7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
7450 ESS, 7750 SR-7/12/12e
7450 ESS, 7750 SR-7/12/12e, 7750 SR-a, 7750 SR-e
This command sets the DTE full status polling interval for the Frame Relay Local Management Interface (LMI). The number specifies the frequency at which inquiries expect a full status report.
The no form of this command returns the n391dte counter to the default value.
n391dte 6
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
7450 ESS, 7750 SR-7/12/12e
7450 ESS, 7750 SR-7/12/12e, 7750 SR-a, 7750 SR-e
This command sets the DCE error threshold for the Frame Relay Local Management Interface (LMI).
The threshold specifies the number of errors needed to bring down a link.
The no form of this command returns the n392dce counter to the default value.
n392dce 3
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
7450 ESS, 7750 SR-7/12/12e
7450 ESS, 7750 SR-7/12/12e, 7750 SR-a, 7750 SR-e
This command sets the DTE error threshold for the Frame Relay Local Management Interface (LMI).
The count specifies the number of errors needed to bring down a link.
The no form of this command returns the n392dte counter to the default value.
n392dte 3
All
This command configures the monitored count of consecutive errors.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
7450 ESS, 7750 SR-7/12/12e
7450 ESS, 7750 SR-7/12/12e, 7750 SR-a, 7750 SR-e
This command sets the DCE monitored event count for the Frame Relay Local Management Interface (LMI).
The no form of this command returns the n393dce counter to the default value.
n393dce 4
7450 ESS, 7750 SR-7/12/12e
This command configures the DTE monitored event count for the LMI.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
7450 ESS, 7750 SR-7/12/12e, 7750 SR-a, 7750 SR-e
This command sets the DTE monitored event count for the Frame Relay Local Management Interface (LMI).
The no form of this command returns the n393dte counter to the default value.
n393dte 4
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
With this command, if the local DHCPv4 server receives a DHCP request with option 50 (means client try to request a previous allocated message as described in section 3.2 of RFC 2131, Dynamic Host Configuration Protocol) and the address allocation algorithm ends up using a pool and the address in option50 is not in pool, then system will return a DHCP NAK, otherwise system just drop the DHCP packet.
The no form of this command reverts to the default.
no nak-non-matching-subnet
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command configures an HTTP enrichment template field header name.
The no form of this command removes the http enrichment template field header name from the configuration.
All
This command creates a system name string for the device.
For example, system-name parameter ALA-1 for the name command configures the device name as ALA-1.
Only one system name can be configured. If multiple system names are configured, the last one encountered overwrites the previous entry.
The no form of the command reverts to the default value.
no name
All
This command allows operators to configure routing policies that are often reused across BGP peers of a common type (transit, peer, customer, and so on). Using global variables allows an operator to have a single variable that is consistent across all peers of a type, while retaining the flexibility to reference different policy functions (prefixes, prefix-lists, community lists, and so on) with unique names.
Depending on the parameter referenced, the correct type should be specified as follows:
The no form of this command removes the global variable.
This command copies an existing named-pool-policy to another named-pool-policy. The copy command is a configuration level maintenance tool used to create new entries using an existing profile ID. If overwrite is not specified, an error occurs if the destination policy exists.
MINOR: CLI use {overwrite}; destination named-pool-policy "test" exists.
If overwrite is specified, the function of copying from source to destination occurs in a “break before make” manner and therefore should be handled with care.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command enables the generation of the nas-identifier RADIUS attribute.
The no form of this command reverts to the default.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command enables the generation of the nas-identifier RADIUS attribute.
The no form of this command disables the generation of the nas-identifier RADIUS attribute.
7450 ESS, 7750 SR, 7750 SR-1s, 7750 SR-2s, 7750 SR-e, VSR
This command enables the generation of the nas-identifier RADIUS attribute.
no nas-identifier
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command enables the inclusion of the NAS-Identifier attributes.
The no form of the command excludes NAS-Identifier attributes.
no nas-identifier
7450 ESS, 7750 SR, 7750 SR-1s, 7750 SR-2s, 7750 SR-e, VSR
This command enables the generation of the NAS IP address attribute.
no nas-ip-addr
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command enables the generation of the NAS-IP-Address RADIUS attribute.
no nas-ip-address
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command specifies the RADIUS NAS-IP-Address attribute.
The no form of the command reverts to the default.
nas-ip-address-origin system-ip
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command enables the generation of the nas-port RADIUS attribute. Enter decimal representation of a 32-bit string that indicates the port information. This 32-bit string can be compiled based on different information from the port (data types). Using number-of-bits data-type syntax indicates the number of bits from the 32 bits that are used for the specific data type. These data types can be combined up to 32 bits. In between the different data types 0s and 1s as bits can be added.
The no form of this command disables the nas-port configuration.
binary-spec | <bit-specification> <binary-spec> | |
bit-specification | 0 | 1 | <bit-origin> | |
bit-origin | *<number-of-bits><origin> | |
number-of-bits | 1 to 32 | |
origin | s | m | p | o | i | v | c | |
s | slot number | |
m | MDA number | |
p | port number, lag-id, pw-id or pxc-id | |
o | outer VLAN ID | |
i | inner VLAN ID | |
v | ATM VPI | |
c | ATM VCI or PXC subport (subport a = 0, subport b = 1) | |
The following output shows an example.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command enables the generation of the nas-port RADIUS attribute. You enter decimal representation of a 32-bit string that indicates your port information. This 32-bit string can be compiled based on different information from the port (data types). By using syntax number-of-bits data-type you indicate how many bits from the 32 bits are used for the specific data type. These data types can be combined up to 32 bits. In between the different data types 0's and/or 1's as bits can be added.
The no form of this command disables the nas-port configuration.
binary-spec | <bit-specification> <binary-spec> | |
bit-specification | 0 | 1 | <bit-origin> | |
bit-origin | *<number-of-bits><origin> | |
number-of-bits | 1 to 32 | |
origin | s | m | p | o | i | v | c | |
s | slot number | |
m | MDA number | |
p | port number, lag-id, pw-id or pxc-id | |
o | outer VLAN ID | |
i | inner VLAN ID | |
v | ATM VPI | |
c | ATM VCI or PXC subport (subport a = 0, subport b = 1) | |
The following is an example of binary spec information.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command specifies the format of the 32 bit string used as value for the Nas-Port AVP.
binary-spec | <bit-specification> <binary-spec> | |
bit-specification | 0 | 1 | <bit-origin> | |
bit-origin | *<number-of-bits><origin> | |
number-of-bits | 1 to 32 | |
origin | s | m | p | o | i | v | c | |
s | slot number | |
m | MDA number | |
p | port number, lag-id, pw-id or pxc-id | |
o | outer VLAN ID | |
i | inner VLAN ID | |
v | ATM VPI | |
c | ATM VCI or PXC subport (subport a = 0, subport b = 1) | |
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command enables the generation of the NAS-Port RADIUS attribute.
no nas-port
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command enables the generation of the nas-port-id RADIUS attribute. Optionally, the value of this attribute (the SAP ID) can be prefixed by a fixed string and suffixed by the circuit-id or the remote-id of the client connection. If a suffix is configured, but no corresponding data is available, the suffix used is 0/0/0/0/0/0.
The no form of this command reverts to the default.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command enables the generation of the nas-port-id RADIUS attribute. Optionally, the value of this attribute (the SAP ID) can be prefixed by a fixed string and suffixed by the circuit-id or the remote-id of the client connection. If a suffix is configured, but no corresponding data is available, the suffix used is 0/0/0/0/0/0.
The no form of this command disables the generation of the nas-port-id RADIUS attribute.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command includes the Nas-Port-Id AVP.
