This command specifies the Python script for the specified RADIUS packet type in the specified direction.

Multiple radius command configurations are allowed in the same Python policy.

The no form of this command reverts to the default.

This command enables the debug router RADIUS context.

This command creates the context to configure RADIUS authentication on the VPRN.

Implement redundancy by configuring multiple server addresses for each VPRN.

The no form of this command removes the RADIUS configuration.

This command enables dynamic radius based management of transit aa-subs for the transit-ip-policy. This is mutually exclusive to other types management of transit subs for a given transit-ip-policy.

This command configures RADIUS for Lawful Intercept.

This command enables debugging for RADIUS connections.

The no form of the command disables the debug output.

This command creates the context to configure RADIUS authentication on the router.

Implement redundancy by configuring multiple server addresses for each router.

The no form of this command removes the RADIUS configuration.

Commands in this context configure RADIUS accounting subscriber profile parameters.

This command configures the RADIUS accounting policy.

The no form of this command reverts to the default value.

This command specifies a subscriber RADIUS based accounting policy.

The no form of this command removes the policy name from the configuration.

This command configures the RADIUS accounting policy to use for each MDA in this ISA group.

The no form of this command removes the accounting policy from the configuration.

This command specifies an existing subscriber RADIUS based accounting policy to use for AA. RADIUS Accounting policies are configured in the config>app-assure>radius-accounting-policy context.

This command specifies an existing subscriber RADIUS-based accounting policy to use for AA. RADIUS accounting policies are configured in the config>app-assure>radius-accounting-policy context.

This command specifies an existing RADIUS accounting policy to use to collect accounting statistics on this subscriber profile by RADIUS. This command is used independently of the collect-stats command.

This command specifies the RADIUS accounting policy to use for each MDA in this ISA group.

The no form of the command removes the policy ID from the configuration.

Commands in this context configure RADIUS accounting server attributes under a given session authentication policy.

This command creates the context for defining RADIUS accounting server attributes under a given session authentication policy.

This command specifies the RADIUS attribute filter of command debug router radius.

This command configures the RADIUS authentication policy with which the GTP connection is authenticated.

The no form of this command removes the authentication policy. Only new session setups are affected.

Commands in this context configure parameters related to RADIUS authentication performed for the BRG.

This command specifies the policy to be used for the IKEv2 remote-access tunnels terminated on the IPsec GW. The radius-authentication-policy is defined under config>ipsec context.

This command specifies the RADIUS authentication policy associated with this IPsec gateway.

Commands in this context define RADIUS authentication server attributes under a given session authentication policy.

This command configures the system-wide UDP port number that RADIUS is listening on for CoA and Disconnect messages.

The no form of this command reverts to the default.

This command references the RADIUS policy to be used for 802.1x authentication. An 802.1x RADIUS policy must be configured (config>system>security>dot1x) before it can be associated to a port. If the RADIUS policy-id does not exist, an error is returned. Only one 802.1x RADIUS policy can be associated with a port at a time.

The no form of this command removes the RADIUS policy association.

This command creates the context to configure RADIUS server parameters for 802.1x network access control on the router.

Note: The RADIUS server configured under the config>system>security>dot1x>radius-plcy context authenticates clients who get access to the data plane of the router as opposed to the RADIUS server configured under the config>system>radius context which authenticates CLI login users who get access to the management plane of the router.

The no form of this command removes the RADIUS server configuration for 802.1x.

This command context to configure RADIUS proxy parameters.

This command specifies the RADIUS-proxy server to allow subscribers created via data-triggered authentication to create an entry. This RADIUS proxy cache entry allows efficient handling of UE mobility.

This command enables BRG processing on the specified RADIUS proxy server. Whenever an Access-Accept message is received with the attribute Alc-BRG-Id present, this will trigger the creation of a BRG. The BRG will use the brg-profile specified in the Access-Accept message or fall back to this BRG profile. When the specified radius-proxy-server has a cache enabled, no cache entries will be created for a transaction identified as BRG. A RADIUS proxy server can only be listed in one BRG profile.

This command can be executed multiple times.

The no form of this command removes BRG processing for the specified radius-proxy server.

This command configures RADIUS proxy server parameters. This is a reference to a RADIUS accounting proxy server in Subscriber Aware Large Scale NAT44 application. RADIUS accounting proxy server will cache attributes related to a BNG subscriber as they are received in standard accounting messages (RFC 2866). Radius accounting proxy server can be configured in any routing instance within 7750 SR.

This command configures a RADIUS script policy.

The no form of this command removes the script policy from the configuration.

Commands in this context configure the RADIUS server under router or VPRN service.

This command references an existing radius-server-policy (available under the config>aaa context) for use in subscriber management authentication and accounting.

When configured in an authentication-policy, following CLI commands are ignored in the policy to avoid conflicts:

When configured in a radius-accounting-policy, following CLI commands are ignored in the policy to avoid conflicts:

The no form of this command removes the radius-server-policy reference from the configuration.

This command creates a radius-server-policy.

A RADIUS server policy can be used in

The no form of this command removes the policy name from the configuration.

This command references an existing radius-server-policy (available under the config>aaa context) for use in subscriber management authentication and accounting.

When configured in an authentication-policy, following CLI commands are ignored in the policy to avoid conflicts:

When configured in a radius-accounting-policy, following CLI commands are ignored in the policy to avoid conflicts:

The no form of this command removes the radius-server-policy reference from the configuration

This command references an existing radius-server-policy (available under the config>aaa context). The server (or servers) referenced by the policy is used as the targets for the access-request message.

The no form of this command removes the policy name from the route-downloader configuration.

This command is used if the BRG needs to be authenticated to the controller/PCMP by the vRGW. This is required if the BRG does not perform RADIUS authentication via the proxy server. The vRGW will originate a valid Access Request using the BRG ID as the username.

The no form of this command removes the radius-server-policy from the configuration. Setup of an unauthenticated BRG will now fail.

This command references an existing radius-server-policy (available under the config>aaa context) for use in subscriber management authentication and accounting.

When configured in an authentication-policy, following CLI commands are ignored in the policy to avoid conflicts:

When configured in a radius-accounting-policy, following CLI commands are ignored in the policy to avoid conflicts:

The no form of this command removes the radius-server-policy reference from the configuration.

This command allows the vRGW to authenticate on the BRG's behalf. This is required if the BRG does not perform authentication itself using the radius proxy. The vRGW originates a valid Access Request using the BRG ID as a username.

The no form of this command removes the RADIUS server policy from the configuration. Setting up of an unauthenticated BRG will now fail.

This command configures the RADIUS policy with IPv4/IPv6 in base routing and VPRN. The current RADIUS policy can be found under the configure>aaa>radius-server-policy context.

The RADIUS servers for the policy are configured under configure>router>radius-server or configure>service>vprn>radius-server context.

The RADIUS policy is assigned under dot1x using the radius-server-policy command. When the RADIUS policy is configured, both authorization and accounting are performed via the same server.

The no form of this command allows authorization and accounting via different servers.

This command specifies how to interpret the session-timeout coming from a RADIUS VSA in an Access-Accept or CoA message.

The value of this command can only be changed on wlan-gw group interfaces.

The no form of this command to resets the default behavior.

This command includes the RADIUS user name AVP in the Diameter Gy messages.

The no form of this command returns the command to the default setting.

This command enables the inclusion of the RAI AVP as signaled in the incoming GTP setup message.

The no form of this command disables the inclusion of the AVP.

This command configures a range of encapsulation values.

This command specifies a range of VC IDs for manually configured spoke SDPs to be synchronized with the multi-chassis peer and a synchronization tag to be used while synchronizing each range with the multi-chassis peer. The range command and the configuration of a synchronization tag on the parent sdp command are mutually exclusive.

