. x:x:x:x:x:x:x:x [-interface] (eight 16-bit pieces)
  2. x:x:x:x:x:x:d.d.d.d [-interface]
  3. x: [0 to FFFF]H
  4. d: [0 to 255]D
  5. interface: up to 32 characters for link local addresses

 

group name
Debugs only events affecting the specified peer group name, up to 64 characters, and associated neighbors.

15.10. keepalive-override

keepalive-override

Syntax 
keepalive-override keepalive-timer
no keepalive-override
Context 
[Tree] (config>mcast-mgmt>mcast-info-policy>bundle keepalive-override)
[Tree] (config>mcast-mgmt>mcast-info-policy>bundle>channel keepalive-override)
[Tree] (config>mcast-mgmt>mcast-info-policy>bundle>channel>source-override keepalive-override)
Full Contexts 
configure mcast-management mcast-info-policy bundle channel keepalive-override
configure mcast-management mcast-info-policy bundle channel source-override keepalive-override
configure mcast-management mcast-info-policy bundle keepalive-override
Description 

This command configures the keepalive timer override. The PIM (S,G) Keepalive Timer (KAT) is used to maintain the (S,G) state when (S,G) join is not received. Expiry of the KAT causes the (S,G) entry to be removed.

The KAT override configuration is performed with a multicast information policy, which must be applied to the related PIM routing instance. When a KAT override is configured under a channel (a group or a group range), it applies to all (S,G) entries that fall under it, except when the source-override is configured and a KAT override is also configured under the source-override. In this scenario, the specific KAT override must be used for the (S,G) entries that fall under the source-override, while other (S,G) entries under the bundle use the KAT override configured under the channel.

Parameters 
keepalive-timer—
Specifies the keepalive timer override, in seconds.
Values—
10 to 86000

 

15.11. kernel

kernel

Syntax 
kernel password password
no kernel
Context 
[Tree] (environment kernel)
Full Contexts 
environment kernel
Supported Platforms 

All

Description 

This command enables and disables the kernel.

Parameters 
password—
Specifies the password to access the kernel, up to 256 characters.

15.12. kex

kex

Syntax 
kex index name kex-name
no kex index
Context 
[Tree] (config>system>security>ssh>client-kex-list kex)
[Tree] (config>system>security>ssh>server-kex-list kex)
Full Contexts 
configure system security ssh client-kex-list kex
configure system security ssh server-kex-list kex
Supported Platforms 

All

Description 

This command allows the user to configure phase 1 SSH v2 KEX algorithms for SR OS as an SSH server or an SSH client. By default, the client and server lists are empty. If the user configures this list, SSH uses the hard-coded list with the first-listed algorithm having the highest priority and so on. An empty server or client list is the default list and contains the following algorithms:

diffie-hellman-group16-sha512

diffie-hellman-group14-sha256

diffie-hellman-group14-sha1

diffie-hellman-group14-sha1

diffie-hellman-group1-sha1

The no form of this command removes the specified KEX index. If all KEX indexes are removed, the default list is used again.

Parameters 
index—
Specifies the index of the algorithm in the list. The lowest index in the list is negotiated first on the SSH negotiation list, while the highest index is at the bottom of the SSH negotiation list.
Values—
1 to 255

 

kex-name—
Specifies the KEX algorithm for computing the shared secret key.
Values—
diffie-hellman-group16-sha512, diffie-hellman-group14-sha256, diffie-hellman-group14-sha1, diffie-hellman-group-exchange-sha1, diffie-hellman-group1-sha1

 

15.13. key

key

Syntax 
key packet-type {accept | request} attribute-type attribute-type [vendor vendor-id]
no key
Context 
[Tree] (config>router>radius-proxy>server>cache key)
[Tree] (config>service>vprn>radius-proxy>server>cache key)
Full Contexts 
configure router radius-proxy server cache key
configure service vprn radius-proxy server cache key
Supported Platforms 

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Description 

This command specifies the RADIUS cache key that is used to match the information in subsequent DHCP requests for authorization.