7450 ESS, 7750 SR, 7750 SR-1s, 7750 SR-2s, 7750 SR-e, VSR
This command enables the generation of the nas-port-id RADIUS attribute. Optionally, the value of this attribute (the SAP-id) can be prefixed by a fixed string and suffixed by the circuit-id or the remote-id of the client connection. If a suffix is configured, but no corresponding data is available, the suffix used will be 0/0/0/0/0/0.
no nas-port-id
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command enables the generation of the nas-port-id RADIUS attribute. Optionally, the value of this attribute (the SAP-id) can be prefixed by a fixed string and suffixed by the circuit-id or the remote-id of the client connection. If a suffix is configured, but no corresponding data is available, the suffix used will be 0/0/0/0/0/0.
no nas-port-id
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command enables the generation of the nas-port-type RADIUS attribute. If set to nas-port-type, the following values are sent: 32 (null-encap), 33 (dot1q), 34 (qinq), 15 (DHCP hosts). The nas-port-type can also be set as a specified value, with an integer from 0 to 255.
The no form of this command reverts to the default.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command enables the generation of the nas-port-type RADIUS attribute. If set to nas-port-type, the following values are sent: 32 (null-encap), 33 (dot1q), 34 (qinq), 15 (DHCP hosts). The nas-port-type can also be set as a specified value, with an integer from 0 to 255.
The no form of this command disables the generation of the nas-port-type RADIUS attribute
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command includes the Nas-Port-Type AVP.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command enables the generation of the NAS-Port-Type RADIUS attribute.
The no form of the command disables the generation.
no nas-port-type
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
Commands in this context configure NASREQ application-specific attributes.
7750 SR, 7750 SR-e, 7750 SR-s, VSR
Commands in this context configure NAT parameters under wlan-gw-group.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
Commands in this context synchronize NAT groups.
The no form of this command disables the feature.
nat
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command configures, creates or deletes a NAT instance.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
Commands in this context configure LI NAT parameters.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
Commands in this context configure NAT groups for BNG CUPS PFCP association (see the nat-group command in the config>subscriber-mgmt>pfcp-association>nat context).
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command enables NAT traffic diversion based on IPv4 filters (LSN44) or IPv6 filters (DS-Lite, NAT64). The filter contains a matching condition based on any combination of the 5 tuple. Traffic is diverted to NAT based on such defined matching condition. Filter fields outside of the 5 tuples are not valid and it will be ignored in filter based traffic diversion to NAT.
The pool selection for the outside IP address and port along with other mapping characteristics can be specified by the means on the NAT policy.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command enables NAT traffic diversion based on IPv4 filters (LSN44) or IPv6 filters (DS-Lite, NAT64). The filter contains a matching condition based on any combination of the 5 tuple. Traffic is diverted to NAT based on such defined matching condition. Filter fields outside of the 5 tuples are not valid and it will be ignored in filter based traffic diversion to NAT.
The pool selection for the outside IP address and port along with other mapping characteristics can be specified by the means on the NAT policy.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command performs NAT operations.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command configures the NAT access mode.
Access mode in L2-Aware NAT environment is a reflection of supported home set up (bridged or routed) in relation to the configured anti-spoof setting.
This configuration option is only applicable to L2-Aware NAT subscribers. It determines which home model is supported with L2-Aware NAT:
nat-access-mode auto
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command enables L2-Aware NAT host for selective bypass. L2-aware NAT subscribers eligible for NAT bypass must be explicitly enabled with this command. Once enabled, the ip-filter configuration applied in sub-profile determines whether the traffic is bypassed.
The no form of this command causes traffic received from subscribers associated with this profile to not bypass the Layer-2-Aware NAT.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command when configured within the nat-policy, references a nat-classifier and consequently activates DNAT functionality. Unless this command is provisioned, the destination IP address translation will not take place. The nat-classifier identifies the traffic (in a filter-like fashion) that is subjected to DNAT.
The no form of the command removes the nat-classifier-name from the configuration.
none
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command creates a nat-classifier. Traffic can be identified in nat-classifier based on the protocol type and destination ports. Once the traffic is identified, an action associated with identified traffic, such as destination NAT (DNAT), can be taken.
The no form of the command removes the nat-classifier-name from the configuration.
none
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command allows service chaining to be enabled for subscribers whose NAT flows are established on the set of ISAs in the specified NAT group.
The no form of this command removes the NAT group from the configuration.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command enables MCS for NAT. NAT group health information is exchanged between the pair of redundant NAT nodes. The system elects one of the nodes as the active node for the NAT group, while the other node becomes a standby node.
The no form of this command disables multi-chassis synchronization for a NAT group.
no nat-group
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command configures an ISA NAT group.
The no form of the command removes the ID from the configuration.
none
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command configures a NAT group participating in NAT on BNG CUPS. ISAs in the NAT group are enabled for operation in BNG CUPS, but are not limited to BNG CUPS deployment. They can be used simultaneously with other versions of NAT in BNG, outside of the CUPS functionality.
The no version of this command deletes the NAT group.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command references an import-policy to determine the routes that should be installed in the routing table as NAT routes, which are used to steer traffic to NAT.
A dynamic route obtained by BGP-VPN can be imported into an inside (private side) routing context in NAT environment. This route is associated with a NAT policy that maps traffic destined into a NAT pool and outside routing context. If the NAT policy is not explicitly configured in the import route policy, the imported NAT route is, by default, associated with the default NAT policy defined in the NAT inside routing context.
All BGP-VPN routes that are destined to be imported into NAT inside routing context must be configured with action-type accept in the route policy.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command binds an Epipe to a NAT context running on an ISA-BB, allowing the Epipe to act as the outside service for the NAT or firewall. When nat-outside is enabled, one end of the Epipe is implicitly tied to ISA BB forwarding, leaving one remaining SAP, spoke, or similar available to be configured.
The no version of this command removes the Epipe binding to a NAT context.
7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command specifies the NAT policy for WLAN-GW ISA subscribers.
The no form of this command reverts to the default.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command configures the NAT policy that is used for large-scale NAT in this service. If a nat-policy is not configured, then the default nat-policy is used.
The no form of the command removes the policy name from the configuration.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command assigns a NAT policy to the matched routes that do not have a more specific nat-policy configured under action.
A dynamic route obtained by BGP-VPN can be imported into an inside (private side) routing context in NAT environment. This route must be associated with a NAT policy that maps traffic destined to it into a NAT pool and outside routing context. If the NAT policy is not specified within the route policy, the imported NAT route, by default, is associated with the default NAT policy defined in the NAT inside routing context.
All BGP-VPN routes that are destined to be imported into NAT inside routing context must have action-type set to accept , regardless of whether the NAT policy is configured in the action.
The no form of the command removes the policy name from the configuration.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command configures a NAT policy.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command configures the NAT policy to be used for subscribers associated with this subscriber profile.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command includes the NAT policy name in the flow log.
The no form of the command disables the feature.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command configures NAT port forwarding persistence parameters.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command enables the generation of the of nat-port-range attribute.
The no form of this command disables the generation of the nat-port-range attribute.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command specifies the nat-prefix-list referenced within the subscriber-profile is used to associate L2-aware subscriber traffic with additional nat-policies based on the destination IPv4 address of the traffic.
The no form of the command removes the prefix list name from the configuration.
none
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command is used to create configuration context for:
The no form of the command removes the prefix list name from the configuration.
none
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command enables the inclusion of the NAT subscriber string attributes.
The no form of the command excludes NAT subscriber string attributes.
no nat-subscriber-string
7450 ESS, 7750 SR, 7750 SR-1s, 7750 SR-2s, 7750 SR-e, VSR
This command specifies whether NAT-T (Network Address Translation Traversal) is enabled, disabled or in forced mode.
The no form of this command reverts the parameters to the default.
no nat-traversal
Commands in this context configure NAT64.
The no form of the command disables NAT64.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
Commands in this context configure NAT64 parameters.
The no form of the command disables NAT64.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command configures a NAT64 LSN subscriber source.
ipv6-prefix: | <prefix>/<length> |
prefix | x:x:x:x:x:x:x:x (eight 16-bit pieces) |
x:x:x:x:x:x:d.d.d.d | |
x to [0 to FFFF]H | |
d t o[0t o 255]D | |
<length> | [0 to 128] |
7450 ESS, 7750 SR-7/12/12e, 7750 SR-a, 7750 SR-e
This command configures the national use bits.
All
This command debugs neighbor events.
The no form of the command disables the debugging.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
Commands in this context configure neighbor discovery (ND) parameters.