To synchronize a single spoke SDP, the start-vc-id should be the same as the end-vc-id. If the configured end-vc-id is lower than the start-vc-id, the range command fails.

The synchronization tag can be changed by entering the same command with a different synchronization tag. Changing the synchronization tag removes all states relating to the previous synchronization tag for the SDP and a new synchronization tag state is created.

Multiple range commands can be configured, however, overlapping ranges for the same SDP (sdp-id) are not permitted.

The synchronization of PIM snooping is only supported for manually configured spoke SDPs but is not supported for spoke SDPs configured within an endpoint. See PIM Snooping for IPv4 Synchronization for service support.

The synchronization of the PIM snooping state is not supported on any of the following when used with the configured sdp-id:

Non-existent spoke SDPs may be specified. If these spoke SDPs are created at a later time, then all states on the spoke SDPs are synchronized according to the synchronization tag and the synchronization protocols enabled. The sync-tag can be changed by entering the same command with a different sync-tag value. If the synchronization tag is changed, then all states for the previous sync-tag are removed for the SDP configured in the command and the state is then built for the new synchronization tag.

This command configures a Layer 2 MC-Ring path-b or path-excl VLAN range.

By default, all customer VLANs participating in an L2 MC-Ring are on path-a. For load balancing purposes, a range of customer VLANs can be configured to use path-b which is set up in the opposite direction than path-a.The range of VLANs that are not participating in L2 MC-Ring are configured using the path-excl command.

This command configures a range of VLANs on an access port that are to be managed by an existing management VPLS.

This command is only valid when the VPLS in which it is entered was created as a management VPLS, and when the SAP in which it was entered was created on an Ethernet port with encapsulation type of dot1q or qinq, or on a SONET/SDH port with encapsulation type of bcp-dot1q.

To modify the range of VLANs, first the new range should be entered and afterwards the old range removed.

The no form of this command removes the VLAN range from this configuration.

This command creates a VLAN range or enters the context of the specified VLAN ranges for configuration applicable to that range of VLANs.

This command specifies an ISID or a Range of ISIDs in a B-VPLS. One range is allowed per entry.

This command identifies a set of ISIDs for I-VPLS services that are external to SPBM. These ISIDs are advertised as supported locally on this node unless an altered by an isid-policy. This allows communication from I-VPLS services external to SPBM through this node. The SAP may be a regular SAP or MC-LAG SAP. The spoke-SDP may be an active/standby spoke. When used with MC-LAG or active/stand-by PWs the conditional static-mac must be configured. ISIDs declared this way become part of the ISID multicast and consume MFIBs. Multiple SPBM static-isid ranges are allowed under a SAP/spoke-SDP.

The static-isids are associated with a remote B-MAC that must be declared as a static-mac for unicast traffic. ISIDs are advertised as if they were attached to the local B-MAC. Only remote I-VPLS ISIDs need to be defined. In the MFIB, the group MACs are then associated with the active SAP or spoke-SDP. An ISID policy may be defined to suppress the advertisement of an ISID if the ISID is primary used for unicast services. The following rules govern the usage of multiple ISID statements:

The no form of this command removes all the previous statements under one interface

no isid value | from value to higher-value - removes a specific ISID value or range. Must match a previously used positive statement: for example if the command “isid 316 to 400” was used using “no isid 316 to 350” will not work but “no isid 316 to 400 will be successful.

This command defines the range of ids for dynamic policers that are created using a Gx interface.

The no form of this command disables creation of dynamic policers using a Gx interface, resulting in a Gx rule instantiation failure, which is the default.

This command configures the rapid timer value to be used for protection switching coordination (PSC) packets for MPLS-TP linear protection (RFC 6378).

This command configures the value of the Rapid Retransmission Interval. It is used in the re-transmission mechanism to handle unacknowledged message_id objects and is based on an exponential back-off timer.

Re-transmission interval of a RSVP message with the same message_id = 2 * rapid-retransmit-time interval of time.

The node stops re-transmission of unacknowledged RSVP messages:

The Rapid Retransmission Interval must be smaller than the regular refresh interval configured in config>router>gmpls>refresh-time.

The no form of this command resets the configuration to the default value.

This command defines the value of the Rapid Retransmission Interval. It is used in the re-transmission mechanism to handle unacknowledged message_id objects and is based on an exponential back-off timer.

Re-transmission interval of a RSVP message with the same message_id = 2 * rapid-retransmit-time interval of time.

The node stops re-transmission of unacknowledged RSVP messages:

The Rapid Retransmission Interval must be smaller than the regular refresh interval configured in config>router>rsvp>refresh-time.

The no form of this command reverts to the default value.

This command configures the value of the Rapid Retry Limit. This is used in the retransmission mechanism based on an exponential backoff timer in order to handle unacknowledged message_id objects. The RSVP message with the same message_id is retransmitted every 2 * rapid-retransmit-time interval of time. The node will stop retransmission of unacknowledged RSVP messages whenever the updated backoff interval exceeds the value of the regular refresh interval, or the number of retransmissions reaches the value of the rapid-retry-limit parameter, whichever comes first.

The no form of this command resets the configuration to the default value.

This command is used to define the value of the Rapid Retry Limit. This is used in the retransmission mechanism based on an exponential backoff timer in order to handle unacknowledged message_id objects. The RSVP message with the same message_id is retransmitted every 2 * rapid-retransmit-time interval of time. The node will stop retransmission of unacknowledged RSVP messages whenever the updated backoff interval exceeds the value of the regular refresh interval or the number of retransmissions reaches the value of the rapid-retry-limit parameter, whichever comes first.

The no form of this command reverts to the default value.

This command enables and disables BGP rapid update for specified address families.

If rapid update is enabled for a set of address families, and a route belonging to a family in that set is received by the router and chosen for propagation to certain BGP peers, the remaining time on the MRAI timer of these peers is ignored and the route is transmitted immediately, along with all other pending routes for these peers (including routes of address families not specified in the rapid-update command).

The rapid-update command overrides the peer-level min-route-advertisement (config>router>bgp min-route-advertisement, config>router>bgp>group min-route-advertisement, config>router>bgp>group>neighbor min-route-advertisement) time and applies the minimum setting (0 seconds) to routes belonging to specified address families; routes of other address families continue to be advertised according to the session-level MRAI setting.

The no form of this command disables rapid update for all address families.

This command disables the delay (Minimum Route Advertisement) on sending BGP withdrawals. Normal route withdrawals may be delayed up to the minimum route advertisement to allow for efficient packing of BGP updates.

The no form of this command removes this command from the configuration and returns withdrawal processing to the normal behavior.

This command disables the delay (Minimum Route Advertisement) on sending BGP withdrawals. Normal route withdrawals may be delayed up to the minimum route advertisement to allow for efficient packing of BGP updates.

The no form of this command removes this command from the configuration and returns withdrawal processing to the normal behavior.

This command configures the default Radio Access Type (RAT) signaled during GTP setup. RAT is the underlying physical connection method for a radio-based communication network. This can be overridden by RADIUS.

The no form of this command reverts to the default value.

This command enables the inclusion of the Radio Access Type in AAA protocols as signaled in the incoming GTP setup message.

The no form of this command disables the inclusion of the attribute.

This command includes the RAT type.

The no form of this command reverts to the default.

This command configures the rate (PIR) override for the WRR group.

The no form of this command removes the rate from the configuration.

This command defines the administrative Peak Information Rate (PIR) and the administrative Committed Information Rate (CIR) parameters for the queue. The PIR defines the maximum rate that the queue can transmit packets out an egress interface (for SAP egress queues). Defining a PIR does not necessarily guarantee that the queue can transmit at the intended rate. The actual rate sustained by the queue can be limited by oversubscription factors or available egress bandwidth.