Parameters 
packet-type—
Specifies the packet type of the RADIUS messages to use to generate the key for the cache of this RADIUS proxy server.
Values—
accept, request

 

attribute-type
Specifies the RADIUS attribute type to cache for this RADIUS proxy. server.
Values—
1 to 255

 

vendor-id
Specifies the RADIUS vendor ID.
Values—
1 to 16777215, nokia

 

key

Syntax 
key key-filename
no key
Context 
[Tree] (config>ipsec>cert-profile>entry key)
Full Contexts 
configure ipsec cert-profile entry key
Supported Platforms 

7450 ESS, 7750 SR, 7750 SR-1s, 7750 SR-2s, 7750 SR-e, VSR

Description 

This command specifies the filename of an imported key for the cert-profile entry.

The no form of this command removes the key filename from the entry configuration.

Default 

no key

Parameters 
key-filename—
Specifies the filename of an imported key.

key

Syntax 
key password [hash | hash2 | custom] reference reference-number
no key reference reference-number
Context 
[Tree] (config>system>security>pki>ca-profile>cmpv2>key-list key)
Full Contexts 
configure system security pki ca-profile cmpv2 key-list key
Supported Platforms 

All

Description 

This command specifies a pre-shared key used for CMPv2 initial registration. Multiples of key commands are allowed to be configured under this context.

The password and reference-number is distributed by the CA via out-of-band means.

The configured password is stored in configuration file in an encrypted form by using SR OS hash2 algorithm.

The no form of this command removes the parameters from the configuration.

Parameters 
password—
Specifies a printable ASCII string, up to 64 characters.
hash—
Specifies the key is entered in an encrypted form. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified
hash2—
Specifies the key is entered in a more complex encrypted form that involves more variables than the key value alone, meaning that the hash2 encrypted variable cannot be copied and pasted. If the hash or hash2 parameter is not used, the key is assumed to be in an unencrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
custom—
Specifies the custom encryption to management interface.
reference reference-number
Specifies a printable ASCII string, up to 64 characters in length.

key

Syntax 
key key-filename
no key
Context 
[Tree] (config>system>security>tls>cert-profile>entry key)
Full Contexts 
configure system security tls cert-profile entry key
Supported Platforms 

All

Description 

This command specifies the file name of an imported key for the cert-profile entry.

The no form of the command removes the key.

Default 

no key

Parameters 
key-filename—
Specifies the file name of the key.

15.14. key-list

key-list

Syntax 
key-list
Context 
[Tree] (config>system>security>pki>ca-profile>cmpv2 key-list)
Full Contexts 
configure system security pki ca-profile cmpv2 key-list
Supported Platforms 

All

Description 

This command enables the context to configure pre-shared key list parameters.

15.15. key-re-exchange

key-re-exchange

Syntax 
key-re-exchange
Context 
[Tree] (config>system>security>ssh key-re-exchange)
Full Contexts 
configure system security ssh key-re-exchange
Supported Platforms 

All

Description 

This command enables the key re-exchange context.

15.16. key-rollover-interval

key-rollover-interval

Syntax 
key-rollover-interval key-rollover-interval
Context 
[Tree] (config>service>vprn>ospf3>area key-rollover-interval)
Full Contexts 
configure service vprn ospf3 area key-rollover-interval
Supported Platforms 

All

Description 

This command configures the key rollover interval.

The no form of this command reverts to the default.

Default 

key-rollover-interval 10

Parameters 
key-rollover-interval—
Specifies the time, in seconds, after which a key rollover will start.
Values—
10 to 300

 

key-rollover-interval

Syntax 
key-rollover-interval seconds
Context 
[Tree] (config>router>ospf3>area key-rollover-interval)
Full Contexts 
configure router ospf3 area key-rollover-interval
Supported Platforms 

All

Description 

This command configures the key rollover interval.