All
Commands in this context configure ND host route parameters.
All
Commands in this context populate ND host route entries.
All
This command enables the ability to learn neighbor entries out of received unsolicited Neighbor Advertisement messages with or without the solicited flag set. The command can be enabled for global addresses, link-local addresses, or for both.
The no form of this command makes the router use standard RFC 4861 behavior, as described below, for learning of neighbor entries.
All
This command enables the ability to learn neighbor entries out of received unsolicited Neighbor Advertisement messages, with or without the solicited flag set. The command can be enabled for global addresses, link-local addresses, or for both.
The no form of this command makes the router follow standard RFC 4861 behavior for learning of neighbor entries.
All
This command enables the ability to learn neighbor entries out of received unsolicited Neighbor Advertisement messages, with or without the solicited flag set. The command can be enabled for global addresses, link-local addresses, or for both.
The no form of this command makes the router follow standard RFC 4861 behavior for learning of neighbor entries.
This command enables the addition or deletion of host routes in the route-table derived from neighbor entries in the neighbor cache. To enable this command, the interface must be shut down. The command triggers the population of host routes in the route table out of their corresponding static, dynamic, or EVPN types in the neighbor table. Neighbor entries installed by subscriber management, local interfaces, and others, do not create host-routes.
Only reachable entries are added to the route table (entries are created from solicited NA messages). Entries created as stale — from Neighbor Solicitation (NS), unsolicited Neighbor Advertisements (NA), Router Solicitation (RS), Router Advertisement (RA), and Redirect messages — are not added to the route table because the neighbor is not confirmed as two-way.
The no form of this command disables the creation of host routes from the neighbor cache.
All
This command enables a proactive refresh of the neighbor entries. When enabled, at the stale timer expiration, the router sends a NUD message to the host (regardless of the existence of traffic to the IP address on the IOM), so the entry can be refreshed or removed.
This behavior is different from ARP, where the refresh is sent 30 seconds prior to the entry’s age out time. The refresh can be optionally enabled for global addresses, link-local addresses, or both.
The no form of this command disables the proactive behavior and the router only refreshes an entry if there is traffic that needs to be sent to the IP address.
All
This command enables a proactive refresh of the neighbor entries. When enabled, at the stale timer expiration, the router sends an NUD message to the host (regardless of the existence of traffic to the IP address on the IOM), so the entry can be refreshed or removed.
This behavior is different from ARP, where the refresh is sent 30 seconds prior to the entry’s age out time. The refresh can be optionally enabled for global addresses, link-local addresses, or both.
The no form of this command disables the proactive behavior and the router only refreshes an entry if there is traffic that needs to be sent to the IP address.
All
This command enables a proactive refresh of the neighbor entries. When enabled, at the stale timer expiration, the router sends an NUD message to the host (regardless of the existence of traffic to the IP address on the IOM), so the entry can be refreshed or removed.
This behavior is different from ARP, where the refresh is sent 30 seconds prior to the entry’s age out time. The refresh can be optionally enabled for global addresses, link-local addresses, or both.
The no form of this command disables the proactive behavior and the router only refreshes an entry if there is traffic that needs to be sent to the IP address.
This command adds a route tag to the ARP-ND host routes generated out of the neighbor entries in the interface. As any other route tag, it can be used to match ARP-ND routes in BGP export policies.
The no form of this command removes the route tag for the ARP-ND host routes.
All
This command configures the NEID for this profile.
The no form of this command deletes the NEID for this profile.
All
Commands in this context configure a GSMP ANCP neighbor parameters.
The no form of this command reverts to the default.
All
This command adds a neighbor in the GSMP group.
The no form of this command removes the neighbor from the GSMP group.
All
This command creates a context for configuring a RIP neighbor interface. By default, group interfaces are not activated with RIP, unless explicitly configured. The BNG only learns RIP routes from IPv4 host on the group interface. The RIP neighbor group interface defaults to none. The send operation is unchangeable for group-interface.
The no form of this command deletes the RIP interface configuration for this group interface. The shutdown command in the config>router>rip>group group-name>neighbor context can be used to disable an interface without removing the configuration for the interface.
no neighbor
If the IP interface name does not exist or does not have an IP address configured, an error message will be returned.
All
This command configures IPv6-to-MAC address mapping on the IES interface.
ipv6-address: | x:x:x:x:x:x:x:x (eight 16-bit pieces) |
x:x:x:x:x:x:d.d.d.d | |
x - [0..FFFF]H | |
d - [0..255]D |
7450 ESS, 7750 SR-7/12/12e, 7750 SR-a, 7750 SR-e
This command specifies the neighbor's IP address only on a multi-chassis APS where the working and protect circuits are configured on different routers. When the value the neighbor IP address is set to 0.0.0.0, this implies that the APS group is configured as a single-chassis APS group.
The route to the neighbor must not traverse the multi-chassis APS member (working or protect) circuits. It is recommended that the neighbor IP address configured is on a shared network between the routers that own the working and protect circuits.
By default no neighbor address is configured and both the working and protect circuits should be configured on the same router (i.e., single-chassis APS). APS is assumed to be configured wholly on a single chassis.
ipv4-address: | a.b.c.d |
ipv6-address: | x:x:x:x:x:x:x:x (eight 16-bit pieces) |
x:x:x:x:x:x:d.d.d.d | |
x:-[0 to FFFF]H | |
d: [0 to 255]D |
All
This command creates a BGP peer/neighbor instance within the context of the BGP group.
This command can be issued repeatedly to create multiple peers and their associated configuration.
The no form of this command is used to remove the specified neighbor and the entire configuration associated with the neighbor. The neighbor must be administratively shutdown before attempting to delete it. If the neighbor is not shutdown, the command will not result in any action except a warning message on the console indicating that neighbor is still administratively up.
no neighbor
All
This command creates a BGP peer/neighbor instance within the context of the BGP group.
This command can be issued repeatedly to create multiple peers and their associated configuration.
The no form of this command is used to remove the specified neighbor and the entire configuration associated with the neighbor. The neighbor must be administratively shutdown before attempting to delete it. If the neighbor is not shut down, the command will not result in any action except a warning message on the console indicating that neighbor is still administratively up.
ipv4-address | a.b.c.d (host bits must be 0) |
ipv6-address | x:x:x:x:x:x:x:x[-interface] |
x:x:x:x:x:x:d.d.d.d[-interface] | |
x: [0 to FFFF]H | |
d: [0 to 255]D | |
interface: 32 characters maximum, mandatory for link local addresses |
All
This command configures IPv6-to-MAC address mapping on the interface.
ipv6-address | x:x:x:x:x:x:x:x (eight 16-bit pieces) |
x:x:x:x:x:x:d.d.d.d | |
x [0 to FFFF]H | |
d [0 to 255]D |
All
This command configures an OSPF non-broadcast multi-access (NBMA) neighbor. The OSPF interface must be configured as an NBMA interface with the interface-type non-broadcast command. An NBMA network has no broadcast or multicast capabilities, so the router cannot discover its neighbors dynamically. All neighbors must be configured statically with the neighbor command.
In addition to configuring the OSPF NBMA neighbor’s IP address, the neighbor’s MAC address may need to be configured with the config>service>vprn>interface>static-arp command for OSPFv2 neighbors using its IPv4 address, and the config>service>vprn>interface>ipv6>neighbor command for OSPFv3 neighbors using its IPv6 link-local address.
The no form of this command removes the neighbor configuration.
No OSPF NBMA neighbors are configured.
ipv4-address: | a.b.c.d |
ipv6-address: | x:x:x:x:x:x:x:x [-interface] |
x:x:x:x:x:x:d.d.d.d [-interface] | |
x: [0..FFFF]H | |
d: [0..255]D | |
interface —32 characters max, for link local addresses. |
All
This command configures an IPv6-to-MAC address mapping on the interface. Use this command if a directly attached IPv6 node does not support ICMPv6 neighbor discovery, or for some reason, a static address must be used. This command can only be used on Ethernet media.