The CIR defines the rate at which the system prioritizes the queue over other queues competing for the same bandwidth. In-profile then out-of-profile packets are preferentially queued by the system at egress and at subsequent next hop nodes where the packet can traverse. To be properly handled throughout the network, the packets must be marked accordingly for profiling at each hop.

The CIR can be used by the queue’s parent command’s cir-level and cir-weight parameters to define the amount of bandwidth considered to be committed for the child queue during bandwidth allocation by the parent scheduler.

The rate command can be executed at any time, altering the PIR and CIR rates for all queues created through the association of the SAP egress QoS policy with the queue-id.

The no form of this command returns all queues created with the queue-id by association with the QoS policy to the default PIR and CIR parameters (max, 0).

This command defines the administrative Peak Information Rate (PIR) and the administrative Committed Information Rate (CIR) parameters for the queue. The PIR defines the maximum rate that the queue can transmit packets through the switch fabric (for SAP ingress queues). Defining a PIR does not necessarily guarantee that the queue can transmit at the intended rate. The actual rate sustained by the queue can be limited by oversubscription factors or available egress bandwidth.

The CIR defines the rate at which the system prioritizes the queue over other queues competing for the same bandwidth. For SAP ingress, the CIR also defines the rate that packets are considered in-profile by the system. In-profile then out-of-profile packets are preferentially queued by the system at egress and at subsequent next hop nodes where the packet can traverse. To be properly handled throughout the network, the packets must be marked accordingly for profiling at each hop.

The CIR can be used by the queue’s parent command’s cir-level and cir-weight parameters to define the amount of bandwidth considered to be committed for the child queue during bandwidth allocation by the parent scheduler.

The rate command can be executed at any time, altering the PIR and CIR rates for all queues created through the association of the SAP ingress or SAP egress QoS policy with the queue-id.

The no form of this command returns all queues created with the queue-id by association with the QoS policy to the default PIR and CIR parameters (max, 0).

This command is used to configure the policer’s metering and optional profiling rates. The metering rate is used by the system to configure the policer’s PIR leaky bucket’s decrement rate while the profiling rate configures the policer’s CIR leaky bucket’s decrement rate. The decrement function empties the bucket while packets applied to the bucket attempt to fill it based on each packets size. If the bucket fills faster than how much is decremented per packet, the bucket’s depth eventually reaches it's exceed (CIR) or violate (PIR) threshold. The cbs, mbs, and high-prio-only commands are used to configure the policer’s PIR and CIR thresholds.

If a packet arrives at the policer while the bucket’s depth is less than the threshold associated with the packet, the packet is considered to be conforming to the bucket’s rate. If the bucket depth is equal to or greater than the threshold, the packet is considered to be in the exception state. For the CIR bucket, the exception state is exceeding the CIR rate while the PIR bucket's exception state is violating the PIR bucket rate. If the packet is violating the PIR, the packet is marked red and is discarded. If the packet is not red, it may be green or yellow based on the conforming or exceeding state from the CIR bucket.

When a packet is red neither the PIR or CIR bucket depths are incremented by the packets size. When the packet is yellow the PIR bucket is incremented by the packet size, but the CIR bucket is not. When the packet is green, both the PIR and CIR buckets are incremented by the packet size. This ensures that conforming packets impact the bucket depth while exceeding or violating packets do not.

The policer’s adaptation-rule command settings are used by the system to convert the specified rates into hardware timers and decrement values for the policer’s buckets.

By default, the policer’s metering rate is max and the profiling rate is 0 kb/s (all packets out-of-profile).

The rate settings defined for the policer in the QoS policy may be overridden on an sla-profile or SAP where the policy is applied.

The no form of this command restores the default metering and profiling rate to a policer.

This command defines the enforced aggregate rate for all queues associated with the agg-rate context. A rate must be specified for the agg-rate context to be considered to be active on the context’s object (SAP, subscriber, Vport, and so on).

The no form of this command removes an explicit rate value from the aggregate rate therefore returning it to its default value.

This command overrides specific attributes of the specified queue’s Peak Information Rate (PIR) and the Committed Information Rate (CIR) parameters.

The PIR defines the maximum rate that the queue can transmit packets out an egress interface (for SAP egress queues). Defining a PIR does not necessarily guarantee that the queue can transmit at the intended rate. The actual rate sustained by the queue can be limited by oversubscription factors or available egress bandwidth.

The CIR defines the rate at which the system prioritizes the queue over other queues competing for the same bandwidth. In-profile, then out-of-profile, packets are preferentially queued by the system at egress and at subsequent next hop nodes where the packet can traverse. To be properly handled throughout the network, the packets must be marked accordingly for profiling at each hop.

The CIR can be used by the queue’s parent commands cir-level and cir-weight parameters to define the amount of bandwidth considered to be committed for the child queue during bandwidth allocation by the parent scheduler.

The rate command can be executed at any time, altering the PIR and CIR rates for all queues created through the association of the SAP egress QoS policy with the queue-id.

The no form of this command returns all queues created with the queue-id by association with the QoS policy to the default PIR and CIR parameters (max, 0).

This command overrides specific attributes of the specified scheduler rate. The rate command defines the maximum bandwidth that the scheduler can offer its policers, child queues or schedulers. The maximum rate is limited to the amount of bandwidth the scheduler can receive from its parent scheduler. If the scheduler has no parent, the maximum rate is assumed to be the amount available to the scheduler. When a parent is associated with the scheduler, the CIR parameter provides the amount of bandwidth to be considered during the parent scheduler’s ‘within CIR’ distribution phase.

The actual operating rate of the scheduler is limited by bandwidth constraints other than its maximum rate. The scheduler’s parent scheduler may not have the available bandwidth to meet the scheduler’s needs or the bandwidth available to the parent scheduler could be allocated to other child schedulers or child queues on the parent based on higher priority. The children of the scheduler may not need the maximum rate available to the scheduler due to insufficient offered load or limits to their own maximum rates.

When a scheduler is defined without specifying a rate, the default rate is max. If the scheduler is a root scheduler (no parent defined), the default maximum rate must be changed to an explicit value. Without this explicit value, the scheduler assumes that an infinite amount of bandwidth is available and allow all child queues and schedulers to operate at their maximum rates.

The no form of this command returns the scheduler's PIR and CIR parameters to the value configured in the applied scheduler policy.

This command specifies at which rate the policer drains packets. The cir value is only supported on dual-bucket-bandwidth policers. If rate max is configured, no actual rate limitations are applied.

The no form of this command reverts to the default.

This command defines the enforced aggregate rate for all queues associated with the agg-rate context. A rate must be specified for the agg-rate context to be considered to be active on the context’s object (SAP, subscriber, Vport, and so on).

The no form of this command reverts to the default.

This command configures the policer’s metering and optional profiling rates. The metering rate is used by the system to configure the policer’s PIR leaky bucket’s decrement rate while the profiling rate configures the policer’s CIR leaky bucket’s decrement rate. The decrement function empties the bucket while packets applied to the bucket attempt to fill it based on its packet size. If the bucket fills faster than how much is decremented per packet, the bucket’s depth eventually reaches it's exceeded (CIR) or violate (PIR) threshold. The cbs, mbs, and high-prio-only commands are used to configure the policer’s PIR and CIR thresholds.

If a packet arrives at the policer while the bucket’s depth is less than the threshold associated with the packet, the packet is considered to be conforming to the bucket’s rate. If the bucket depth is equal to or greater than the threshold, the packet is considered to be in the exception state. For the CIR bucket, the exception state is exceeding the CIR rate while the PIR bucket's exception state is violating the PIR bucket rate. If the packet is violating the PIR, the packet is marked red and will be discarded. If the packet is not red, it may be green or yellow based on the conforming or exceeding state from the CIR bucket.