Default 

key-rollover-interval 10

Parameters 
seconds—
Specifies the time, in seconds, after which a key rollover will start.
Values—
10 to 300

 

15.17. key-update

key-update

Syntax 
key-update ca ca-profile-name newkey key-filename oldkey key-filename oldcert cert-filename [hash-alg hash-algorithm] save-as save-path-of-result-cert
Context 
[Tree] (admin>certificate>cmpv2 key-update)
Full Contexts 
admin certificate cmpv2 key-update
Supported Platforms 

All

Description 

This command requests a new certificate from the CA to update an existing certificate due to reasons such as key refresh or replacing compromised key.

In some cases, the CA may not return certificate immediately, due to reasons such as request processing need manual intervention. In such cases, the admin certificate cmpv2 poll command can be used to poll the status of the request.

Parameters 
ca-profile-name
Specifies a ca-profile name which includes CMP server information, up to 32 characters.
newkey key-filename
Specifies the key file of the requesting certificate, up to 95 characters.
oldkey key-filename
Specifies the key to be replaced, up to 95 characters.
cert-filename
Specifies the file name of an imported certificate to be replaced, up to 95 characters.
hash-algorithm
Specifies the hash algorithm for RSA key.
Values—
md5,sha1,sha224,sha256,sha384,sha512

 

save-path-of-result-cert
Specifies the save full path name of saving the result certificate, up to 200 characters.

15.18. key-value

key-value

Syntax 
key-value public-key-value
no key-value
Context 
[Tree] (config>system>security>user>public-keys>ecdsa>ecdsa-key key-value)
[Tree] (config>system>security>user>public-keys>rsa>rsa-key key-value)
Full Contexts 
configure system security user public-keys ecdsa ecdsa-key key-value
configure system security user public-keys rsa rsa-key key-value
Supported Platforms 

All

Description 

This command configures a value for the RSA or ECDSA public key. The public key must be enclosed in quotation marks. For RSA, the key is between 768 and 4096 bits. For ECDSA, the key is between 1 and 1024 bits.

Default 

no key-value

Parameters 
public-key-value
Specifies the public key value, up to 800 characters for RSA and up to 255 characters for ECDSA.

15.19. keychain

keychain

Syntax 
[no] keychain keychain-name
Context 
[Tree] (config>system>security keychain)
Full Contexts 
configure system security keychain
Supported Platforms 

All

Description 

This command enables the context to configure keychain parameters. A keychain must be configured on the system before it can be applied to a session.

The no form of this command removes the keychain nodal context and everything under it from the configuration. If the keychain to be removed is in use when the no keychain command is entered, the command will not be accepted and an error indicating that the keychain is in use will be printed.

Parameters 
keychain-name—
Specifies a keychain name which identifies this particular keychain entry.
Values—
An ASCII string up to 32 characters.

 

15.20. keygroup-name

keygroup-name

Syntax 
keygroup-name keygroup-name
no keygroup-name
Context 
[Tree] (config>grp-encryp>encryp-keygrp keygroup-name)
Full Contexts 
configure group-encryption encryption-keygroup keygroup-name
Supported Platforms 

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Description 

This command is used to name the key group. The key group name can be used to reference a key group when configuring services or displaying information.

The no form of the command reverts to the default value.

Parameters 
keygroup-name—
The name of the key group, up to 64 characters.

15.21. kill-session

kill-session

Syntax 
[no] kill-session
Context 
[Tree] (config>system>security>profile>netconf>base-op-authorization kill-session)
Full Contexts 
configure system security profile netconf base-op-authorization kill-session
Supported Platforms 

All

Description 

This command authorizes a user associated with the profile to send a NETCONF <kill-session> operation. This kill session operation allows a NETCONF client to kill another NETCONF session, but not the session in which the operation is requested.

The no form of the command denies the user from requesting a kill-session.

Default 

no kill-session