The ipv6-address must be on the subnet that was configured from the IPv6 address command or a link-local address.
ipv6-address: | x:x:x:x:x:x:x:x (eight 16-bit pieces) | |
x:x:x:x:x:x:d.d.d.d | ||
x: | [0 to FFFF]H | |
d: | [0 to 255]D |
All
This command enables IPv6 neighbor debugging.
All
This command displays statistical BGP neighbor information at the configured interval until the configured count is reached.
The first screen displays the current statistics related to the specified neighbor(s). The subsequent statistical information listed for each interval is displayed as a delta to the previous display.
When the keyword rate is specified, the rate-per-second for each statistic is displayed instead of the delta.
Monitor commands are similar to show commands but only statistical information displays. Monitor commands display the selected statistics according to the configured number of times at the interval specified.
The following output is an example of BGP neighbor information.
All
This command displays statistical OSPF neighbor information at the configured interval until the configured count is reached.
The first screen displays the current statistics related to the specified OSPF neighbors. The subsequent statistical information listed for each interval is displayed as a delta to the previous display.
When the keyword rate is specified, the rate-per-second for each statistic is displayed instead of the delta.
Monitor commands are similar to show commands but only statistical information displays. Monitor commands display the selected statistics according to the configured number of times at the interval specified.
The following output is an example of OSPF neighbor information.
All
This command displays statistical OSPF3 neighbor information at the configured interval until the configured count is reached.
The first screen displays the current statistics related to the specified OSPF3 neighbor(s). The subsequent statistical information listed for each interval is displayed as a delta to the previous display.
When the keyword rate is specified, the rate-per-second for each statistic is displayed instead of the delta.
Monitor commands are similar to show commands but only statistical information displays. Monitor commands display the selected statistics according to the configured number of times at the interval specified.
All
This command displays statistical RIP neighbor information at the configured interval until the configured count is reached.
The first screen displays the current statistics related to the specified RIP neighbor(s). The subsequent statistical information listed for each interval is displayed as a delta to the previous display. When the keyword rate is specified, the rate-per-second for each statistic is displayed instead of the delta.
Monitor commands are similar to show commands but only statistical information displays. Monitor commands display the selected statistics according to the configured number of times at the interval specified.
All
This command configures an OSPF non-broadcast multi-access (NBMA) neighbor. The OSPF interface must be configured as an NBMA interface with the interface-type non-broadcast command. An NBMA network has no broadcast or multicast capabilities, so the router cannot discover its neighbors dynamically. All neighbors must be configured statically with the neighbor command.
In addition to configuring the OSPF NBMA neighbor’s IP address, the neighbor’s MAC address may need to be configured with the config>router>interface>static-arp command for OSPFv2 neighbors using its IPv4 address, and the config>router>interface>ipv6>neighbor command for OSPFv3 neighbors using its IPv6 link-local address.
The no form of this command removes the neighbor configuration.
no neighbor
ipv6-address: | x:x:x:x:x:x:x:x [-interface] |
x:x:x:x:x:x:d.d.d.d [-interface] | |
x: [0..FFFF]H | |
d: [0..255]D | |
interface — 32 characters maximum for link local addresses. |
All
This command enables debugging for an OSPF or OSPF3 neighbor.
All
This command specifies the neighbor address as found in the source address of the actual join and prune message as a filter criterion. If no neighbor is specified, any neighbor is considered a match.
The no form of the of the command removes the neighbor IP match criterion from the configuration.
no neighbor
The name specified must already be defined.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command configures the maximum number of neighbors learned for a single host by doing neighbor discovery.
The no form of this command reverts to the default.
neighbor-limit 1
All
This command configures the maximum amount of dynamic IPv6 neighbor entries that can be learned on an IP interface.
When the number of dynamic neighbor entries reaches the configured percentage of this limit, an SNMP trap is sent. When the limit is exceeded, no new entries are learned until an entry expires and traffic to these destinations is dropped. Entries that have already been learned is refreshed.
The no form of this command removes the neighbor-limit.
no neighbor-limit
All
This command configures the maximum amount of dynamic IPv6 neighbor entries that can be learned on an IP interface.
When the number of dynamic neighbor entries reaches the configured percentage of this limit, an SNMP trap is sent. When the limit is exceeded, no new entries are learned until an entry expires and traffic to these destinations will be dropped. Entries that have already been learned will be refreshed.
The no form of this command removes the neighbor-limit.
neighbor-limit 90
All
This command configures the maximum amount of dynamic IPv6 neighbor entries that can be learned on an IP interface.
When the number of dynamic neighbor entries reaches the configured percentage of this limit, an SNMP trap is sent. When the limit is exceeded, no new entries are learned until an entry expires and traffic to these destinations will be dropped. Entries that have already been learned will be refreshed.
The no form of this command removes the neighbor-limit.
no neighbor-limit
All
This command configures the neighbor liveness time.
The no form of this command returns the default value.
no neighbor-liveness (which equals a value of 120 seconds)
All
This command enables neighbor resolution with DHCPv6 relay.
The no form of this command disables neighbor resolution.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command enables auto-reply for neighbor solicitation.
The no form of this command disables auto-reply neighbor solicitation.
neighbor-solicitation
All
This command enables a label security feature for prefixes of a VPN family at an inter-AS boundary.
This label security feature allows the configuration of a router, acting in a PE and/or in an ASBR role, to accept packets of VPRN prefixes only from direct EBGP neighbors to which it advertised a VPRN label.
The untrusted state identifies the participating interfaces. The router supports a maximum of 15 network interfaces that can participate in this feature.
At a high level, BGP tracks each direct EBGP neighbor over an untrusted interface and to which it sent a VPRN prefix label. For each of those VPRN prefixes, BGP programs a bit map in the ILM record that indicates, on per-untrusted interface basis, whether the matching received packets must be forwarded or dropped.
The no form of this command disables the inter-AS security feature for the VPN family.
All
Commands in this context configure the NEIP.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command configures up to four Network Basic Input/Output System (NetBIOS) name server IP addresses for a DHCP client.
The no form of this command removes the IP address from the netbios-name-server configuration.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command configures the Network Basic Input/Output System (NetBIOS) node type.
The no form of this command removes the NetBIOS node type parameters from the configuration.
All
All
This command authorizes various netconf capabilities for the user.
All
Commands in this context configure hash-control for the Netconf interface.
All
This command is used to associate a NETCONF stream name with a Lawful Intercept log ID. The NETCONF stream name must be unique in the Lawful Intercept context of the SR OS device. For the same Lawful Intercept log ID, the to netconf command must be configured for a subscription to that NETCONF stream name to be accepted. If the NETCONF stream is changed, active subscriptions to the changed stream name are terminated by SR OS.
The no form of this command removes a NETCONF stream name from a Lawful Intercept log ID. Active subscriptions to the removed stream name are terminated by SR OS.
All
This command is used to associate a NETCONF stream name with a log ID. The NETCONF stream name must be unique per SR OS device. For the same log ID, to netconf must be configured for a subscription to that NETCONF stream name to be accepted. A netconf-stream cannot be set to “NETCONF” as “NETCONF” is reserved for log-id 101. If a netconf-stream is changed, active subscriptions to the changed stream name are terminated by SR OS.
The no form of this command removes a NETCONF stream name from a log ID. Active subscriptions to the removed stream name are terminated by SR OS.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command specifies the downstream next-hop IP address and an optional routing instance to be used as a network VAS router in the steering profile.
The no form of this command removes the specified next-hop IP address and the router instance if specified.
router-instance: | router-name | vprn-svc-id |
router-name: | “Base” |
vprn-svc-id: | 1 to 2147483647 |
7750 SR, 7750 SR-e, 7750 SR-s, VSR
Commands in this context configure network side attributes.
The no form of this command resets the network parameters to the default values.
All
This command enables the network context to configure egress and ingress pool policy parameters.
On the MDA level, network egress pools are only allocated on channelized MDAs.
All
This command specifies the CLI node that contains the network forwarding-plane parameters.
7450 ESS, 7750 SR-7/12/12e, 7750 SR-a, 7750 SR-e
Commands in this context configure network channel group parameters.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
7450 ESS, 7750 SR-7/12/12e, 7750 SR-a, 7750 SR-e
All
This command enables access to the context to configure network port parameters.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, 7950 XRS, VSR
Commands in this context configure network parameters for the VPLS VXLAN service.