When a packet is red neither the PIR nor the CIR bucket depths are incremented by the packets size. When the packet is yellow the PIR bucket is incremented by the packet size, but the CIR bucket is not. When the packet is green, both the PIR and CIR buckets are incremented by the packet size. This ensures that conforming packets impact the bucket depth while exceeding or violating packets do not.

The policer’s adaptation-rule command settings are used by the system to convert the specified rates into hardware timers and decrement values for the policer’s buckets.

By default, the policer’s metering rate is max and the profiling rate is 0 kb/s (all packets out-of-profile).

The rate settings defined for the policer in the QoS policy may be overridden on an sla-profile or SAP where the policy is applied.

The no form of this command reverts to the default metering and profiling rate of a policer.

This command defines the enforced aggregate rate for all queues associated with the agg-rate context. A rate must be specified for the agg-rate context to be considered to be active on the context’s object.

The no form of this command removes an explicit rate value from the aggregate rate returning it to its default value.

This command defines the enforced aggregate rate for all queues associated with the agg-rate context. A rate must be specified for the agg-rate context to be considered to be active on the context’s object.

The no form of this command removes an explicit rate value from the aggregate rate returning it to its default value.

This command specifies the administrative Peak Information Rate (PIR) and the administrative Committed Information Rate (CIR) parameters for the queue. The PIR defines the maximum rate that the queue can transmit packets out an egress interface (for SAP egress queues). Defining a PIR does not necessarily guarantee that the queue can transmit at the intended rate. The actual rate sustained by the queue can be limited by oversubscription factors or available egress bandwidth.

The CIR defines the rate at which the system prioritizes the queue over other queues competing for the same bandwidth. In-profile then out-of-profile packets are preferentially queued by the system at egress and at subsequent next hop nodes where the packet can traverse. To be properly handled throughout the network, the packets must be marked accordingly for profiling at each hop.

The CIR can be used by the queue’s parent commands cir-level and cir-weight parameters to define the amount of bandwidth considered to be committed for the child queue during bandwidth allocation by the parent scheduler.

The rate command can be executed at any time, altering the PIR and CIR rates for all queues created through the association of the SAP egress QoS policy with the queue-id.

This command is ignored for egress HSQ queue group queues which are attached to an HS WRR group within an associated HS attachment policy. In this case, the configuration of the rate is performed under the hs-wrr-group within the egress queue group template.

The no form of this command returns all queues created with the queue-id by association with the QoS policy to the default PIR and CIR parameters (max, 0).

This command can be used to override specific attributes of the specified scheduler rate. The rate command defines the maximum bandwidth that the scheduler can offer its child queues or schedulers. The maximum rate is limited to the amount of bandwidth the scheduler can receive from its parent scheduler. If the scheduler has no parent, the maximum rate is assumed to be the amount available to the scheduler. When a parent is associated with the scheduler, the CIR parameter provides the amount of bandwidth to be considered during the parent scheduler's 'within CIR' distribution phase.

The actual operating rate of the scheduler is limited by bandwidth constraints other than its maximum rate. The scheduler's parent scheduler may not have the available bandwidth to meet the scheduler's needs or the bandwidth available to the parent scheduler could be allocated to other child schedulers or child queues on the parent based on higher priority. The children of the scheduler may not need the maximum rate available to the scheduler due to insufficient offered load or limits to their own maximum rates.

When a scheduler is defined without specifying a rate, the default rate is max. If the scheduler is a root scheduler (no parent defined), the default maximum rate must be changed to an explicit value. Without this explicit value, the scheduler will assume that an infinite amount of bandwidth is available and allow all child policers, queues, and schedulers to operate at their maximum rates.

The no form of this command returns the scheduler's PIR and CIR parameters to the value configured in the applied scheduler policy.

This command specifies the rate allowed for the HS secondary shaper's aggregate rate and per-class rates.

The no form of this command reverts to the default.

This command defines the enforced aggregate rate for all queues associated with the agg-rate context. A rate must be specified for the agg-rate context to be considered to be active on the context’s object (SAP, subscriber, Vport, and so on).

The no form of this command removes an explicit rate value from the aggregate rate returning it to its default value.

This command within the SAP ingress and egress policer-overrides contexts is used to override the sap-ingress and sap-egress QoS policy configured rate parameters for the specified policer-id.

The no rate command is used to restore the policy defined metering and profiling rate to a policer.

This command overrides the scheduling rate applied to the HS WRR group in kb/s. A rate can be specified in kb/s or the keyword max can be used to remove the bandwidth limitation on the HS WRR group. The override rate type must match the corresponding rate type within the applied QoS policy.

The no form of this command removes the rate override value from the configuration.

This command can be used to override specific attributes of the specified queue’s Peak Information Rate (PIR) and the Committed Information Rate (CIR) parameters.

The PIR defines the maximum rate that the queue can transmit packets out an egress interface (for SAP egress queues). Defining a PIR does not necessarily guarantee that the queue can transmit at the intended rate. The actual rate sustained by the queue can be limited by oversubscription factors or available egress bandwidth.

The CIR defines the rate at which the system prioritizes the queue over other queues competing for the same bandwidth. In-profile and then out-of-profile packets are preferentially queued by the system at egress and at subsequent next hop nodes where the packet can traverse. To be properly handled throughout the network, the packets must be marked accordingly for profiling at each hop.

The CIR can be used by the queue’s parent commands cir-level and cir-weight parameters to define the amount of bandwidth considered to be committed for the child queue during bandwidth allocation by the parent scheduler.

The rate command can be executed at any time, altering the PIR and CIR rates for all queues created through the association of the SAP egress QoS policy with the queue-id.

This command is ignored for egress HSQ queue group queues which are attached to an HS WRR group within an associated HS attachment policy. In this case, the configuration of the rate is performed under the hs-wrr-group within the SAP egress QoS policy.

The no form of this command returns all queues created with the queue-id by association with the QoS policy to the default PIR and CIR parameters (max, 0).

This command can be used to override specific attributes of the specified scheduler rate. The rate command defines the maximum bandwidth that the scheduler can offer its child policers, queues or schedulers. The maximum rate is limited to the amount of bandwidth the scheduler can receive from its parent scheduler. If the scheduler has no parent, the maximum rate is assumed to be the amount available to the scheduler. When a parent is associated with the scheduler, the CIR parameter provides the amount of bandwidth to be considered during the parent scheduler’s ‘within CIR’ distribution phase.

The actual operating rate of the scheduler is limited by bandwidth constraints other than its maximum rate. The scheduler’s parent scheduler may not have the available bandwidth to meet the scheduler’s needs or the bandwidth available to the parent scheduler could be allocated to other child schedulers or child policers or queues on the parent based on higher priority. The children of the scheduler may not need the maximum rate available to the scheduler due to insufficient offered load or limits to their own maximum rates.

When a scheduler is defined without specifying a rate, the default rate is max. If the scheduler is a root scheduler (no parent defined), the default maximum rate must be changed to an explicit value. Without this explicit value, the scheduler will assume that an infinite amount of bandwidth is available and allow all child policers, queues, and schedulers to operate at their maximum rates.

The no form of this command returns the scheduler’s PIR and CIR parameters to the values configured in the applied scheduler policy.

This command defines the enforced aggregate rate for all queues associated with the agg-rate context. A rate must be specified for the agg-rate context to be considered active on the context’s object (SAP, subscriber, Vport, and so on.).

The no form of this command removes an explicit rate value from the aggregate rate returning it to its default value.

This command within the SAP ingress and egress policer-overrides contexts is used to override the sap-ingress and sap-egress QoS policy configured rate parameters for the specified policer-id.

The no form of this command removes the rate override so that the rate configured for the policer in the applied SAP egress QoS policy is used.

This command overrides the scheduling rate applied to the HS WRR group in kb/s. Alternatively, the keyword max can be specified which removes the bandwidth limitation on the HS WRR group. The override rate type must match the corresponding rate type within the applied QoS policy.

The no form of this command removes the rate override value from the configuration.

This command within the SAP ingress and egress policer-overrides contexts is used to override the sap-ingress and sap-egress QoS policy configured rate parameters for the specified policer-id.

The no form of the command removes the rate override so that the rate configured for the policer in the applied SAP egress QoS policy is used.

This command overrides the scheduling rate applied to the HS WRR group in Kb/s. Alternatively, the keyword max can be specified which removes the bandwidth limitation on the HS WRR group. The override rate type must match the corresponding rate type within the applied QoS policy.

The no form of this command removes the rate override value from the configuration.

This command can be used to override specific attributes of the specified scheduler rate. The rate command defines the maximum bandwidth that the scheduler can offer its child queues or schedulers. The maximum rate is limited to the amount of bandwidth the scheduler can receive from its parent scheduler. If the scheduler has no parent, the maximum rate is assumed to be the amount available to the scheduler. When a parent is associated with the scheduler, the CIR parameter provides the amount of bandwidth to be considered during the parent scheduler’s ‘within CIR’ distribution phase.

The actual operating rate of the scheduler is limited by bandwidth constraints other than its maximum rate. The scheduler’s parent scheduler may not have the available bandwidth to meet the scheduler’s needs or the bandwidth available to the parent scheduler could be allocated to other child schedulers or child queues on the parent based on higher priority. The children of the scheduler may not need the maximum rate available to the scheduler due to insufficient offered load or limits to their own maximum rates.

When a scheduler is defined without specifying a rate, the default rate is max. If the scheduler is a root scheduler (no parent defined), the default maximum rate must be changed to an explicit value. Without this explicit value, the scheduler will assume that an infinite amount of bandwidth is available and allow all child queues and schedulers to operate at their maximum rates.

The no form of this command returns the scheduler's PIR and CIR parameters to the value configured in the applied scheduler policy.

This command defines the enforced aggregate rate for all queues associated with the agg-rate context. A rate must be specified for the agg-rate context to be considered to be active on the context’s object.

The no form of this command removes an explicit rate value from the aggregate rate returning it to its default value.

This command within the SAP ingress and egress policer-overrides contexts is used to override the sap-ingress and sap-egress QoS policy configured rate parameters for the specified policer-id.

The no form of this command restores the policy defined metering and profiling rate to a policer.

This command overrides the scheduling rate applied to the HS WRR group in Kb/s. Alternatively, the keyword max can be specified which removes the bandwidth limitation on the HS WRR group. The override rate type must match the corresponding rate type within the applied QoS policy.

The no form of this command removes the rate override value from the configuration.

This command can be used to override specific attributes of the specified queue’s Peak Information Rate (PIR) and the Committed Information Rate (CIR) parameters. The PIR defines the maximum rate that the queue can transmit packets out an egress interface (for SAP egress queues). Defining a PIR does not necessarily guarantee that the queue can transmit at the intended rate. The actual rate sustained by the queue can be limited by oversubscription factors or available egress bandwidth.

The CIR defines the rate at which the system prioritizes the queue over other queues competing for the same bandwidth. In-profile packets are preferentially queued by the system at egress and at subsequent next hop nodes where the packet can traverse. To be properly handled throughout the network, the packets must be marked accordingly for profiling at each hop.

The CIR can be used by the queue’s parent commands cir-level and cir-weight parameters to define the amount of bandwidth considered to be committed for the child queue during bandwidth allocation by the parent scheduler.

The rate command can be executed at any time, altering the PIR and CIR rates for all queues created through the association of the SAP egress QoS policy with the queue-id.

This command is ignored for egress HSQ queue group queues which are attached to an HS WRR group within an associated HS attachment policy. In this case, the configuration of the rate is performed under the hs-wrr-group within the SAP egress QoS policy.

The no form of this command returns all queues created with the queue-id by association with the QoS policy to the default PIR and CIR parameters (max, 0).

This command can be used to override specific attributes of the specified scheduler rate. The rate command defines the maximum bandwidth that the scheduler can offer its child queues or schedulers. The maximum rate is limited to the amount of bandwidth the scheduler can receive from its parent scheduler. If the scheduler has no parent, the maximum rate is assumed to be the amount available to the scheduler. When a parent is associated with the scheduler, the CIR parameter provides the amount of bandwidth to be considered during the parent scheduler’s ‘within CIR’ distribution phase.

The actual operating rate of the scheduler is limited by bandwidth constraints other than its maximum rate. The scheduler’s parent scheduler may not have the available bandwidth to meet the scheduler’s needs or the bandwidth available to the parent scheduler could be allocated to other child schedulers or child policers and queues on the parent based on higher priority. The children of the scheduler may not need the maximum rate available to the scheduler due to insufficient offered load or limits to their own maximum rates.

When a scheduler is defined without specifying a rate, the default rate is max. If the scheduler is a root scheduler (no parent defined), the default maximum rate must be changed to an explicit value. Without this explicit value, the scheduler will assume that an infinite amount of bandwidth is available and allow all child queues and schedulers to operate at their maximum rates.

The no form of this command returns the scheduler's PIR and CIR parameters to the value configured in the applied scheduler policy.

This command configures the sampling rate of packets for the cflowd export of application assurance volume statistics.

The no form of this command reverts to the default value.

This command configures the administrative PIR and CIR for bandwidth policers and flow setup rate limits for flow policers. The actual rate sustained by the flow can be limited by other policers that may be applied to that flow’s traffic. This command does not apply to flow-count-limit policers.

The cir option is applicable only to dual-bucket bandwidth policers. It is recommended to configure flow setup rate subscriber-level policer for AA subscribers to ensure fair usage of flow resources between AA subscribers.

The no form of this command resets the values to defaults.

This command configures the sampling rate for the recorded http host, a sampling rate of 10 will sample one out of 10 http-host.

This command is used to define the maximum bandwidth an instance of the arbiter can receive from its parent tier 1 arbiter or the root arbiter. The arbiter instance enforces this limit by calculating the bandwidth each of its child policers should receive relative to their offered loads, parenting parameters, and individual rate limits, and using that derived rate as a child PIR decrement rate override. The override will not exceed the child policer’s administrative rate limit and the aggregate of all the child PIR decrement rates will not exceed the specified arbiter rate limit.

The arbiter’s policy defined rate value may be overridden at the SAP or sub-profile where the policer-control-policy is applied. Specifying an override prevents the arbiter from being removed from the policer control policy until the override is removed.

The no form of this command is used to remove a rate limit from the arbiter at the policer control policy level. The policy level rate limit for the arbiter will return to the default value of max. The no rate command has no effect on instances of the arbiter where a rate limit override has been defined.

This command is used to configure the policer’s metering and optional profiling rates. The metering rate is used by the system to configure the policer’s PIR leaky bucket’s decrement rate while the profiling rate configures the policer’s CIR leaky bucket’s decrement rate. The decrement function empties the bucket while packets applied to the bucket attempt to fill it based on each packet’s size. If the bucket fills faster than how much is decremented per packet, the bucket’s depth eventually reaches its exceed (CIR) or violate (PIR) threshold. The cbs, mbs, and high-prio-only commands are used to configure the policer’s PIR and CIR thresholds.

If a packet arrives at the policer while the bucket’s depth is less than the threshold associated with the packet, the packet is considered to be conforming to the bucket’s rate. If the bucket depth is equal to or greater than the threshold, the packet is considered to be in the exception state. For the CIR bucket, the exception state is exceeding the CIR rate while the PIR bucket's exception state is violating the PIR bucket rate. If the packet is violating the PIR, the packet is marked red and will be discarded. If the packet is not red, it may be green or yellow, based on the conforming or exceeding state from the CIR bucket.