All
Commands in this context configure network parameters for the VPRN service.
All
This command creates or edits a QoS network policy. The network policy defines the treatment that IP or MPLS packets receive as they ingress and egress the network port.
The QoS network policy consists of an ingress and egress component. The ingress component of the policy defines how DiffServ code points and MPLS EXP bits are mapped to internal forwarding class and profile state. The forwarding class and profile state define the Per Hop Behavior (PHB) or the QoS treatment through the router. The mapping on each network interface defaults to the mappings defined in the default network QoS policy until an explicit policy is defined for the network interface.
The egress component of the network QoS policy defines the queuing parameters associated with each forwarding class. Each of the forwarding classes defined within the system automatically creates a queue on each network interface. This queue gets all the parameters defined within the default network QoS policy 1 until an explicit policy is defined for the network interface access uplink port. If the egressing packet originated on an ingress SAP, or the remarking parameter is defined for the egress interface, the egress QoS policy also defines the IP DSCP, dot1p/DE, or MPLS EXP bit marking based on the forwarding class and the profile state.
Network policy-id 1 exists as the default policy that is applied to all network interfaces by default. The network policy-id 1 cannot be modified or deleted. It defines the default DSCP-to-FC mapping and MPLS EXP-to-FC mapping for the ingress. For the egress, it defines six forwarding classes that represent individual queues and the packet marking criteria.
Network policy-id 1 exists as the default policy that is applied to all network ports by default. This default policy cannot be modified or deleted. It defines the default DSCP-to-FC mapping and default unicast meters for ingress IP traffic. For the egress, it defines the forwarding class to dot1p and DSCP values and the packet marking criteria.
If a new network policy is created (for instance, policy-id 3), only the default action and egress forwarding class parameters are identical to the default policy. A new network policy does not contain the default DSCP-to-FC and MPLS-EXP-to-FC mapping for network QoS policy of type ip-interface or the DSCP-to-FC mapping (for network QoS policy of type port). The default network policy can be copied (use the copy command) to create a new network policy that includes the default ingress DSCP-to-FC and MPLS EXP-to-FC mapping (as appropriate). Parameters can be modified, or the no form of this command can be used to remove an object from the configuration.
Any changes made to an existing policy, using any of the sub-commands, will be applied immediately to all network interfaces where this policy is applied. For this reason, when many changes are required on a policy, it is highly recommended that the policy be copied to a work area policy-id. That work-in-progress policy can be modified until complete, then written over the original policy-id. Use the config qos copy command to maintain policies in this manner.
The no form of this command deletes the network policy. A policy cannot be deleted until it is removed from all entities where it is applied. The default network policy policy-id 1 cannot be deleted.
network 1 — System Default Network Policy 1
All
This command copies existing QoS policy entries for a QoS policy-id to another QoS policy-id.
The copy command is used to create new policies using existing policies and also allows bulk modifications to an existing policy with the use of the overwrite keyword.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command configures the network address to use in application definition. The network address will match the destination IP address in a from-sub flow or the source IP address in a to-sub flow.
The no form of this command restores the default (removes the network address from application criteria defined by this entry).
no network-address
ipv4-address | a.b.c.d[/mask] |
mask - [1..32] | |
ipv6-address | x:x:x:x:x:x:x:x/prefix-length |
x:x:x:x:x:x:d.d.d.d | |
x - [0..FFFF]H | |
d - [0..255]D | |
prefix-length [1..128] |
All
This command creates network-domains that can be associated with individual interfaces and SDPs.
network-domain “default”
All
This command assigns a given interface to a given network-domain. The network-domain is then taken into account during sap-ingress queue allocation for VPLS SAP.
The network-domain association can only be done in a base-routing context. Associating a network domain with an loop-back or system interface will be rejected. Associating a network-domain with an interface that has no physical port specified will be accepted, but will have no effect as long as a corresponding port, or LAG, is defined.
Single interfaces can be associated with multiple network-domains.
network-domain “default”
All
This command assigns a given SDP to a given network-domain. The network-domain is then taken into account during sap-ingress queue allocation for VPLS SAP.
The network-domain association can only be done in a base-routing context. Associating a network domain with an loop-back or system interface will be rejected. Associating a network-domain with an interface that has no physical port specified will be accepted, but will have no effect as long as a corresponding port, or LAG, is undefined.
A single SDP can only be associated with a single network-domain.
network-domain "default"
All
This command opens context for defining network-domains. This command is applicable only in the base routing context.
All
Commands in this context configure the network-element discovery parameters and MIB table generation.
All
This command associates the VXLAN instance with the virtual Ethernet Segment. The association of the virtual ES is based on the VXLAN instance and range of services where the VXLAN instance is configured.
The no form of this command removes the VXLAN instance from the Ethernet Segment association.
All
This command configures a network interface in a VPRN that acts as a CSC interface to a CSC-CE in a Carrier Supporting Carrier IP VPN deployment model.
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command configures an entry for an address of prefix transit aa-sub and is used when the site is a remote site on the same opposite side of the system as the parent SAP. The network IP addresses represents the dest-IP in the from-SAP direction and src-IP in the to-SAP direction.
The no form of this command removes the network IP address/mask from the match criteria.
ip-address[/mask] : | ipv4-address - a.b.c.d[/mask] |
mask - [1..32] | |
ipv6-address - x:x:x:x:x:x:x:x/prefix-length | |
x:x:x:x:x:x:d.d.d.d | |
x - [0..FFFF]H | |
d - [0..255]D | |
prefix-length [1..128] |
All
This command creates a context to configure a network queue policy. Network queue policies define the ingress network queuing at the FP network node level and on the Ethernet port and SONET/SDH path level to define network egress queuing.
network-queue “default”
All
This command copies or overwrites existing network queue QoS policies to another network queue policy ID.
The copy command is a configuration-level maintenance tool used to create new policies using existing policies. It also allows bulk modifications to an existing policy with the use of the overwrite keyword.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS-20, 7950 XRS-20e, 7950 XRS-40
This command configures the codeset to be used for the encoding of QL values into PTP clockClass values when the profile is configured for G.8265.1. The codeset is defined in Table 1/G.8265.1. This setting only applies to the range of values observed in the clockClass values transmitted out of the node in Announce messages. The router will support the reception of any valid value in Table 1/G.8265.1
network-type sdh
All
This command forces the user to change a password at the next console login. The new password applies to FTP but the change can be enforced only by the console, SSH, or Telnet login.
The no form of this command does not force the user to change passwords.
no new-password-at-login
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, VSR
This command controls the behavior of QinQ SAP y.0 (for example, 1/1/1:3000.0). If the flag is not enabled (no new-qinq-untagged-sap), the y.0 SAP works the same as the y.* SAP (for example, 1/1/1:3000.*); all frames tagged with outer VLAN y and no inner VLANs or inner VLAN x where inner VLAN x is not specified in a SAP y.x configured on the same port (for example, 1/1/1:3000.10).
If the flag is enabled, then the following new behavior immediately applies to all existing and future y.0 SAPs: the y.0 SAP maps all the ingress frames tagged with outer tag VLAN-id of y (qinq-etype) and no inner tag or with inner tag of VLAN-id of zero (0). When the flag is disabled, there is no disruption for existing usage of this SAP type.
no new-qinq-untagged-sap.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command determines the Diameter session ID when Extended Failure Handling (EFH) is active and an attempt is made to establish a new Diameter Gy session with the Online Charging Server (OCS). An attempt to establish a new Diameter Gy session is made when the allocated interim credit is used or the validity time expires for a rating group of a Diameter Gy session. The first attempt always uses a new Diameter session ID. This command controls the behavior for each subsequent attempt. The behavior is as follows:
The no form of this command reverts to the default.
All
This command displays a new line before the first prompt line.
The no form of this command suppresses the new line before the first prompt line.
newline
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
This command enables/disables support for the next option.
no next
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command enables tunnel selection algorithm based on the tunnel preference level.