When a packet is red, neither the PIR nor CIR bucket depths are incremented by the packets size. When the packet is yellow, the PIR bucket is incremented by the packet size, but the CIR bucket is not. When the packet is green, both the PIR and CIR buckets are incremented by the packet size. This ensures that conforming packets impact the bucket depth while exceeding or violating packets do not.

The policer’s adaptation-rule command settings are used by the system to convert the specified rates into hardware timers and decrement values for the policer’s buckets.

By default, the policer’s metering rate is max and the profiling rate is 0 kb/s (all packets out-of-profile).

The rate settings defined for the policer in the QoS policy may be overridden on an sla-profile or SAP where the policy is applied.

The no form of this command is used to restore the default metering and profiling rate to a policer.

This command defines the administrative Peak Information Rate (PIR), the administrative Committed Information Rate (CIR), and the administrative Fair Information Rate (FIR) parameters for the queue.

The PIR defines the maximum rate that the queue can transmit packets through the switch fabric (for SAP ingress queues). Defining a PIR does not necessarily guarantee that the queue can transmit at the intended rate. The actual rate sustained by the queue can be limited by oversubscription factors or available egress bandwidth.

The CIR defines the rate at which the system prioritizes the queue over other queues competing for the same bandwidth. For SAP ingress, the CIR also defines the rate that packets are considered in-profile by the system, unless cir-non-profiling is configured. In-profile, then out-of-profile, packets are preferentially queued by the system at egress and at subsequent next-hop nodes where the packet can traverse. To be properly handled throughout the network, the packets must be marked accordingly for profiling at each hop.

The CIR can be used by the queue’s parent commands cir-level and cir-weight parameters to define the amount of bandwidth considered to be committed for the child queue during bandwidth allocation by the parent scheduler.

The FIR defines an additional rate at which the system prioritizes the queue over other queues competing for the same bandwidth above that used by the CIR.

The rate command can be executed at any time, altering the PIR, CIR, and FIR for all queues created through the association of the SAP ingress QoS policy with the queue-id.

The no form of this command returns all queues created with the queue-id by association with the QoS policy to the default PIR and CIR parameters (max, 0, 0).

This command defines the administrative Peak Information Rate (PIR) and the administrative Committed Information Rate (CIR) parameters for the queue. The PIR defines the maximum rate that the queue can transmit packets out an egress interface (for SAP egress queues). Defining a PIR does not necessarily guarantee that the queue can transmit at the intended rate. The actual rate sustained by the queue can be limited by oversubscription factors or available egress bandwidth.

The CIR defines the rate at which the system prioritizes the queue over other queues competing for the same bandwidth. In-profile packets are preferentially queued by the system at egress and at subsequent next hop nodes where the packet can traverse. To be properly handled as in- or out-of-profile throughout the network, the packets must be marked accordingly for profiling at each hop.

The CIR can be used by the queue’s parent commands cir-level and cir-weight parameters to define the amount of bandwidth considered to be committed for the child queue during bandwidth allocation by the parent scheduler.

The rate command can be executed at any time, altering the PIR and CIR rates for all queues created through the association of the SAP egress QoS policy with the queue-id.

When configured on an egress HSQ queue group queue, the cir keyword is ignored.

This command is ignored for egress HSQ queue group queues which are attached to an HS WRR group within an associated HS attachment policy. In this case, the configuration of the rate is performed under the hs-wrr-group within the SAP egress QoS policy.

The no form of this command returns all queues created with the queue-id by association with the QoS policy to the default PIR and CIR parameters (max, 0).

This command specifies the scheduling rate applied to the HS WRR group as a percentage of the port rate, which includes both the egress-rate and HS scheduler policy max-rate, if configured.

The no form of the command reverts to the default.

This command specifies the scheduling rate applied to the HS WRR group in kb/s. Alternatively, the keyword max can be specified, which removes the bandwidth limitation on the HS WRR group. The rate and percent-rate commands are mutually exclusive.

The no form of the command reverts to the default value.

This command specifies the scheduling rate applied to the HS WRR group in kb/s. Alternatively, the keyword max can be specified, which removes the bandwidth limitation on the HS WRR group. The rate and percent-rate commands are mutually exclusive.

The no form of the command reverts to the rate max.

This command defines the administrative Peak Information Rate (PIR), the administrative Committed Information Rate (CIR), and the administrative Fair Information Rate (FIR) parameters for the queue.

The PIR defines the percentage that the queue can transmit packets through the switch fabric (for ingress queues) or out of an egress port (for egress queues). Defining a PIR does not necessarily guarantee that the queue can transmit at the intended rate. The actual rate sustained by the queue can be limited by oversubscription factors or available bandwidth.

The CIR defines the percentage at which the system prioritizes the queue over other queues competing for the same bandwidth.

The CIR can be used by the queue’s port-parent commands cir-level and cir-weight parameters to define the amount of bandwidth considered to be committed for the child queue during bandwidth allocation by the parent port scheduler.

The FIR defines an additional percentage at which the system prioritizes the queue over other queues competing for the same bandwidth above that used by the CIR percentage.

The rate command can be executed at any time, altering the PIR, CIR, and FIR for all queues created through the association of the network queue policy with the queue-id.

When configured on an egress HSQ queue group queue, the cir keyword is ignored.

This command is ignored for egress HSQ queue group queues which are attached to an HS WRR group within an associated HS attachment policy. In this case, the configuration of the rate is performed under the hs-wrr-group within the network queue policy.

The no form of the command returns all queues created with the queue-id by association with the network queue policy to the default PIR, CIR, and FIR parameters.

This command is used to configure the policer’s metering and optional profiling rates. The metering rate is used by the system to configure the policer’s PIR leaky bucket’s decrement rate while the profiling rate configures the policer’s CIR leaky bucket’s decrement rate. The decrement function empties the bucket while packets applied to the bucket attempt to fill it based on each packet’s size. If the bucket fills faster than how much is decremented per packet, the bucket’s depth eventually reaches its exceed (CIR) or violate (PIR) threshold. The cbs, mbs, and high-prio-only commands are used to configure the policer’s PIR and CIR thresholds.

If a packet arrives at the policer while the bucket’s depth is less than the threshold associated with the packet, the packet is considered to be conforming to the bucket’s rate. If the bucket depth is equal to or greater than the threshold, the packet is considered to be in the exception state. For the CIR bucket, the exception state is exceeding the CIR rate while the PIR bucket's exception state is violating the PIR bucket rate. If the packet is violating the PIR, the packet is marked red and will be discarded. If the packet is not red, it may be green or yellow, based on the conforming or exceeding state from the CIR bucket.

When a packet is red, neither the PIR nor CIR bucket depths are incremented by the packets size. When the packet is yellow, the PIR bucket is incremented by the packet size, but the CIR bucket is not. When the packet is green, both the PIR and CIR buckets are incremented by the packet size. This ensures that conforming packets impact the bucket depth while exceeding or violating packets do not.

The policer’s adaptation-rule command settings are used by the system to convert the specified rates into hardware timers and decrement values for the policer’s buckets.

By default, the policer’s metering rate is max and the profiling rate is 0 kb/s (all packets out-of-profile).

The no form of this command is used to restore the default metering and profiling rate to a policer.

This command defines the administrative Peak Information Rate (PIR), the administrative Committed Information Rate (CIR), and the administrative Fair Information Rate (FIR) parameters for the queue. The PIR defines the maximum rate that the queue can transmit packets through the switch fabric (for SAP ingress queues). Defining a PIR does not necessarily guarantee that the queue can transmit at the intended rate. The actual rate sustained by the queue can be limited by oversubscription factors or available egress bandwidth.

The CIR defines the rate at which the system prioritizes the queue over other queues competing for the same bandwidth. For SAP ingress, the CIR also defines the rate that packets are considered in-profile by the system, unless cir-non-profiling is configured. In-profile, then out-of-profile, packets are preferentially queued by the system at egress and at subsequent next hop nodes where the packet can traverse. To be properly handled throughout the network, the packets must be marked accordingly for profiling at each hop.