The no form of this command reverts to the default.
next-attempt next-preference-level
In case that a new session setup request is received while all tunnels on the same preference level are denylisted, the L2TP session tries to be established on denylisted tunnels before the tunnel selection moves to the next preference level.
All
This command specifies the next header to match. The protocol type such as TCP, UDP or OSPF is identified by its respective protocol number. Well-known protocol numbers include ICMP(1), TCP(6), UDP(17). IPv6 Extension headers are identified by the next header IPv6 numbers as per RFC2460. This command only applies to the 7750 SR and 7950 XRS.
next-header: | 0 to 255, protocol numbers accepted in DHB |
keywords: | none, crtp, crudp, egp, eigrp, encap, ether-ip, gre, icmp, drp, igmp, igp, ip, ipv6, ipv6-icmp, ipv6-no-nxt, isis, iso-ip, l2tp, spf-igp, pim, pnni, ptp, rdp, rsvp, stp, tcp, udp, vrrp |
All
This command specifies the directly connected next hop IP address or interface used to reach the destination. If the next hop is over an unnumbered interface or a point-to-point interface, the ip-int-name of the unnumbered or point-to-point interface (on this node) can be configured.
If the next hop is over an unnumbered interface in the 7450 ESS router, the ip-int-name of the unnumbered interface (on this node) can be configured.
The configured ip-address can be either on the network side or the access side on this node. The address must be associated with a network directly connected to a network configured on this node.
no next-hop
ip-int-name | 32 characters max |
ipv4-address | a.b.c.d |
ipv6-address | x:x:x:x:x:x:x:x-[interface] |
x:x:x:x:x:x:d.d.d.d[-interface] | |
x: [0 to FFFF]H | |
d: [0 to 255]D | |
| interface: 32 characters maximum, mandatory for link local addresses |
All
This command configures the address of primary or backup next hop of an NHG entry in a forwarding policy.
The no form of this command removes the address of primary or backup next hop of an NHG entry in a forwarding policy.
ipv4-address | a.b.c.d | |
ipv6-address | x:x:x:x:x:x:x:x (eight 16-bit pieces) | |
x:x:x:x:x:x:d.d.d.d | ||
x - [0..FFFF]H | ||
d - [0..255]D |
All
This command specifies the directly connected next hop IP address or interface used to reach the destination. If the next hop is over a point-to-point unnumbered interface, the ip-int-name of the unnumbered point-to-point interface (on this node) can be configured.
If the next hop is over an unnumbered interface in the 7450 ESS router, the ip-int-name of the unnumbered interface (on this node) can be configured.
The configured ip-address can be either on the network side or the access side on this node. The address must be associated with a network directly connected to a network configured on this node.
no next-hop
ip-int-name | 32 characters max |
ipv4-address | a.b.c.d |
ipv6-address | x:x:x:x:x:x:x:x-[interface] |
x:x:x:x:x:x:d.d.d.d[-interface] | |
x: [0..FFFF]H | |
d: [0..255]D | |
interface: 32 characters maximum, mandatory for link local addresses |
All
This command adds an allowed next hop IP address to match the IP route prefix for a route-unknown priority control event.
If the next-hop IP address does not match one of the defined ip-address, the match is considered unsuccessful and the route-unknown event transitions to the set state.
The next-hop command is optional. If no next-hop ip-address commands are configured, the comparison between the RTM prefix return and the route-unknown IP route prefix are not included in the next hop information.
When more than one next hop IP addresses are eligible for matching, a next-hop command must be executed for each IP address. Defining the same IP address multiple times has no effect after the first instance.
The no form of the command removes the ip-address from the list of acceptable next hops when looking up the route-unknown prefix. If this ip-address is the last next hop defined on the route-unknown event, the returned next hop information is ignored when testing the match criteria. If the ip-address does not exist, the no next-hop command returns a warning error, but continues to execute if part of an exec script.
no next-hop — No next hop IP address for the route unknown priority control event is defined.
ipv4-address: | a.b.c.d | |
ipv6-address: | x:x:x:x:x:x:x:x[-interface] | |
x: | [0..FFFF]H | |
interface: | 32 chars maximum, mandatory for link local addresses |
All
This command enables BGP routes to be matched based on the BGP next-hop address. The match condition is evaluated against the IPv4 or IPv6 address in the NEXT_HOP or MP_REACH_NLRI attribute.
When the next-hop match is applied to VPN-IP routes, the Route Distinguisher (RD) is ignored.
A non-BGP route does not match a policy entry if it contains the next-hop command.
no next-hop
All
This command assigns the specified next hop IP address to routes matching the policy statement entry.
If a next-hop IP address is not specified, the next-hop attribute is not changed.
The no form of this command disables assigning a next hop address in the route policy entry.
no next-hop
ipv4-address: | a.b.c.d | |
ipv6-address: | x:x:x:x:x:x:x:x | |
x:x:x:x:x:x:d.d.d.d | ||
x: | [0 to FFFF]H | |
d: | [0 to 255]D | |
param-name: | The next-hop parameter variable name. | |
Allowed values are any string up to 32 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Policy parameters must start and end with at-signs (@); for example, “@variable@”. | ||
All
This command configures the IP address of the next-hop for the P2MP SR tree replication segment.
The no form of this command removes the next-hop address.
ipv4-address | a.b.c.d (host bits must be 0) |
ipv6-address | x:x:x:x:x:x:x:x[-interface] |
x:x:x:x:x:x:d.d.d.d[-interface] | |
where: | |
x: [0 to FFFF]H | |
d: [0 to 255]D | |
interface: up to 32 characters, mandatory for link local addresses |
All
This command configures an NHG entry in an MPLS forwarding policy.
Each NHG can have primary and backup next hops of the same type.
The no form of this command removes the NHG from the MPLS forwarding policy.
All
This command configures the next-hop ID for the P2MP SR tree replication segment.
A replication policy can have multiple next-hop IDs used at a replication node where there are multiple outgoing interfaces or protection next-hops.
The no form of this command removes the next-hop ID.
All
This command provides the outgoing interface name for the P2MP SR tree replication segment.
The no form of this command removes the outgoing interface name.
All
Commands in this context configure next-hop resolution parameters.
All
Commands in this context configure next-hop resolution parameters.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command configures the neighbor to always set the NEXTHOP path attribute to its own physical interface when advertising to a peer.
The no form of this command disables the command.
All
This command configures the group or neighbor to always set the NEXTHOP path attribute to its own physical interface when advertising to a peer.
This is primarily used to avoid third-party route advertisements when connected to a multi-access network.
The no form of this command used at the group level allows third-party route advertisements in a multi-access network.
The no form of this command used at the neighbor level reverts to the value defined at the group level.
no next-hop-self — Third-party route advertisements are allowed.
All
This command configures BGP to advertise routes to members of a group or to a specific neighbor using a local address of the BGP instance as the BGP next-hop address. Note that next-hop-self is set without exception, regardless of the route source (EBGP or IBGP) or its family. When used with VPN-IPv4 and VPN-IPv6 routes the enable-rr-vpn-forwarding command should also be configured.
The no form of this command uses protocol standard behavior to decide whether or not to set next-hop-self in advertised routes.
no next-hop-self
All
This command configures BGP to advertise routes that match a policy entry (or that match no other policy entry and, therefore, to which the default action applies) using a local address of the BGP instance as the BGP next-hop address. The command applies to IPv4, IPv6, label-IPv4, and label-IPv6 routes. It also applies to VPN-IPv4 and VPN-IPv6 routes, but only when used in conjunction with the enable-rr-vpn-forwarding command.
This command affects how routes are advertised to IBGP peers, regardless of whether or not they were learned from an IBGP or EBGP peer
The no form of this command uses protocol standard behavior to decide whether or not to set next-hop-self in advertised routes.
no next-hop-self
All
This command enables unchanged BGP next-hops when sending BGP routes to peers in this group or neighbor.
The no form of this command disables unchanged BGP next-hops.
no next-hop-unchanged
All
This command configures the next-hop type constraint into the route next-hop policy template.