The CIR can be used by the queue’s parent commands cir-level and cir-weight parameters to define the amount of bandwidth considered to be committed for the child queue during bandwidth allocation by the parent scheduler.

The FIR defines an additional rate at which the system prioritizes the queue over other queues competing for the same bandwidth above that used by the CIR.

The rate command can be executed at any time, altering the PIR, CIR, and FIR for all queues created through the association of the ingress queue group template with the queue-id.

The no form of this command returns all queues created with the queue-id by association with the QoS policy to the default PIR, CIR, and FIR parameters (max, 0, 0).

This command defines the administrative PIR and the administrative CIR parameters for the queue. The PIR defines the maximum rate that the queue can transmit packets out an egress port. Defining a PIR does not necessarily guarantee that the queue can transmit at the intended rate. The actual rate sustained by the queue can be limited by oversubscription factors or available egress bandwidth.

The CIR defines the rate at which the system prioritizes the queue over other queues competing for the same bandwidth. In-profile packets are preferentially queued by the system at egress and at subsequent next hop nodes where the packet can traverse. To be properly handled as in- or out-of-profile throughout the network, the packets must be marked accordingly for profiling at each hop.

The CIR can be used by the queue’s parent commands cir-level and cir-weight parameters to define the amount of bandwidth considered to be committed for the child queue during bandwidth allocation by the parent scheduler.

The rate command can be executed at any time, altering the PIR and CIR for all queues created through the association of the egress queue group template with the queue-id.

When configured on an egress HSQ queue group queue, the cir keyword is ignored.

This command is ignored for egress HSQ queue group queues which are attached to an HS WRR group within an associated HS attachment policy. In this case, the configuration of the rate is performed under the hs-wrr-group within the SAP egress QoS policy.

The no form of this command returns all queues created with the queue-id by association with the QoS policy to the default PIR and CIR parameters (max, 0).

The rate command defines the maximum bandwidth that the scheduler can offer its child queues or schedulers. The maximum rate is limited to the amount of bandwidth the scheduler can receive from its parent scheduler. If the scheduler has no parent, the maximum rate is assumed to be the amount available to the scheduler. When a parent is associated with the scheduler, the CIR parameter provides the amount of bandwidth to be considered during the parent scheduler’s within-CIR distribution phase.

The actual operating rate of the scheduler is limited by bandwidth constraints other than its maximum rate. The scheduler’s parent scheduler may not have the available bandwidth to meet the scheduler’s needs or the bandwidth available to the parent scheduler could be allocated to other child schedulers or child queues on the parent based on higher priority. The children of the scheduler may not need the maximum rate available to the scheduler due to insufficient offered load or limits to their own maximum rates.

When a scheduler is defined without specifying a rate, the default rate is max. If the scheduler is a root scheduler (no parent defined), the default maximum rate must be changed to an explicit value. Without this explicit value, the scheduler will assume that an infinite amount of bandwidth is available and allow all child queues and schedulers to operate at their maximum rates.

The no form of this command returns the scheduler's PIR and CIR parameters to the value configured in the applied scheduler policy.

This command specifies the total bandwidth and the within-CIR bandwidth allocated to a weighted scheduler group.

The no form of this command returns the rate to its default value of max.

This command defines the administrative PIR, the administrative CIR, and the administrative FIR parameters for the queue.

The PIR defines the percentage that the queue can transmit packets through the switch fabric (for ingress queues). Defining a PIR does not necessarily guarantee that the queue can transmit at the intended rate. The actual rate sustained by the queue can be limited by over-subscription factors or available bandwidth.

The CIR defines the percentage at which the system prioritizes the queue over other queues competing for the same bandwidth.

The rate command can be executed at any time, altering the PIR, CIR, and FIR for the queue created with the queue-id.

This command specifies the rate (N) at which traffic is sampled and sent for flow analysis. A packet is sampled every N packets; for example, when sample-rate is configured as 1, then all packets are sent to the cache. When sample-rate is configured as 100, then every 100th packet is sent to the cache.

The no form of this command resets the sample rate to the default value.

This command defines the enforced aggregate rate for all queues associated with the agg-rate context. A rate must be specified for the agg-rate context to be considered to be active on the context’s object.

The no form of the command reverts to the default.

This command overrides specific attributes of the specified scheduler rate.

The rate command defines the maximum bandwidth that the scheduler can offer its child policers, queues or schedulers. The maximum rate is limited to the amount of bandwidth the scheduler can receive from its parent scheduler. If the scheduler has no parent, the maximum rate is assumed to be the amount available to the scheduler. When a parent is associated with the scheduler, the CIR parameter provides the scheduler’s amount of bandwidth to be considered during the parent schedulers ‘within CIR’ distribution phase.

The actual operating rate of the scheduler is limited by bandwidth constraints other than its maximum rate. The scheduler’s parent scheduler may not have the available bandwidth to meet the scheduler’s needs or the bandwidth available to the parent scheduler could be allocated to other child schedulers or child policers or queues on the parent based on higher priority. The children of the scheduler may not need the maximum rate available to the scheduler due to insufficient offered load or limits to their own maximum rates.

When a scheduler is defined without specifying a rate, the default rate is max. If the scheduler is a root scheduler (no parent defined), the default maximum rate must be changed to an explicit value. Without this explicit value, the scheduler will assume that an infinite amount of bandwidth is available and allow all child queues and schedulers to operate at their maximum rates.

The no form of this command returns the scheduler’s to the PIR and CIR parameters to the value configured in the applied scheduler policy.

This command specifies the maximum bandwidth that will be made available to the queue in kilobits per second (kb/s).

This command configures the rate and burst tolerance for the policer in either a packet rate or a bit rate.

The actual hardware may not be able to perfectly rate limit to the exact configured parameters. In this case, the configured parameters will be adapted to the closest supported rate. The actual (operational) parameters can be seen in CLI, for example, show service id 33 sap 1/1/3:33 dist-cpu-protection detail.

If the kilobits-per-second parameter value is configured as max, then the policer is effectively disabled (always conforming).

If the size parameter value is configured as 0, then all packets are considered as nonconforming.

This command configures the rate and burst tolerance for the policer in either a packet rate or a bit rate.

The actual hardware may not be able to perfectly rate limit to the exact configured parameters. In this case, the configured parameters will be adapted to the closest supported rate. The actual (operational) parameters can be seen in CLI, for example, show service id 33 sap 1/1/3:33 dist-cpu-protection detail.

If the kilobits-per-second parameter value is configured as max, then the policer is effectively disabled (always conforming).

If the size parameter is configured as 0, then all packets are considered as nonconforming.

This command configures a rate adjustment for the scheduler. The rate-adjustment command should be used when the rate returned by the DSLAM is calculated with different encapsulation than the 7450 ESS or 7750 SR. The node will adjust the rate by the percent specified as:

DSLAM_RATE*adjust-rate/100 — rate-reduction.

The no form of this command reverts to the default.

This command overrides the default minimum time that must elapse before a policer or queue’s offered rate may be recalculated. A minimum time between offered rate calculations is enforced to both prevent inaccurate estimation of the offered rate and excessive input to the virtual scheduler process.

In order to smooth out rapidly fluctuating offered rates, the system averages the measured offered rate with a window of previously measured offered traffic statistics and knowledge of the time between the samples.

The window size is defined by the “rate calculation minimum interval” with offered traffic statistics being read at most four times within the window. Any previous measured offered statistics within the window are used in the averaging function. Note that if there are large numbers of samples required, for example when a large number of queues are running HQoS, then it may be that a time greater than the “rate calculation minimum interval” passes before another sample of the offered statistics can be taken for a queue. In this case, in order to calculate an offered rate, HQoS will always use two samples, the current and the previous. In this case, using a smaller rate-calc-min-int will have no effect on the responsiveness of HQoS to queue rate changes.