The user can select if tunnel backup next-hop or IP backup next-hop is preferred. The default in SR OS implementation is to prefer IP next-hop over tunnel next-hop. The implementation will fall back to the other type if no LFA next-hop of the preferred type is found.
When the route next-hop policy template is applied to an IP interface, all prefixes using this interface as a primary next-hop will follow the next-hop type preference specified in the template.
The no form deletes the next-hop type constraint from the route next-hop policy template.
nh-type ip
All
This command configures the action for the flow table when a packet does not match any entry for the controller.
The no form of this command restores the default action.
no-match-action fall-through
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command creates a Diameter client node in the SR OS. Multiple Diameter client nodes with their own peer definitions are simultaneously supported in SR OS.
Each such node is defined by a unique DiameterIdentity (the origin host and realm names).
The no form of this command removes the origin host string from the configuration.
If the realm name is not configured, it will be extracted from the host parameter as follows:
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command debugs the Diameter node. Node-level debugging can report on all message exchange between the peers. Although this level can report messages that contain session id (app level messages), this level is session unaware. It deals strictly with getting the messages in and out of the system (connection level messages which are not routable, and application level messages which are routable).
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command configures the FQDN as sent in PFCP messages. This command can be configured to use the linked interface source IP address, or a pre-configured.
node-id use-ip-address
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
This command configures the MPLS-TP Node ID for the node. This is used as the ‘from’ Node ID used by MPLS-TP LSPs originating at this node. The default value of the node-id is the system interface IPv4 address. The Node ID may be entered in 4-octet IPv4 address format, <a.b.c.d>, or as an unsigned 32 bit integer. The Node ID is not treated as a routable IP address from the perspective of IP routing, and is not advertised in any IP routing protocols.
The MPLS-TP context cannot be administratively enabled unless at least a system interface IPv4 address is configured because MPLS requires that this value is configured.
no node-id
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
This optional command configures the MAC address of the RPL control. The default is to use the chassis MAC for the ring control. This command overrides the chassis MAC address with a different MAC address.
The no form of the command removes the RPL link.
no node-id
All
This command enables the option to include node-id sub-object in RRO. Node-ID sub-object propagation is required to provide fast reroute protection for LSP that spans across multiple area domains.
If this option is disabled, then node-id is not included in RRO object.
node-id-in-rro exclude
All
This command enables or disables node and link protection on the specified LSP. Node protection ensures that traffic from an LSP traversing a neighboring router will reach its destination even if the neighboring router fails.
node-protect (for a provisioned LSP)
no node-protect (for a P2P LSP template)
All
This command enables node-protect in which the router prefers a node-protect over a link-protect repair tunnel for a given prefix if both are found in the Remote LFA or TI-LFA SPF computations. The SPF computations may only find a link-protect repair tunnel for prefixes owned by the protected node.
The no form of this command disables node-protect.
no node-protect
All
This command enables node-protect in which the router prefers a node-protect over a link-protect repair tunnel for a given prefix if both are found in the Remote LFA or TI-LFA SPF computations. The SPF computations may only find a link-protect repair tunnel for prefixes owned by the protected node.
The no form of this command disables node-protect.
no node-protect
All
This command enables node-protect in which the router prefers a node-protect over a link-protect repair tunnel for a given prefix if both are found in the Remote LFA or TI-LFA SPF computations. The SPF computations may only find a link-protect repair tunnel for prefixes owned by the protected node.
The no form of this command disables node-protect.
no node-protect
All
This command enables node-protect in which the router prefers a node-protect over a link-protect repair tunnel for a given prefix if both are found in the Remote LFA or TI-LFA SPF computations. The SPF computations may only find a link-protect repair tunnel for prefixes owned by the protected node.
The no form of this command disables node-protect.
no node-protect
All
This command enables the allocation of statistic indices to each node SID (received by means of IGP advertisement). All NHLFEs associated to a given SID share the same index. If a statistics index is not available at allocation time, the allocation fails, then the system re-tries the allocation. The system generates a log on the first fail and a log on the final successful allocation.
The no form of this command disables the allocation of statistic indices to each node SID, releases the statistic indices, and clears the associated counters.
no node-sid
All
This command assigns a node SID index or label value to the prefix representing the primary address of an IPv4 network interface of type loopback. Only a single node SID can be assigned to an interface. The secondary address of an IPv4 interface cannot be assigned a node SID index and does not inherit the SID of the primary IPv4 address.
The above command should fail if the network interface is not of type loopback or if the interface is defined in an IES or a VPRN context. Assigning the same SID index/label value to the same interface in two different IGP instances is not allowed within the same node.
The value of the label or index SID is taken from the range configured for this IGP instance. When using the global mode of operation, the segment routing module checks that the same index or label value is not assigned to more than one loopback interface address. When using the per-instance mode of operation, this check is not required because the index and therefore the label ranges, of IGP instances are not allowed to overlap.
The clear-n-flag option allows the user to clear the N-flag (node-sid flag) in an OSPF or OSPF3 prefix SID sub-TLV originated for the prefix of a loopback interface on the system. By default, the prefix SID sub-TLV for the prefix of a loopback interface is tagged as a node SID, meaning that it belongs to this node only. However, when the user wants to configure and advertise an anycast SID using the same loopback interface prefix on multiple nodes, you must clear the N-flag to assure interoperability with third-party implementations, which may perform a strict check on the receive end and drop duplicate prefix SID sub-TLVs when the N-flag is set.
The SR OS implementation is relaxed on the receive end and accepts duplicate prefix SIDs with the N-flag set or clear. SR OS will resolve to the closest owner, or owners if ECMP, of the prefix SID cost-wise.
All
This command enables support of the “combined” Nokia SR OS YANG files for both configuration and state data in the NETCONF server.
When management-interface configuration-mode is set to classic, attempts to access (read or write) the configuration using the Nokia configuration modules or namespace via NETCONF results in errors, even if nokia-combined-modules or nokia-submodules is enabled.
This command and the nokia-submodules command cannot both be enabled at the same time.
The no form of this command disables support of the combined Nokia SR OS YANG files.
nokia-combined-modules
All
This command enables support of the alternative submodule-based packaging of the Nokia SR OS YANG files for both configuration and state data in the SR OS NETCONF server.
When management-interface configuration-mode is set to classic, attempts to access (read or write) the configuration using the Nokia configuration modules or namespace via NETCONF results in errors, even if nokia-combined-modules or nokia-submodules is enabled.
This command and the nokia-combined-modules command cannot both be enabled at the same time.
The no form of this command disables support of submodule-based packaging of the Nokia SR OS YANG files.
no nokia-submodules
All
This command specifies whether the router should ignore the designated router state and attract traffic even when it is not the designated router.
An operator can configure an interface (router or IES or VPRN interfaces) to IGMP and PIM. The interface IGMP state will be synchronized to the backup node if it is associated with the redundant peer port. The interface can be configured to use PIM which will cause multicast streams to be sent to the elected DR only. The DR will also be the router sending traffic to the DSLAM. Since it may be required to attract traffic to both routers a flag non-dr-attract-traffic can be used in the PIM context to have the router ignore the DR state and attract traffic when not DR. While using this flag, the router may not send the stream down to the DSLAM while not DR.
When enabled, the designated router state is ignored. When disabled, no non-dr-attract-traffic, the designated router value is honored.
no non-dr-attract-traffic
All
This command specifies whether the router should ignore the designated router state and attract traffic even when it is not the designated router.
An operator can configure an interface (router or IES or VPRN interfaces) to IGMP and PIM. The interface state will be synchronized to the backup node if it is associated with the redundant peer port. The interface can be configured to use PIM which will cause multicast streams to be sent to the elected DR only. The DR will also be the router sending traffic to the DSLAM. Since it may be required to attract traffic to both routers a flag non-dr-attract-traffic can be used in the PIM context to have the router ignore the DR state and attract traffic when not DR. While using this flag, the router may not send the stream down to the DSLAM while not DR.
When enabled, the designated router state is ignored.
The no form of this command the designated router value is honored.
no non-dr-attract-traffic
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command sets the tunnel-id range that is used to allocate a new tunnel-id for a tunnel for which no multi-chassis redundancy is configured.
The no form of this command is a double negation and means all tunnel-IDs are configured for multi-chassis redundancy.
Sets the tunnel-id range to the full tunnel-id range available on this system meaning that by default no tunnel-ID has multi-chassis redundancy.
non-multi-chassis-tunnel-id-range default or non-multi-chassis-tunnel-id-range start 1 end <maximum tunnel-id>
The default for start l2tp-tunnel-id is 1. No tunnel-ids are available for which no multi-chassis redundancy is configured when set to 0.
The default for end l2tp-tunnel-id is the maximum tunnel-id allowed on this system. The end l2tp-tunnel-id must be set to 0 when the start l2tp-tunnel-id is set to 0 and vice versa.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command configures traffic profiles for non-IP traffic such as PPPoE packets on a VPLS SAP. It is used in conjunction with the profiled-traffic-only command to forward non-IP traffic through the single subscriber SAP without the need for SAP queues.
The no form of this command removes any configured profile.
7450 ESS, 7750 SR-7/12/12e
This command configures the analyzer to check for a PID within the specified interval.
no non-vid-pid-absent
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command configures the length for the local L2TPv3 nonce (random number) value used in the Nonce AVP.
The no form of this command removes the nonce length from the configuration.
no nonce-length
7750 SR-a
This command configures the normal state to be associated with the alarm contact input. When the system detects a transition from the normal state, an alarm is generated. The alarm is cleared when the system detects a transition back to the normal state.
Configure the normal state as closed if an external power source is used to power the inputs.
normal-state open
All
This command enables LLDP notifications.
The no form of this command disables LLDP notifications.
no notification
All
This command decodes and logs all sent and received notification messages in the debug log.
The no form of this command disables the debugging.
All
This command configures the minimum time between change notifications.
The no form of this command reverts to the default value.
no notification-interval
7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
This command enables debugging for GMPLS Notify packets.
The no form of the command disables debugging for GMPLS Notify packets.
All
This command instructs the system to send notifications (Log, SNMP, …) when the active destination of a redirect policy changes. No notification is sent when there are no more active destinations (as this is covered by a specific other notification). Notifications can be controlled (using the config>log>event-control command) using application ID 2017 and event-name tFilterRPActiveDstChangeEvent.
The no form of the command disables notification generation.
no notify-dest-change
All
This command creates the context to configure an OSPF Not So Stubby Area (NSSA) and adds/removes the NSSA designation from the area.
NSSAs are similar to stub areas in that no external routes are imported into the area from other OSPF areas. The major difference between a stub area and an NSSA is that an NSSA has the capability to flood external routes that it learns throughout its area and via an ABR to the entire OSPF domain.
Existing virtual links of a non-stub or NSSA area are removed when the designation is changed to NSSA or stub.
An area can be designated as stub or NSSA but never both at the same time.
By default, an area is not configured as an NSSA area.
The no form of this command removes the NSSA designation and configuration context from the area.
no nssa — The OSPF area is not an NSSA.
All
This command creates the context to configure an OSPF or OSPF3 Not So Stubby Area (NSSA) and adds/removes the NSSA designation from the area.
NSSAs are similar to stub areas in that no external routes are imported into the area from other OSPF areas. The major difference between a stub area and an NSSA is an NSSA has the capability to flood external routes that it learns throughout its area and via an ABR to the entire OSPF or OSPF3 domain.
Existing virtual links of a non-stub or NSSA area will be removed when the designation is changed to NSSA or stub.
An area can be designated as stub or NSSA but never both at the same time.
By default, an area is not configured as an NSSA area.
The no form of this command removes the NSSA designation and configuration context from the area.
no nssa
All
This command enables debugging for an NSSA range.
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command configures the number of retransmissions of an NTF_LOGOUT message.
The no form of this command reverts to the default.
ntf-logout-retry-count 5
All
Commands in this context configure Network Time Protocol (NTP) and its operation. It also enables NTP server mode within the VPRN routing instance so that the router will respond to NTP requests from external clients received inside the VPRN.
The no form of this command stops the execution of NTP and removes its configuration.
All
Commands in this context configure Network Time Protocol (NTP) and its operation. This protocol defines a method to accurately distribute and maintain time for network elements. Furthermore, this capability allows for the synchronization of clocks between the various network elements. Use the no form of the command to stop the execution of NTP and remove its configuration.
ntp
All
This command enables and configures debugging for NTP.
The no form of the command disables debugging for NTP.
All
This command enables the reception and response to NTP Requests directed at the VRRP virtual IP address. This behavior only applies the router currently acting as the master VRRP router.
The no form of this command disables NTP Requests from being processed.
no ntp-reply
All
This command enables the reception and response to NTP Requests directed at the VRRP virtual IP address. This behavior only applies the router currently acting as the master VRRP router.
The no form of this command disables NTP Requests from being processed.
no ntp-reply
All
This command enables the reception and response to NTP Requests directed at the VRRP virtual IP address. This behavior only applies the router currently acting as the master VRRP router.
The no form of this command disables NTP Requests from being processed.
no ntp-reply
All
This command configures the node to assume the role of an NTP server. Unless the server command is used, this node will function as an NTP client only and will not distribute the time to downstream network elements.
no ntp-server
The authentication key from the received messages will be used for the transmitted messages.
All
This command adds an SR OS application event number as a match criterion.
SR OS event numbers uniquely identify a specific logging event within an application.
Only one number command can be entered per event filter entry. The latest number command overwrites the previous command.
The no form of this command removes the event number as a match criterion.
no event-number — No event ID match criterion is specified.
Operator | Note |
eq | equal to |
neq | not equal to |
lt | less than |
lte | less than or equal to |
gt | greater than |
gte | greater than or equal to |
All
This command adds an SR OS application event number as a match criterion.
SR OS event numbers uniquely identify a specific logging event within an application.
Only one number command can be entered per event filter entry. The latest number command overwrites the previous command.
The no form of this command removes the event number as a match criterion.
Operator | Notes |
eq | equal to |
neq | not equal to |
lt | less than |
lte | less than or equal to |
gt | greater than |
gte | greater than or equal to |
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
This command configures the number of ports down along with level for multicast CAC policy on an MSAP.
The no form of this command reverts to the default.
All
This command configure the number of ports down along with level for multicast CAC policy on this interface.
no number-down
All
This command configures the number of ports down and level for interface’s multicast CAC policy.
The no form of this command removes the values from the configuration.
not enabled
All
This command configures the number of ports down along with level for the MCAC policy on this interface.
The no form of this command removes the values from the configuration.
All
This command creates a context to configure an event set threshold within a lag-port-down priority control event.
The number-down command defines a sub-node within the lag-port-down event and is uniquely identified with the number-of-lag-ports-down parameter. Each number-down node within the same lag-port-down event node must have a unique number-of-lag-ports-down value. Each number-down node has its own priority command that takes effect whenever that node represents the current threshold.
The total number of sub-nodes (uniquely identified by the number-of-lag-ports-down parameter) allowed in a single lag-port-down event is equal to the total number of possible physical ports allowed in a LAG.
A number-down node is not required for each possible number of ports that could be down. The active threshold is always the closest lower threshold. When the number of ports down equals a given threshold, that is the active threshold.
The no form of the command deletes the event set threshold. The threshold may be removed at any time. If the removed threshold is the current active threshold, the event set thresholds must be re-evaluated after removal.
no number-down — No threshold for the LAG priority event is created.
This command is used to explicitly provision the number of secondary paths (and imply the number of primary paths) supported by the TChip based forwarding plane the bandwidth policy is managing. The default (and minimum) number of secondary paths is 1 and the maximum configurable is 15. The number of primary paths is total number of available paths minus the number of secondary paths.
Secondary paths are used by:
Secondary paths are used by:
The number of secondary paths should be increased from the default value of 1 when a single secondary path is enough for explicit secondary path managed traffic or the amount of best-effort multipoint non-managed queue traffic.
The no form of this command restores the default number of secondary paths.
number-paths 1 redundant-sfm 1
All
This command configures the number of times retries are performed for re-enabling the SAP/SDP.
number-retries 3