The system separates policers and queues into fast and slow categories and maintains a separate “rate calculation minimum interval” for each type. The default for each type are as follows:

Slow Queue: 1.0 seconds

Fast Queue: 0.25 seconds

The actual minimum rate calculation interval may be increased or decreased by using the fast-queue and/or slow-queue keywords (which are also applicable for policers managed by HQoS) followed by a percent value which is applied to the default interval. The default slow-queue threshold rate is 1 Mb/s. Once a policer or queue is categorized as slow, its rate must rise to 1.5 Mb/s before being categorized as a fast policer or queue. The categorization threshold may be modified by using the slow-queue-threshold command.

The no form of this command restores the default fast queue and slow queue minimum rate calculation interval.

This command is applicable to LAC and LNS. It provides the last mile link rate in the downstream direction that is needed for proper shaping and calculating the interleaving delay.

The rate information in the last mile will be taken from the following sources in the order of priority:

This command configures the maximum rate limit at which syslog messages are sent. Once the rate limit is exceeded, NAT flow logs will be buffered. Overload condition is characterized by exhaustion of this buffer space. This condition can occur due to imposed rate limit or the software speed limit. Once the buffer space is exhausted, new flow creation will be denied, and the teardown of the existing flows will be delayed until the buffer space becomes available.

The no form of the command removes the maximum rate limit from the configuration.

This command configures the rate limit value for traffic matching this filter entry. Rate limit policers are configured with MBS equals CBS equals 10 ms of the rate and high-prio-only equals 0.

Traffic can also be rate-limited based on extracted-traffic, packet-length, packet-length range, ttl, ttl range, or a pattern of conditional match criteria.

Packets that match the filter entry match criteria, but do not match the conditional match criteria value, are implicitly forwarded with no further match in the following filter entries.

For pattern match:

This command sets the rate limit for the traffic matching both the filter entry match criteria and the packet-length-value defined in the rate-limit action statement.

Packets matching the filter entry match criteria and not matching the packet-length-value defined in the rate-limit action statement are implicitly forwarded with no further match in subsequent filter entries.

Rate limit packets matching both the filter entry match criteria and the ttl-value are defined in the action rate-limit statement.

Packets matching the filter entry match criteria and not matching the ttl-value defined in the rate-limit action statement are implicitly forwarded with no further match in the following filter entries.

This command configures the rate limit value for traffic matching this filter entry.

Traffic can also be rate-limited based on extracted-traffic, payload-length, payload-length range, hop-limit, hop-limit range, or a pattern of conditional match criteria.

Packets that match the filter entry match criteria, but do not match the conditional match criteria value, are implicitly forwarded with no further match in the following filter entries.

For pattern match:

This command configures rate modify scheduler parameters.

The no form of this command removes the scheduler name from the configuration.

This command configures the rate monitor level.

The no form of this command removes the value from the configuration.

This command indirectly configures the rate used by Access-Network-Location (ANL) policers. Because ANL total bandwidth is dynamically measured and estimated by AA, this command allows the operator to configure the ratio of that measured bandwidth to be used by the ANL policer as the policer rate.

The no form of this command resets the values to defaults.

This command indirectly configures the rate used by Access-Network-Location (ANL) policers. Because ANL stage2 total bandwidth is dynamically measured and estimated by AA, this command allows the operator to configure the ratio of that measured bandwidth to be used by the ANL stage2 policer as the policer rate.

The no form of this command reverts to the default.

This command defines a constant rate reduction to the rate specified by the DSLAM. The rate-reduction command should be used if the node should adjust the rate to a value that is offset (for example by a fixed multicast dedicated bandwidth) compared to the total available on the DSLAM.

When set, the rate is:

DSLAM_RATE*adjust-rate/100 — rate-reduction

The no form of this command removes the value from the configuration.

This command configures the rate thresholds that are required before decreasing or increasing the preferred link’s weight with the specified change percentage.

The low threshold value must be lower than the high threshold value.

The no form of this command reverts to the default.

This command configures the rating group applicable for this category.

The no form of this command reverts to the default.

This command configures raw (unaggregated) flow data to be sent in Version 5.

The no form of this command removes this type of aggregation from the collector configuration.

If the directory is empty, the rd command is used to remove it. The force option executes the command without prompting the user to confirm the action.

If the directory contains files and/or subdirectories, the rf parameter must be used to remove the directory.

Example:

This command configures how RDI alarms (line, path, section) are generated on physical circuits of an APS ports. The command configuration changes are supported only for switching-mode set to uni_1plus1. The configuration can be changed only when no working and protecting circuit has been added. Options:

This command configures the maximum time that the RDNSS address may be used for name resolution.

The no form of this command returns the command to the default setting.

This command configures the maximum time that the RDNSS address may be used for name resolution.

The no form of this command reverts to the default.

This command specifies the maximum time that the RDNSS address may be used for name resolution by the client. The RDNSS Lifetime must be no more than twice MaxRtrAdvLifetime with a maximum of 3600 seconds.

This command specifies the maximum time that the RDNSS address may be used for name resolution by the client.

This command configures the period after which re-authentication is performed. This value is only relevant if re-authentication is enabled.

The no form of this command returns the value to the default.

This command enables authentication process at every DHCP address lease renewal s only if RADIUS did not reply any special attributes (for example, authentication only, no authorization).

The no form of this command reverts to the default value.

This command enables/disables periodic 802.1x re-authentication.

When re-authentication is enabled, the router re-authenticates clients on the port every re-auth-period.

The no form of this command returns the value to the default.

This command enables host to reconnect and override existing session.

If disabled and a subscriber abruptly terminates a PPP sessions without sending a PADT to the BNG, the BNG denies any reconnect attempts until the stale PPP session has expired. With this, enabled re-establish-session eliminates the waiting period by allowing immediate PPP reconnection attempts.

The no form of this command reverts to the default.

This command configures the reachable time for advertisements.

The no form of this command returns the command to the default setting.

This command configures how long this router should be considered reachable by other nodes on the link after receiving a reachability confirmation.

The configured value is placed in the reachable time field in router advertisement messages sent from this interface.

The no form of this command reverts to the default.

This command configures how long this router should be considered reachable by other nodes on the link after receiving a reachability confirmation.

This command configures how long this router should be considered reachable by other nodes on the link after receiving a reachability confirmation.

This command configures the neighbor reachability detection timer.

The no form of this command reverts to the default value.

This command configures the neighbor reachability detection timer.

The no form of this command reverts to the default value.

This command configures the number of consecutive failures, without previous successes, that must occur transmitting at the reactivation-interval (recovering phase) level before changing to the standard interval and subsequently waiting for the first success.

The no form of this command reverts to the default value.

This command configures the packet transmit interval used when the IP interface is operationally down because of a ping template failure and the previous ICMP echo request successfully received a response, recovering phase.

The no form of this command reverts to the default value.

This command configures the count, when reached, that causes the transition of the IP interface from operationally down to operationally up because of a ping template failure. This is used in the recovering phase.

The no form of this command reverts to the default value.

This command configures the time that the function waits before declaring the packet as lost. This is the timer used to time out the reactivation-interval transmitted packets. The reactivation-timeout value can be equal to or lower than the reactivation-interval value but not higher.

The no form of this command reverts to the default value.

This command specifies how encrypted configuration secrets are interpreted, and which encryption types are accepted, when secrets are input into the system or read from a configuration file (for example at system bootup time).

The no form of this command reverts to the default value.

This command sets the filter entry action to reassemble.

This command configures the maximum number of seconds to wait to receive all fragments of a particular IPsec or GRE packet for reassembly.

The no form of this commands removes the wait time from the configuration.